From ffb28c62beff7492a90842a294bd680f165f324e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Thu, 14 Jun 2018 19:34:04 +0200
Subject: [PATCH 01/30] dev version

---
 CHANGELOG.md     | 3 +++
 appinfo/info.xml | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 586b2b4..3564381 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,8 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## [Unreleased]
+
 ## [v4.0.0-rc2]
 ### Added
 - User active column
@@ -65,6 +67,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Changed
 - Supported version of ownCloud, Nextcloud: ownCloud 10, Nextcloud 12
 
+[Unreleased]: https://github.com/nextcloud/user_sql/compare/v4.0.0-rc2...develop
 [v4.0.0-rc2]: https://github.com/nextcloud/user_sql/compare/v4.0.0-rc1...v4.0.0-rc2
 [4.0.0-rc1]: https://github.com/nextcloud/user_sql/compare/v3.1.0...v4.0.0-rc1
 [3.1.0]: https://github.com/nextcloud/user_sql/compare/v2.4.0...v3.1.0
diff --git a/appinfo/info.xml b/appinfo/info.xml
index 8827794..0e5c94b 100644
--- a/appinfo/info.xml
+++ b/appinfo/info.xml
@@ -8,7 +8,7 @@
         Retrieve the users and groups info. Allow the users to change their passwords.
         Sync the users' email addresses with the addresses stored by Nextcloud.
     </description>
-    <version>4.0.0-rc2</version>
+    <version>4.0.0-dev</version>
     <licence>agpl</licence>
     <author>Andreas Böhler &lt;dev (at) aboehler (dot) at&gt;</author>
     <author>Marcin Łojewski &lt;dev@mlojewski.me&gt;</author>

From ecb04a331b5196bde44a74212925326ff1a92075 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Thu, 28 Jun 2018 20:16:43 +0200
Subject: [PATCH 02/30] autocomplete for tables

---
 js/settings.js                        |  1 +
 lib/Controller/SettingsController.php |  3 ++-
 lib/Platform/AbstractPlatform.php     | 13 +++++++++----
 3 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/js/settings.js b/js/settings.js
index 87a64d5..47b1061 100644
--- a/js/settings.js
+++ b/js/settings.js
@@ -41,6 +41,7 @@ user_sql.adminSettingsUI = function () {
             $(ids).autocomplete({
                 source: function (request, response) {
                     var post = $(form_id).serializeArray();
+                    post.push({name: "input", value: request["term"]});
                     $.post(OC.generateUrl(path), post, response, "json");
                 },
                 minLength: 0,
diff --git a/lib/Controller/SettingsController.php b/lib/Controller/SettingsController.php
index 7a95d6c..8c4a9fb 100644
--- a/lib/Controller/SettingsController.php
+++ b/lib/Controller/SettingsController.php
@@ -266,7 +266,8 @@ class SettingsController extends Controller
         try {
             $connection = $this->getConnection();
             $platform = PlatformFactory::getPlatform($connection);
-            $tables = $platform->getTables();
+            $input = $this->request->getParam("input");
+            $tables = $platform->getTables($input);
 
             $this->logger->debug(
                 "Returning tableAutocomplete(): count(" . count($tables) . ")",
diff --git a/lib/Platform/AbstractPlatform.php b/lib/Platform/AbstractPlatform.php
index 63156ff..38d8f61 100644
--- a/lib/Platform/AbstractPlatform.php
+++ b/lib/Platform/AbstractPlatform.php
@@ -49,12 +49,13 @@ abstract class AbstractPlatform
     /**
      * Get all the tables defined in the database.
      *
-     * @param bool $schemaPrefix Show schema name in the results.
+     * @param string $phrase       Show only tables containing given phrase.
+     * @param bool   $schemaPrefix Show schema name in the results.
      *
      * @return array Array with table names.
      * @throws DBALException On a database exception.
      */
-    public function getTables($schemaPrefix = false)
+    public function getTables($phrase = "", $schemaPrefix = false)
     {
         $platform = $this->connection->getDatabasePlatform();
 
@@ -68,13 +69,17 @@ abstract class AbstractPlatform
         $result = $this->connection->executeQuery($queryTables);
         while ($row = $result->fetch()) {
             $name = $this->getTableName($row, $schemaPrefix);
-            $tables[] = $name;
+            if (preg_match("/.*$phrase.*/i", $name)) {
+                $tables[] = $name;
+            }
         }
 
         $result = $this->connection->executeQuery($queryViews);
         while ($row = $result->fetch()) {
             $name = $this->getViewName($row, $schemaPrefix);
-            $tables[] = $name;
+            if (preg_match("/.*$phrase.*/i", $name)) {
+                $tables[] = $name;
+            }
         }
 
         return $tables;

From a257855e07ec81b580f401da65f17420d099fafd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Thu, 28 Jun 2018 20:30:11 +0200
Subject: [PATCH 03/30] autocomplete for columns

---
 lib/Controller/SettingsController.php | 3 ++-
 lib/Platform/AbstractPlatform.php     | 9 ++++++---
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/lib/Controller/SettingsController.php b/lib/Controller/SettingsController.php
index 8c4a9fb..a192daf 100644
--- a/lib/Controller/SettingsController.php
+++ b/lib/Controller/SettingsController.php
@@ -315,7 +315,8 @@ class SettingsController extends Controller
             $connection = $this->getConnection();
             $platform = PlatformFactory::getPlatform($connection);
             $columns = $platform->getColumns(
-                $this->request->getParam($table)
+                $this->request->getParam($table),
+                $this->request->getParam("input")
             );
 
             return $columns;
diff --git a/lib/Platform/AbstractPlatform.php b/lib/Platform/AbstractPlatform.php
index 38d8f61..59052d4 100644
--- a/lib/Platform/AbstractPlatform.php
+++ b/lib/Platform/AbstractPlatform.php
@@ -108,12 +108,13 @@ abstract class AbstractPlatform
     /**
      * Get all the columns defined in the table.
      *
-     * @param string $table The table name.
+     * @param string $table  The table name.
+     * @param string $phrase Show only columns containing given phrase.
      *
      * @return array Array with column names.
      * @throws DBALException On a database exception.
      */
-    public function getColumns($table)
+    public function getColumns($table, $phrase = "")
     {
         $platform = $this->connection->getDatabasePlatform();
         $query = $platform->getListTableColumnsSQL($table);
@@ -123,7 +124,9 @@ abstract class AbstractPlatform
 
         while ($row = $result->fetch()) {
             $name = $this->getColumnName($row);
-            $columns[] = $name;
+            if (preg_match("/.*$phrase.*/i", $name)) {
+                $columns[] = $name;
+            }
         }
 
         return $columns;

From 434e2777c39ee0c0ff12f3c1e8c172fc47b7207b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Thu, 28 Jun 2018 21:04:15 +0200
Subject: [PATCH 04/30] Update CHANGELOG.md

---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3564381..9af8528 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,8 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### Fixed
+- Table and column autocomplete in settings panel
 
 ## [v4.0.0-rc2]
 ### Added

From a2b65f144c51be46335d34d12f3310e3533e4329 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Sat, 30 Jun 2018 13:19:04 +0200
Subject: [PATCH 05/30] Adding SALT from DB and new Algorithm to be connected
 with HumHub

https://github.com/nextcloud/user_sql/pull/42
---
 CHANGELOG.md                         |  2 +
 README.md                            |  2 +
 js/settings.js                       |  2 +-
 lib/Backend/UserBackend.php          | 16 ++++++--
 lib/Constant/DB.php                  |  1 +
 lib/Crypto/SHA512Whirlpool.php       | 58 ++++++++++++++++++++++++++++
 lib/Model/User.php                   |  4 ++
 lib/Query/QueryProvider.php          |  4 +-
 templates/admin.php                  |  5 ++-
 tests/Crypto/SHA512WhirlpoolTest.php | 56 +++++++++++++++++++++++++++
 10 files changed, 142 insertions(+), 8 deletions(-)
 create mode 100644 lib/Crypto/SHA512Whirlpool.php
 create mode 100644 tests/Crypto/SHA512WhirlpoolTest.php

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9af8528..cc1c2ee 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ## [v4.0.0-rc2]
 ### Added
 - User active column
+- SHA512 Whirlpool hashing algorithm
+- Support for salt column
 
 ### Changed
 - Fixed "Use of undefined constant" error for Argon2 Crypt with PHP below 7.2.
diff --git a/README.md b/README.md
index fc64f4b..01b9e67 100644
--- a/README.md
+++ b/README.md
@@ -69,6 +69,7 @@ Name | Description | Details
 **Display name** | Display name column. | Optional.
 **Active** | Flag indicating if user can log in. | Optional.<br/>Default: true.
 **Can change avatar** | Flag indicating if user can change its avatar. | Optional.<br/>Default: false.
+**Salt** | Salt which is appended to password when checking or changing the password. | Optional.
 
 #### Group table
 
@@ -191,6 +192,7 @@ Standard DES (Crypt) | | yTBnb7ab/N072
 Joomla MD5 Encryption | Generates 32 chars salt. | 14d21b49b0f13e2acba962b6b0039edd:haJK0yTvBXTNMh76xwEw5RYEVpJsN8us
 MD5 | No salt supported. | 5f4dcc3b5aa765d61d8327deb882cf99
 SHA1 | No salt supported. | 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
+SHA512 Whirlpool | No salt supported. | a96b16ebb691dbe968b0d66d0d924cff5cf5de5e0885181d00761d87f295b2bf3d3c66187c050fc01c196ff3acaa48d3561ffd170413346e934a32280d632f2e
 SSHA256 | Generates 32 chars salt. | {SSHA256}+WxTB3JxprNteeovsuSYtgI+UkVPA9lfwGoYkz3Ff7hjd1FSdmlTMkNsSExyR21KM3NvNTZ5V0p4WXJMUjFzUg==
 SSHA512 | Generates 32 chars salt. | {SSHA512}It+v1kAEUBbhMJYJ2swAtz+RLE6ispv/FB6G/ALhK/YWwEmrloY+0jzrWIfmu+rWUXp8u0Tg4jLXypC5oXAW00IyYnRVdEZJbE9wak96bkNRVWFCYmlJNWxrdTA0QmhL
 
diff --git a/js/settings.js b/js/settings.js
index 47b1061..c42bb4a 100644
--- a/js/settings.js
+++ b/js/settings.js
@@ -76,7 +76,7 @@ user_sql.adminSettingsUI = function () {
         );
 
         autocomplete(
-            "#db-table-user-column-uid, #db-table-user-column-email, #db-table-user-column-home, #db-table-user-column-password, #db-table-user-column-name, #db-table-user-column-active, #db-table-user-column-avatar",
+            "#db-table-user-column-uid, #db-table-user-column-email, #db-table-user-column-home, #db-table-user-column-password, #db-table-user-column-name, #db-table-user-column-active, #db-table-user-column-avatar, #db-table-user-column-salt",
             "/apps/user_sql/settings/autocomplete/table/user"
         );
 
diff --git a/lib/Backend/UserBackend.php b/lib/Backend/UserBackend.php
index 88119ee..6a8237b 100644
--- a/lib/Backend/UserBackend.php
+++ b/lib/Backend/UserBackend.php
@@ -274,6 +274,10 @@ final class UserBackend extends Backend
             return false;
         }
 
+        if ($user->salt !== null) {
+            $password .= $user->salt;
+        }
+
         $isCorrect = $passwordAlgorithm->checkPassword(
             $password, $user->password
         );
@@ -417,13 +421,17 @@ final class UserBackend extends Backend
             return false;
         }
 
-        $passwordHash = $passwordAlgorithm->getPasswordHash($password);
-        if ($passwordHash === false) {
+        $user = $this->userRepository->findByUid($uid);
+        if (!($user instanceof User)) {
             return false;
         }
 
-        $user = $this->userRepository->findByUid($uid);
-        if (!($user instanceof User)) {
+        if ($user->salt !== null) {
+            $password .= $user->salt;
+        }
+
+        $passwordHash = $passwordAlgorithm->getPasswordHash($password);
+        if ($passwordHash === false) {
             return false;
         }
 
diff --git a/lib/Constant/DB.php b/lib/Constant/DB.php
index 832cda5..ce0da21 100644
--- a/lib/Constant/DB.php
+++ b/lib/Constant/DB.php
@@ -51,5 +51,6 @@ final class DB
     const USER_HOME_COLUMN = "db.table.user.column.home";
     const USER_NAME_COLUMN = "db.table.user.column.name";
     const USER_PASSWORD_COLUMN = "db.table.user.column.password";
+    const USER_SALT_COLUMN = "db.table.user.column.salt";
     const USER_UID_COLUMN = "db.table.user.column.uid";
 }
diff --git a/lib/Crypto/SHA512Whirlpool.php b/lib/Crypto/SHA512Whirlpool.php
new file mode 100644
index 0000000..1fd3988
--- /dev/null
+++ b/lib/Crypto/SHA512Whirlpool.php
@@ -0,0 +1,58 @@
+<?php
+/**
+ * Nextcloud - user_sql
+ *
+ * @copyright 2018 Marcin Łojewski <dev@mlojewski.me>
+ * @author    Marcin Łojewski <dev@mlojewski.me>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\UserSQL\Crypto;
+
+use OCP\IL10N;
+
+/**
+ * SHA512 Whirlpool hashing implementation.
+ *
+ * @author Marcin Łojewski <dev@mlojewski.me>
+ */
+class SHA512Whirlpool extends AbstractAlgorithm
+{
+    /**
+     * The class constructor.
+     *
+     * @param IL10N $localization The localization service.
+     */
+    public function __construct(IL10N $localization)
+    {
+        parent::__construct($localization);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getPasswordHash($password)
+    {
+        return hash('sha512', hash('whirlpool', $password));
+    }
+
+    /**
+     * @inheritdoc
+     */
+    protected function getAlgorithmName()
+    {
+        return "SHA512 Whirlpool";
+    }
+}
diff --git a/lib/Model/User.php b/lib/Model/User.php
index 90048f9..dcc9551 100644
--- a/lib/Model/User.php
+++ b/lib/Model/User.php
@@ -56,4 +56,8 @@ class User
      * @var bool Can user change its avatar.
      */
     public $avatar;
+    /**
+     * @var string The password's salt.
+     */
+    public $salt;
 }
diff --git a/lib/Query/QueryProvider.php b/lib/Query/QueryProvider.php
index 742e784..49f2ac9 100644
--- a/lib/Query/QueryProvider.php
+++ b/lib/Query/QueryProvider.php
@@ -71,6 +71,7 @@ class QueryProvider implements \ArrayAccess
         $uHome = $this->properties[DB::USER_HOME_COLUMN];
         $uName = $this->properties[DB::USER_NAME_COLUMN];
         $uPassword = $this->properties[DB::USER_PASSWORD_COLUMN];
+        $uSalt = $this->properties[DB::USER_SALT_COLUMN];
         $uUID = $this->properties[DB::USER_UID_COLUMN];
 
