From d00bc6d57b85d0c31a7974976ac3e8ffbc53aac4 Mon Sep 17 00:00:00 2001
From: Andrew McNab <andrew.mcnab@manchester.ac.uk>
Date: Thu, 6 Oct 2005 11:59:20 +0000
Subject: [PATCH] Fix for SHM session cache bug

---
 org.gridsite.core/CHANGES                   |   4 +
 org.gridsite.core/doc/htcp.1                |  22 ++
 org.gridsite.core/doc/httpd-fileserver.conf |   4 +-
 org.gridsite.core/doc/httpd-webserver.conf  |   4 +-
 org.gridsite.core/interface/gridsite.h      |   2 +-
 org.gridsite.core/src/grst_x509.c           |  16 +-
 org.gridsite.core/src/htcp                  | Bin 44548 -> 49931 bytes
 org.gridsite.core/src/htcp.c                | 339 ++++++++++++++++++++++++----
 org.gridsite.core/src/mod_gridsite.c        |  82 ++++---
 9 files changed, 399 insertions(+), 74 deletions(-)

diff --git a/org.gridsite.core/CHANGES b/org.gridsite.core/CHANGES
index c3e9507..5f9c111 100644
--- a/org.gridsite.core/CHANGES
+++ b/org.gridsite.core/CHANGES
@@ -1,3 +1,7 @@
+* Thu Oct 6 2005 Andrew McNab <Andrew.McNab@man.ac.uk>
+- Fix session reuse with Shared-Memory SSL Session
+  Cache bug #8856 in mod_gridsite.
+- Add SiteCast support to file copying in htcp.
 * Tue Oct 4 2005 Andrew McNab <Andrew.McNab@man.ac.uk>
 - Move User, Config, Admin and Install guides from 
   doc directory into GridSite Wiki.
diff --git a/org.gridsite.core/doc/htcp.1 b/org.gridsite.core/doc/htcp.1
index 62d2e4c..39e20f5 100644
--- a/org.gridsite.core/doc/htcp.1
+++ b/org.gridsite.core/doc/htcp.1
@@ -70,6 +70,7 @@ SiteCast enabled servers will respond immediately with a NOP reply, and all
 of the responses will be listed, with the round trip time in milliseconds. 
 Any waiting times specified in the --groups option will be ignored. Calling
 the program as htping has the same effect.
+(--groups must be used for this option to work.)
 
 .IP "--find"
 Query specified multicast groups with the HTCP TST code. SiteCast enabled
@@ -78,6 +79,7 @@ to the given SiteCast target URL(s). All of the transfer URLs returned
 will be listed. Waiting times specified in the --groups option will be used
 to space out the multicast queries, but the program listens for responses
 continuously. Calling the program as htfind has the same effect.
+(--groups must be used for this option to work.)
 
 .IP "--groups <IP Groups>"
 IP multicast groups to use for SiteCast queries. IP Groups is a comma
@@ -88,6 +90,9 @@ limits packets to the local network. Multiple groups may be specified,
 separated by commas. If multiple groups are specified, then seconds is the 
 time to wait before making the next multicast - 1 second is the default.
 
+.IP "--timeout <seconds>"
+A request timeout used for multicast ping.
+
 .IP "--anon"
 Do not attempt to use X.509 user certificates or GSI proxies to authenticate
 to the remote HTTPS server. This means you are "anonymous", but the server's
@@ -126,6 +131,23 @@ the GRID_AUTH_ONETIME single-use passcode obtained via HTTPS. The --grid-http
 option will be ignored for directory operations or HTTP URLs. If a redirected
 transfer isn't possible, a normal HTTPS data transfer will be attempted.
 
+.IP "--sitecast"
+Try to use SiteCast to locate remote files which are to be copied (currently
+only for the
+.BR fetching
+of remote files.) If no location is found via SiteCast, then a direct request
+for the given URL is tried. (--groups must be used for this option to work.)
+
+.IP "--domain <SiteCast domain>"
+Try to use SiteCast to locate remote files which are to be copied (currently
+only for the
+.BR fetching
+of remote files) 
+.BR "if the domain component of the URL matches"
+the SiteCast domain given.
+If no location is found via SiteCast, then a direct request
+for the given URL is tried. (--groups must be used for this option to work.)
+
 .SH FILES
 .IP /tmp/x509up_uID
 Default GSI Proxy file for Unix UID equal to ID.
diff --git a/org.gridsite.core/doc/httpd-fileserver.conf b/org.gridsite.core/doc/httpd-fileserver.conf
index a14a559..27293e8 100644
--- a/org.gridsite.core/doc/httpd-fileserver.conf
+++ b/org.gridsite.core/doc/httpd-fileserver.conf
@@ -131,8 +131,8 @@ Listen 777
 Listen 443
 Listen 488
 SSLSessionCacheTimeout  300
-SSLSessionCache         dbm:/var/cache/mod_ssl/scache
-# This version of GridSite is NOT compatible with the SHM SSL cache!!!
+SSLSessionCache         shm:/var/cache/mod_ssl/shm_cache
+
 <VirtualHost *:443 *:488>
  
 SSLEngine               on
diff --git a/org.gridsite.core/doc/httpd-webserver.conf b/org.gridsite.core/doc/httpd-webserver.conf
index 59b7487..1b163cf 100644
--- a/org.gridsite.core/doc/httpd-webserver.conf
+++ b/org.gridsite.core/doc/httpd-webserver.conf
@@ -160,8 +160,8 @@ ScriptAlias /real-gridsite-admin.cgi /usr/sbin/real-gridsite-admin.cgi
 Listen 443
 Listen 488
 SSLSessionCacheTimeout  300
-SSLSessionCache         dbm:/var/cache/mod_ssl/scache
-# This version of GridSite is NOT compatible with the SHM SSL cache!!!
+SSLSessionCache         shm:/var/cache/mod_ssl/shm_cache
+
 <VirtualHost *:443 *:488>
  
 SSLEngine               on
diff --git a/org.gridsite.core/interface/gridsite.h b/org.gridsite.core/interface/gridsite.h
index 9e6b302..d9473a8 100644
--- a/org.gridsite.core/interface/gridsite.h
+++ b/org.gridsite.core/interface/gridsite.h
@@ -284,7 +284,7 @@ int GRSTx509VerifyCallback(int, X509_STORE_CTX *);
 
 int GRSTx509GetVomsCreds(int *, int, size_t, char *, X509 *, STACK_OF(X509) *, char *);
 GRSTgaclCred *GRSTx509CompactToCred(char *);
-int GRSTx509CompactCreds(int *, int, size_t, char *, STACK_OF(X509) *, char *);
+int GRSTx509CompactCreds(int *, int, size_t, char *, STACK_OF(X509) *, char *, X509 *);
 char *GRSTx509CachedProxyFind(char *, char *, char *);
 char *GRSTx509FindProxyFileName(void);
 int GRSTx509MakeProxyCert(char **, FILE *, char *, char *, char *, int);
diff --git a/org.gridsite.core/src/grst_x509.c b/org.gridsite.core/src/grst_x509.c
index ccf6100..00caa61 100644
--- a/org.gridsite.core/src/grst_x509.c
+++ b/org.gridsite.core/src/grst_x509.c
@@ -680,7 +680,8 @@ GRSTgaclCred *GRSTx509CompactToCred(char *grst_cred)
  */
  
 int GRSTx509CompactCreds(int *lastcred, int maxcreds, size_t credlen, 
-                         char *creds, STACK_OF(X509) *certstack, char *vomsdir)
+                         char *creds, STACK_OF(X509) *certstack, char *vomsdir, 
+                         X509 *peercert)
 {   
    int   i, j, delegation = 0;
    char  credtemp[credlen+1];
@@ -704,6 +705,19 @@ int GRSTx509CompactCreds(int *lastcred, int maxcreds, size_t credlen,
                                           /* found the 1st non-CA cert */
       }
 