         $ugGID = $this->properties[DB::USER_GROUP_GID_COLUMN];
@@ -92,7 +93,8 @@ class QueryProvider implements \ArrayAccess
             (empty($uEmail) ? "null" : $uEmail) . " AS email, " .
             (empty($uHome) ? "null" : $uHome) . " AS home, " .
             (empty($uActive) ? "true" : $uActive) . " AS active, " .
-            (empty($uAvatar) ? "false" : $uAvatar) . " AS avatar";
+            (empty($uAvatar) ? "false" : $uAvatar) . " AS avatar, " .
+            (empty($uSalt) ? "null" : $uSalt) . " AS salt";
 
         $this->queries = [
             Query::BELONGS_TO_ADMIN =>
diff --git a/templates/admin.php b/templates/admin.php
index 43d812e..a39becf 100644
--- a/templates/admin.php
+++ b/templates/admin.php
@@ -148,7 +148,8 @@ function print_select_options(
                 print_text_input($l, "db-table-user-column-password", "Password", $_['db.table.user.column.password']);
                 print_text_input($l, "db-table-user-column-name", "Display name", $_['db.table.user.column.name']);
                 print_text_input($l, "db-table-user-column-active", "Active", $_['db.table.user.column.active']);
-                print_text_input($l, "db-table-user-column-avatar", "Can change avatar", $_['db.table.user.column.avatar']); ?>
+                print_text_input($l, "db-table-user-column-avatar", "Can change avatar", $_['db.table.user.column.avatar']);
+                print_text_input($l, "db-table-user-column-salt", "Salt", $_['db.table.user.column.salt']); ?>
             </fieldset>
         </div>
         <div class="section">
@@ -180,4 +181,4 @@ function print_select_options(
         <input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']); ?>" id="requesttoken"/>
         <input id="user_sql-save" type="submit" value="<?php p($l->t('Save')); ?>"/>
     </div>
-</form>
\ No newline at end of file
+</form>
diff --git a/tests/Crypto/SHA512WhirlpoolTest.php b/tests/Crypto/SHA512WhirlpoolTest.php
new file mode 100644
index 0000000..558db94
--- /dev/null
+++ b/tests/Crypto/SHA512WhirlpoolTest.php
@@ -0,0 +1,56 @@
+<?php
+/**
+ * Nextcloud - user_sql
+ *
+ * @copyright 2018 Marcin Łojewski <dev@mlojewski.me>
+ * @author    Marcin Łojewski <dev@mlojewski.me>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace Tests\UserSQL\Crypto;
+
+use OCA\UserSQL\Crypto\SHA512Whirlpool;
+use OCA\UserSQL\Crypto\IPasswordAlgorithm;
+use OCP\IL10N;
+use Test\TestCase;
+
+/**
+ * Unit tests for class <code>SHA512Whirlpool</code>.
+ *
+ * @author Marcin Łojewski <dev@mlojewski.me>
+ */
+class SHA512WhirlpoolTest extends TestCase
+{
+    /**
+     * @var IPasswordAlgorithm
+     */
+    private $crypto;
+
+    public function testCheckPassword()
+    {
+        $this->assertTrue(
+            $this->crypto->checkPassword(
+                "password",
+                "a96b16ebb691dbe968b0d66d0d924cff5cf5de5e0885181d00761d87f295b2bf3d3c66187c050fc01c196ff3acaa48d3561ffd170413346e934a32280d632f2e"
+            )
+        );
+    }
+
+    protected function setUp()
+    {
+        parent::setUp();
+        $this->crypto = new SHA512Whirlpool($this->createMock(IL10N::class));
+    }
+}

From ef9db7444ac2e8e7416cc40f076e0d0748b042c3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <github@mlojewski.me>
Date: Sat, 30 Jun 2018 14:32:13 +0200
Subject: [PATCH 06/30] Feature/issue#44 (#47)

phpass implementation
---
 CHANGELOG.md                |   7 +-
 README.md                   |   3 +-
 lib/Crypto/PasswordHash.php | 230 ++++++++++++++++++++++++++++++++++++
 lib/Crypto/Phpass.php       |  75 ++++++++++++
 tests/Crypto/PhpassTest.php |  55 +++++++++
 5 files changed, 367 insertions(+), 3 deletions(-)
 create mode 100644 lib/Crypto/PasswordHash.php
 create mode 100644 lib/Crypto/Phpass.php
 create mode 100644 tests/Crypto/PhpassTest.php

diff --git a/CHANGELOG.md b/CHANGELOG.md
index cc1c2ee..95d78e1 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,14 +5,17 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### Added
+- SHA512 Whirlpool hashing algorithm
+- phpass hashing implementation
+- Support for salt column
+
 ### Fixed
 - Table and column autocomplete in settings panel
 
 ## [v4.0.0-rc2]
 ### Added
 - User active column
-- SHA512 Whirlpool hashing algorithm
-- Support for salt column
 
 ### Changed
 - Fixed "Use of undefined constant" error for Argon2 Crypt with PHP below 7.2.
diff --git a/README.md b/README.md
index 01b9e67..82bfc17 100644
--- a/README.md
+++ b/README.md
@@ -149,7 +149,7 @@ User table: wp_users
 Username column: user_login
 Password column: user_pass
 
-Hashing algorithm: Unix (Crypt)
+Hashing algorithm: Unix (Crypt) or Portable PHP password
 ```
 
 #### JHipster
@@ -191,6 +191,7 @@ SHA512 (Crypt) | Generates hash with 5000 rounds. | $6$rounds=5000$yH.Q0OL4qbCOU
 Standard DES (Crypt) | | yTBnb7ab/N072
 Joomla MD5 Encryption | Generates 32 chars salt. | 14d21b49b0f13e2acba962b6b0039edd:haJK0yTvBXTNMh76xwEw5RYEVpJsN8us
 MD5 | No salt supported. | 5f4dcc3b5aa765d61d8327deb882cf99
+Portable PHP password | See [phpass](http://www.openwall.com/phpass/). | $P$BxrwraqNTi4as0EI.IpiA/K.muk9ke/
 SHA1 | No salt supported. | 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
 SHA512 Whirlpool | No salt supported. | a96b16ebb691dbe968b0d66d0d924cff5cf5de5e0885181d00761d87f295b2bf3d3c66187c050fc01c196ff3acaa48d3561ffd170413346e934a32280d632f2e
 SSHA256 | Generates 32 chars salt. | {SSHA256}+WxTB3JxprNteeovsuSYtgI+UkVPA9lfwGoYkz3Ff7hjd1FSdmlTMkNsSExyR21KM3NvNTZ5V0p4WXJMUjFzUg==
diff --git a/lib/Crypto/PasswordHash.php b/lib/Crypto/PasswordHash.php
new file mode 100644
index 0000000..6228ba7
--- /dev/null
+++ b/lib/Crypto/PasswordHash.php
@@ -0,0 +1,230 @@
+<?php
+#
+# Portable PHP password hashing framework.
+#
+# Version 0.5 / genuine.
+#
+# Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
+# the public domain.  Revised in subsequent years, still public domain.
+#
+# There's absolutely no warranty.
+#
+# The homepage URL for this framework is:
+#
+#	http://www.openwall.com/phpass/
+#
+# Please be sure to update the Version line if you edit this file in any way.
+# It is suggested that you leave the main version number intact, but indicate
+# your project name (after the slash) and add your own revision information.
+#
+# Please do not change the "private" password hashing method implemented in
+# here, thereby making your hashes incompatible.  However, if you must, please
+# change the hash type identifier (the "$P$") to something different.
+#
+# Obviously, since this code is in the public domain, the above are not
+# requirements (there can be none), but merely suggestions.
+#
+
+namespace OCA\UserSQL\Crypto;
+
+class PasswordHash {
+	var $itoa64;
+	var $iteration_count_log2;
+	var $portable_hashes;
+	var $random_state;
+
+	function __construct($iteration_count_log2, $portable_hashes)
+	{
+		$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
+
+		if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
+			$iteration_count_log2 = 8;
+		$this->iteration_count_log2 = $iteration_count_log2;
+
+		$this->portable_hashes = $portable_hashes;
+
+		$this->random_state = microtime();
+		if (function_exists('getmypid'))
+			$this->random_state .= getmypid();
+	}
+
+	function PasswordHash($iteration_count_log2, $portable_hashes)
+	{
+		self::__construct($iteration_count_log2, $portable_hashes);
+	}
+
+	function get_random_bytes($count)
+	{
+		$output = '';
+		if (@is_readable('/dev/urandom') &&
+		    ($fh = @fopen('/dev/urandom', 'rb'))) {
+			$output = fread($fh, $count);
+			fclose($fh);
+		}
+
+		if (strlen($output) < $count) {
+			$output = '';
+			for ($i = 0; $i < $count; $i += 16) {
+				$this->random_state =
+				    md5(microtime() . $this->random_state);
+				$output .= md5($this->random_state, TRUE);
+			}
+			$output = substr($output, 0, $count);
+		}
+
+		return $output;
+	}
+
+	function encode64($input, $count)
+	{
+		$output = '';
+		$i = 0;
+		do {
+			$value = ord($input[$i++]);
+			$output .= $this->itoa64[$value & 0x3f];
+			if ($i < $count)
+				$value |= ord($input[$i]) << 8;
+			$output .= $this->itoa64[($value >> 6) & 0x3f];
+			if ($i++ >= $count)
+				break;
+			if ($i < $count)
+				$value |= ord($input[$i]) << 16;
+			$output .= $this->itoa64[($value >> 12) & 0x3f];
+			if ($i++ >= $count)
+				break;
+			$output .= $this->itoa64[($value >> 18) & 0x3f];
+		} while ($i < $count);
+
+		return $output;
+	}
+
+	function gensalt_private($input)
+	{
+		$output = '$P$';
+		$output .= $this->itoa64[min($this->iteration_count_log2 +
+			((PHP_VERSION >= '5') ? 5 : 3), 30)];
+		$output .= $this->encode64($input, 6);
+
+		return $output;
+	}
+
+	function crypt_private($password, $setting)
+	{
+		$output = '*0';
+		if (substr($setting, 0, 2) === $output)
+			$output = '*1';
+
+		$id = substr($setting, 0, 3);
+		# We use "$P$", phpBB3 uses "$H$" for the same thing
+		if ($id !== '$P$' && $id !== '$H$')
+			return $output;
+
+		$count_log2 = strpos($this->itoa64, $setting[3]);
+		if ($count_log2 < 7 || $count_log2 > 30)
+			return $output;
+
+		$count = 1 << $count_log2;
+
+		$salt = substr($setting, 4, 8);
+		if (strlen($salt) !== 8)
+			return $output;
+
+		# We were kind of forced to use MD5 here since it's the only
+		# cryptographic primitive that was available in all versions
+		# of PHP in use.  To implement our own low-level crypto in PHP
+		# would have resulted in much worse performance and
+		# consequently in lower iteration counts and hashes that are
+		# quicker to crack (by non-PHP code).
+		$hash = md5($salt . $password, TRUE);
+		do {
+			$hash = md5($hash . $password, TRUE);
+		} while (--$count);
+
+		$output = substr($setting, 0, 12);
+		$output .= $this->encode64($hash, 16);
+
+		return $output;
+	}
+
+	function gensalt_blowfish($input)
+	{
+		# This one needs to use a different order of characters and a
+		# different encoding scheme from the one in encode64() above.
+		# We care because the last character in our encoded string will
+		# only represent 2 bits.  While two known implementations of
+		# bcrypt will happily accept and correct a salt string which
+		# has the 4 unused bits set to non-zero, we do not want to take
+		# chances and we also do not want to waste an additional byte
+		# of entropy.
+		$itoa64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
+
+		$output = '$2a$';
+		$output .= chr(ord('0') + $this->iteration_count_log2 / 10);
+		$output .= chr(ord('0') + $this->iteration_count_log2 % 10);
+		$output .= '$';
+
+		$i = 0;
+		do {
+			$c1 = ord($input[$i++]);
+			$output .= $itoa64[$c1 >> 2];
+			$c1 = ($c1 & 0x03) << 4;
+			if ($i >= 16) {
+				$output .= $itoa64[$c1];
+				break;
+			}
+
+			$c2 = ord($input[$i++]);
+			$c1 |= $c2 >> 4;
+			$output .= $itoa64[$c1];
+			$c1 = ($c2 & 0x0f) << 2;
+
+			$c2 = ord($input[$i++]);
+			$c1 |= $c2 >> 6;
+			$output .= $itoa64[$c1];
+			$output .= $itoa64[$c2 & 0x3f];
+		} while (1);
+
+		return $output;
+	}
+
+	function HashPassword($password)
+	{
+		$random = '';
+
+		if (CRYPT_BLOWFISH === 1 && !$this->portable_hashes) {
+			$random = $this->get_random_bytes(16);
+			$hash =
+			    crypt($password, $this->gensalt_blowfish($random));
+			if (strlen($hash) === 60)
+				return $hash;
+		}
+
+		if (strlen($random) < 6)
+			$random = $this->get_random_bytes(6);
+		$hash =
+		    $this->crypt_private($password,
+		    $this->gensalt_private($random));
+		if (strlen($hash) === 34)
+			return $hash;
+
+		# Returning '*' on error is safe here, but would _not_ be safe
+		# in a crypt(3)-like function used _both_ for generating new
+		# hashes and for validating passwords against existing hashes.
+		return '*';
+	}
+
+	function CheckPassword($password, $stored_hash)
+	{
+		$hash = $this->crypt_private($password, $stored_hash);
+		if ($hash[0] === '*')
+			$hash = crypt($password, $stored_hash);
+
+		# This is not constant-time.  In order to keep the code simple,
+		# for timing safety we currently rely on the salts being
+		# unpredictable, which they are at least in the non-fallback
+		# cases (that is, when we use /dev/urandom and bcrypt).
+		return $hash === $stored_hash;
+	}
+}
+
+?>
diff --git a/lib/Crypto/Phpass.php b/lib/Crypto/Phpass.php
new file mode 100644
index 0000000..1feba29
--- /dev/null
+++ b/lib/Crypto/Phpass.php
@@ -0,0 +1,75 @@
+<?php
+/**
+ * Nextcloud - user_sql
+ *
+ * @copyright 2018 Marcin Łojewski <dev@mlojewski.me>
+ * @author    Marcin Łojewski <dev@mlojewski.me>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\UserSQL\Crypto;
+
+use OCP\IL10N;
+
+/**
+ * phpass hashing implementation.
+ *
+ * @author Marcin Łojewski <dev@mlojewski.me>
+ */
+class Phpass extends AbstractAlgorithm
+{
+    /**
+     * @var PasswordHash
+     */
+    private $hasher;
+
+    /**
+     * The class constructor.
+     *
+     * @param IL10N $localization The localization service.
+     * @param int   $hashCostLog2 Log2 Hash cost.
+     * @param bool  $hashPortable Use portable hash implementation.
+     */
+    public function __construct(
+        IL10N $localization, $hashCostLog2 = 8, $hashPortable = true
+    ) {
+        parent::__construct($localization);
+        $this->hasher = new PasswordHash($hashCostLog2, $hashPortable);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function checkPassword($password, $dbHash)
+    {
+        return $this->hasher->CheckPassword($password, $dbHash);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getPasswordHash($password)
+    {
+        return $this->hasher->HashPassword($password);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    protected function getAlgorithmName()
+    {
+        return "Portable PHP password";
+    }
+}
diff --git a/tests/Crypto/PhpassTest.php b/tests/Crypto/PhpassTest.php
new file mode 100644
index 0000000..22b1ecc
--- /dev/null
+++ b/tests/Crypto/PhpassTest.php
@@ -0,0 +1,55 @@
+<?php
+/**
+ * Nextcloud - user_sql
+ *
+ * @copyright 2018 Marcin Łojewski <dev@mlojewski.me>
+ * @author    Marcin Łojewski <dev@mlojewski.me>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace Tests\UserSQL\Crypto;
+
+use OCA\UserSQL\Crypto\Phpass;
+use OCA\UserSQL\Crypto\IPasswordAlgorithm;
+use OCP\IL10N;
+use Test\TestCase;
+
+/**
+ * Unit tests for class <code>PhpassTest</code>.
+ *
+ * @author Marcin Łojewski <dev@mlojewski.me>
+ */
+class PhpassTest extends TestCase
+{
+    /**
+     * @var IPasswordAlgorithm
+     */
+    private $crypto;
+
+    public function testCheckPassword()
+    {
+        $this->assertTrue(
+            $this->crypto->checkPassword(
+                "password", "\$P\$BxrwraqNTi4as0EI.IpiA/K.muk9ke/"
+            )
+        );
+    }
+
+    protected function setUp()
+    {
+        parent::setUp();
+        $this->crypto = new Phpass($this->createMock(IL10N::class));
+    }
+}

From 74bb55534de087268cf4973ca70e146cf37c808e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Sat, 30 Jun 2018 17:07:25 +0200
Subject: [PATCH 07/30] merge phpass class into crypto class

---
 lib/Crypto/PasswordHash.php | 230 ------------------------------------
 lib/Crypto/Phpass.php       | 104 ++++++++++++++--
 lib/Crypto/Utils.php        |   2 +-
 3 files changed, 92 insertions(+), 244 deletions(-)
 delete mode 100644 lib/Crypto/PasswordHash.php

diff --git a/lib/Crypto/PasswordHash.php b/lib/Crypto/PasswordHash.php
deleted file mode 100644
index 6228ba7..0000000
--- a/lib/Crypto/PasswordHash.php
+++ /dev/null
@@ -1,230 +0,0 @@
-<?php
-#
-# Portable PHP password hashing framework.
-#
-# Version 0.5 / genuine.
-#
-# Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
-# the public domain.  Revised in subsequent years, still public domain.
-#
-# There's absolutely no warranty.
-#
-# The homepage URL for this framework is:
-#
-#	http://www.openwall.com/phpass/
-#
-# Please be sure to update the Version line if you edit this file in any way.
-# It is suggested that you leave the main version number intact, but indicate
-# your project name (after the slash) and add your own revision information.
-#
-# Please do not change the "private" password hashing method implemented in
-# here, thereby making your hashes incompatible.  However, if you must, please
-# change the hash type identifier (the "$P$") to something different.
-#
-# Obviously, since this code is in the public domain, the above are not
-# requirements (there can be none), but merely suggestions.
-#
-
-namespace OCA\UserSQL\Crypto;
-
-class PasswordHash {
-	var $itoa64;
-	var $iteration_count_log2;
-	var $portable_hashes;
-	var $random_state;
-
-	function __construct($iteration_count_log2, $portable_hashes)
-	{
-		$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
-
-		if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
-			$iteration_count_log2 = 8;
-		$this->iteration_count_log2 = $iteration_count_log2;
-
-		$this->portable_hashes = $portable_hashes;
-
-		$this->random_state = microtime();
-		if (function_exists('getmypid'))
-			$this->random_state .= getmypid();
-	}
-
-	function PasswordHash($iteration_count_log2, $portable_hashes)
-	{
-		self::__construct($iteration_count_log2, $portable_hashes);
-	}
-
-	function get_random_bytes($count)
-	{
-		$output = '';
-		if (@is_readable('/dev/urandom') &&
-		    ($fh = @fopen('/dev/urandom', 'rb'))) {
-			$output = fread($fh, $count);
-			fclose($fh);
-		}
-
-		if (strlen($output) < $count) {
-			$output = '';
-			for ($i = 0; $i < $count; $i += 16) {
-				$this->random_state =
-				    md5(microtime() . $this->random_state);
-				$output .= md5($this->random_state, TRUE);
-			}
-			$output = substr($output, 0, $count);
-		}
-
-		return $output;
-	}
-
-	function encode64($input, $count)
-	{
-		$output = '';
-		$i = 0;
-		do {
-			$value = ord($input[$i++]);
-			$output .= $this->itoa64[$value & 0x3f];
-			if ($i < $count)
-				$value |= ord($input[$i]) << 8;
-			$output .= $this->itoa64[($value >> 6) & 0x3f];
-			if ($i++ >= $count)
-				break;
-			if ($i < $count)
-				$value |= ord($input[$i]) << 16;
-			$output .= $this->itoa64[($value >> 12) & 0x3f];
-			if ($i++ >= $count)
-				break;
-			$output .= $this->itoa64[($value >> 18) & 0x3f];
-		} while ($i < $count);
-
-		return $output;
-	}
-
-	function gensalt_private($input)
-	{
-		$output = '$P$';
-		$output .= $this->itoa64[min($this->iteration_count_log2 +
-			((PHP_VERSION >= '5') ? 5 : 3), 30)];
-		$output .= $this->encode64($input, 6);
-
-		return $output;
-	}
-
-	function crypt_private($password, $setting)
-	{
-		$output = '*0';
-		if (substr($setting, 0, 2) === $output)
-			$output = '*1';
-
-		$id = substr($setting, 0, 3);
-		# We use "$P$", phpBB3 uses "$H$" for the same thing
-		if ($id !== '$P$' && $id !== '$H$')
-			return $output;
-
-		$count_log2 = strpos($this->itoa64, $setting[3]);
-		if ($count_log2 < 7 || $count_log2 > 30)
-			return $output;
-
-		$count = 1 << $count_log2;
-
-		$salt = substr($setting, 4, 8);
-		if (strlen($salt) !== 8)
-			return $output;
-
-		# We were kind of forced to use MD5 here since it's the only
-		# cryptographic primitive that was available in all versions
-		# of PHP in use.  To implement our own low-level crypto in PHP
-		# would have resulted in much worse performance and
-		# consequently in lower iteration counts and hashes that are
-		# quicker to crack (by non-PHP code).
-		$hash = md5($salt . $password, TRUE);
-		do {
-			$hash = md5($hash . $password, TRUE);
-		} while (--$count);
-
-		$output = substr($setting, 0, 12);
-		$output .= $this->encode64($hash, 16);
-
-		return $output;
-	}
-
-	function gensalt_blowfish($input)
-	{
-		# This one needs to use a different order of characters and a
-		# different encoding scheme from the one in encode64() above.
-		# We care because the last character in our encoded string will
-		# only represent 2 bits.  While two known implementations of
-		# bcrypt will happily accept and correct a salt string which
-		# has the 4 unused bits set to non-zero, we do not want to take
-		# chances and we also do not want to waste an additional byte
-		# of entropy.
-		$itoa64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
-
-		$output = '$2a$';
-		$output .= chr(ord('0') + $this->iteration_count_log2 / 10);
-		$output .= chr(ord('0') + $this->iteration_count_log2 % 10);
-		$output .= '$';
-
-		$i = 0;
-		do {
-			$c1 = ord($input[$i++]);
-			$output .= $itoa64[$c1 >> 2];
-			$c1 = ($c1 & 0x03) << 4;
-			if ($i >= 16) {
-				$output .= $itoa64[$c1];
-				break;
-			}
-
-			$c2 = ord($input[$i++]);
-			$c1 |= $c2 >> 4;
-			$output .= $itoa64[$c1];
-			$c1 = ($c2 & 0x0f) << 2;
-
-			$c2 = ord($input[$i++]);
-			$c1 |= $c2 >> 6;
-			$output .= $itoa64[$c1];
-			$output .= $itoa64[$c2 & 0x3f];
-		} while (1);
-
-		return $output;
-	}
-
-	function HashPassword($password)
-	{
-		$random = '';
-
-		if (CRYPT_BLOWFISH === 1 && !$this->portable_hashes) {
-			$random = $this->get_random_bytes(16);
-			$hash =
-			    crypt($password, $this->gensalt_blowfish($random));
-			if (strlen($hash) === 60)
-				return $hash;
-		}
-
-		if (strlen($random) < 6)
-			$random = $this->get_random_bytes(6);
-		$hash =
-		    $this->crypt_private($password,
-		    $this->gensalt_private($random));
-		if (strlen($hash) === 34)
-			return $hash;
-
-		# Returning '*' on error is safe here, but would _not_ be safe
-		# in a crypt(3)-like function used _both_ for generating new
-		# hashes and for validating passwords against existing hashes.