+   if (peercert != NULL)
+     {
+       if (usercert != NULL) /* found a (GSI proxy) cert after user cert */
+         {
+           gsiproxycert = peercert;
+           ++delegation;
+         }
+
+       if ((usercert == NULL) && 
+           (GRSTx509IsCA(peercert) != GRST_RET_OK)) usercert = peercert;
+                                          /* found the 1st non-CA cert */
+     }
+
    if ((usercert == NULL) /* if no usercert ("EEC"), we're not interested */
        ||
        (snprintf(credtemp, credlen+1, "X509USER %010lu %010lu %d %s",
diff --git a/org.gridsite.core/src/htcp b/org.gridsite.core/src/htcp
index 8d187de7a179c28817a4ca919630b32231fc2e74..1b8ab8a30b20ab85b9832024d85919c789a90807 100644
GIT binary patch
delta 22252
zcmb7s31AdO)_-@;BxztE6B0r$$dC}uBm@YETpPqeP?T`vfgvOz6Ub#U!{Gvrh9EHn
zi3P3-2)eH8EgHoWjTfMzpdzB;iW;<IP{VH4#a-6<ey^%}W&-&CzJEid`uFP9t5>gH
zo!!&xPiXZUY+K^G=G<Y|vlT^o_VLD)#S@dt6@@|=D2h{2REjGR+U+`pbv8xWiV#k8
zq-%&`kRF4ynD)juZa4k_%2<R;5z-Lo>LnuncLM%SMCgey1|be%1VS>xNQ40hbPY$y
zLKsf~*C>P`2;C8SAPh#JYoLgfcoD}c!*COWKvfuxa0x;-`&!Lo?W&#SXmLg?D7_J^
zD-kzT5$j6DO^O8l5qCxChY*R-2Z63kgmiwVD1#8Y<o!??XCUs2kbsbcK!$W6j8hc$
zt=el6Re_9#NQqL;_|I@lE6RLeGR<uguavl#RFF(c>CdwaTe9&d$+cBdKan^>;v|`C
z0O*vfo5WX0e2>JBN<0}nahrrzJyGvfQeGnXDF4$E7Ylw(`GUP~OEuR0!>-$r90jwE
z0_*w^{AXFj0$IdCDFV*JMediF+L?+dm3Xb>50m-HV3dBh#04_FQRD8QC{Ia-8(5h=
zx!3zrOtNHq2HDoJ`|U&X4JqJD$$zE9<a|`XH!^1y+??<W5|b|xo`$gdTgyh>l`5G|
zj!5a5EF&!0I4h~t6^Kd}rpuDDOqNQ%L+L-rbaH#bkCDDGBW}^p&iH2_9&;w>FZap(
zr$8tESAn+%`4{`=Ne0Vq_sIfw%M5!Yei1PVD3bh^8P<WmF{B+Uk^UB{E!w$<lEyN^
zlhrNkYWy9~%EFVwUPF#eO^xAyQp1)M7kR6j2I`Nf?1L^h8gC*mwRcoW3A(RMd0%2D
z$C~n~EIS(&49DO=6%UINeiR1fNRKcKQky7-qg)QY2;`YcF`8*Q#ZWAlV)Xkt6k~{5
zKyid(C^ygzY`KWyE{ak}F}k&f;%;y{ilJI1#ju!{Vs!VF6hrgX6h}ibiZQsXrx>H!
zMv5_<Y@!%L$`*<-qHU!ZBhuXzCm4#dgKjX+?4}sw!GjcIe0Z2*41JGN>{66H6!*hu
zOmPaFk7A5RuTYG>-%K%v$hRnl#~q{?K6Hp;42ef5#xQx5VvI${DK;_{<pkYeJUvM<
zoUDc75sG3`j5a?_F`ToVVhoub6k~ioOEH}I9K{&Cl)od!7(Tb|RLyDKoCNEeG$EKX
zFmk=~rs5wp9-RKP9Q*~h;!nH$jA7S3bl-Z?k1K5|l01~ydW7TYgvmWxn>o%UOw&T^
z9**Y_b`jpq@dCoAv(mbS;~NO0YD()mju#Pz>Pl-R$AtzFa)_{q6Fh{c63*qglyENL
z9F8jqFCd)7v6t{7!Y+<i5~dopIyqiVxRS8K@jAjQ3Ag_SLYhJD;#o(8lbo=T@J7N%
zINn5f3*lytw-COY@E(r065dUCH^+AqewgqUj&~5=LwFs>y9vKQxRS7uM(*ZmCc+}l
z@G#+ngmXE5obVCCIUMgHe4KC=$IlWzN!Z2l3xrL=PL5w8+)h~GxS8--!tMV>`TjKW
zR}W2sttUb7ryV4$6F$Q6A;M0=%^V*g97lK$$43df2=C_jIN?Erw{U!da2DZp9G@gS
zhH&M7QNBNo{N0m7ghiaeBs`UHF2|<{=Mv80xSj9<!dV=55MD&s#qn9f9>PwJ&k?R9
ztZ+>I#Iurc`?+ktfB26#)_q;m(w;kKmL~?IsHgcGyFPQC=kx))ZW^#z$CfSVQnSgX
z%JsLr`CdMo7}<B!77TcbH?l3cVYyP%Z2$8hNcDeoKSlM<+K+r~`@@Juedo=(Uqp|*
z-`UO@BcnA$4@G9GN7*Nl!?lCoGTk|N(ibS$?`t<BQC`hk&YH8DFRYao9yO=!OS^i$
zm&sH?B-b|kR@E<jw&t{>-rZi)+%?zy6RUF0p8I!V8%0yR>G==mY|WE0`gppuh$1$h
zvt%p_k>SWS!$g+4$$GsTvh}6o{FS=7izP%2OCCg-h2)lh3&~%=9Hd>O=c*RwiRz<W
z-@<N-a;f?3VStJjb^xFsGXZK^SVT{k`ZXKWbF8|Y74#fn%n(u_z;h>LdzN6t^!s%4
zk^sHl?eJH|cm~UazMT`|JjF60OeC~rk*vE&R*6h$`;}`-^m{|g`1n_UA2K6Ks9Bk$
zcyB;u8{Bv2@)DEG|IT1((L>ZamK&X*ma}Ei375_eNLs2aok@C55|p<7WCCqz4$(4#
zT$<oYWUoeFq1}h-$BfmUZDEsR2B~GNG$tW_*4cn=CYJf0ifgF;C(N;IS4_O>VlT!F
z)_(aHYl+#Z?Q3B*y@op82sVMiUh0*geb~Z|^>R6m2I-eDEq1(mFZ)Am%2g|V;RV#Y
zoi!`76mMR=`}FH4wfea_DXe>Jr_i9;PP1LG!J{T{)@)^MEX?6?P`YUF2KIPtoGV5!
zw!SJH%Ksb<(4K+Z)F;ee{>fTmM`&HAv$)=Ux(^CwKHI@A>z$=dImNua$2z746HtfV
z<7a=<VVMEm@98O}9SWg7xU>h^<;4JLsk$_iD1Q|ctAg29z1Xz4RJD|q#U-dS*~Yj!
zZP_Un9Y3zWH(2&pe-GNmq52By7dolVFlbeL|4@Vei9HZMmX!Znd?)35vHl5DMwSaP
zDEK^U%neDPdCfCGR%|@mnQ*;hM^KYd%$_)+``banzuMX4#3kCWGwhD!_~9{UEc19m
zyu>umwOjNC_rY9G1{ZIdr`nl1x>ts29txy;K7wpdwq$rVK!+96{XWxtfL)R_tNUj`
z1s?pF-R$azj{8E=)b1ggX8g>~xQ2$R`p=)3yU%RxyHo7mKEu`S>`<RLt>Y(F7Snr#
zX@2&TrD12yUk}hbY5pi1);DfwV<6G<OQ_nb0(495Vpi36V9I}jYH$6~Di1wTI+AJj
zWiR)g8fxz$EHXJgv=V<m&88;1)vMU%<b?RFfRN5g$FbLwV>R_hX<hTQRhGx`U5Is$
z1n8EUud+nfEQb?JvM)8WRjw3u0^8y0q}DXn?n-xrxIt9YpnfT;miir=o-))iCMaMp
zt4SH4MgG8&2f5gLDRH4`SF)c|Mmm-RnY*#f)Ke4Ynq1vF_aS&Hh5=h`;a7ftZiBl6
zVNb4EhUGiWIT-Ps)F?|a5Ow%{d;Go@a}~?&|EhW=i%h$`-`n4j99JEt9C*C1y`lDD
zE~nN*k@@MR%$wGsZTXHZ9WbEV*;B-<=X!4Wj%^<>d~nUm@ro~vdfDAU{pNEf=YiTo
zC;WceXtZ_<X9otPsk7LR13p}oN}SI<2<hfbUUpWUyQOALi{jJTiV@q5p}g-AhbP2F
zF)h5pAz}|=2h!j^;m3rf!|#R6GS+uctkJ!pmh$_R*86GhU30?kySUURzCB-RKBPhc
zObOaj&FsTfbk?~~)~q?Htm1VIX^Zj;vZqjX_QD{CI+VRVXm6iqgNCX5hRVW>CY!|c
zu)7BjRM)ZQ!OPVy?2;h^Grt9Qy}P3!rk2(v^=^#jnx{n&11;PxTDT;OZ5omg`Rmst
z)rDmPTG#v|dv3^f?W>b)*3hA96<a&BueN?9yKm_6a1&C@Y_>XmOhgCW{&JGNoSr^r
z{w=4ovESjd=0zH_3#<q?3bFbJ*zbXxE$HVOGz-&4z5C?rC+!V$&#Ff<wqOT!AjjSX
z`x8mN`mA~|V+-5eFP04%7;A7=yH?X2m)o#y!Iyr&WFu12g`}7ZNzoUQdR|D1x{&0|
z^`tIB#igIvPV&a6bDK45OzC^(@A=+-XxiBd_1yPPcJ{sGzo7&7y1@BP{+{#YT_Co9
zC+9mXj4%7g1<vQXAp0p8zQ%xmDGjxYkU7`<@^3<O_i5o!r^mTZM&9u(Zy>CbvX#j7
z4<LmvI<b_nH}D4AjdsK`k*_Xf(+U!nrss3f;1h5F;xZ!l=Gd_8>dXkDW)Zos5G#nP
zMGO=ixmU^cgmjy67)CmEn*>p(B?sIGHTYTQ((7}2+asTEMul?C5t6aa{Vv$p`-6LT
z3sH(4N=;;4hxAlWvpz%OOJ4qhTZ#{;x<_<G-JivKpZ~c+STiuTUXBev?{XIzTaR)v
zR(G6dHPH>oFI#{e9x_;ch5b5YP?wgvH(viCtlr(ih73)KYRSnpU;mu6z;H}%$rcXn
zo7!T|v1k_`qL*Z#e_z(KmiEFm`_@xIk?a3~VULYVPl`F~h}?V_fOl}L122bV*zoir
z12MK_dHziuLM#Zkea1`Xo`59tFTx(+9h~Zk{2qK*48J0XVmP4sw8b>IPh*(PVTaQ5
zwfxW7u#6OK;pc32#_$=pbBP!`J7_$Wt5XPhK+tQOy?rPl!n2HKd?eIa36Zt;ai_$D
zggFZXn{JkU#y-wirQP}|yC$<h>+>nwF>EaRG4l$o>v1-ESfQ4E43sI__~Wc)ScdlH
zCoDQ^g4XvKo0auc*M?)VX^*m}NA_Z_;XAZ%j<HvV&+i(;>vh8HcZ?;E_$IaNW65|N
ziq+3G;WdMgz(Gx$`$Vqacih}`l=UC!)}A}cmW>=1lOS{NILfotHb>Sz$aZHZunEKa
zuu~&5wYHC0uk0b(Yag>o*~7XHk?i|FW;bV7XuUpWZAfhWi1i+o8o6w*U0)i5+1c+q
zYJUGAn>K2IR{A}=X;km@(I0a0Xu-PLLNv1ZHVD?lkL{GplfqYmhs@JQu)yqXKV*J*
zgdH9gm+<@%o)eV`UHTj{cOAi^r+4%QD;d^@kq?<ae8Pr~&gs5`6ct{v@i1FCx_{4y