-		return '*';
-	}
-
-	function CheckPassword($password, $stored_hash)
-	{
-		$hash = $this->crypt_private($password, $stored_hash);
-		if ($hash[0] === '*')
-			$hash = crypt($password, $stored_hash);
-
-		# This is not constant-time.  In order to keep the code simple,
-		# for timing safety we currently rely on the salts being
-		# unpredictable, which they are at least in the non-fallback
-		# cases (that is, when we use /dev/urandom and bcrypt).
-		return $hash === $stored_hash;
-	}
-}
-
-?>
diff --git a/lib/Crypto/Phpass.php b/lib/Crypto/Phpass.php
index 1feba29..586658c 100644
--- a/lib/Crypto/Phpass.php
+++ b/lib/Crypto/Phpass.php
@@ -30,23 +30,21 @@ use OCP\IL10N;
  */
 class Phpass extends AbstractAlgorithm
 {
-    /**
-     * @var PasswordHash
-     */
-    private $hasher;
+    const ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
+
+    private $iterationCount;
 
     /**
      * The class constructor.
      *
-     * @param IL10N $localization The localization service.
-     * @param int   $hashCostLog2 Log2 Hash cost.
-     * @param bool  $hashPortable Use portable hash implementation.
+     * @param IL10N $localization   The localization service.
+     * @param int   $iterationCount Iteration count (log2).
+     *                              This value must be between 4 and 31.
      */
-    public function __construct(
-        IL10N $localization, $hashCostLog2 = 8, $hashPortable = true
-    ) {
+    public function __construct(IL10N $localization, $iterationCount = 8)
+    {
         parent::__construct($localization);
-        $this->hasher = new PasswordHash($hashCostLog2, $hashPortable);
+        $this->iterationCount = $iterationCount;
     }
 
     /**
@@ -54,7 +52,73 @@ class Phpass extends AbstractAlgorithm
      */
     public function checkPassword($password, $dbHash)
     {
-        return $this->hasher->CheckPassword($password, $dbHash);
+        return hash_equals($dbHash, $this->crypt($password, $dbHash));
+    }
+
+    /**
+     * @param string $password Password to encrypt.
+     * @param string $setting  Hash settings.
+     *
+     * @return string|null Generated hash. Null on invalid settings.
+     */
+    private function crypt($password, $setting)
+    {
+        $countLog2 = strpos(self::ITOA64, $setting[3]);
+        if ($countLog2 < 7 || $countLog2 > 30) {
+            return null;
+        }
+
+        $count = 1 << $countLog2;
+
+        $salt = substr($setting, 4, 8);
+        if (strlen($salt) !== 8) {
+            return null;
+        }
+
+        $hash = md5($salt . $password, true);
+        do {
+            $hash = md5($hash . $password, true);
+        } while (--$count);
+
+        $output = substr($setting, 0, 12);
+        $output .= $this->encode64($hash, 16);
+
+        return $output;
+    }
+
+    /**
+     * Encode binary input to base64 string.
+     *
+     * @param string $input Binary data.
+     * @param int    $count Data size.
+     *
+     * @return string Base64 encoded data.
+     */
+    private function encode64($input, $count)
+    {
+        $output = '';
+        $i = 0;
+        do {
+            $value = ord($input[$i++]);
+            $output .= self::ITOA64[$value & 0x3f];
+            if ($i < $count) {
+                $value |= ord($input[$i]) << 8;
+            }
+            $output .= self::ITOA64[($value >> 6) & 0x3f];
+            if ($i++ >= $count) {
+                break;
+            }
+            if ($i < $count) {
+                $value |= ord($input[$i]) << 16;
+            }
+            $output .= self::ITOA64[($value >> 12) & 0x3f];
+            if ($i++ >= $count) {
+                break;
+            }
+            $output .= self::ITOA64[($value >> 18) & 0x3f];
+        } while ($i < $count);
+
+        return $output;
     }
 
     /**
@@ -62,7 +126,21 @@ class Phpass extends AbstractAlgorithm
      */
     public function getPasswordHash($password)
     {
-        return $this->hasher->HashPassword($password);
+        return $this->crypt($password, $this->genSalt());
+    }
+
+    /**
+     * Generate salt for the hash.
+     *
+     * @return string Salt string.
+     */
+    private function genSalt()
+    {
+        $output = '$P$';
+        $output .= self::ITOA64[min($this->iterationCount + 5, 30)];
+        $output .= $this->encode64(random_bytes(6), 6);
+
+        return $output;
     }
 
     /**
diff --git a/lib/Crypto/Utils.php b/lib/Crypto/Utils.php
index 4bd0651..407f081 100644
--- a/lib/Crypto/Utils.php
+++ b/lib/Crypto/Utils.php
@@ -56,7 +56,7 @@ final class Utils
     {
         $string = "";
         for ($idx = 0; $idx != $length; ++$idx) {
-            $string .= $alphabet[mt_rand(0, strlen($alphabet) - 1)];
+            $string .= $alphabet[random_int(0, strlen($alphabet) - 1)];
         }
         return $string;
     }

From a78ab8f4f4796f458a7995cf23a50114d7bb2498 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Sat, 30 Jun 2018 18:18:08 +0200
Subject: [PATCH 08/30] Change support version to 14

---
 appinfo/info.xml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/appinfo/info.xml b/appinfo/info.xml
index 0e5c94b..38207b0 100644
--- a/appinfo/info.xml
+++ b/appinfo/info.xml
@@ -10,8 +10,8 @@
     </description>
     <version>4.0.0-dev</version>
     <licence>agpl</licence>
-    <author>Andreas Böhler &lt;dev (at) aboehler (dot) at&gt;</author>
-    <author>Marcin Łojewski &lt;dev@mlojewski.me&gt;</author>
+    <author>Marcin Łojewski</author>
+    <author>Andreas Böhler</author>
     <namespace>UserSQL</namespace>
     <bugs>https://github.com/nextcloud/user_sql/issues</bugs>
     <repository>https://github.com/nextcloud/user_sql</repository>
@@ -22,7 +22,7 @@
     <category>auth</category>
     <dependencies>
         <php min-version="7.0"/>
-        <nextcloud min-version="13" max-version="13"/>
+        <nextcloud min-version="14" max-version="14"/>
     </dependencies>
     <settings>
         <admin>\OCA\UserSQL\Settings\Admin</admin>

From 3546682804d869d34559b3af0ed00c4f622ca601 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Sat, 30 Jun 2018 19:06:52 +0200
Subject: [PATCH 09/30] Group backend for Nextcloud 14

---
 lib/Backend/GroupBackend.php | 113 ++++++++++++++++++++++++-----------
 1 file changed, 77 insertions(+), 36 deletions(-)

diff --git a/lib/Backend/GroupBackend.php b/lib/Backend/GroupBackend.php
index 2ef5cd0..3d514cb 100644
--- a/lib/Backend/GroupBackend.php
+++ b/lib/Backend/GroupBackend.php
@@ -21,12 +21,20 @@
 
 namespace OCA\UserSQL\Backend;
 
-use OC\Group\Backend;
 use OCA\UserSQL\Cache;
 use OCA\UserSQL\Constant\DB;
 use OCA\UserSQL\Model\Group;
 use OCA\UserSQL\Properties;
 use OCA\UserSQL\Repository\GroupRepository;
+use OCP\Group\Backend\ABackend;
+use OCP\Group\Backend\IAddToGroupBackend;
+use OCP\Group\Backend\ICountDisabledInGroup;
+use OCP\Group\Backend\ICountUsersBackend;
+use OCP\Group\Backend\ICreateGroupBackend;
+use OCP\Group\Backend\IDeleteGroupBackend;
+use OCP\Group\Backend\IGroupDetailsBackend;
+use OCP\Group\Backend\IIsAdminBackend;
+use OCP\Group\Backend\IRemoveFromGroupBackend;
 use OCP\ILogger;
 
 /**
@@ -34,7 +42,15 @@ use OCP\ILogger;
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
-final class GroupBackend extends Backend
+final class GroupBackend extends ABackend implements
+    IAddToGroupBackend,
+    ICountDisabledInGroup,
+    ICountUsersBackend,
+    ICreateGroupBackend,
+    IDeleteGroupBackend,
+    IGroupDetailsBackend,
+    IIsAdminBackend,
+    IRemoveFromGroupBackend
 {
     /**
      * @var string The application name.
@@ -128,14 +144,9 @@ final class GroupBackend extends Backend
     }
 
     /**
-     * Returns the number of users in given group matching the search term.
-     *
-     * @param string $gid    The group ID.
-     * @param string $search The search term.
-     *
-     * @return int The number of users in given group matching the search term.
+     * @inheritdoc
      */
-    public function countUsersInGroup($gid, $search = "")
+    public function countUsersInGroup(string $gid, string $search = ""): int
     {
         $this->logger->debug(
             "Entering countUsersInGroup($gid, $search)",
@@ -355,18 +366,18 @@ final class GroupBackend extends Backend
     }
 
     /**
-     * Checks if a user is in the admin group.
-     *
-     * @param string $uid User ID.
-     *
-     * @return bool TRUE if a user is in the admin group, FALSE otherwise.
+     * @inheritdoc
      */
-    public function isAdmin($uid)
+    public function isAdmin(string $uid): bool
     {
         $this->logger->debug(
             "Entering isAdmin($uid)", ["app" => $this->appName]
         );
 
+        if (empty($this->properties[DB::GROUP_ADMIN_COLUMN])) {
+            return false;
+        }
+
         $cacheKey = self::class . "admin_" . $uid;
         $admin = $this->cache->get($cacheKey);
 
@@ -394,18 +405,18 @@ final class GroupBackend extends Backend
     }
 
     /**
-     * Get associative array of the group details.
-     *
-     * @param string $gid The group ID.
-     *
-     * @return array Associative array of the group details.
+     * @inheritdoc
      */
-    public function getGroupDetails($gid)
+    public function getGroupDetails(string $gid): array
     {
         $this->logger->debug(
             "Entering getGroupDetails($gid)", ["app" => $this->appName]
         );
 
+        if (empty($this->properties[DB::GROUP_NAME_COLUMN])) {
+            return [];
+        }
+
         $group = $this->getGroup($gid);
 
         if (!($group instanceof Group)) {
@@ -421,21 +432,6 @@ final class GroupBackend extends Backend
         return $details;
     }
 
-    /**
-     * @inheritdoc
-     */
-    public function getSupportedActions()
-    {
-        $actions = parent::getSupportedActions();
-
-        $actions &= empty($this->properties[DB::GROUP_ADMIN_COLUMN])
-            ? ~Backend::IS_ADMIN : ~0;
-        $actions &= empty($this->properties[DB::GROUP_NAME_COLUMN])
-            ? ~Backend::GROUP_DETAILS : ~0;
-
-        return $actions;
-    }
-
     /**
      * Check if this backend is correctly set and can be enabled.
      *
@@ -454,4 +450,49 @@ final class GroupBackend extends Backend
             && !empty($this->properties[DB::USER_GROUP_GID_COLUMN])
             && !empty($this->properties[DB::USER_GROUP_UID_COLUMN]);
     }
+
+    /**
+     * @inheritdoc
+     */
+    public function addToGroup(string $uid, string $gid): bool
+    {
+        // TODO: Implement addToGroup() method.
+        return false;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function countDisabledInGroup(string $gid): int
+    {
+        // TODO: Implement countDisabledInGroup() method.
+        return 0;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function createGroup(string $gid): bool
+    {
+        // TODO: Implement createGroup() method.
+        return false;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteGroup(string $gid): bool
+    {
+        // TODO: Implement deleteGroup() method.
+        return false;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function removeFromGroup(string $uid, string $gid)
+    {
+        // TODO: Implement removeFromGroup() method.
+        return false;
+    }
 }

From bb8e05b3bea21d4b697580e5d8f885b622976cf2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Sat, 30 Jun 2018 22:14:14 +0200
Subject: [PATCH 10/30] Options to enable execute DMLs on tables

---
 lib/Constant/Opt.php |  3 ++
 templates/admin.php  | 69 +++++++++++++++++++++++---------------------
 2 files changed, 39 insertions(+), 33 deletions(-)

diff --git a/lib/Constant/Opt.php b/lib/Constant/Opt.php
index 56ce8b2..cad2be6 100644
--- a/lib/Constant/Opt.php
+++ b/lib/Constant/Opt.php
@@ -32,6 +32,9 @@ final class Opt
     const EMAIL_SYNC = "opt.email_sync";
     const HOME_LOCATION = "opt.home_location";
     const HOME_MODE = "opt.home_mode";
+    const MODIFY_GROUP = "opt.modify_group";
+    const MODIFY_USER = "opt.modify_user";
+    const MODIFY_USER_GROUP = "opt.modify_user_group";
     const NAME_CHANGE = "opt.name_change";
     const PASSWORD_CHANGE = "opt.password_change";
     const USE_CACHE = "opt.use_cache";
diff --git a/templates/admin.php b/templates/admin.php
index a39becf..7469d1f 100644
--- a/templates/admin.php
+++ b/templates/admin.php
@@ -21,8 +21,8 @@
 
 use OCP\IL10N;
 
-script('user_sql', 'settings');
-style('user_sql', 'settings');
+script("user_sql", "settings");
+style("user_sql", "settings");
 
 function print_text_input(IL10N $l, $id, $label, $value = "", $type = "text")
 {
@@ -94,11 +94,11 @@ function print_select_options(
             <p class="settings-hint"><?php p($l->t("Define your database connection parameters.")); ?></p>
             <fieldset><?php
                 $drivers = ["mysql" => "MySQL", "pgsql" => "PostgreSQL"];
-                print_select_options($l, "db-driver", "SQL driver", $drivers, $_['db.driver']);
-                print_text_input($l, "db-hostname", "Hostname", $_['db.hostname']);
-                print_text_input($l, "db-database", "Database", $_['db.database']);
-                print_text_input($l, "db-username", "Username", $_['db.username']);
-                print_text_input($l, "db-password", "Password", $_['db.password'], "password"); ?>
+                print_select_options($l, "db-driver", "SQL driver", $drivers, $_["db.driver"]);
+                print_text_input($l, "db-hostname", "Hostname", $_["db.hostname"]);
+                print_text_input($l, "db-database", "Database", $_["db.database"]);
+                print_text_input($l, "db-username", "Username", $_["db.username"]);
+                print_text_input($l, "db-password", "Password", $_["db.password"], "password"); ?>
                 <div class="button-right">
                     <input type="submit" id="user_sql-db_connection_verify" value="<?php p($l->t("Verify settings")); ?>">
                 </div>
@@ -108,16 +108,16 @@ function print_select_options(
             <h2><?php p($l->t("Options")); ?></h2>
             <p class="settings-hint"><?php p($l->t("Here are all currently supported options.")); ?></p>
             <fieldset><?php
-                print_checkbox_input($l, "opt-name_change", "Allow display name change", $_['opt.name_change']);
-                print_checkbox_input($l, "opt-password_change", "Allow password change", $_['opt.password_change']); ?>
+                print_checkbox_input($l, "opt-name_change", "Allow display name change", $_["opt.name_change"]);
+                print_checkbox_input($l, "opt-password_change", "Allow password change", $_["opt.password_change"]); ?>
                 <div class="button-right"><?php
-                    print_checkbox_input($l, "opt-use_cache", "Use cache", $_['opt.use_cache'], false); ?>
+                    print_checkbox_input($l, "opt-use_cache", "Use cache", $_["opt.use_cache"], false); ?>
                     <input type="submit" id="user_sql-clear_cache" value="<?php p($l->t("Clear cache")); ?>">
                 </div>
                 <?php
                 $hashing = [];
                 foreach (glob(__DIR__ . "/../lib/Crypto/*.php") as $filename) {
-                    $class = 'OCA\\UserSQL\\Crypto\\' . basename(substr($filename, 0, -4));
+                    $class = "OCA\\UserSQL\\Crypto\\" . basename(substr($filename, 0, -4));
                     try {
                         $passwordAlgorithm = new $class($l);
                         if ($passwordAlgorithm instanceof
@@ -129,56 +129,59 @@ function print_select_options(
                     }
                 }
 
-                print_select_options($l, "opt-crypto_class", "Hashing algorithm", $hashing, $_['opt.crypto_class']);
-                print_select_options($l, "opt-email_sync", "Email sync", ["" => "None", "initial" => "Synchronise only once", "force_nc"=>"Nextcloud always wins", "force_sql"=>"SQL always wins"], $_['opt.email_sync']);
-                print_select_options($l, "opt-home_mode", "Home mode", ["" => "Default", "query" => "Query", "static" => "Static"], $_['opt.home_mode']);
-                print_text_input($l, "opt-home_location", "Home Location", $_['opt.home_location']); ?>
+                print_select_options($l, "opt-crypto_class", "Hashing algorithm", $hashing, $_["opt.crypto_class"]);
+                print_select_options($l, "opt-email_sync", "Email sync", ["" => "None", "initial" => "Synchronise only once", "force_nc"=>"Nextcloud always wins", "force_sql"=>"SQL always wins"], $_["opt.email_sync"]);
+                print_select_options($l, "opt-home_mode", "Home mode", ["" => "Default", "query" => "Query", "static" => "Static"], $_["opt.home_mode"]);
+                print_text_input($l, "opt-home_location", "Home Location", $_["opt.home_location"]); ?>