zK{5Ypv7^hku=|r@P|)Xx+5XW3w3H+4r_u4_W;J2qG?Z_84w<(fwhC{kT?w^wJyBB4
z%0LQcSu9u&nKvG0mtAtn;Ixp00Jk$p<jdPb=5HUc*<-V{m515!OU8vRXHUM*Tw^AM
zt_1IVpOugKYu6{KM%Wnj`+y~1I$f(d#L6x$&3yZirQuQ~P~4s%Q5JWfps@SLCyYSN
zJ5SF0uu*GpZ_PDFeqagn`?kup>LK&$L!@f-0U@H!eFFUp>E?#_*}Y?b>%W)ms*1!m
z+M@YK(OIl#AJM11$0efN-mLl3aQ4}_fe~vZ?abJC<{F<K@eVOw{T`b=eqi!3x=-c|
zu25kn(Tm?@_l!@~9(aenIzBa(m;1uIQe(ZLHjWyop>`^wn&y~XbM?E-K4Fv)zvx|-
zGhtu^7eC@%Rz4v<;nRaWYlFK5eSa72dZ}86%*glH{S%Un%|ddW`&`YMbBZ^j!F|rJ
zw1s0mL!{FV&o5BP?>mS89>okeTLhQtdgo0#nYrb344({j&lEm9ILxV1YHj;}P~blL
ztN4aOsF=s-I2@i1S2jHQ4*{V~2e_)O_w%(1=k>-5K2K(lZIfW5gy%@IrxkN#L+x4I
z=9)7^b<x4sPlFgirga<+X+9Pi>uNi=R`l0Uyj|)!-jDT=yF(289hfC+UdX{wlH$Dw
zi#!f5Cm6Y&hC4}uA@>lI*-aE$_qs@E*hacQznLO^mYHB_<y+i2uc4cVg;wic38P#S
ze3Ot73ODQ|D7a-Yf8m_=2D=T@&w~AAEC<FqjJvw&rBV1TXRFC4kPwaOT!Emaly2#C
z2?;RxVOAoF<nyQ$Hb@HF0b!U*;W$6wjvR*@+<afCT)*&~Z~)SH4L0&UaJ+%@fV#_K
zTIW*}uW@KWT3qX7L9+#ENk;21LA3iK;T{Ka9B50WH9-)=EF#=XX$=#^aEpl5EshXL
z)isU?i-<=XN-IAaTjS6rkq$$ZRx~hic9Fz%PBfkt)UJ|B=cG#O4ngc@35_7)ZG!0V
zVP!>%>cDM2NbK(GX4QLqTOkNNe6jTlan6H&<}|<M?c}VRJf>|b(jsMcI&W3lMqdMx
z)7Ohj<RnYd<!y;bin0pBgBhi*%K`UU6ZUC~zzqoS!?RW!%tJ41*I1W{$wti@UG*iS
zcuYfB9dKWyeF2@uQm)oJo$&SAbPON_57cG_?y>`S{pB4E0Sa_AtKK4ibJo?4M+*51
z4Gf;?=$2wgs%duRnpdN;;e7c$ot01QV@wUmn-jRp4csjV+}$AWNcFXs(E_NM`hcf`
zdVQ9e_a-kJ%aEjC+A5JY*-G<uJy1Ixa>%fhcl8f;!x}Elbn1|_$96z<^W@uv?78NA
zk-4rm2Db6kLt;I@rGwAAsA}$(Tyrt!MqZ4AEpq%dzp#!&(a0_4&%!ultR2W^9)5!t
zXUP44w^!%PyF_N8FK+`kJyC$#jt2MfTn`N@o`<M@VnsEHi^o!vwzhukzUR>v*EgYN
z&GDYT1d=_9o&#FC<p}X@k4!;jMG{s-R;ue9*R5?6WGwe>Xy8Ue7heV2)$Ah+Dr?<j
zW(=CcV0`ymOr6x%5c7cPd6?7^D~>l_=aOpnT~3+2@fY){)<(2P%|7mIP<0>oHE&cs
zce*<6gstU47O%zP0}ExU<BY9W89|=N+KC)+QIWO73Bd5rli_oON<y$KmP!i|rE-3_
zm&1I6H@_p-a{zfQH^!8Dop1|SprO_SC35}G86?4c2@f*iMmVkQEb~dxc%Dy5hkec5
zEK&z(_8n3GYEemT%OGQF_L1i)-eJP;YF5T5-c+<&&<#6;Y6j(^>AqRGmb9er{~*E9
z7OY%cu4z~TcxU%vDdX^@g2fECG^B)@eIgm1if*!<;0SSw#5dT~$;n24Bq@=#=XmvX
z&m1uMeW%Tu*SG~>rpN=e#KXt$W0LDy$+hr&E<T{|kz6-Qu1n76;uFN}oXgNX1(Gc)
zz~&G|(nNq$Dhve6B+E~)T3SgK8rIve%fizs$@1R$EPRmfM=UEO%fkVdt_KWWIU1X5
z_E9x;-}N>7=HN!5{gT7#aoglxg^$3kA9p2x#Y0aLC^}M+kcliXF}j>xob`(#TZ8!4
z`zRAH!{!|<ZtPx{A?~_(dyAWJZx3-3<_&9gBIEt^TEIBBzIqgu_;|3yj(yw~ffCt2
zITj^y3ukaO9re9P1m>r~NAUOp!*Z@UNN9`AV)+6031}yZ!OS)Ijk+V_+$SP8(+el{
z?h_3TaX7ZH1HcwWk^)O|N4;IEv&T!teaneGNwE8fJ-~=9sRL(g=B!uQhwkXBLlWr3
z?Rc<G(dX6anU3@8G#yRFk0D!W5<?+u_>^ew#5NxqOb!9Gq%zNn)q9=$Xlo-XW2s4l
zt!!4}+AB6Z;A$%uEM0s9sQU)3hNU`Ru@n1uf!%G}A7n%Mk__-KRYSP8wsE~lD2l`J
zW=Pt~Kw8b3qXlcR5IBl=EMV)Sb;7%DfX52a5s|fwC+Snianl>*1j6Gy&eQ1dpS(f^
z88j;jzw`d%e2euUai{H41MW_60~?>9{aG9b8j82l6NfD2e@DSr(Cgq%L7i|2CY2gb
zN?pd43hMN=c$O35nSX=?QaNa2sFZ82dRdm-A-yt$VJi2^AB9&6N8}IVXf<Fg4fA+V
zGHp7;Md28@F6BnKnA6rYhvCfrB~chw{2>lm=g`_lUOXdt@R*BcGLWm26m*PrV-(+5
z=mvUDuBV)|6C=d{AtKOXZ;J<1A=b&mz$bkCx8Jyr2im9OfStw?>X@M>;QkjhL6|Tj
zosfJL${gsN@RbY90)420_XzE5_K{Q9jTz?k@y^00(2L|jHMuE`@mP+EN!4A?j~~($
ztm-EyIf~+gHOUAU89OMiXA>;b;BL<~*9om#my5-~?`JXhz98MCy_GhI^=_k+HBjDC
zdCUcW`1gyPnRb)Eh8iQ_Jl0tmcs~g8z8}i_zZuRT%Pkg}Ez2$ae_D<*bipfF!e|pO
zFk1S>jfQMNgUu98)pjKgp)b~=RL17#EmP5B_TS_31i0`r1UYWVFtdev^a^3|fX~MM
z%*9$hYhZfYgDHm(CUO$N`xk4clT+c9jA<gf&E3wODn$AolAds$^cTgmN=rI~&xY`j
zW`)QBA`kWxI9@P<2cGR_cPqsw*9g>O+OP<s=^gHZGXg&2!NG$4s%E@~gMnATDn?!n
zZ-=-~a3A64sX>2wQrHRwrvx~7{|mklu*qTxwPOd>bc9F=*zrU0v^1oq^yZ{cL5-|U
z1qc)pQh&JWAgc`TeDeRGra?8r11up1AM_*CcziE!zJMB6U7*G(>V*3i&^jn`{Z0;U
z5WvfOTu6a1jX`HdP->fyO9RiJU}$Rn=O~*wT_n)yN{G?<@DYJ}%@l08<{V3a?>gcP
zEGB}IG{J#hR?{4@Zp_%o^(}Y^LRPvM_b1Qsidx*mBG*4J`t`-^bzCr$_D^)u{tl6F
zG41J9kePmi*AlM~SrUAezoU>lL?IpOdvT(6QO%P&GY<1=ZArm}3o@YwHavbdpFQgL
zUxr~sOc)v1ia@2na-*HrEV<USdi3HGdOg-1tm&%su7z+8I*I!1Io5jBZ(97btaW;J
zfVv$J)GwZ41Fy+3etnuuYfqyCh+JwPUy^x>)10rH^w1izmg3o%-xo(~7GIosfTudF
z95_3SGn+U~ryPD?3>On)-Y3LZjK~~g-Yzl|BaX3^rR=+FVq!N*eP4Zsbg8U+18bl<
zCmVishjwlc3(uWW6tjm?bRmjVv~hx66liJo(^JINS+mbM?L5ui=0s;F&7OXWJ)N7<
z^)0E(sXgq=+_cymFW^ivuO!YGmOisb*AB_Oc2CpgGkd7olTWfavs~JtC)x5@sao-q
zP1|QB*dmtpz^To|N7yTKuhimuFn!*X<PW<m%2J#8*dtgN(Ak}Mv2NDO^z()Lm3CG(
zFSX|#;K?;Vdd%;?_IkXuimU0qd3Mz~xuSBFE3Mj<F%f^eDl3|vod2epoO4IcH5INh
zU#YjGAivt{Dz2*VRaU!-OO_XvV*|lfUOOdzc8Rx$C(7KJLy$iWf7!lk=V#&P5I9Jh
zfG`QcjW7-2YJ`~xa}lmZScs61Q1pG%W!Ejyt}3V~UqZS~$uB7_Ds*`(Tosi?<t`$Z
z6#J_3y(Japt|dt0%FaL<xGtW`K3&*<bVkPVqN>Fe)kR9ia%EVNw_upZTTq$Fi^&Y$
zrd1D1t5&AYnVg$9dB!zU*uNKUZo2KpYgHQ(n!d_wP}z#b8EoC+{{LU0U5#L+`6~z0
z&kJCE{t7+qn5W)?ce)WD*?@Py5ud!(uEVIx*R1>E-qXk6wMv?u)?rM=d)N4df%xgh
z-M8Cyy01h`Z?6wR!28(>ZDp|{tjGc#!)gVxDeZ`#sk7_sro|(Tz>hAFpiF@-^AMIG
zEJxUYa2LWu2zwFsBOF8c4&fJs@CLgci!cCTG{O{wc?e4omLqIHxC`MSguMv+5so2z
zhwuwR_~vUMU^4_Dj7FG(Fb`n~!g7QS2zMbogs>N3Kf*DD?+|`L2*+D|u?PbYMkC;7
zE&c5dI5uu#jM`T5&NWqSIYI+48Nj;kJP+S>9^M&}pYl9-9)9FJ+|(Hx%8Q)|%A4om
zgXiIo&cmOchfe^9R^Z$7a9bz-fp}~EJcj>tVnCICfI!$PscBWg)#`Y9-K~A9WghWE
z9Ze~~d->#<czgc1UH_g=KIBF3mykCq;9*+PG9wee0Vu4<TT)V9Sgq{GCe>S&UtV3B
z?=8x!mIFebuc}m;6Q?Lu`76Lyv@)+CzqE95e!(*3HBbxk%PYz;tdy3ZTTZ}F28yey
zy?KQtRe7Lz^9sr;m0Lj-IlUEu6s0f$vpUKqwvzJVYGn_8UQk(8Qtqu@RqoASsr*bh
zzpA<@k9Y7}lCaaLEF{$mD$2?#%JXoauY3t|S$;{mG6l6Rttc<ftEi-LrJ7fB8~zG|
zl%bE(FJi8kHG2*X71zwjttw(=k91|JODcQiA+s=yowpYm&SVcSS*j(dO)<q|Rf=;x
zk*eC>w5Y_}#kel|3W!#(>xNufsuKMHq3Z>*N0d~1yxz)cMZJN3q@$(k5oJYQPeq}k
zE))bu#F9!yy>SHw5-rskQBYLnRn$C@JtksV(JDn<Bv4#LL4IYv7svbgf{+y9t1dFC
z@{5bgk!P_Wx+03Isw%1$`<5tbfgtsdD6hb9S+WGO3Pq`dBB-%el~wqlT9KfoM-*3;
z6q34%x<rt&BCKInEf$pQ2yaPQQH2i$dN?I3bqw;+ETX6-qP+1Dmd7aSQjskuqOgLu
zjk=6!-n0Q_5#FMekWnUbC{z>Jq`Z<F$sUad-HKYluJ-mZZi=9Jp*+8=NKtRH*g+^J
zOH^4IZlw&>qA)%BdqUnOG_;oLi0+PtRDB}Nsf53SiI%&jrzpR$s7g4GOI;CBg?Xf+