             </fieldset>
         </div>
         <div class="section clear-left">
             <h2><?php p($l->t("User table")); ?></h2>
             <p class="settings-hint"><?php p($l->t("Table containing user accounts.")); ?></p>
             <fieldset><?php
-                print_text_input($l, "db-table-user", "Table name", $_['db.table.user']) ;?>
+                print_text_input($l, "db-table-user", "Table name", $_["db.table.user"]);
+                print_checkbox_input($l, "opt-modify_user", "Allow DML statements on table", $_["opt.modify_user"]); ?>
                 <h3><?php p($l->t("Columns")); ?></h3>
                 <?php
-                print_text_input($l, "db-table-user-column-uid", "Username", $_['db.table.user.column.uid']);
-                print_text_input($l, "db-table-user-column-email", "Email", $_['db.table.user.column.email']);
-                print_text_input($l, "db-table-user-column-home", "Home", $_['db.table.user.column.home']);
-                print_text_input($l, "db-table-user-column-password", "Password", $_['db.table.user.column.password']);
-                print_text_input($l, "db-table-user-column-name", "Display name", $_['db.table.user.column.name']);
-                print_text_input($l, "db-table-user-column-active", "Active", $_['db.table.user.column.active']);
-                print_text_input($l, "db-table-user-column-avatar", "Can change avatar", $_['db.table.user.column.avatar']);
-                print_text_input($l, "db-table-user-column-salt", "Salt", $_['db.table.user.column.salt']); ?>
+                print_text_input($l, "db-table-user-column-uid", "Username", $_["db.table.user.column.uid"]);
+                print_text_input($l, "db-table-user-column-email", "Email", $_["db.table.user.column.email"]);
+                print_text_input($l, "db-table-user-column-home", "Home", $_["db.table.user.column.home"]);
+                print_text_input($l, "db-table-user-column-password", "Password", $_["db.table.user.column.password"]);
+                print_text_input($l, "db-table-user-column-name", "Display name", $_["db.table.user.column.name"]);
+                print_text_input($l, "db-table-user-column-active", "Active", $_["db.table.user.column.active"]);
+                print_text_input($l, "db-table-user-column-avatar", "Can change avatar", $_["db.table.user.column.avatar"]);
+                print_text_input($l, "db-table-user-column-salt", "Salt", $_["db.table.user.column.salt"]); ?>
             </fieldset>
         </div>
         <div class="section">
             <h2><?php p($l->t("Group table")); ?></h2>
             <p class="settings-hint"><?php p($l->t("Group definitions table.")); ?></p>
             <fieldset><?php
-                print_text_input($l, "db-table-group", "Table name", $_['db.table.group']); ?>
+                print_text_input($l, "db-table-group", "Table name", $_["db.table.group"]);
+                print_checkbox_input($l, "opt-modify_group", "Allow DML statements on table", $_["opt.modify_group"]); ?>
                 <h3><?php p($l->t("Columns")); ?></h3>
                 <?php
-                print_text_input($l, "db-table-group-column-admin", "Is admin", $_['db.table.group.column.admin']);
-                print_text_input($l, "db-table-group-column-name", "Display name", $_['db.table.group.column.name']);
-                print_text_input($l, "db-table-group-column-gid", "Group name", $_['db.table.group.column.gid']); ?>
+                print_text_input($l, "db-table-group-column-admin", "Is admin", $_["db.table.group.column.admin"]);
+                print_text_input($l, "db-table-group-column-name", "Display name", $_["db.table.group.column.name"]);
+                print_text_input($l, "db-table-group-column-gid", "Group name", $_["db.table.group.column.gid"]); ?>
             </fieldset>
         </div>
         <div class="section">
             <h2><?php p($l->t("User group table")); ?></h2>
             <p class="settings-hint"><?php p($l->t("Associative table which maps users to groups.")); ?></p>
             <fieldset><?php
-                print_text_input($l, "db-table-user_group", "Table name", $_['db.table.user_group']); ?>
+                print_text_input($l, "db-table-user_group", "Table name", $_["db.table.user_group"]);
+                print_checkbox_input($l, "opt-modify_user_group", "Allow DML statements on table", $_["opt.modify_user_group"]); ?>
                 <h3><?php p($l->t("Columns")); ?></h3>
                 <?php
-                print_text_input($l, "db-table-user_group-column-uid", "Username", $_['db.table.user_group.column.uid']);
-                print_text_input($l, "db-table-user_group-column-gid", "Group name", $_['db.table.user_group.column.gid']); ?>
+                print_text_input($l, "db-table-user_group-column-uid", "Username", $_["db.table.user_group.column.uid"]);
+                print_text_input($l, "db-table-user_group-column-gid", "Group name", $_["db.table.user_group.column.gid"]); ?>
             </fieldset>
         </div>
     </div>
     <div class="section">
         <input type="hidden" name="appname" value="user_sql"/>
-        <input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']); ?>" id="requesttoken"/>
-        <input id="user_sql-save" type="submit" value="<?php p($l->t('Save')); ?>"/>
+        <input type="hidden" name="requesttoken" value="<?php p($_["requesttoken"]); ?>" id="requesttoken"/>
+        <input id="user_sql-save" type="submit" value="<?php p($l->t("Save")); ?>"/>
     </div>
 </form>

From 20ffbfcddb2bad7581e6235d33fa47acfc3ccf9f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Sat, 30 Jun 2018 22:59:52 +0200
Subject: [PATCH 11/30] Revert previous commit.

---
 lib/Constant/Opt.php | 3 ---
 templates/admin.php  | 9 +++------
 2 files changed, 3 insertions(+), 9 deletions(-)

diff --git a/lib/Constant/Opt.php b/lib/Constant/Opt.php
index cad2be6..56ce8b2 100644
--- a/lib/Constant/Opt.php
+++ b/lib/Constant/Opt.php
@@ -32,9 +32,6 @@ final class Opt
     const EMAIL_SYNC = "opt.email_sync";
     const HOME_LOCATION = "opt.home_location";
     const HOME_MODE = "opt.home_mode";
-    const MODIFY_GROUP = "opt.modify_group";
-    const MODIFY_USER = "opt.modify_user";
-    const MODIFY_USER_GROUP = "opt.modify_user_group";
     const NAME_CHANGE = "opt.name_change";
     const PASSWORD_CHANGE = "opt.password_change";
     const USE_CACHE = "opt.use_cache";
diff --git a/templates/admin.php b/templates/admin.php
index 7469d1f..176871f 100644
--- a/templates/admin.php
+++ b/templates/admin.php
@@ -139,8 +139,7 @@ function print_select_options(
             <h2><?php p($l->t("User table")); ?></h2>
             <p class="settings-hint"><?php p($l->t("Table containing user accounts.")); ?></p>
             <fieldset><?php
-                print_text_input($l, "db-table-user", "Table name", $_["db.table.user"]);
-                print_checkbox_input($l, "opt-modify_user", "Allow DML statements on table", $_["opt.modify_user"]); ?>
+                print_text_input($l, "db-table-user", "Table name", $_["db.table.user"]); ?>
                 <h3><?php p($l->t("Columns")); ?></h3>
                 <?php
                 print_text_input($l, "db-table-user-column-uid", "Username", $_["db.table.user.column.uid"]);
@@ -157,8 +156,7 @@ function print_select_options(
             <h2><?php p($l->t("Group table")); ?></h2>
             <p class="settings-hint"><?php p($l->t("Group definitions table.")); ?></p>
             <fieldset><?php
-                print_text_input($l, "db-table-group", "Table name", $_["db.table.group"]);
-                print_checkbox_input($l, "opt-modify_group", "Allow DML statements on table", $_["opt.modify_group"]); ?>
+                print_text_input($l, "db-table-group", "Table name", $_["db.table.group"]); ?>
                 <h3><?php p($l->t("Columns")); ?></h3>
                 <?php
                 print_text_input($l, "db-table-group-column-admin", "Is admin", $_["db.table.group.column.admin"]);
@@ -170,8 +168,7 @@ function print_select_options(
             <h2><?php p($l->t("User group table")); ?></h2>
             <p class="settings-hint"><?php p($l->t("Associative table which maps users to groups.")); ?></p>
             <fieldset><?php
-                print_text_input($l, "db-table-user_group", "Table name", $_["db.table.user_group"]);
-                print_checkbox_input($l, "opt-modify_user_group", "Allow DML statements on table", $_["opt.modify_user_group"]); ?>
+                print_text_input($l, "db-table-user_group", "Table name", $_["db.table.user_group"]); ?>
                 <h3><?php p($l->t("Columns")); ?></h3>
                 <?php
                 print_text_input($l, "db-table-user_group-column-uid", "Username", $_["db.table.user_group.column.uid"]);

From 5218a0e80ea9bba21ed118c55db9e59a06d3e020 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Sat, 30 Jun 2018 23:02:27 +0200
Subject: [PATCH 12/30] Group Backend read only actions.

---
 lib/Backend/GroupBackend.php | 57 +-----------------------------------
 1 file changed, 1 insertion(+), 56 deletions(-)

diff --git a/lib/Backend/GroupBackend.php b/lib/Backend/GroupBackend.php
index 3d514cb..c44d359 100644
--- a/lib/Backend/GroupBackend.php
+++ b/lib/Backend/GroupBackend.php
@@ -27,14 +27,9 @@ use OCA\UserSQL\Model\Group;
 use OCA\UserSQL\Properties;
 use OCA\UserSQL\Repository\GroupRepository;
 use OCP\Group\Backend\ABackend;
-use OCP\Group\Backend\IAddToGroupBackend;
-use OCP\Group\Backend\ICountDisabledInGroup;
 use OCP\Group\Backend\ICountUsersBackend;
-use OCP\Group\Backend\ICreateGroupBackend;
-use OCP\Group\Backend\IDeleteGroupBackend;
 use OCP\Group\Backend\IGroupDetailsBackend;
 use OCP\Group\Backend\IIsAdminBackend;
-use OCP\Group\Backend\IRemoveFromGroupBackend;
 use OCP\ILogger;
 
 /**
@@ -43,14 +38,9 @@ use OCP\ILogger;
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
 final class GroupBackend extends ABackend implements
-    IAddToGroupBackend,
-    ICountDisabledInGroup,
     ICountUsersBackend,
-    ICreateGroupBackend,
-    IDeleteGroupBackend,
     IGroupDetailsBackend,
-    IIsAdminBackend,
-    IRemoveFromGroupBackend
+    IIsAdminBackend
 {
     /**
      * @var string The application name.
@@ -450,49 +440,4 @@ final class GroupBackend extends ABackend implements
             && !empty($this->properties[DB::USER_GROUP_GID_COLUMN])
             && !empty($this->properties[DB::USER_GROUP_UID_COLUMN]);
     }
-
-    /**
-     * @inheritdoc
-     */
-    public function addToGroup(string $uid, string $gid): bool
-    {
-        // TODO: Implement addToGroup() method.
-        return false;
-    }
-
-    /**
-     * @inheritdoc
-     */
-    public function countDisabledInGroup(string $gid): int
-    {
-        // TODO: Implement countDisabledInGroup() method.
-        return 0;
-    }
-
-    /**
-     * @inheritdoc
-     */
-    public function createGroup(string $gid): bool
-    {
-        // TODO: Implement createGroup() method.
-        return false;
-    }
-
-    /**
-     * @inheritdoc
-     */
-    public function deleteGroup(string $gid): bool
-    {
-        // TODO: Implement deleteGroup() method.
-        return false;
-    }
-
-    /**
-     * @inheritdoc
-     */
-    public function removeFromGroup(string $uid, string $gid)
-    {
-        // TODO: Implement removeFromGroup() method.
-        return false;
-    }
 }

From e4d962f13942ec74d7c4d73b22638e966f9b2e05 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Sat, 30 Jun 2018 23:06:12 +0200
Subject: [PATCH 13/30] Changelog

---
 CHANGELOG.md | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 95d78e1..079b961 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,10 +10,14 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - phpass hashing implementation
 - Support for salt column
 
+### Changed
+- Support for Nextcloud 14 only
+- Group backend implementation
+
 ### Fixed
 - Table and column autocomplete in settings panel
 
-## [v4.0.0-rc2]
+## [4.0.0-rc2]
 ### Added
 - User active column
 
@@ -75,6 +79,6 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - Supported version of ownCloud, Nextcloud: ownCloud 10, Nextcloud 12
 
 [Unreleased]: https://github.com/nextcloud/user_sql/compare/v4.0.0-rc2...develop
-[v4.0.0-rc2]: https://github.com/nextcloud/user_sql/compare/v4.0.0-rc1...v4.0.0-rc2
+[4.0.0-rc2]: https://github.com/nextcloud/user_sql/compare/v4.0.0-rc1...v4.0.0-rc2
 [4.0.0-rc1]: https://github.com/nextcloud/user_sql/compare/v3.1.0...v4.0.0-rc1
 [3.1.0]: https://github.com/nextcloud/user_sql/compare/v2.4.0...v3.1.0

From 01a91f54cecf911cdb7359c2e202b613bb145749 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Sat, 30 Jun 2018 23:20:46 +0200
Subject: [PATCH 14/30] Adopt user backend to Nextcloud 14 interfaces

---
 CHANGELOG.md                |  1 +
 lib/Backend/UserBackend.php | 88 ++++++++++++++++++++++++-------------
 2 files changed, 59 insertions(+), 30 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 079b961..9289665 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,6 +13,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Changed
 - Support for Nextcloud 14 only
 - Group backend implementation
+- User backend implementation
 
 ### Fixed
 - Table and column autocomplete in settings panel
diff --git a/lib/Backend/UserBackend.php b/lib/Backend/UserBackend.php
index 6a8237b..0955ccf 100644
--- a/lib/Backend/UserBackend.php
+++ b/lib/Backend/UserBackend.php
@@ -21,7 +21,6 @@
 
 namespace OCA\UserSQL\Backend;
 
-use OC\User\Backend;
 use OCA\UserSQL\Action\EmailSync;
 use OCA\UserSQL\Action\IUserAction;
 use OCA\UserSQL\Cache;
@@ -35,13 +34,28 @@ use OCA\UserSQL\Repository\UserRepository;
 use OCP\IConfig;
 use OCP\IL10N;
 use OCP\ILogger;
+use OCP\User\Backend\ABackend;
+use OCP\User\Backend\ICheckPasswordBackend;
+use OCP\User\Backend\ICountUsersBackend;
+use OCP\User\Backend\IGetDisplayNameBackend;
+use OCP\User\Backend\IGetHomeBackend;
+use OCP\User\Backend\IProvideAvatarBackend;
+use OCP\User\Backend\ISetDisplayNameBackend;
+use OCP\User\Backend\ISetPasswordBackend;
 
 /**
  * The SQL user backend manager.
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
-final class UserBackend extends Backend
+final class UserBackend extends ABackend implements
+    ICheckPasswordBackend,
+    ICountUsersBackend,
+    IGetDisplayNameBackend,
+    IGetHomeBackend,
+    IProvideAvatarBackend,
+    ISetDisplayNameBackend,
+    ISetPasswordBackend
 {
     /**
      * @var string The application name.
@@ -228,7 +242,7 @@ final class UserBackend extends Backend
     /**
      * @inheritdoc
      */
-    public function getDisplayName($uid)
+    public function getDisplayName($uid): string
     {
         $this->logger->debug(
             "Entering getDisplayName($uid)", ["app" => $this->appName]
@@ -258,7 +272,7 @@ final class UserBackend extends Backend
      *
      * @return string|bool The user ID on success, false otherwise.
      */
-    public function checkPassword($uid, $password)
+    public function checkPassword(string $uid, string $password)
     {
         $this->logger->debug(
             "Entering checkPassword($uid, *)", ["app" => $this->appName]
@@ -337,6 +351,10 @@ final class UserBackend extends Backend
             ["app" => $this->appName]
         );
 
+        if (empty($this->properties[DB::USER_NAME_COLUMN])) {
+            return false;
+        }
+
         $users = $this->getUsers($search, $limit, $offset);
 
         $names = [];
@@ -410,12 +428,16 @@ final class UserBackend extends Backend
      *
      * @return bool TRUE if the password has been set, FALSE otherwise.
      */
-    public function setPassword($uid, $password)
+    public function setPassword(string $uid, string $password): bool
     {
         $this->logger->debug(
             "Entering setPassword($uid, *)", ["app" => "user_sql"]
         );
 
+        if (empty($this->properties[Opt::PASSWORD_CHANGE])) {
+            return false;
+        }
+
         $passwordAlgorithm = $this->getPasswordAlgorithm();
         if ($passwordAlgorithm === false) {
             return false;
@@ -452,12 +474,16 @@ final class UserBackend extends Backend
     /**
      * @inheritdoc
      */
-    public function getHome($uid)
+    public function getHome(string $uid)
     {
         $this->logger->debug(
             "Entering getHome($uid)", ["app" => $this->appName]
         );
 
+        if (empty($this->properties[Opt::HOME_MODE])) {
+            return false;
+        }
+
         $home = false;
         switch ($this->properties[Opt::HOME_MODE]) {
         case App::HOME_STATIC:
@@ -487,12 +513,16 @@ final class UserBackend extends Backend
      *