z5XGzzyh=oAMS;%eCPiJz&UoXmTqP9HBP<1O7793`xdMNbg$M;!3k70?0&7HCT=bKq
z+*&rrH`rJgag#5<aJZtbqmwjv562?{Smk)6qTV9XHIB0b*cMS)LH=^9kZtFUvm(DF
zNYW#`-qHYrLy3uYqI6O7YIe@o&A3gaD$w{*dnbmJxxFgARf@XaLB?y;dsUa*42!Ji
z)ogV1DlaQ4TO7d7Uhoyk8WRhT+eqTIMsF;<p^n?Cu`>3iz<p_KRZ)Ja5P7>0+1t~5
z92unkEG9f#;|oUbmk4fRJC~=A+^<r_NH0Gl-7v}^?d@31s?aTtTk>scPp#3>o1RRn
z2iUpg3C2HoKFYIaJI}YD@|{VN`99!CsOJz;{w}0AV^N_Fk>ZW@dP=Gbi)c`iP9Re%
zV@s;53KaF9-0Y2|y{Re|^7P(@Eph-Bf)`^Ti3!ja;jsibei8M!L1_N3XK_wuYdpJF
z7~t$cRLj<Qd~Iy8Cr^56HI0yp`fE7qVQW0PHnzOtqKPbKWt{P(%8ft<*uImDkid=b
zget9&z^(U$D$SQDs`M1kgceNVb+TY(5{;j#1xqp10`5^o4LnJ_&7M|CXRUFn68}k0
z_Sj0toNt8=RQ}doTn9c@eys`%>j}IiEa(s_eIr$J3Kd!c8gUg`ShrPuE;%J7NJYNu
ztjPD4B8i<1XR^Fi2}Y8}C6YqM{XxSdYMl&|sC70>A5Ap2G>iqMVJs;1>8o`zOtKa*
zO!r=J4i%GKC1yHB%@w+k9{+fV>w=%~De4SaxSq6&;LJeTm<WTgGO;8GN)s`B1)(Pq
zJ<!Tmm_(;x5*k|LqQvT|<%&8>`x47kv{&Mis){lTQy)wkNPTIxwgZEJt?^kSse$s(
z)u`EQjeCrwRRVX%qQTzy@M}gQx{XM-H$DhhR*lNd(|Y1}!uCe<RU>HuWtgx15{6$r
z+Z#`ULQkpH`K-qu`xu-K@)3~nOFu<jp!MaF558n1Eg{0SS}|0$Hy(V^=yMvY=bs+L
zqWLd&Juxq@FiTPY$_-?1eCtJnC>T&JO7n|`($@yleuj{&mXsHH^UA#y`HK1?&!f8N
zM4>ws7lq38dkI?kla=nY96Ahd?m>iPC7xD9)NEpXq#hLQMr}6fiJ%Yd5BLyo#siiQ
zrIh<%-vhE4owBdJBeCHX&HSFkl}WsrEm%s;YyppGW(yWlGh1MhXl4uEAX@p*d95sP
zu$AA}jLyw`_`GI5taWN;ksQ*@N6v5N52=|$TiGHUx7zn3*}lhl`%;hiST^wS7mdEx
zK4#ZfBgn?hwo%WsHy#Z%u0=V5##Q2JMXLVJYE@le<DH!viC&>o=cZIw_^Jwu^7t$_
z&qjS7Jwi|54L08<JH2R-YkA2u81e?OAn$h;kp0eryx&<s_B#v8Zg-unbGN(B;Dlg{
zTyN{#APa4s``toYrv?$pAq{e)?Yw@MXFIP!EP`kdvi~BR=y9S&K*+a=9!Cwb;%U2n
zFM@24*Dh!fiy|6?HUsK~djz%B#+Mq@4yQz0@J28Vn_O(9h?Rk96H5a}id=121ZN6g
z=&Pp85TnG?K11!a^HBXZJ~>bk^y(*?ytJfznWFy2%}8y{Cm{<u5)Je(#V&^T)rm`k
zU?qA`0akiJikJGEY8TU2r4mmY8uh|`j+$fVZb#*B6gptU`GeiZ$6GxGD<}&%lz8pN
z1h#u^tTDx|-iWObW!V2RS6nQT-LgEXxCI@F-u&XyqUA+c-(4Zq_a?5Ws46TkS`j31
zZ?)1(6KNq`?ailEqeb*2^3}HyAQUEDLxb*ADRdEy?$e|a7*&E`L84fZTxlo8wZ=J0
znEegxWa4+D!_aUU*wU$Q35!t0lHUrBm~Yqvvo73FQQxr39+*;6O?x;Y|4pfhHFCZ!
zaiLfuSa6Y8rC9I=8aOSm0D~^pVL`&2#FA1RfdvUhu2|LVw~NVpdLp)#UJt5!z)tnC
zHQsGd<=^3!ur+Qq5-lfJ)OYP`P;XkkNt3+CO=4^8SSuDshwNfOcW`aeII8ITcCp~S
zdu?KQ1)A#vyFuFph+V66rwwoqAU^waQ&MRItcLE0)hEMLGGjS6WlDZk@p4RqPlU;J
z6*bsX60BBID^W2uWCN`p3sWiQvi-av_|W%Bm?12$r_d%F6J06R{hvr7j-<~?=}*Jt
zA_$c%NAmG75{+7~pc0RBW>k4aBJF8E3!_b~t+9QD(w(;Kf%z5h#KqHQUG2PyH$>+S
z3m07ny3tRHv2Nx1+4#PVdN0?+9xgO-q+pYe>MN=}TvXnv#JBf>aIxJ?7Sc!(?c^~S
zfEi2ozB0egZAUoC;JX7y(tfI`D_r=cH;FG%T~c^uV$sT?0-ra3F<Hl=mQw94;7O!I
z1#walAQmQ~%zm=WMdX(jxItJJa52i&8W#wcwvy*0@oh~?xY!+-Ym=S?o0=Lv7)vX7
z<XW*{>K{(SH}K8Wm#ZrCtE*RFKb;m%rhre~jE<SEDeMooPMX}E&PP^bB;wu`t)z82
zD^Xt!8;x`|%*NlRErAzm3LRY9)#=!vyoMipA3x3>Su%vZe(Pv;BRhNR4s~PGwwjHq
zTFm;^P8>?V9M`r-<A6m=jq7#^p&bGxb(>CTr$DZ5lh|#w*Q8Uk#C}dq)4i(bCLiA?
z4VyrWjd~CI*}6K63u$!pC}!%05$VJ{=L?<zLs>PBKd`j5GSFvU)S1Byc^ihO6Z6O~
zJD1?KGVl_-!3?i#NLMRa>xL2Gl;xJMSijqPU&^IE5MZJ*{_Nw;<?KOJ^}%@j)f!`Z
zPz@~<*JBd9>9%3vw|r&SU;C!%q1z^Ek!jhAO&{BBT-dbeKRC3m?3=nTw5btIuifrd
z!)Xt0+t76BrgLiQ9s0bM7pnDfdLjN5*}7==sp>67`eQBgwf;_9kzwmQm(AHc&3MAr
zef$4`w@81qMF-#akeIPwdqC~=TcI|<sV$Gy21V<SAKRhdq8H)(NuRH!MHOiSd!ocU
zRCTj<dCVE@(rDXj#`Cs=%Jv<PSLt5-+pVQU>lsxGikqI;T&x<lgrU3jb$9I7*Dctr
z-vS9*dX&CEtBldcM=j8X_tfXvD(2c^xBqr+l|GjLo2qyI*Y`L5QN3^bqk8fkRk!Nx
zwr)2SwYTiRrO(qpL9~;CHqp6DFVbJokLpuD(bM&vyQ+2nx*|R78~sH+lU=(dg{|4L
zBI8o0HZn?|rtfICE&tlqW4k^M>S#t!ZKPAnh|(7H)c)90OLuAmqO|@|tb1cZ%mMB4
zp8EXu7F(pY*{0gA*B`MBVIv!7YVh<8jek>3R&-}_A3BD(8O=MXhhD2));;X%OsCQx
zPC%ER-GApmbq{;z&Qx_f`w@S)vM83S8f+9BXN(t23T+pzLC3QsTydLiex}nFt7c}E
zA+AR}Gt;U4Bh$4M(T+@)HXUUsN{-A=tJtXjJ^#BR|2C0dYmUrx<z_lD;PPu$6Wh!B
zj-}<%26SsnmuV=8AFqIkmMs`J0%^$2A4^dFjeA*-twXf^FSD^*CmJ*d%?RPVD$}_l
z(<L5a5I4;-{|&L(6*V@n*k-Gl_Ny};GkEPR#b`FVC4~3#8XK9$nN5Ol(HMRj=CCxL
zT4Ogh*p@-uV2FeM+C!PH3cwsS)3E@e$#i&fg7*N_)w;uO-w5GUSPaG{8g=NkR7+TK
zW{yokVOBZ~G8aqFlKE*&`ATI&whaj<aU;KE*KHfkZ!u)twQX0p7|YnmyRJwR$IyBF
z;9DuHC@fi0g2T?dX*2SsOq=djO8D_9tG{bd1ntAI-fVj2t|6LwH~aGL<Sz6O=_J~z
zorT?#+=U)39f1dY%`$-KQP49u)L+Zy-jf_g4~nwbs(Vty=uuK7yZ@flF7$BeZp>@z
z*!%Y+htmVAI0yUtJt<wXaGQlG#L4>Ho6NtQmV-A`7R_N(?(G{+--Oy-z?R;d(xn-<
z%?0?F7u$9(1pEX6<?N+<Q^NUY)GFCGxYhC02IY0#o)YfFt+SGiz%BodS|z&<x7m2~
zm3<Stb$dz|dI~n?CVb_GJ+VExmkTdWyQ)wwTEe<q?Cb5(;q+Ubb=B<O+XrZfQg#f`
zUiGpocMJ&o4ZocDnfZ34hX05MLq}5CeLGUZ_T7u8ZR~9jckaXoeRTE{h#h~yQxw)~
zXKI-Fh@xy`6LzL*YaU~ZcMb?ke+C~oVhuY}!(Vw>QD#K2y*uX_WNA{uCLfuQtp&y$
zh>NT(Fd6_C*;`=Di@3<@0`o{A+Y2n7yI5Z%v+=L6AwQZxq|*Wirx5i0Izd3g;Icl=
zW#eCp!xxj#79t%76S$}~1V+=*1>;j><DQQvhyhH`7tz)MOwSpEA8oVo=Z*Ms615X0
z*!Tm=;8(hA^0Rl;Tp}H(A-LAD3A<iX3)z2nCFfg(t0;U3(yYQ&Jm?$)Y!$BJ6J2g#
z`tS=PY^`GXcgXn1UpVfq%tgFW8biak=9U4!!q)6gzRWJGK&7k)l^z%(f|Mww5wT?w
z6<@g91sq!HW5BDwWq;e9Y0!*35#6>Ygtvlh4S0nA18fazgd^aav=qug90g@#5Ql#5
zu8;KH`N&6hrS+OM&{O^~z}D13*sY?e=~{_E8LpKA(j;C6OifJ>?xOHTIP0ry{bYKr
z<o`+HKM|I8aB64#4+C4n7ZunHya4i2h+lIk2UL_#r=M*|AchY~0IsbFq|mn#lUoz+
z0PZiFD@u!1R18P-<)6!Vx`Qw5ajRIL=1W65?enfh(~$h(z_jV7*INlsw!T|;1y=yt
zfx()Oh=D%fW)0AUR|C^!ecNvnu+^LB+kSV-bnDxG4@z7t<v#~(&7CCAI3yXYCit7g
zw5FpP{|rnckZ6M5iV9x|{SqLpVCka8Bk>Oawx&8NV7N@D8Hm#9+hTN$M*udI*&tZm
zoibb}8P-aH%Yf-n*o&cu(yL`Ub$k-I9+)0)JdHM@^vyEe`jp@<iJy}EPh066qy68O
zgf+6jV-hDzOux|!b*gi~^r5F&T!2Gyz%*nbKy<}3{y1Q3f+mIfkm+z)J~d3@D?#f?
z{y$L?z9a&|^}uxUF;UjIjM78AdM&V+bVZG~$^00$c>c#Fw!U@v8n889xzKIjmFc6w
zZ%~0JK(I#Go)}@jkqiT+zz&JOloknxVsyC?D1RS`$4WekaEQXwfN4d)6TZZoSn@*w
zg9}&&g0<!$hP9GmkQBHX*y^__=(kL!50~kG0S;|~$ARfd%dcEvhw>~iO}AjjIC94S
zuFQXm#viJ|=OBc9Xwm<bWU!p99hf#j*T@?1ms*f-Hv;8P7W1I;qO{O(iLEBNjBtoW
z<^uEYFjD)|2R7-1G4w->%cTIThPO-nM_J$wV5?1?Xwyez`lT}cWr+b57s6qQZ^k_-
zY!Ze-<b(<hmA`>N56G;Mu#1?<`IlHJLn1K!3W8jL6wZ+8Gl3~RC!*=!5A{+Vp*!fN
z9uGgD#$Nn9nmzT%^<9GpF|5m@L!A5rlQ}t8OrLhy<h&7?SxqAzRkfa-k4ETZq-n(C
HAF2NXAj^$Z