      * @return bool TRUE if the user can change its avatar, FALSE otherwise.
      */
-    public function canChangeAvatar($uid)
+    public function canChangeAvatar(string $uid): bool
     {
         $this->logger->debug(
             "Entering canChangeAvatar($uid)", ["app" => $this->appName]
         );
 
+        if (empty($this->properties[DB::USER_AVATAR_COLUMN])) {
+            return false;
+        }
+
         $user = $this->userRepository->findByUid($uid);
         if (!($user instanceof User)) {
             return false;
@@ -515,13 +545,17 @@ final class UserBackend extends Backend
      *
      * @return bool TRUE if the password has been set, FALSE otherwise.
      */
-    public function setDisplayName($uid, $displayName)
+    public function setDisplayName(string $uid, string $displayName): bool
     {
         $this->logger->debug(
             "Entering setDisplayName($uid, $displayName)",
             ["app" => $this->appName]
         );
 
+        if (empty($this->properties[Opt::NAME_CHANGE])) {
+            return false;
+        }
+
         $user = $this->userRepository->findByUid($uid);
         if (!($user instanceof User)) {
             return false;
@@ -541,28 +575,6 @@ final class UserBackend extends Backend
         return false;
     }
 
-    /**
-     * @inheritdoc
-     */
-    public function getSupportedActions()
-    {
-        $actions = parent::getSupportedActions();
-
-        $actions &= empty($this->properties[DB::USER_NAME_COLUMN])
-            ? ~Backend::GET_DISPLAYNAME : ~0;
-        $actions &= empty($this->properties[Opt::HOME_MODE])
-            ? ~Backend::GET_HOME : ~0;
-        $actions &= empty($this->properties[DB::USER_AVATAR_COLUMN])
-            ? ~Backend::PROVIDE_AVATAR : ~0;
-        $actions &= (!empty($this->properties[DB::USER_NAME_COLUMN])
-            && $this->properties[Opt::NAME_CHANGE]) ? ~0
-            : ~Backend::SET_DISPLAYNAME;
-        $actions &= $this->properties[Opt::PASSWORD_CHANGE] ? ~0
-            : ~Backend::SET_PASSWORD;
-
-        return $actions;
-    }
-
     /**
      * Check if this backend is correctly set and can be enabled.
      *
@@ -580,4 +592,20 @@ final class UserBackend extends Backend
             && !empty($this->properties[DB::USER_PASSWORD_COLUMN])
             && !empty($this->properties[Opt::CRYPTO_CLASS]);
     }
+
+    /**
+     * @inheritdoc
+     */
+    public function getBackendName()
+    {
+        return "User SQL";
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteUser($uid)
+    {
+        return false;
+    }
 }

From 657e5a7cedd26aa4513c50f952cf64b7904040fe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Sat, 30 Jun 2018 23:35:16 +0200
Subject: [PATCH 15/30] Handle null value for isAdmin function

---
 lib/Backend/GroupBackend.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/Backend/GroupBackend.php b/lib/Backend/GroupBackend.php
index c44d359..6174b26 100644
--- a/lib/Backend/GroupBackend.php
+++ b/lib/Backend/GroupBackend.php
@@ -358,13 +358,13 @@ final class GroupBackend extends ABackend implements
     /**
      * @inheritdoc
      */
-    public function isAdmin(string $uid): bool
+    public function isAdmin(string $uid = null): bool
     {
         $this->logger->debug(
             "Entering isAdmin($uid)", ["app" => $this->appName]
         );
 
-        if (empty($this->properties[DB::GROUP_ADMIN_COLUMN])) {
+        if (empty($this->properties[DB::GROUP_ADMIN_COLUMN]) || $uid === null) {
             return false;
         }
 

From d3f38eed7c0c46e2495de1e9434ed855f6ca6e64 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Mon, 2 Jul 2018 21:01:13 +0200
Subject: [PATCH 16/30] WoltLab Community Framework 2.x hash implementation

---
 lib/Crypto/WCF2.php       | 63 +++++++++++++++++++++++++++++++++++++++
 tests/Crypto/WCF2Test.php | 62 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 125 insertions(+)
 create mode 100644 lib/Crypto/WCF2.php
 create mode 100644 tests/Crypto/WCF2Test.php

diff --git a/lib/Crypto/WCF2.php b/lib/Crypto/WCF2.php
new file mode 100644
index 0000000..07b1484
--- /dev/null
+++ b/lib/Crypto/WCF2.php
@@ -0,0 +1,63 @@
+<?php
+/**
+ * Nextcloud - user_sql
+ *
+ * @copyright 2018 Marcin Łojewski <dev@mlojewski.me>
+ * @author    Marcin Łojewski <dev@mlojewski.me>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\UserSQL\Crypto;
+
+/**
+ * WCF2 hashing implementation.
+ *
+ * @author Marcin Łojewski <dev@mlojewski.me>
+ */
+class WCF2 extends AbstractCrypt
+{
+    /**
+     * @inheritdoc
+     */
+    public function checkPassword($password, $dbHash)
+    {
+        return hash_equals($dbHash, crypt(crypt($password, $dbHash), $dbHash));
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getPasswordHash($password)
+    {
+        $salt = $this->getSalt();
+        return crypt(crypt($password, $salt), $salt);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    protected function getSalt()
+    {
+        return "$2a$08$" . Utils::randomString(22, self::SALT_ALPHABET) . "$";
+    }
+
+    /**
+     * @inheritdoc
+     */
+    protected function getAlgorithmName()
+    {
+        return "WoltLab Community Framework 2.x";
+    }
+}
diff --git a/tests/Crypto/WCF2Test.php b/tests/Crypto/WCF2Test.php
new file mode 100644
index 0000000..91faa91
--- /dev/null
+++ b/tests/Crypto/WCF2Test.php
@@ -0,0 +1,62 @@
+<?php
+/**
+ * Nextcloud - user_sql
+ *
+ * @copyright 2018 Marcin Łojewski <dev@mlojewski.me>
+ * @author    Marcin Łojewski <dev@mlojewski.me>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace Tests\UserSQL\Crypto;
+
+use OCA\UserSQL\Crypto\IPasswordAlgorithm;
+use OCA\UserSQL\Crypto\WCF2;
+use OCP\IL10N;
+use Test\TestCase;
+
+/**
+ * Unit tests for class <code>WCF2</code>.
+ *
+ * @author Marcin Łojewski <dev@mlojewski.me>
+ */
+class WCF2Test extends TestCase
+{
+    /**
+     * @var IPasswordAlgorithm
+     */
+    private $crypto;
+
+    public function testCheckPassword()
+    {
+        $this->assertTrue(
+            $this->crypto->checkPassword(
+                "password",
+                "$2a$08\$XEQDKNU/Vbootwxv5Gp7gujxFX/RUFsZLvQPYM435Dd3/p17fto02"
+            )
+        );
+    }
+
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
+    protected function setUp()
+    {
+        parent::setUp();
+        $this->crypto = new WCF2($this->createMock(IL10N::class));
+    }
+}

From 89598a5b367a6ec8e031b8f43efde5fd99fb8c37 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Mon, 2 Jul 2018 21:06:20 +0200
Subject: [PATCH 17/30] make getSalt() abstract

---
 lib/Crypto/AbstractCrypt.php | 5 +----
 lib/Crypto/Crypt.php         | 8 ++++++++
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/lib/Crypto/AbstractCrypt.php b/lib/Crypto/AbstractCrypt.php
index c13e1b5..7ce1c94 100644
--- a/lib/Crypto/AbstractCrypt.php
+++ b/lib/Crypto/AbstractCrypt.php
@@ -56,8 +56,5 @@ abstract class AbstractCrypt extends AbstractAlgorithm
      *
      * @return string The salt string.
      */
-    protected function getSalt()
-    {
-        return "";
-    }
+    protected abstract function getSalt();
 }
diff --git a/lib/Crypto/Crypt.php b/lib/Crypto/Crypt.php
index c52be8d..609bdcb 100644
--- a/lib/Crypto/Crypt.php
+++ b/lib/Crypto/Crypt.php
@@ -56,4 +56,12 @@ class Crypt extends AbstractCrypt
     {
         return "Unix (Crypt)";
     }
+
+    /**
+     * Not used.
+     */
+    protected function getSalt()
+    {
+        return null;
+    }
 }

From 6a01cff0952c665c53c5fe9fbf5f1b3cac9402de Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Mon, 2 Jul 2018 21:10:27 +0200
Subject: [PATCH 18/30] Test getPasswordHash() methods

---
 tests/Crypto/CleartextTest.php        | 6 ++++++
 tests/Crypto/CourierMD5RawTest.php    | 6 ++++++
 tests/Crypto/CourierMD5Test.php       | 6 ++++++
 tests/Crypto/CourierSHA1Test.php      | 6 ++++++
 tests/Crypto/CourierSHA256Test.php    | 6 ++++++
 tests/Crypto/CryptArgon2Test.php      | 6 ++++++
 tests/Crypto/CryptBlowfishTest.php    | 6 ++++++
 tests/Crypto/CryptExtendedDESTest.php | 6 ++++++
 tests/Crypto/CryptMD5Test.php         | 6 ++++++
 tests/Crypto/CryptSHA256Test.php      | 6 ++++++
 tests/Crypto/CryptSHA512Test.php      | 6 ++++++
 tests/Crypto/CryptStandardDESTest.php | 6 ++++++
 tests/Crypto/CryptTest.php            | 6 ++++++
 tests/Crypto/JoomlaTest.php           | 6 ++++++
 tests/Crypto/MD5Test.php              | 6 ++++++
 tests/Crypto/PhpassTest.php           | 6 ++++++
 tests/Crypto/SHA1Test.php             | 6 ++++++
 tests/Crypto/SHA512WhirlpoolTest.php  | 6 ++++++
 tests/Crypto/SSHA256Test.php          | 6 ++++++
 tests/Crypto/SSHA512Test.php          | 6 ++++++
 20 files changed, 120 insertions(+)

diff --git a/tests/Crypto/CleartextTest.php b/tests/Crypto/CleartextTest.php
index d4eaaef..67d5547 100644
--- a/tests/Crypto/CleartextTest.php
+++ b/tests/Crypto/CleartextTest.php
@@ -43,6 +43,12 @@ class CleartextTest extends TestCase
         $this->assertTrue($this->crypto->checkPassword("password", "password"));
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/CourierMD5RawTest.php b/tests/Crypto/CourierMD5RawTest.php
index fe30008..5f443a7 100644
--- a/tests/Crypto/CourierMD5RawTest.php
+++ b/tests/Crypto/CourierMD5RawTest.php
@@ -47,6 +47,12 @@ class CourierMD5RawTest extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/CourierMD5Test.php b/tests/Crypto/CourierMD5Test.php
index 0d1e82d..66d3d82 100644
--- a/tests/Crypto/CourierMD5Test.php
+++ b/tests/Crypto/CourierMD5Test.php
@@ -47,6 +47,12 @@ class CourierMD5Test extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/CourierSHA1Test.php b/tests/Crypto/CourierSHA1Test.php
index 0621655..b60c3bc 100644
--- a/tests/Crypto/CourierSHA1Test.php
+++ b/tests/Crypto/CourierSHA1Test.php
@@ -47,6 +47,12 @@ class CourierSHA1Test extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/CourierSHA256Test.php b/tests/Crypto/CourierSHA256Test.php
index ee86310..05cebe8 100644
--- a/tests/Crypto/CourierSHA256Test.php
+++ b/tests/Crypto/CourierSHA256Test.php
@@ -48,6 +48,12 @@ class CourierSHA256Test extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/CryptArgon2Test.php b/tests/Crypto/CryptArgon2Test.php
index 7a44ddd..39855fe 100644
--- a/tests/Crypto/CryptArgon2Test.php
+++ b/tests/Crypto/CryptArgon2Test.php
@@ -48,6 +48,12 @@ class CryptArgon2Test extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/CryptBlowfishTest.php b/tests/Crypto/CryptBlowfishTest.php
index ea4dc0c..1b878fd 100644
--- a/tests/Crypto/CryptBlowfishTest.php
+++ b/tests/Crypto/CryptBlowfishTest.php
@@ -48,6 +48,12 @@ class CryptBlowfishTest extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/CryptExtendedDESTest.php b/tests/Crypto/CryptExtendedDESTest.php
index 31ca7c1..c5627e0 100644
--- a/tests/Crypto/CryptExtendedDESTest.php
+++ b/tests/Crypto/CryptExtendedDESTest.php
@@ -45,6 +45,12 @@ class CryptExtendedDESTest extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/CryptMD5Test.php b/tests/Crypto/CryptMD5Test.php
index 0a6f405..aadc429 100644
--- a/tests/Crypto/CryptMD5Test.php
+++ b/tests/Crypto/CryptMD5Test.php
@@ -47,6 +47,12 @@ class CryptMD5Test extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/CryptSHA256Test.php b/tests/Crypto/CryptSHA256Test.php
index 020bb61..b40736d 100644
--- a/tests/Crypto/CryptSHA256Test.php
+++ b/tests/Crypto/CryptSHA256Test.php
@@ -48,6 +48,12 @@ class CryptSHA256Test extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/CryptSHA512Test.php b/tests/Crypto/CryptSHA512Test.php
index 7667d1f..6ea1035 100644
--- a/tests/Crypto/CryptSHA512Test.php
+++ b/tests/Crypto/CryptSHA512Test.php
@@ -48,6 +48,12 @@ class CryptSHA512Test extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/CryptStandardDESTest.php b/tests/Crypto/CryptStandardDESTest.php
index ca8712b..b8d8cbf 100644
--- a/tests/Crypto/CryptStandardDESTest.php
+++ b/tests/Crypto/CryptStandardDESTest.php
@@ -45,6 +45,12 @@ class CryptStandardDESTest extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/CryptTest.php b/tests/Crypto/CryptTest.php
index f556289..680b6cc 100644
--- a/tests/Crypto/CryptTest.php
+++ b/tests/Crypto/CryptTest.php
@@ -48,6 +48,12 @@ class CryptTest extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/JoomlaTest.php b/tests/Crypto/JoomlaTest.php
index feaa96e..0777c3d 100644
--- a/tests/Crypto/JoomlaTest.php
+++ b/tests/Crypto/JoomlaTest.php
@@ -48,6 +48,12 @@ class JoomlaTest extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/MD5Test.php b/tests/Crypto/MD5Test.php
index d8f2950..d302752 100644
--- a/tests/Crypto/MD5Test.php
+++ b/tests/Crypto/MD5Test.php
@@ -47,6 +47,12 @@ class MD5Test extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/PhpassTest.php b/tests/Crypto/PhpassTest.php
index 22b1ecc..6ef9c42 100644
--- a/tests/Crypto/PhpassTest.php
+++ b/tests/Crypto/PhpassTest.php
@@ -47,6 +47,12 @@ class PhpassTest extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/SHA1Test.php b/tests/Crypto/SHA1Test.php
index 2ed51ab..bdee003 100644
--- a/tests/Crypto/SHA1Test.php
+++ b/tests/Crypto/SHA1Test.php
@@ -47,6 +47,12 @@ class SHA1Test extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/SHA512WhirlpoolTest.php b/tests/Crypto/SHA512WhirlpoolTest.php
index 558db94..3239776 100644
--- a/tests/Crypto/SHA512WhirlpoolTest.php
+++ b/tests/Crypto/SHA512WhirlpoolTest.php
@@ -48,6 +48,12 @@ class SHA512WhirlpoolTest extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/SSHA256Test.php b/tests/Crypto/SSHA256Test.php
index f26b0e7..e3189d0 100644
--- a/tests/Crypto/SSHA256Test.php
+++ b/tests/Crypto/SSHA256Test.php
@@ -48,6 +48,12 @@ class SSHA256Test extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();
diff --git a/tests/Crypto/SSHA512Test.php b/tests/Crypto/SSHA512Test.php
index 10cfbd7..b6b5f72 100644
--- a/tests/Crypto/SSHA512Test.php
+++ b/tests/Crypto/SSHA512Test.php
@@ -48,6 +48,12 @@ class SSHA512Test extends TestCase
         );
     }
 
+    public function testPasswordHash()
+    {
+        $hash = $this->crypto->getPasswordHash("password");
+        $this->assertTrue($this->crypto->checkPassword("password", $hash));
+    }
+
     protected function setUp()
     {
         parent::setUp();

From 90dde69ec9d3f116f0b2a39c66a49caaac142438 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Mon, 2 Jul 2018 21:11:34 +0200
Subject: [PATCH 19/30] changelog

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 95d78e1..fe5750c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ## [Unreleased]
 ### Added
 - SHA512 Whirlpool hashing algorithm
+- WoltLab Community Framework 2.x hashing algorithm
 - phpass hashing implementation
 - Support for salt column
 

From edc3e8fe1487c333f86001d55d61969c95e7cd9e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Tue, 3 Jul 2018 10:01:30 +0200
Subject: [PATCH 20/30] Descpription of WoltLab Community Framework 2.x

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 82bfc17..d333a5d 100644
--- a/README.md
+++ b/README.md
@@ -196,6 +196,7 @@ SHA1 | No salt supported. | 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
 SHA512 Whirlpool | No salt supported. | a96b16ebb691dbe968b0d66d0d924cff5cf5de5e0885181d00761d87f295b2bf3d3c66187c050fc01c196ff3acaa48d3561ffd170413346e934a32280d632f2e
 SSHA256 | Generates 32 chars salt. | {SSHA256}+WxTB3JxprNteeovsuSYtgI+UkVPA9lfwGoYkz3Ff7hjd1FSdmlTMkNsSExyR21KM3NvNTZ5V0p4WXJMUjFzUg==
 SSHA512 | Generates 32 chars salt. | {SSHA512}It+v1kAEUBbhMJYJ2swAtz+RLE6ispv/FB6G/ALhK/YWwEmrloY+0jzrWIfmu+rWUXp8u0Tg4jLXypC5oXAW00IyYnRVdEZJbE9wak96bkNRVWFCYmlJNWxrdTA0QmhL
+WoltLab Community Framework 2.x | Double salted bcrypt. | $2a$08$XEQDKNU/Vbootwxv5Gp7gujxFX/RUFsZLvQPYM435Dd3/p17fto02
 
 ## Development
 

From 9cc09bd96ba931bc3676c9d270fd4fbe403a4531 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Tue, 3 Jul 2018 10:24:32 +0200
Subject: [PATCH 21/30] Update example sql script

---
 README.md | 25 +++++++++++--------------
 1 file changed, 11 insertions(+), 14 deletions(-)

diff --git a/README.md b/README.md
index d333a5d..d1aee0c 100644
--- a/README.md
+++ b/README.md
@@ -106,36 +106,33 @@ but be aware that some functionalities requires data changes (update queries).
 
 If you don't have any database model yet you can use below tables (MySQL):
 ```
-CREATE TABLE sql_users
+CREATE TABLE sql_user
 (
-  id                INT         AUTO_INCREMENT PRIMARY KEY,
-  username          VARCHAR(16) NOT NULL,
+  username          VARCHAR(16) PRIMARY KEY,
   display_name      TEXT        NULL,
   email             TEXT        NULL,
   home              TEXT        NULL,
   password          TEXT        NOT NULL,
   active            TINYINT(1)  NOT NULL DEFAULT '1',
-  can_change_avatar BOOLEAN     NOT NULL DEFAULT FALSE,
-  CONSTRAINT users_username_uindex UNIQUE (username)
+  can_change_avatar BOOLEAN     NOT NULL DEFAULT FALSE
 );
 