delta 17360
zcmZ`>3qVy>);{Ol3-@YQxd`$`5PYB@;v+L(gAdXgGc+|#4H1w7A|TwW*soq4q#|NQ
z+|FdBla`rTzQSIn=4;X>D|Aw+FsZTW@MDRNH8u5j|8MQR&*j22$2R+XYp=cb+H0--
zIQyPc%_EleP1=Ttu8u!g?ZXvC$=qC*uxMOSwxUo907Y>sii(WWZdmO_NDfU=;*kPn
zIc}A;;9rZfwKwWcJnk6>%AH6fk@_If)l+2r?-=|Yi_`<@4y16TAxOQDh9dPvqALw)
zFw$rOxJbtVNZpXSBPAix)lXzfgvi5`RNRCjQ5SAU8i6#7eW7NtNm_&lKnbHi@`^%E
zoiMKi-1L?p5qVdnc%&et7$mv|Atm!WMd^<`PTmicc?$Aaq)4P_Br>7{X_TU{zpFi2
zn`RwL1_Mb6R&ID(i2>IGNMx3E5?4qZBo!pnQ27Bi#1c2YPI7IM)Q=>#NgO6?^#h%1
z1xP$uV#ew$A%kw!2t9hBr{z*YG&rfo%M$0y8W-3(OQNUZpH{mSrNMCBU~sPT!&_w=
zb7YMZQUW50OFSkq1p&3-m6#k#c%!VJBkR{lyib<T))ZE0jqQ0_){B#TuYj+Dy=F}w
zvQpN#ENe`Xc$maZvSyk^wD>9u4hV@|f6=r;H>F5&kY`D!BsM-E&T~^z;X_W{Au&Z4
zaplQ&C@cwImE{!LgkK;HVJX~VT;1^AhkVD)_88bK>wg70@xKZDL_7Z?Z>D50O|@Az
zuuWFjE%95(NkEq5H#`0?=xhC4RfzH(=(ccWcO{OE4~$bEXW95Wf~^aT3m{4B>t6_b
zQmvn0-=(r^UFLg^pcXkZxS#+7(W0D|*vYY`oRh6?L)QW^%&E%(!6HZkpcZKm0F~BL
zj-kCDd^XfMNI6{cCgo7+Fy$D*$0)~SbBc1C;!)1f4Xk*U@-B+fKsg5K$CTfuD2<du
zwI<48t7ghEc&}0p%?-*!6y+M_m?qjN$NY4Qa!d?AP>wn2XUb_#fuc4HWGm%Sm_F=u
zgHi3E9HZPxIVP`A$}tl}P#%xTg7V&&JSb1VTu3=4#3afwl2a(h<dsG_Vr@9(h@O#@
zW1<^FIcAh}$}!_iqTDlBQKrxhX2+?NBfK&xAF3!bDaV92hjN7Fe9AGyE~FeYaxUcv
zU!8Icz**H_RbI0jLtu4dJ^gv$9z}WYq~g7O7y9n)`wIS||BAOSIZ3D67EiMmS6}j$
zPK7NE9Fx~{3X7Iw9FzBSGG5Dmj>(I9JmGB|lQ(trRcYD4F*#L7mz0*Z9FuePk%UV*
zCMWCZz@C<coIu{zrw~IX$K-WAlW;o6<b8b(;WUmZ3iO49<2j~i(5Xu;PL3%m^iskK
z#}plU1>v?|K<G<RqOV2!N=q{*P`K!i5kmvV6gK(>!pAtK@X<FD-p?_Gk-m-aHjXKr
z^j(BEa7<C9?<c&LV~Q^QO~R!dQ<Uk)(7w{LkP|4}^fSbe$uWhU-at5=V+udLk#HKv
z6oz^;;dqWI9Cd@RlVb`?y^XNKF@>l81L3y+BMVTN>WT+bLQ69zP`v7P!VMf#-0Duk
z$2g|=)guV+=a}MHk0-p1V~S@ziSP!FDXjH0!fQFE@YY8XF6EfQT=%3CVIe0_yz5g4
zXL3w&uV)fY=a}MOr-i5`jbj=I`a;6-9MgEvb;3@LX<X=~gcaZ+-#k?PMdj7D%$YOv
zA1<I|2mVa=%+{5oR=eSWjc#q&fFX20*-)9c?&OjjMVV1k`7?}Fb<CxC8|KV=@8kx~
zgJHII>|+qGxPn^aYL_dO$E?r0fW7CpQ&!`wI`3|MH-K2w_fA%SFNWs!RoEjyRwTuN
zf*WULz%_@y>IVBXC{?}6x;TeuyDqXZ&H>un7g@eDRy%!>J>ra0Ut~L-_s5;b<nFzF
z6=WI}KY6{Cr<^TW=w0PCYhkS3a*;&@$A$M41=SPnH5mt?X5naWsomJerUeg<vtRPn
zzx8iX|1;=8^@H@}OKeMUtTy@*dpkH@UB;RK?z_Z(0vN(#dc<lum)PhY@#+mWzsD%`
z5%y${enYc_6bR7EAX{IIS<maX8<TzXnhb}xG*llT3sTwj9udQOisIHZs<@mg7Rd6S
ze&lKq{b7HBe`ljYVzr(V+1!wUF;5Am)=02%`7!!*S$_?CHYDoK9G{dzrEoeaG+kEd
zgDQnuVLH*qwsUEME1BI4nXIirKSM`pn=Y{xp-Jj$wk<Sj*rFeNdL6{>S}&PK9c?o1
z@zHCm<{(Zo^+8;dCL@h~6FNW({DDRE+^TK8#NOzc?0Bx-{(oTK_KebAxx~7L#XI)5
z(<ieLVPn+YtUN41eU$wvte1A>5_>(Ym&0i1*~*&3BGf+Y$FNu}@Ou^!K2%Hi4VxMs
z+s)eObFlq8wmdvdOK4=f!bds!v=^Y|@G<w_yk&OC>u%F~NTr+ns5=U~QxD(skqXtq
zRHD2gC^Z?*%8E3_HJnUp*P-U>h(vW2+a3|6X0yW))!O7nHaT*%BeT8j>+JWDVbtrL
zk$wDo{UW;<If``c5!FH0zHCm^T`HU!6%mzp)2H!kv}EZ0q|#H_xu|)LiuP7A*vROi
z-L|(AY&Y17=*8-9*yqtvL;Bn><>-E{Gz^E2UYl{o^rK;X*Tzc5^c-XuO>Mq<dm&mM
z&YL%kQ$9Kjl;U+8#;a^e%#3cYwYPupI@=rHTN~2G&c%mpj2-T;>{yl_o8qr*z;(7V
z_I~X|Bl|FRh#I@GSA=H0&bEh!4>OFGZ+$v+(EXf`-a+?6-!g9~>Au}puAleUz1l}N
zbzi}D_UfN_sa^LS-<VBe%*a47jMQ(bE6fttp)aG@#JCQ9(Y|4;;xe>(->@sukwemb
zqB>eW$w%*?eegHZ@;_WNRnQH8?VEjcQ~M9ueep9K*V?sjV0+>d)O%S&{FH8f5i+-x
zjgL)s_=QOC`uV*RRL$GS)+Qu7LO=11qj%XG3H`LV|7Givda_#yiT-5|vc$w;jtT9|
z(QHxTS85)c(kCvq3h{v%nx<eU^{WsQ#x1XVzt?@$sAlW?9917=6Z=lmF8qW2dq}Ky
zJ%#P+drK?*g#Ec+zuWBppf1}p^#z}>kNOQ^sr}>C2iSf6&n@&)=U&@!#p^XZoGGn3
z<7(yVtBPA|EkbVfBx67d4&ARGGp=$Yo~}CE<n_{)zU2dK%4;*4yqN#(2wWlaWwtgc
z%-N&1idyiB@|G=Zds2vh$N#~OCB?<x#oKpQXEax?ZdO+Ig&f__7%wt!Qi3{@B@B2y
zwxZoeC%z;_F!f8j7<KHs0sYmNSnR;%>IAlFVE+eR1b0owt=iBkS|)2U?B3y;zDp1-
zRk_eCvo@m*X@91%JCV#B?-NI6ZsTTdHiq)1Q04%^*ui=vKchu_!S*F5t1q+9l6z@?
z>BoLbZVY?{qKyUYla!IRH|aL+3l=dbh0Pjvm-b9E+d3>kd$O4wA2#H^Q)n7Kt<Jb*
zPI_<#mXanx$ATV91vY&$c?kt4&4Qq+KZ})?2Lbf48!ujA<A<-*&R%ARhv#Vdms#)I
z*J+bJXFG1s)z&ltjq1L3q~Z?e>bDuoKW8&W4AS~Hv2`QHYI+kpHe#Q4x`{2j<1H=b
zGD{ixK-Z&Co@VHIO{{k0m)aYjuw{3~Y43i@Hr|<`UH_DQa_8XCQ<CT6r@Sjw$AYSM
zu(~_$VE2zo)%t$QDn|{}e*A>(8#TD=$C6d~lo_K+wEI3`b4L%<5<g*8qZ5PvZ=cm(
z7>Z!_x<590H?lWI_tQc@WmiUrr>woiMPq5MuFCZyP`w~jXPkv;_;MYuC-AxRtTEye
zCWdh9StI%q8#@LIho}ig{~6+}fxS)1nDCH>i(D{#?RCS1XN^8h?5Q#7-6nmCev5t4
z`3vkHWBS-KK{4*Q#Dd56*7{sz!^ig1=3iv<$3~96`U>XmWWIc#H9o!|1zKyXDxhhm
z9xOFG<SW4z0<-#AW7h??f9xFtO8g3Z+z+-B`5JK6m~w#~Pam$mdV$?FZnXc@Gw@^f
z`*Gv_C;X<rv8Hh^cAZU~816LYeavcqGgbTGJp1f7MFWEVW@=cd_?r9oc^^?WXPjrH
z>1n;UVv|stu_@D7`mxF3b#Ich_F3b}^Q2UWDr8n?H1W{dWE}e&vycBJ?jbVTXd$~b
zjI4Zn1@@YH9?>h$p@kThnjXj|Pw20`2{_>%+cGM8^c*`rp@081bU*hTH5~6>eFM?A
zH%NsXEPZ@<AO^H??IV^lF)@+1debbn*H%T4BWkOrAgeqUnrXb=z{)1xE}D9}f$g2x
z-^QCNYG6$hBcpnM#3k2eT=gm~&(eO3hWlCL?sF_?Qk-_Cfu&7~OZqdE@VbA-fBG)E
z711*NL#iA9-brlFXWzf>TD+BgH#zRE+FAp<=tH}jtoAqQ`33QqIb*u<l4z-NwOw_`
zp%n_|G=sK%m=jJ{T}2(5uUaPIu;O&p81~eZ*!1BjB_h~$1)_`?-lVg-YAV%3pp#~L
z<7GImDv5VFKGXPGv~;>^K07`o#4}S0InDQ&B<?gHSmKU0L*h>N-4&U48BJ7#)-lt=
zsMN1a{U@}>N08n4NLWCuAzpVt%U0?ymXn~WRs60=b$hyPUyC@Xt{MZWt$Qk0H)(E@
zluo3lL9+NrlZf;vNLF{y=_)b+jv|znGTeX|U=rz+s%3#72AV{i4=F9&^Q)U|Ceee_
zBBf=RV6_u96Zg<gY3U`1U5H3l;>0e3*p-On9ZtN3=Q}iin<>;r)vpMm!z9{?_*X&f
z=61?%duS4CIVi~8-7yqkx06MTQy*~OS67h_S~d!fAd*I|;O(v!M5jBdohap!lUf#t
z^5CGV`*A1ig+nkz5ihv9JgBPwDBRXo%?CR|d=Sx(5Kz`+AOvaU8;m%t{(!B#r<X?r
zx}pCc`B+4G*!x_|$|F3ET#<-Ps*US(75R_uTJ}QQ$|JnM9aVXR(_O(eoI!ZLrKX+5
zWwN-zLY1mHV~g%-=LxEs#{m}=R5gtNMuFpV7;e*FrQxWqY?fN{6V;3JTT#Ub<Ysnc
z>M^Km4in4_e?BWZb`8V|2+H)n<{=427>)rkCaaEhQty5AlypcT9fCXP0P1L>{`8*I
zjMN4%hN$r<Z^xQxbT_N?!Fhsdt&x>S2r90@HC25)R8SGBxDrtj7?7TS@9wDh*QQ6f
zZQLCs{JMZ_KLHV$#!gcJ4K~G%$=ab;koumnrv6k?c|??VJzYgNkAcH4VkQV7)fv|+
zS6@?Hw%UwqUZs^dY7`<Kp|OjJ;Ad_%9B!ey*L}@6bOw^SbrI;q!-w)k&gHS|dnDVY
z&TM>e(}@^DR)1A;6?f+1lf~nb>kY{@#mD6kP12Omnook>kt}^Vi-(*pd1#2YP9mOD
zl1J+-h6a3VZ(@00vRpZBb`D0P&e32Lrm(x`RUXMDo6t7TAp$YeINZc*RPzPE)6xUY
zlE9BipcsH#giO>COU4aarOYLR@5L{pKcW$fYk;`1y5hx67gxBr33PQAHvz7I7ANX$
zUyn&>bcTJ^?bM)h1r2&ci^-i@T<hN=w{Q`)2!(o*3~aFnG#qc%aEg^_WQn@i<etuG
zM(0H{HM8skPE<FH&S(z${XP(DGMZ~0Vt>Bi7Jwyy1l4-XJ-egEs#RMfrRMJC#2+L0
z-Nf(P++!>4pzXj)(X7QfY|7e^gIyUke*D?!86btaD0+C$yWEC8n?Cz5jy+->=3T5o
zz}03nW6q>Wp@Xo~Rx-P3ayQ(GDI^J8nb@Bjabi1Hozd7*=i>^*wAg{`a-;BjMq_KS
z^pv}whtzJjDVAKH)Nai_{@+MH(pq9IRQ;INi6?S2-HPU{g^FKUp0BKObz{yN+v$u(
z{Ja5AG>X`3dB%$4WFguXRK<9ieadL=84tyXu$`U@Ga5htrK16}zvtM`e)nQrLkFn=
z4>rVz1xwB`t2d2fpBK3cv7Po%U_<-=qTx?)41(=fblN~V6?D?+!|yulbO-|eBWyE`
z{iir%b;cYsX#Jcpg$M0<ZVnlz=ts>gn%fHl^urWX*mw^Tjbr{urda6|+-%wXA*l%H
z)_%WINRi(u@WI96XM}s2(=+uG?O|JSk}K*9+YfGa?%`XAOcAw_|0QZ6T8y?|>&0YY
z3G|{D@o53;NpnwiMq6v7uVP1KGumo0+UQZ!FGQNj9eX<|8}c8@(jJEgf}9>If6&%U
zr2*}3GuDdQmW;M3Ydsjze$tg@NT1$G`s@GfY>MZ^7QpvB-DWHhb?6A4oJYrwa2^_)
zWEPl{KaKBJIfbkAD~p`WU;|(8Z&i-bl%VyuQ8Rq8)7&dj&dti7@a2O%g5#?bTsbtH
z(1Am00FIL;hrbyoQAZ0-h+*M#`iJ5u({HF9g0?~hl~0wwrb3R{fNSP|QDMA~V`%$e
zuOJl`eSN%R+)eGQLhEP|bf44q(l_Y&S;{SAq*yoq>$tAL+Q&YclhXAd8l$s~<0n|a
z++Q^HI4jKxW6=-x@|9E`=OriK;U#nD4fK3*lvK0!rG027kDVCf15R@uH*f@Y4l)bv
zbgmOYy>dqw`*^9ttYIbEGn{6p8eVrO7ZYkcBE*=Cs2pmPiOR%?M|-7^Y4bz7Hc7pA
zzVm$id{w)8glji)L0aC=he<oT5aD&l7_FRO6%CmhUF5`$8l4a|J8HCt6P+D2dg?Iy
zU_nCH&@Y7TJ~+aDT+lb{uK(bSF@_#y!yiiMI!SUaK2pE%q3){or?;VQyms(ywlOPF
zyYKD#H?pEEwwp0{+#K;bYg}}XwmpXR$+;_TE=YwI<N4RI94`2oe$1lZyJoyi?*VNu
zy1}Y*61#_kC(}6erq??cKX=t1&9SPEzUA?Q#>Mw7@2ad&>d)t%RB3Car2iqE9b9}D
z3(cRM`gfcaeT~$LbRFrRNdH3m3CW9O!Begc={BUGPwSt~U#xis;rW{6(6t=tc3=!e
z-!-Ze9@hzH_|>OMQ#;}5o$$Pl*rQ~3Bq&Qd;nGg{;ZE4o39kqC??6o_%sTL6?cUOf
z;dx-Z*A&C17ACTtg|+p=m&{S?HxxagZY-@BKri;-XhES@TWHHYWgXtQKz{fUyqST#
z>33FpSLC0u?WN&&@4)ZXGznHfBYJrXuWax)vsOKBwbT7f<n&fa5)$5?P{<X(c)cZ|
zpkv`Fp^o6EjgrkwU3Q1Ze7OlkCE*FHeJIidq!~zykjjvLhqMvtIiy#SP9U8}`V#3T
zl2(frkrI%GB27S=fwTyz4C!}B8<CzvdKKve(s`sWYpt{FH*ur=9s-aOkcJ{nK$?NH
z2&oL|cSswNo<n*S=>*bwq%V<fB5C;PjygbB1wy`lZTU2H4E>T~A0w#r7x9nx$G*i2
zA!KBj_kDymJq4H-EW>w?;9*_eOFVbtWs}^Jti=Vzx#da|+*+2s0{3|pSvlE7MT@d?
zmMD|){z*=DaY=CjNCoA2%3napFDrLt<rb7>f#S-_Sz4-ejZhR((^cXtQLcds`NUOF
zoL{btj8c@+vVvk)`O0Efc14)70)(a61;t#!KjJT`&*m?$i~V2pLg;Gcfk}O#{!X4Y
zD}Evy?@C}PE7G-Jl=|Woqg2XwR|Ki*XZ43xy1IBC2$>97>I1hyf|jU+yh~_~Kvr8p
zx$bh6mMiL9dNE5&wA+^Ex%84;MSV~Z9Ja-!iaKuvLRL$3+H&&BT#7nhR1dW+$y=$Y
z3j~U=<z$y;yKq4EkRZg^+~s+mvh4i4V${hJ#CTg?Sy@ThBKKlNT_{L>Y{ezZ^U4Yq
zLsqtEHOWS1Ub(cy4b>J2T8b^dtRR=vRn#0oO0%Kfq7ryQ%@vg4Hdn#Yyb?DW%;S`_
z#F401;-)?>7VV9(l^3}3a<a?8lrO5K+j2{|?Ny!4U*ET1q0N<7f#O0@L!q9)CQC}W
zk*py&c~;aS_Tu{3DaE$M1x0zq*-N2BvB?fXK3Sr~tnfRkP%0X;htMuoT~?1_uO&J{
zZV)PCj;i=Lm#r+%l~a-nSuVk>*osPWvRwrw#fs`?zpaYAXSry^ZZjKMAsTUn@J1>`
zJ*Q}7rD!BnH1e=0iwN0CP5uwtTQ#6?wQZR@J9mhpuBPWYL<q-2eOTpqn4+!`<r>Gs
zeb{0vEuon32-#NdfEC#V?IgR+<thRL8~;eWXT3_=QuI#Wh<SEa&r(;JqONn0E$Zw&
z%L^Vx-`DXT)j4_=FU?!J$cLRh;d;p$8ioL>3UN|3R~Vf82scYzY1lH~eNk9hUUrcX
z`KS;Xu7{7NzCZQ@<`7HWo1XAj30AXzJ(A)%sZt+EulE`0h7pUh6JeN+p<4tu+KKnN
z6LN&pep5Yl5NoKVZnH-TeH7ENiUFQeQd*D)ecHG%613_WF6<}?`!+@j<HPV<p|eAX
z?si?sc7~ywH`u;MBRx0FP8F1w<tXY+ZsWS5aO#YS^zd3glp9u1j@c+TkD^=hFT^wj
z{(p*&%onQP5~}~OMp)px{^*ybu5nFRzMiG$W#{IVWtH1#wo=sZ*|f)E@OQ~$(Vmx8
z-Y@D?{#NQ&6z|t=Rdy_jTWPl{%@i#Ze}z|qr((F~CM=ENs++KgCT&ICqY6d!819?B
zDygQ`O;I8*^uQwk8F?ut3`K1gx{w|VpXIvnsqS-CSj`^Ajch`PQ0<CT%_&s*!lxNm
z#e}8NWWj=BKJuhJ6!l9rR*06G{=K87SK0RJaL-q2AouYkC2|p#WUlTKxCAi~sqxlG
z+23w&H(rF+!FUl`N8?3l!tK&{CX~iAp;Rf_qjj)ejOMdm1XeiGrWEUsqTVZXAwAyN
z$#ub7nu<DAHg1o3lHfF7+gO9zVQF+hJ1C0Aq~(L2Iz1X)H7n*u7x3w~ow6{xyllCm
z-lx%V8QdDZxU6KUiD^i30wy;_&D6GFUa-_1^q`4lZXVM!G;)EZZoemHC8;z+qkdWI
zcD>_?#<-a=jF(&Mb^tFeM@R41df+8*Yn^e_6ElZu%+$VzRBK%`2v<3QEvSk0nB)eK
zlZiY_8^9%>Ipm31OoZ85K2)~Woq5X>`!DRq4(+hoFC#@~W#y(R>JDxzYu%~0JVe2i
zYEq89<xzTl^n%s?0xTV;78K{XvWi_L*^2r)ucOA(D~#Q!xnOjz_aV$J-Z-Tj?MXgD
z@OLLdoDxaf67rzfq^N%pE+qHS52EH+Jn0K3?$J|bI3*OjVdqoQqfR+A-<8<o5*|Mz
zacK<qxCx8M<0jCB$4!_^4mZI<pTkYceBto-IyqcmpTj-e<A41XkDu-2@v|L0E{gpe
z{y}Glf7sdKCZW-E^+(zO5BGJW>FWmR>&CY{y?)*euf6Q^bFziTqqXj1pPx-i1N^K+
z(l$~3&)uUs&BE6{a@C4G<gNt1_T6jYi=U^?o*<U0do5zEawN#*&m=e#a<g3s8d;+*
zREeY=sM=vqs^(hw{6|gD&--YmsGxWWxGd(h$Y)6tI>@nkmdnr_qj6PqAx9ikz;QX;
zEhy&{7kPTI6jZ82(pFdf&mFM(f`w0X)PB@{t^?HGVR7>jZ%@FIZUToA`419O;Ng31
z{~fdXvPGpbk}&5rE=BChc6aQF2_4a{?EIp<<$2g_yy8=MMM+t1ao&n{5}&)w@}g+k
zxs|)J%RHFEOsXC&_IoDIjhTk-t9zu-g*4IZl}aGG+rgY@v10DCkm6e1OeMg20$b<E
zBy8?!<odS%>HsS@5q0dq5p>QYSJM904vRs5t6U5c3d)O0it~m1B&+a;Ifw^JoGTVJ
z6D}0%s|n|mt4%Nm;~%S%kKn1B8C_7sH^nAPrdW@Ytzt!)8ojin*rlVpDOTza?R%*6
zsa7!~Z^A4spP3YOuyr;1ZK?ZVjWkJ`l}uu(yR}9v>qD$!$8ly&4BwG?hFZm*Z1bAv
z;u834n3eXfmby)Aly3B})E$UVgtsY)^sJ=%Jv}LENPtRaq_=<(@!4hh%P}MO2#_I9
z4hxlFl@j?RrZ!dV_xl8JHz-FvRy#dciOSe(B?br++qp2p!Y_^(zTxRBp)2NH3XQ%}
zcxiNAMP82EmA$A48x)gTMD3eEkB0PqQaYAL2|Ngwh0!IYwAIhzkB{wK^MzZ@N^@fP
z=Cgl*xrK|_NjfA248THXsoS+itX~5HXh8vfn8LZNG`qZf1s-As22l4cbvqu8rhv*4
zO_nDpYI49<USh03*rs41>b3`X6$UN0dk^;Irt!U$0{B5w{)H9Es;))Z^LPQ9EZ6=t
z`iDQ>q2{vFf83(x*604|F;$(&zIk$7@>EpOo(aL(zm^zrTL_^o0>#{xL};r(@wdgY
z*_)@OkkEghC6{#bt^R|@5@Vgc`*7sy;5#^Sbf3r?HV;i9=8+%r3K-Mnc<@xz>1Ksl
zRAG91h192pq!4p>L&p|eW(D4YtGz<aQz`0H_U2PV1F1^hdDiw+_?=wpb3P_&<9Roq
zDxKY_hw6?<u3~6+>Y<4uy2rBgrw0e-owwSbzfkXfdYr~iZTUo76<Gi5R+kz`k4Kiu
z`p9R0R$1isUg|S!<o3Jk+qSPzGg9qsD=ZQAzvQ)D-Ga+L+kOGrR-|XkwLZbSx7t(q
zzbW?4|7P2Nu}^7hv#+x+X06XBsBbaHj*7@+r`9jnez$!~n`QYImhR8kM{7w=`@8ma
z?7)sF#~-vwJ?sy(S(d(G>CLX}n64dupACKCbM+t#-WjJ(XG3;ItM9XWclOs-J;RRf
zjA9#h+SPpa)Xqe8Av=P<zhz(S9DUbFScERxsq{t2jPGu*(k65ZnEa?k^QNXPO?6r}
zsHthwQ=QsBQ{xMfZAp#SrlvYkhtEOCufD=|zt~G#v4{Qj#i(Aivc!UFO3DN;oq^F6
zwV!Fb25NI&W2w8wX$Ow5;$2~$;i62T3F0tjCbQy{O6wz*a<usG)OgEi6`HJ3Qyp_a
z$WOK2o$4eNaFB+dNYqt!ht>KR+(;^|#qgj29S3a6%1=$VU^;Y~<rI&yJe>E}WJr?&
zMt;Z^zmytCvcenK(=UzSw+O9^FFngv@6HHbT9R9^xBy2FS$E%;b=TcfGuYR=lj_4?
z9-yh4*!VqhUFfv13Duif0T7)b9)^8CV|75AtF89UIPzM>-r5rvKqrEs?DC$(06H_A
z$pZE!cA-<mRd`sbU_<uCb)l2VTi7y&vvYexSkYcb7snI$vXs7%Wb5|E@h?&x_++bM
zGTXhkS0Ei=uAj|5+?&v48*aDF#;-H%$GvfZIu5q=Y}RXELKixcrq5LET;%+HjzAYE
zu54C}Li&ti6$-7q@D&vDuT`_zQ50^&!RNL`R2aNJg#EnF(S?pecYtyRl(;TM__eMm
z2cLUU<sR=rM>-V5+`>O?tH@yw?e7;*0fupG`+*R)WxrE<J(ukT@%vmw*~*F6_B#XF
zVtggin`s9U0=|6|yKPu5gpE1i3_S9<qEy@13=~Y+h_AKS$^(f3yZ)#s%TPBlAQF#9
z!?~2E1I~amTNNdp-8hgKXnzsks0Fg9S7&?3H_!)4$s<U3M_|mLxX3>O!)3V0Ljv14
zCO-+xGlje*usFvwKM}R?k6~d7cuSPiz8?=1^a-&bkPj7p<SZ}-04{Qyz<9>MMUE2~
zUdBb<6PQMUqLA+drlV&BmJj#f*gRgg@T2HqXaFvw5(_`OZvU{-BELK)CyH`B*x;&Q
z+w0#^(^&SwxNNg=72h=uM48#RiZgJUPt3+ud{vo2<x-Z4&xr2^<{#}KS8-lG3;9fG
z3=N<BE}?Sv#lg4<rLqgu%6d@gKp7co1uJ#PO_Qkj(D+$k|5jfHUU-pBcrDdK6Ztp<
zUk?ax0ok0M2>%33Ta){c6SiT-FfB!289RaLdH{*+m;h`}l*FG5OlMN`p(tVc_KL0w
zB;v=iN_%(lg*Fi$0t300qAnQUWar5Wy@9EmeoLV1TO`7d1Dn=%YB#*k0Gm@6HCPWk
z2J#Y!Uvnt*FiJ-lt;nhTlq%X+Hc5dOQ9u`kF*WctaH(`puokA=0;X@bCh&5HB3|Rb
zC*xcoKGoFlwIue%bKweVpbs!THPO2eghv3=HCgii)&l}P?>vH>80H{1CuhPXvI2dJ
zO9~OcIeO>=>nd4peqjBi#QBncm&B&Y4@pcbJ(u@B2=tb%FnPFg8JNECGVyg;fj)bq
z3K~sRxM*Av?ji9QiTePXqnA363`{3AF3cQ+he>`Kx2W$?CV@a_jR#<JVwffw%n!D+
zB&L^ssKI4sxx`fxua*k_N#Zz(Ujp`zk;B0B<=qTk-{Vluf<P7kMz3yo8%cm%Ye}KY
zgmIZMa$VwkKqG~Ik(f5!gri|Pdhi=3dpro(Ux9JJw0*lm3Sz2LW|6INVcOvWiX=8a
zDEE*6sbD<jh{t952+6+%*#C3$=VW<*S$<IB%hDq6N=$Q)hcvz{38Q3%?|}U^?t-4s
z#*V(lCyPV@(`71<EO8QOByTjZIqVWJ?9yfV5LrG0SX$h}O+FU{It%@gYv@q2foahM
zKjwiO-W5{7S5m;Ez)$$O><L*egG$*7Ok3S)QsLKR`8HYqti*58_$Q4&mju%V*Ma>l
zpkbY(H*U#L^nWP`1@`~cJyEQK{C_(^^6rrMe`JGq1Dh^%!iBSC`JFWXPz7BQaI3^4
z(W47p4<k|eA4!0m;c2FO8JJG8&6(_V$#44n3^2VAXDa-uET1mreIs%G!MB6d`i8^X
YRrc7?2iZ4A2Rz^Z9j$)U@pJ0`1I{lzm;e9(