 CREATE TABLE sql_group
 (
-  id           INT         AUTO_INCREMENT PRIMARY KEY,
-  name         VARCHAR(16) NOT NULL,
+  name         VARCHAR(16) PRIMARY KEY,
   display_name TEXT        NULL,
-  admin        BOOLEAN     NOT NULL DEFAULT FALSE,
-  CONSTRAINT group_name_uindex UNIQUE (name)
+  admin        BOOLEAN     NOT NULL DEFAULT FALSE
 );
 
 CREATE TABLE sql_user_group
 (
-  id         INT         AUTO_INCREMENT PRIMARY KEY,
-  group_name VARCHAR(16) NOT NULL,
   username   VARCHAR(16) NOT NULL,
-  CONSTRAINT user_group_group_name_username_uindex UNIQUE (group_name, username),
-  INDEX user_group_group_name_index (group_name),
-  INDEX user_group_username_index (username)
+  group_name VARCHAR(16) NOT NULL,
+  PRIMARY KEY (username, group_name),
+  FOREIGN KEY (username) REFERENCES sql_user (username),
+  FOREIGN KEY (group_name) REFERENCES sql_group (name),
+  INDEX sql_user_group_username_idx (username),
+  INDEX sql_user_group_group_name_idx (group_name)
 );
 ```
 

From 859014b083151e7cbfb1d8eddf17317eedac8feb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Tue, 3 Jul 2018 10:35:12 +0200
Subject: [PATCH 22/30] Update CHANGELOG.md

---
 CHANGELOG.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index fe5750c..8a7d79d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,6 +10,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - WoltLab Community Framework 2.x hashing algorithm
 - phpass hashing implementation
 - Support for salt column
+### Changed
+- Example SQL script in README file
 
 ### Fixed
 - Table and column autocomplete in settings panel
@@ -36,7 +38,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - The whole core implementation, which is NOT COMPATIBLE with the previous versions.
 - Minimum supported PHP version - 7.0
 
-## Removed
+### Removed
 - MySQL ENCRYPT() hashing implementation - Function is deprecated as of MySQL 5.7.6 and will be removed in a future MySQL release.
 - MySQL PASSWORD() hashing implementation - Function is deprecated as of MySQL 5.7.6 and will be removed in a future MySQL release.
 - Redmine hashing implementation - Cannot implement in new core system.

From bd74d7f79e131a6b164ca5a49a6aee12807a1530 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Tue, 3 Jul 2018 10:41:34 +0200
Subject: [PATCH 23/30] Update CHANGELOG.md

---
 CHANGELOG.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8a7d79d..6ce96db 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,6 +10,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - WoltLab Community Framework 2.x hashing algorithm
 - phpass hashing implementation
 - Support for salt column
+
 ### Changed
 - Example SQL script in README file
 
@@ -25,9 +26,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [4.0.0-rc1]
 ### Added
-- New hashing algorithms: Argon2 Crypt (PHP 7.2 and above), Blowfish Crypt, Courier base64-encoded MD5, Courier base64-encoded SHA1,
-  Courier base64-encoded SHA256, Courier hexadecimal MD5, Extended DES Crypt, SHA256 Crypt,
-  SHA512 Crypt, SSHA512, Standard DES Crypt
+- New hashing algorithms: Argon2 Crypt (PHP 7.2 and above), Blowfish Crypt, Courier base64-encoded MD5, Courier base64-encoded SHA1, Courier base64-encoded SHA256, Courier hexadecimal MD5, Extended DES Crypt, SHA256 Crypt, SHA512 Crypt, SSHA512, Standard DES Crypt
 - Option to allow users to change their display names
 - Option to allow user to change its avatar 
 - Database query results cache

From 874564d315ebb90fb70c0af19167532a072542f2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Tue, 3 Jul 2018 10:48:23 +0200
Subject: [PATCH 24/30] Update dates

---
 CHANGELOG.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6ce96db..17edfd4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -17,14 +17,14 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Fixed
 - Table and column autocomplete in settings panel
 
-## [v4.0.0-rc2]
+## [v4.0.0-rc2] - 2018-06-14
 ### Added
 - User active column
 
 ### Changed
 - Fixed "Use of undefined constant" error for Argon2 Crypt with PHP below 7.2.
 
-## [4.0.0-rc1]
+## [4.0.0-rc1] - 2018-06-13
 ### Added
 - New hashing algorithms: Argon2 Crypt (PHP 7.2 and above), Blowfish Crypt, Courier base64-encoded MD5, Courier base64-encoded SHA1, Courier base64-encoded SHA256, Courier hexadecimal MD5, Extended DES Crypt, SHA256 Crypt, SHA512 Crypt, SSHA512, Standard DES Crypt
 - Option to allow users to change their display names

From 5c702edee7b1edce6930f899f287b1a89b7e3905 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Mon, 2 Jul 2018 21:59:42 +0200
Subject: [PATCH 25/30] hashing -> hash

---
 CHANGELOG.md                    | 14 +++++++-------
 README.md                       |  8 ++++----
 lib/Crypto/AbstractCrypt.php    |  6 +++---
 lib/Crypto/CourierMD5.php       |  2 +-
 lib/Crypto/CourierMD5Raw.php    |  2 +-
 lib/Crypto/CourierSHA1.php      |  2 +-
 lib/Crypto/CourierSHA256.php    |  2 +-
 lib/Crypto/Crypt.php            |  2 +-
 lib/Crypto/CryptArgon2.php      |  2 +-
 lib/Crypto/CryptBlowfish.php    |  2 +-
 lib/Crypto/CryptExtendedDES.php |  2 +-
 lib/Crypto/CryptMD5.php         |  2 +-
 lib/Crypto/CryptSHA256.php      |  2 +-
 lib/Crypto/CryptSHA512.php      |  2 +-
 lib/Crypto/CryptStandardDES.php |  2 +-
 lib/Crypto/Joomla.php           |  2 +-
 lib/Crypto/MD5.php              |  2 +-
 lib/Crypto/Phpass.php           |  2 +-
 lib/Crypto/SHA1.php             |  2 +-
 lib/Crypto/SHA512Whirlpool.php  |  2 +-
 lib/Crypto/SSHA.php             |  2 +-
 lib/Crypto/SSHA256.php          |  2 +-
 lib/Crypto/SSHA512.php          |  2 +-
 lib/Crypto/WCF2.php             |  2 +-
 templates/admin.php             |  6 +++---
 25 files changed, 38 insertions(+), 38 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 17edfd4..b676f34 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,9 +6,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 ### Added
-- SHA512 Whirlpool hashing algorithm
-- WoltLab Community Framework 2.x hashing algorithm
-- phpass hashing implementation
+- SHA512 Whirlpool hash algorithm
+- WoltLab Community Framework 2.x hash algorithm
+- phpass hash implementation
 - Support for salt column
 
 ### Changed
@@ -26,7 +26,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [4.0.0-rc1] - 2018-06-13
 ### Added
-- New hashing algorithms: Argon2 Crypt (PHP 7.2 and above), Blowfish Crypt, Courier base64-encoded MD5, Courier base64-encoded SHA1, Courier base64-encoded SHA256, Courier hexadecimal MD5, Extended DES Crypt, SHA256 Crypt, SHA512 Crypt, SSHA512, Standard DES Crypt
+- New hash algorithms: Argon2 Crypt (PHP 7.2 and above), Blowfish Crypt, Courier base64-encoded MD5, Courier base64-encoded SHA1, Courier base64-encoded SHA256, Courier hexadecimal MD5, Extended DES Crypt, SHA256 Crypt, SHA512 Crypt, SSHA512, Standard DES Crypt
 - Option to allow users to change their display names
 - Option to allow user to change its avatar 
 - Database query results cache
@@ -38,9 +38,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - Minimum supported PHP version - 7.0
 
 ### Removed
-- MySQL ENCRYPT() hashing implementation - Function is deprecated as of MySQL 5.7.6 and will be removed in a future MySQL release.
-- MySQL PASSWORD() hashing implementation - Function is deprecated as of MySQL 5.7.6 and will be removed in a future MySQL release.
-- Redmine hashing implementation - Cannot implement in new core system.
+- MySQL ENCRYPT() hash implementation - Function is deprecated as of MySQL 5.7.6 and will be removed in a future MySQL release.
+- MySQL PASSWORD() hash implementation - Function is deprecated as of MySQL 5.7.6 and will be removed in a future MySQL release.
+- Redmine hash implementation - Cannot implement in new core system.
 - User active column - Use database view instead
 - Domain support
 
diff --git a/README.md b/README.md
index d1aee0c..536c6cd 100644
--- a/README.md
+++ b/README.md
@@ -50,7 +50,7 @@ Name | Description | Details
 **Allow display name change** | With this option enabled user can change its display name. The display name change is propagated to the database. | Optional.<br/>Default: false.<br/>Requires: user *Display name* column.
 **Allow password change** | Can user change its password. The password change is propagated to the database. See [Hash algorithms](#hash-algorithms). | Optional.<br/>Default: false.
 **Use cache** | Use database query results cache. The cache can be cleared any time with the *Clear cache* button click. | Optional.<br/>Default: false.
-**Hashing algorithm** | How users passwords are stored in the database. See [Hash algorithms](#hash-algorithms). | Mandatory.
+**Hash algorithm** | How users passwords are stored in the database. See [Hash algorithms](#hash-algorithms). | Mandatory.
 **Email sync** | Sync e-mail address with the Nextcloud.<br/>- *None* - Disables this feature. This is the default option.<br/>- *Synchronise only once* - Copy the e-mail address to the Nextcloud storage if its not set.<br/>- *Nextcloud always wins* - Always copy the e-mail address to the database. This updates the user table.<br/>- *SQL always wins* - Always copy the e-mail address to the Nextcloud storage. | Optional.<br/>Default: *None*.<br/>Requires: user *Email* column.
 **Home mode** | User storage path.<br/>- *Default* - Let the Nextcloud manage this. The default option.<br/>- *Query* - Use location from the user table pointed by the *home* column.<br/>- *Static* - Use static location. The `%u` variable is replaced with the username of the user. | Optional<br/>Default: *Default*.
 **Home Location** | User storage path for the `static` *home mode*. | Mandatory if the *Home mode* is set to `Static`.
@@ -146,7 +146,7 @@ User table: wp_users
 Username column: user_login
 Password column: user_pass
 
-Hashing algorithm: Unix (Crypt) or Portable PHP password
+Hash algorithm: Unix (Crypt) or Portable PHP password
 ```
 