diff --git a/org.gridsite.core/src/htcp.c b/org.gridsite.core/src/htcp.c
index 1219455..763042a 100644
--- a/org.gridsite.core/src/htcp.c
+++ b/org.gridsite.core/src/htcp.c
@@ -84,6 +84,9 @@
 
 #define HTCP_SITECAST_GROUPS 32
 
+#define HTCP_HOST_CONF       "/etc/htcp.conf"
+#define HTCP_USER_CONF       ".htcp.conf"
+
 struct grst_stream_data { char *source;
                           char *destination;
                           int   ishttps;
@@ -286,7 +289,7 @@ int do_copies(char *sources[], char *destination,
          }
  
        if (common_data->verbose > 0)
-            fprintf(stderr, "%s -> %s\n", sources[isrc], thisdestination);
+            fprintf(stderr, "Copy %s -> %s\n", sources[isrc], thisdestination);
 
        if (common_data->method == HTCP_GET)
          {
@@ -721,10 +724,16 @@ int do_finds(char *sources[],
 
   /* parse common_data_ptr->groups */ 
 
+  if (common_data_ptr->groups == NULL)
+    {
+      fprintf(stderr, "No multicast groups given\n");
+      return CURLE_FAILED_INIT;
+    }
+
   p = common_data_ptr->groups;
   igroup = -1;
 
-  for (igroup=-1; igroup+1 < HTCP_SITECAST_GROUPS; ++igroup)
+  for (igroup=-1; igroup+1 < HTCP_SITECAST_GROUPS;)
      {  
        sitecast_groups[igroup+1].port     = GRST_HTCP_PORT;
        sitecast_groups[igroup+1].timewait = 1;
@@ -842,6 +851,152 @@ int do_finds(char *sources[],
    return GRST_RET_OK;
 }
 
+int translate_sitecast_url(char **source_ptr,
+                           struct grst_stream_data *common_data_ptr)
+{
+  int request_length, response_length, i, ret, s, igroup;
+  struct sockaddr_in srv, from;
+  socklen_t fromlen;
+#define MAXBUF 8192  
+  char *request, response[MAXBUF], *p;
+  GRSThtcpMessage msg;
+  struct timeval start_timeval, wait_timeval;
+  struct grst_sitecast_group sitecast_groups[HTCP_SITECAST_GROUPS];
+  fd_set readsckts;
+
+  /* parse common_data_ptr->groups */ 
+
+  if (common_data_ptr->groups == NULL)
+    {
+      fprintf(stderr, "No multicast groups given\n");
+      return CURLE_FAILED_INIT;
+    }
+
+  p = common_data_ptr->groups;
+  igroup = -1;
+  
+  for (igroup=-1; igroup+1 < HTCP_SITECAST_GROUPS;)
+     {  
+       sitecast_groups[igroup+1].port     = GRST_HTCP_PORT;
+       sitecast_groups[igroup+1].timewait = 1;
+       sitecast_groups[igroup+1].ttl      = 1;
+       
+       ret = sscanf(p, "%d.%d.%d.%d:%d:%d:%d", 
+                 &(sitecast_groups[igroup+1].quad1),
+                 &(sitecast_groups[igroup+1].quad2),    
+                 &(sitecast_groups[igroup+1].quad3),
+                 &(sitecast_groups[igroup+1].quad4),    
+                 &(sitecast_groups[igroup+1].port),
+                 &(sitecast_groups[igroup+1].ttl),
+                 &(sitecast_groups[igroup+1].timewait));
+
+       if (ret == 0) break; /* end of list ? */
+         
+       if (ret < 5)
+         {
+           fprintf(stderr, "Failed to parse multicast group "
+                     "parameter %s\n", p);
+           return CURLE_FAILED_INIT;
+         }
+         
+       ++igroup;  
+       
+       if ((p = index(p, ',')) == NULL) break;       
+       ++p;
+     }
+
+  if (igroup == -1)
+    {
+      fprintf(stderr, "Failed to parse multicast group parameter %s\n", p);
+      return CURLE_FAILED_INIT;
+    }
+
+  if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) 
+    {
+      fprintf(stderr, "Failed to open UDP socket\n");
+      return CURLE_FAILED_INIT;
+    }
+
+  /* loop through multicast groups since we need to take each 
+     ones timewait into account */
+
+  gettimeofday(&start_timeval, NULL);
+
+  for (i=0; i <= igroup; ++i)
+     {
+       if (common_data_ptr->verbose)
+        fprintf(stderr, "Querying multicast group %d.%d.%d.%d:%d:%d:%d\n",
+                sitecast_groups[i].quad1, sitecast_groups[i].quad2,
+                sitecast_groups[i].quad3, sitecast_groups[i].quad4,
+                sitecast_groups[i].port, sitecast_groups[i].ttl,
+                sitecast_groups[i].timewait);
+        
+       bzero(&srv, sizeof(srv));
+       srv.sin_family = AF_INET;
+       srv.sin_port = htons(sitecast_groups[i].port);
+       srv.sin_addr.s_addr = htonl(sitecast_groups[i].quad1*0x1000000
+                                 + sitecast_groups[i].quad2*0x10000
+                                 + sitecast_groups[i].quad3*0x100
+                                 + sitecast_groups[i].quad4);
+
+       /* send off queries, one for each source file */
+
+       GRSThtcpTSTrequestMake(&request, &request_length, 
+                                   (int) (start_timeval.tv_usec),
+                                   "GET", *source_ptr, "");
+
+       sendto(s, request, request_length, 0, 
+                       (struct sockaddr *) &srv, sizeof(srv));
+
+       free(request);
+          
+       /* reusing wait_timeval is a Linux-specific feature of select() */
+       wait_timeval.tv_usec = 0;
+       wait_timeval.tv_sec  = sitecast_groups[i].timewait;
+
+       while ((wait_timeval.tv_sec > 0) || (wait_timeval.tv_usec > 0))
+            {
+              FD_ZERO(&readsckts);
+              FD_SET(s, &readsckts);
+  
+              ret = select(s + 1, &readsckts, NULL, NULL, &wait_timeval);
+
+              if (ret > 0)
+                {
+                  response_length = recvfrom(s, response, MAXBUF,
+                                             0, &from, &fromlen);
+  
+                  if ((GRSThtcpMessageParse(&msg, response, response_length) 
+                                                      == GRST_RET_OK) &&
+                      (msg.opcode == GRSThtcpTSTop) && (msg.rr == 1) && 
+                      (msg.trans_id == (int) start_timeval.tv_usec) &&
+                      (msg.resp_hdrs != NULL) &&
+                      (GRSThtcpCountstrLen(msg.resp_hdrs) > 12))
+                    { 
+                      /* found one */ 
+
+                      if (common_data_ptr->verbose > 0)
+                        fprintf(stderr, "Sitecast %s -> %.*s\n",
+                                *source_ptr, 
+                                GRSThtcpCountstrLen(msg.resp_hdrs) - 12,
+                                &(msg.resp_hdrs->text[10]));
+
+                      free(*source_ptr);
+                      
+                      asprintf(source_ptr, "%.*s",
+                          GRSThtcpCountstrLen(msg.resp_hdrs) - 12, 
+                          &(msg.resp_hdrs->text[10]));
+                          
+                      return GRST_RET_OK;
+                    }
+                }
+            }
+
+     }
+     
+  return GRST_RET_OK;
+}
+
 size_t rawindex_callback(void *ptr, size_t size, size_t nmemb, void *data)
 {
   if ( ((struct grst_index_blob *) data)->used + size * nmemb >=
@@ -1312,15 +1467,7 @@ void printsyntax(char *argv0)
 "(Version: %s)\n", p, p, VERSION);
 }
 
-int main(int argc, char *argv[])
-{
-  char **sources, *destination = NULL, *executable, *p;
-  int    c, i, option_index, anyerror;
-  struct stat statbuf;
-  struct grst_stream_data common_data;
-  struct grst_sitecast_group sitecast_groups[HTCP_SITECAST_GROUPS];
-  struct passwd *userpasswd;
-  struct option long_options[] = {	{"verbose",		0, 0, 'v'},
+struct option long_options[] = {	{"verbose",		0, 0, 'v'},
                 			{"cert",		1, 0, 0},
 			                {"key",			1, 0, 0},
              				{"capath",		1, 0, 0},
@@ -1338,8 +1485,93 @@ int main(int argc, char *argv[])
                 			{"sitecast",		0, 0, 0},
                 			{"domain",		1, 0, 0},
                 			{"find",                0, 0, 0},
+                			{"conf",                1, 0, 0},
                 			{0, 0, 0, 0}  };
 
+int update_common_data(struct grst_stream_data *, int, char *);
+
+void parse_conf(struct grst_stream_data *common_data_ptr, char *conf_file)
+{
+  int   option_index;
+  char  line[1001], *p;
+  FILE *fp;
+  
+  fp = fopen(conf_file, "r");
+  if (fp == NULL)
+    {
+      if (common_data_ptr->verbose)
+        fprintf(stderr, "Failed to open configuration file %s\n", conf_file);
+      return;
+    }
+    
+  if (common_data_ptr->verbose)
+      fprintf(stderr, "Opened configuration file %s\n", conf_file);
+
+  while (fgets(line, sizeof(line), fp) != NULL)
+       {
+         if ((p = index(line, '\n')) != NULL) *p = '\0';
+       
+         for (option_index=0; 
+              long_options[option_index].name != NULL; ++option_index)
+            {
+              if (long_options[option_index].has_arg &&
+                  (strncmp(line, long_options[option_index].name, 
+                          strlen(long_options[option_index].name)) == 0) &&
+                  (line[strlen(long_options[option_index].name)] == '='))
+                {
+                  update_common_data(common_data_ptr, option_index,
+                   strdup(&line[strlen(long_options[option_index].name) + 1]));
+                  break;
+                }              
+
+              if (!long_options[option_index].has_arg &&
+                  (strcmp(line, long_options[option_index].name) == 0))
+                {
+                  update_common_data(common_data_ptr, option_index, "");
+                  break;
+                }              
+            }
+       }  
+    
+  fclose(fp);
+}
+
+int update_common_data(struct grst_stream_data *common_data_ptr,
+                        int option_index, char *optarg)
+{
+  if      (option_index == 1) common_data_ptr->cert       = optarg;
+  else if (option_index == 2) common_data_ptr->key        = optarg; 
+  else if (option_index == 3) common_data_ptr->capath     = optarg;
+  else if (option_index == 4) common_data_ptr->method     = HTCP_DELETE;
+  else if (option_index == 5) common_data_ptr->method     = HTCP_LIST;
+  else if (option_index == 6) common_data_ptr->method     = HTCP_LONGLIST;
+  else if (option_index == 7) common_data_ptr->method     = HTCP_MKDIR;
+  else if (option_index == 8) common_data_ptr->noverify   = 1;
+  else if (option_index == 9) common_data_ptr->anonymous  = 1;
+  else if (option_index ==10) common_data_ptr->gridhttp   = 1;
+  else if (option_index ==11) common_data_ptr->method     = HTCP_MOVE;
+  else if (option_index ==12) common_data_ptr->method     = HTCP_PING;
+  else if (option_index ==13) common_data_ptr->groups     = optarg;
+  else if (option_index ==14) common_data_ptr->timeout    = atoi(optarg);
+  else if (option_index ==15) common_data_ptr->sitecast   = 1;
+  else if (option_index ==16) { common_data_ptr->sitecast = 1;
+                                common_data_ptr->domain   = optarg; }
+  else if (option_index ==17) common_data_ptr->method     = HTCP_FIND;
+  /* option_index == 18 is used by the --conf command line-only option */
+  else return GRST_RET_FAILED;
+  
+  return GRST_RET_OK;
+}
+
+int main(int argc, char *argv[])
+{
+  char **sources, *destination = NULL, *executable, *p, *htcp_conf;
+  int    c, i, option_index, anyerror;
+  struct stat statbuf;
+  struct grst_stream_data common_data;
+  struct grst_sitecast_group sitecast_groups[HTCP_SITECAST_GROUPS];
+  struct passwd *userpasswd;
+
 #if (LIBCURL_VERSION_NUM < 0x070908)
   char *tmp_ca_roots = NULL;
 #endif
@@ -1366,6 +1598,23 @@ int main(int argc, char *argv[])
   common_data.timeout   = 0;
   common_data.sitecast  = 0;
   common_data.domain    = NULL;
+
+  if ((argc > 1) && ((strcmp(argv[1], "--verbose") == 0) || 
+                     (strcmp(argv[1], "-v") == 0))) common_data.verbose = 1;
+    
+  /* examine any configuration files */
+    
+  parse_conf(&common_data, HTCP_HOST_CONF);  
+  
+  userpasswd = getpwuid(geteuid());
+  asprintf(&htcp_conf, "%s/%s", userpasswd->pw_dir, HTCP_USER_CONF);
+  parse_conf(&common_data, htcp_conf);
+  free(htcp_conf);
+
+  htcp_conf = getenv("HTCP_CONF");
+  if (htcp_conf != NULL) parse_conf(&common_data, htcp_conf);
+
+  common_data.verbose = 0;
     
   while (1)
        {
@@ -1376,24 +1625,8 @@ int main(int argc, char *argv[])
          if      (c == -1) break;
          else if (c == 0)
            {
-             if      (option_index == 1) common_data.cert       = optarg;
-             else if (option_index == 2) common_data.key        = optarg; 
-             else if (option_index == 3) common_data.capath     = optarg;
-             else if (option_index == 4) common_data.method     = HTCP_DELETE;
-             else if (option_index == 5) common_data.method     = HTCP_LIST;
-             else if (option_index == 6) common_data.method     = HTCP_LONGLIST;
-             else if (option_index == 7) common_data.method     = HTCP_MKDIR;
-             else if (option_index == 8) common_data.noverify   = 1;
-             else if (option_index == 9) common_data.anonymous  = 1;
-             else if (option_index ==10) common_data.gridhttp   = 1;
-             else if (option_index ==11) common_data.method     = HTCP_MOVE;
-             else if (option_index ==12) common_data.method     = HTCP_PING;
-             else if (option_index ==13) common_data.groups     = optarg;
-             else if (option_index ==14) common_data.timeout    = atoi(optarg);
-             else if (option_index ==15) common_data.sitecast   = 1;
-             else if (option_index ==16) { common_data.sitecast = 1;
-                                           common_data.domain   = optarg; }
-             else if (option_index ==17) common_data.method     = HTCP_FIND;
+             if (option_index == 18) parse_conf(&common_data, optarg);
+             else update_common_data(&common_data, option_index, optarg);
            }
          else if (c == 'v') ++(common_data.verbose);
        }
@@ -1432,8 +1665,6 @@ int main(int argc, char *argv[])
               common_data.cert = getenv("X509_USER_CERT");
               common_data.key  = getenv("X509_USER_KEY");
               
-              userpasswd = getpwuid(geteuid());
-              
               if ((common_data.cert == NULL) &&
                   (userpasswd != NULL) &&
                   (userpasswd->pw_dir != NULL))
@@ -1562,8 +1793,8 @@ int main(int argc, char *argv[])
   for (i=0; i < (argc - optind - 1); ++i) 
      {
        if (strncmp(argv[optind + i], "file:", 5) == 0)
-            sources[i] = &argv[optind + i][5];
-       else sources[i] =  argv[optind + i];
+            sources[i] = strdup(&argv[optind + i][5]);
+       else sources[i] = strdup(argv[optind + i]);
        
        if (sources[i][0] == '\0') 
          {
@@ -1575,9 +1806,24 @@ int main(int argc, char *argv[])
   
   sources[i]  = NULL;  
 
-  if (strncmp(argv[optind + i], "file:", 5) == 0)
-       destination = &argv[optind + i][5];
-  else destination =  argv[optind + i];
+  if (strncmp(argv[optind+i], "file:", 5) == 0)
+    {
+      if ((argv[optind+i][strlen(argv[optind+i]) - 1] != '/') &&
+          (stat(&argv[optind + i][5], &statbuf) == 0) &&
+          S_ISDIR(statbuf.st_mode))
+                         asprintf(&destination, "%s/", &argv[optind + i][5]);
+      else destination = strdup(&argv[optind + i][5]);
+    }
+  else if ((strncmp(argv[optind+i], "http://",  7) != 0) &&
+           (strncmp(argv[optind+i], "https://", 8) != 0)) 
+    {
+      if ((argv[optind+i][strlen(argv[optind+i]) - 1] != '/') &&
+          (stat(argv[optind+i], &statbuf) == 0) &&
+          S_ISDIR(statbuf.st_mode))
+                         asprintf(&destination, "%s/", argv[optind+i]);
+      else destination = strdup(argv[optind+i]);
+    }
+  else destination = strdup(argv[optind+i]);
   
   if (destination[0] == '\0')
     {
@@ -1621,14 +1867,23 @@ int main(int argc, char *argv[])
                    return CURLE_URL_MALFORMAT;
                  }
 
-/* NEED TO CHECK common_data.domain MATCHES IF IT IS SET */
-/*
-               if (common_data.sitecast) 
+               if ((common_data.sitecast) && 
+                   ((common_data.domain == NULL) ||
+
+                    ((strncmp(sources[i], "http://", 7) == 0) &&
+                     (strncmp(&sources[i][7], common_data.domain, 
+                                 strlen(common_data.domain)) == 0) &&
+                     ((sources[i][7+strlen(common_data.domain)] == ':') ||
+                      (sources[i][7+strlen(common_data.domain)] == '/'))) ||
+
+                    ((strncmp(sources[i], "https://", 8) == 0) &&
+                     (strncmp(&sources[i][8], common_data.domain, 
+                                 strlen(common_data.domain)) == 0) &&
+                     ((sources[i][8+strlen(common_data.domain)] == ':') ||
+                      (sources[i][8+strlen(common_data.domain)] == '/')))))
                  {
-                   translate_sitecast_url(&sources[i], 
-                                          sources[i], &common_data);
+                   translate_sitecast_url(&sources[i], &common_data);
                  }
-*/
              }
          }
          
diff --git a/org.gridsite.core/src/mod_gridsite.c b/org.gridsite.core/src/mod_gridsite.c
index a64d155..cf5b0d8 100644
--- a/org.gridsite.core/src/mod_gridsite.c
+++ b/org.gridsite.core/src/mod_gridsite.c
@@ -2103,6 +2103,41 @@ static int mod_gridsite_first_fixups(request_rec *r)
     return DECLINED;
 }  
 
+void GRST_creds_to_conn(conn_rec *conn, 
+                        STACK_OF(X509) *certstack, X509 *peercert)
+{
+   int i, lastcred;
+   const int maxcreds = 99;
+   const size_t credlen = 1024;
+   char creds[maxcreds][credlen+1], envname[14];
+
+   if ((certstack != NULL) && (conn->notes != NULL) &&
+       (apr_table_get(conn->notes, "GRST_creds_to_conn") != NULL)) return;
+
+   /* Put result of GRSTx509CompactCreds() into connection notes */
+
+   apr_table_set(conn->notes, "GRST_creds_to_conn", "yes");
+   ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, conn->base_server,
+                                            "set GRST_creds_to_conn");
+
+   if (GRSTx509CompactCreds(&lastcred, maxcreds, credlen, (char *) creds,
+                          certstack, GRST_VOMS_DIR, peercert) == GRST_RET_OK)
+     {
+       for (i=0; i <= lastcred; ++i)
+          {
+            apr_table_setn(conn->notes,
+                                 apr_psprintf(conn->pool, "GRST_CRED_%d", i),
+                                 apr_pstrdup(conn->pool, creds[i]));
+
+            ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, conn->base_server,
+                                      "store GRST_CRED_%d=%s", i, creds[i]);
+
+          }
+                                   
+       /* free remaining dup'd certs? */
+     }     
+}
+
 static int mod_gridsite_perm_handler(request_rec *r)
 /*
     Do authentication/authorization here rather than in the normal module
@@ -2129,6 +2164,9 @@ static int mod_gridsite_perm_handler(request_rec *r)
     GRSTgaclPerm     perm = GRST_PERM_NONE, destination_perm = GRST_PERM_NONE;
     GRSTgaclAcl     *acl = NULL;
     mod_gridsite_dir_cfg *cfg;
+    SSLConnRec      *sslconn;
+    STACK_OF(X509)  *certstack;
+    X509	    *peercert;
 
     cfg = (mod_gridsite_dir_cfg *)
                     ap_get_module_config(r->per_dir_config, &gridsite_module);
@@ -2142,6 +2180,19 @@ static int mod_gridsite_perm_handler(request_rec *r)
     env = r->subprocess_env;
 
     /* do we need/have per-connection (SSL) cred variable(s)? */
+    
+    sslconn = (SSLConnRec *) ap_get_module_config(r->connection->conn_config, 
+                                                  &ssl_module);
+
+    if ((sslconn != NULL) && (sslconn->ssl != NULL) &&
+        (r->connection->notes != NULL) &&
+        (apr_table_get(r->connection->notes, "GRST_creds_to_conn") == NULL))
+      {
+        certstack = SSL_get_peer_cert_chain(sslconn->ssl);
+        peercert  = SSL_get_peer_certificate(sslconn->ssl);
+      
+        GRST_creds_to_conn(r->connection, certstack, peercert);
+      }
 
     if ((user == NULL) && 
         (r->connection->notes != NULL) &&
@@ -2561,6 +2612,7 @@ int GRST_callback_SSLVerify_wrapper(int ok, X509_STORE_CTX *ctx)
    int errdepth        = X509_STORE_CTX_get_error_depth(ctx);
    int returned_ok;
    int first_non_ca;
+   STACK_OF(X509) *certstack;
 
    /*
     * GSI Proxy user-cert-as-CA handling:
@@ -2626,35 +2678,13 @@ int GRST_callback_SSLVerify_wrapper(int ok, X509_STORE_CTX *ctx)
           }
         else 
           {
-            int i, lastcred;
-            STACK_OF(X509) *peer_certs;
-            const int maxcreds = 99;
-            const size_t credlen = 1024;
-            char creds[maxcreds][credlen+1], envname[14];
-
             ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, "Valid certificate"
                                    " chain reported by GRSTx509CheckChain()");
 
-            /*
-             * Always put result of GRSTx509CompactCreds() into environment
-             */
-            if (peer_certs = (STACK_OF(X509) *) X509_STORE_CTX_get_chain(ctx))
-              {    
-                if (GRSTx509CompactCreds(&lastcred, maxcreds, credlen,
-                    (char *) creds, peer_certs, GRST_VOMS_DIR) == GRST_RET_OK)
-                  {
-                    for (i=0; i <= lastcred; ++i)
-                       {
-                         apr_table_setn(conn->notes,
-                                 apr_psprintf(conn->pool, "GRST_CRED_%d", i),
-                                 apr_pstrdup(conn->pool, creds[i]));
-
-                         ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
-                                      "store GRST_CRED_%d=%s", i, creds[i]);
-                       }
-                  }
-            /* free remaining dup'd certs? */
-              }                                   
+            /* Put result of GRSTx509CompactCreds() into connection notes */
+            if ((certstack = 
+                  (STACK_OF(X509) *) X509_STORE_CTX_get_chain(ctx)) != NULL)
+             GRST_creds_to_conn(conn, certstack, NULL);
           }
      }
 
-- 
1.8.2.3