 #### JHipster
@@ -163,7 +163,7 @@ Password column: password_hash
 Email column: email
 Active column: activated
 
-Hashing algorithm: Unix (Crypt)
+Hash algorithm: Unix (Crypt)
 ```
 
 ## Hash algorithms
@@ -203,7 +203,7 @@ Add a new class in the `OCA\UserSQL\Platform` namespace which extends the `Abstr
 Add this driver in `admin.php` template  to `$drivers` variable and in method `getPlatform(Connection $connection)`
 of `PlatformFactory` class.
 
-#### New hashing algorithm support
+#### New hash algorithm support
 
 Create a new class in `OCA\UserSQL\Crypto` namespace which implements `IPasswordAlgorithm` interface.
 Do not forget to write unit tests.
diff --git a/lib/Crypto/AbstractCrypt.php b/lib/Crypto/AbstractCrypt.php
index 7ce1c94..e27e957 100644
--- a/lib/Crypto/AbstractCrypt.php
+++ b/lib/Crypto/AbstractCrypt.php
@@ -22,8 +22,8 @@
 namespace OCA\UserSQL\Crypto;
 
 /**
- * Abstract Unix Crypt hashing implementation.
- * The hashing algorithm depends on the chosen salt.
+ * Abstract Unix Crypt hash implementation.
+ * The hash algorithm depends on the chosen salt.
  *
  * @see    crypt()
  * @author Marcin Łojewski <dev@mlojewski.me>
@@ -52,7 +52,7 @@ abstract class AbstractCrypt extends AbstractAlgorithm
     }
 
     /**
-     * Generate a salt string for the hashing algorithm.
+     * Generate a salt string for the hash algorithm.
      *
      * @return string The salt string.
      */
diff --git a/lib/Crypto/CourierMD5.php b/lib/Crypto/CourierMD5.php
index 6e8e71f..c2463e3 100644
--- a/lib/Crypto/CourierMD5.php
+++ b/lib/Crypto/CourierMD5.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * Courier MD5 hashing implementation.
+ * Courier MD5 hash implementation.
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
diff --git a/lib/Crypto/CourierMD5Raw.php b/lib/Crypto/CourierMD5Raw.php
index 39fd3db..094eab3 100644
--- a/lib/Crypto/CourierMD5Raw.php
+++ b/lib/Crypto/CourierMD5Raw.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * Courier MD5 RAW hashing implementation.
+ * Courier MD5 RAW hash implementation.
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
diff --git a/lib/Crypto/CourierSHA1.php b/lib/Crypto/CourierSHA1.php
index 15d2ef3..6a96a44 100644
--- a/lib/Crypto/CourierSHA1.php
+++ b/lib/Crypto/CourierSHA1.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * Courier SHA1 hashing implementation.
+ * Courier SHA1 hash implementation.
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
diff --git a/lib/Crypto/CourierSHA256.php b/lib/Crypto/CourierSHA256.php
index 3bf0ed6..081cd9d 100644
--- a/lib/Crypto/CourierSHA256.php
+++ b/lib/Crypto/CourierSHA256.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * Courier SHA256 hashing implementation.
+ * Courier SHA256 hash implementation.
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
diff --git a/lib/Crypto/Crypt.php b/lib/Crypto/Crypt.php
index 609bdcb..c28763a 100644
--- a/lib/Crypto/Crypt.php
+++ b/lib/Crypto/Crypt.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * Unix Crypt hashing implementation.
+ * Unix Crypt hash implementation.
  *
  * @see    crypt()
  * @author Marcin Łojewski <dev@mlojewski.me>
diff --git a/lib/Crypto/CryptArgon2.php b/lib/Crypto/CryptArgon2.php
index 14efb64..ed4aafb 100644
--- a/lib/Crypto/CryptArgon2.php
+++ b/lib/Crypto/CryptArgon2.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * Argon2 Crypt hashing implementation.
+ * Argon2 Crypt hash implementation.
  *
  * @see    crypt()
  * @author Marcin Łojewski <dev@mlojewski.me>
diff --git a/lib/Crypto/CryptBlowfish.php b/lib/Crypto/CryptBlowfish.php
index 8e4a35e..6e1b8a5 100644
--- a/lib/Crypto/CryptBlowfish.php
+++ b/lib/Crypto/CryptBlowfish.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * Blowfish Crypt hashing implementation.
+ * Blowfish Crypt hash implementation.
  *
  * @see    crypt()
  * @author Marcin Łojewski <dev@mlojewski.me>
diff --git a/lib/Crypto/CryptExtendedDES.php b/lib/Crypto/CryptExtendedDES.php
index b09baab..d6654c4 100644
--- a/lib/Crypto/CryptExtendedDES.php
+++ b/lib/Crypto/CryptExtendedDES.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * Extended DES Crypt hashing implementation.
+ * Extended DES Crypt hash implementation.
  *
  * @see    crypt()
  * @author Marcin Łojewski <dev@mlojewski.me>
diff --git a/lib/Crypto/CryptMD5.php b/lib/Crypto/CryptMD5.php
index 6ca2e3b..0211f7e 100644
--- a/lib/Crypto/CryptMD5.php
+++ b/lib/Crypto/CryptMD5.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * MD5 Crypt hashing implementation.
+ * MD5 Crypt hash implementation.
  *
  * @see    crypt()
  * @author Marcin Łojewski <dev@mlojewski.me>
diff --git a/lib/Crypto/CryptSHA256.php b/lib/Crypto/CryptSHA256.php
index fad91b3..b4e2b41 100644
--- a/lib/Crypto/CryptSHA256.php
+++ b/lib/Crypto/CryptSHA256.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * SHA256 Crypt hashing implementation.
+ * SHA256 Crypt hash implementation.
  *
  * @see    crypt()
  * @author Marcin Łojewski <dev@mlojewski.me>
diff --git a/lib/Crypto/CryptSHA512.php b/lib/Crypto/CryptSHA512.php
index 11f3b8f..e32238f 100644
--- a/lib/Crypto/CryptSHA512.php
+++ b/lib/Crypto/CryptSHA512.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * SHA512 Crypt hashing implementation.
+ * SHA512 Crypt hash implementation.
  *
  * @see    crypt()
  * @author Marcin Łojewski <dev@mlojewski.me>
diff --git a/lib/Crypto/CryptStandardDES.php b/lib/Crypto/CryptStandardDES.php
index 7d8fa7d..bf2b4ec 100644
--- a/lib/Crypto/CryptStandardDES.php
+++ b/lib/Crypto/CryptStandardDES.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * Standard DES Crypt hashing implementation.
+ * Standard DES Crypt hash implementation.
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
diff --git a/lib/Crypto/Joomla.php b/lib/Crypto/Joomla.php
index e5dd2ca..46af41c 100644
--- a/lib/Crypto/Joomla.php
+++ b/lib/Crypto/Joomla.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * Joomla hashing implementation.
+ * Joomla hash implementation.
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
diff --git a/lib/Crypto/MD5.php b/lib/Crypto/MD5.php
index a4ba435..b995b9c 100644
--- a/lib/Crypto/MD5.php
+++ b/lib/Crypto/MD5.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * MD5 hashing implementation.
+ * MD5 hash implementation.
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
diff --git a/lib/Crypto/Phpass.php b/lib/Crypto/Phpass.php
index 586658c..d193917 100644
--- a/lib/Crypto/Phpass.php
+++ b/lib/Crypto/Phpass.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * phpass hashing implementation.
+ * phpass hash implementation.
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
diff --git a/lib/Crypto/SHA1.php b/lib/Crypto/SHA1.php
index a534212..6a1c707 100644
--- a/lib/Crypto/SHA1.php
+++ b/lib/Crypto/SHA1.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * SHA1 hashing implementation.
+ * SHA1 hash implementation.
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
diff --git a/lib/Crypto/SHA512Whirlpool.php b/lib/Crypto/SHA512Whirlpool.php
index 1fd3988..4f36e9a 100644
--- a/lib/Crypto/SHA512Whirlpool.php
+++ b/lib/Crypto/SHA512Whirlpool.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * SHA512 Whirlpool hashing implementation.
+ * SHA512 Whirlpool hash implementation.
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
diff --git a/lib/Crypto/SSHA.php b/lib/Crypto/SSHA.php
index f0f46d9..ddae4b2 100644
--- a/lib/Crypto/SSHA.php
+++ b/lib/Crypto/SSHA.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * SSHA* hashing implementation.
+ * SSHA* hash implementation.
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
diff --git a/lib/Crypto/SSHA256.php b/lib/Crypto/SSHA256.php
index a01cdf9..40337bd 100644
--- a/lib/Crypto/SSHA256.php
+++ b/lib/Crypto/SSHA256.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * SSHA256 hashing implementation.
+ * SSHA256 hash implementation.
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
diff --git a/lib/Crypto/SSHA512.php b/lib/Crypto/SSHA512.php
index 78e66a1..508fe53 100644
--- a/lib/Crypto/SSHA512.php
+++ b/lib/Crypto/SSHA512.php
@@ -24,7 +24,7 @@ namespace OCA\UserSQL\Crypto;
 use OCP\IL10N;
 
 /**
- * SSHA512 hashing implementation.
+ * SSHA512 hash implementation.
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
diff --git a/lib/Crypto/WCF2.php b/lib/Crypto/WCF2.php
index 07b1484..498818a 100644
--- a/lib/Crypto/WCF2.php
+++ b/lib/Crypto/WCF2.php
@@ -22,7 +22,7 @@
 namespace OCA\UserSQL\Crypto;
 
 /**
- * WCF2 hashing implementation.
+ * WCF2 hash implementation.
  *
  * @author Marcin Łojewski <dev@mlojewski.me>
  */
diff --git a/templates/admin.php b/templates/admin.php
index a39becf..62e0d39 100644
--- a/templates/admin.php
+++ b/templates/admin.php
@@ -115,7 +115,7 @@ function print_select_options(
                     <input type="submit" id="user_sql-clear_cache" value="<?php p($l->t("Clear cache")); ?>">
                 </div>
                 <?php
-                $hashing = [];
+                $hashes = [];
                 foreach (glob(__DIR__ . "/../lib/Crypto/*.php") as $filename) {
                     $class = 'OCA\\UserSQL\\Crypto\\' . basename(substr($filename, 0, -4));
                     try {
@@ -123,13 +123,13 @@ function print_select_options(
                         if ($passwordAlgorithm instanceof
                             \OCA\UserSQL\Crypto\IPasswordAlgorithm
                         ) {
-                            $hashing[$class] = $passwordAlgorithm->getVisibleName();
+                            $hashes[$class] = $passwordAlgorithm->getVisibleName();
                         }
                     } catch (Throwable $e) {
                     }
                 }
 
-                print_select_options($l, "opt-crypto_class", "Hashing algorithm", $hashing, $_['opt.crypto_class']);
+                print_select_options($l, "opt-crypto_class", "Hash algorithm", $hashes, $_['opt.crypto_class']);
                 print_select_options($l, "opt-email_sync", "Email sync", ["" => "None", "initial" => "Synchronise only once", "force_nc"=>"Nextcloud always wins", "force_sql"=>"SQL always wins"], $_['opt.email_sync']);
                 print_select_options($l, "opt-home_mode", "Home mode", ["" => "Default", "query" => "Query", "static" => "Static"], $_['opt.home_mode']);
                 print_text_input($l, "opt-home_location", "Home Location", $_['opt.home_location']); ?>

From 49a9b2ed61eb002fdfbcdfb8efd200da8cb753a0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Sat, 7 Jul 2018 09:27:20 +0200
Subject: [PATCH 26/30] can change avatar -> provide avatar

---
 README.md           | 16 ++++++++--------
 templates/admin.php |  2 +-
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index 536c6cd..f2ea96f 100644
--- a/README.md
+++ b/README.md
@@ -68,7 +68,7 @@ Name | Description | Details
 **Password** | Password hash column. | Mandatory for user backend.
 **Display name** | Display name column. | Optional.
 **Active** | Flag indicating if user can log in. | Optional.<br/>Default: true.
-**Can change avatar** | Flag indicating if user can change its avatar. | Optional.<br/>Default: false.
+**Provide avatar** | Flag indicating if user can change its avatar. | Optional.<br/>Default: false.
 **Salt** | Salt which is appended to password when checking or changing the password. | Optional.
 
 #### Group table
@@ -108,13 +108,13 @@ If you don't have any database model yet you can use below tables (MySQL):
 ```
 CREATE TABLE sql_user
 (
-  username          VARCHAR(16) PRIMARY KEY,
-  display_name      TEXT        NULL,
-  email             TEXT        NULL,
-  home              TEXT        NULL,
-  password          TEXT        NOT NULL,
-  active            TINYINT(1)  NOT NULL DEFAULT '1',
-  can_change_avatar BOOLEAN     NOT NULL DEFAULT FALSE
+  username       VARCHAR(16) PRIMARY KEY,
+  display_name   TEXT        NULL,
+  email          TEXT        NULL,
+  home           TEXT        NULL,
+  password       TEXT        NOT NULL,
+  active         TINYINT(1)  NOT NULL DEFAULT '1',
+  provide_avatar BOOLEAN     NOT NULL DEFAULT FALSE
 );
 
 CREATE TABLE sql_group
diff --git a/templates/admin.php b/templates/admin.php
index 62e0d39..14d4683 100644
--- a/templates/admin.php
+++ b/templates/admin.php
@@ -148,7 +148,7 @@ function print_select_options(
                 print_text_input($l, "db-table-user-column-password", "Password", $_['db.table.user.column.password']);
                 print_text_input($l, "db-table-user-column-name", "Display name", $_['db.table.user.column.name']);
                 print_text_input($l, "db-table-user-column-active", "Active", $_['db.table.user.column.active']);
-                print_text_input($l, "db-table-user-column-avatar", "Can change avatar", $_['db.table.user.column.avatar']);
+                print_text_input($l, "db-table-user-column-avatar", "Provide avatar", $_['db.table.user.column.avatar']);
                 print_text_input($l, "db-table-user-column-salt", "Salt", $_['db.table.user.column.salt']); ?>
             </fieldset>
         </div>

From ed37c7085d1750a863a67ba5e9faf74fe4f1eb0d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Mon, 9 Jul 2018 19:21:53 +0200
Subject: [PATCH 27/30] User quota from SQL

---
 CHANGELOG.md                      |   2 +
 README.md                         |   5 +-
 js/settings.js                    |   2 +-
 lib/Action/EmailSync.php          |   6 +-
 lib/Action/QuotaSync.php          | 137 ++++++++++++++++++++++++++++++
 lib/Backend/UserBackend.php       |   9 ++
 lib/Constant/App.php              |   6 +-
 lib/Constant/DB.php               |   1 +
 lib/Constant/Opt.php              |   1 +
 lib/Constant/Query.php            |   2 +
 lib/Model/User.php                |   4 +
 lib/Query/QueryProvider.php       |   8 +-
 lib/Repository/UserRepository.php |   2 +
 templates/admin.php               |   2 +
 14 files changed, 178 insertions(+), 9 deletions(-)
 create mode 100644 lib/Action/QuotaSync.php

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b676f34..0ef9ce5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,9 +10,11 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - WoltLab Community Framework 2.x hash algorithm
 - phpass hash implementation
 - Support for salt column
+- User quota synchronization
 
 ### Changed
 - Example SQL script in README file
+- Fixed misspelling
 
 ### Fixed
 - Table and column autocomplete in settings panel
diff --git a/README.md b/README.md
index f2ea96f..92b63f3 100644
--- a/README.md
+++ b/README.md
@@ -51,7 +51,8 @@ Name | Description | Details
 **Allow password change** | Can user change its password. The password change is propagated to the database. See [Hash algorithms](#hash-algorithms). | Optional.<br/>Default: false.
 **Use cache** | Use database query results cache. The cache can be cleared any time with the *Clear cache* button click. | Optional.<br/>Default: false.
 **Hash algorithm** | How users passwords are stored in the database. See [Hash algorithms](#hash-algorithms). | Mandatory.
-**Email sync** | Sync e-mail address with the Nextcloud.<br/>- *None* - Disables this feature. This is the default option.<br/>- *Synchronise only once* - Copy the e-mail address to the Nextcloud storage if its not set.<br/>- *Nextcloud always wins* - Always copy the e-mail address to the database. This updates the user table.<br/>- *SQL always wins* - Always copy the e-mail address to the Nextcloud storage. | Optional.<br/>Default: *None*.<br/>Requires: user *Email* column.
+**Email sync** | Sync e-mail address with the Nextcloud.<br/>- *None* - Disables this feature. This is the default option.<br/>- *Synchronise only once* - Copy the e-mail address to the Nextcloud preferences if its not set.<br/>- *Nextcloud always wins* - Always copy the e-mail address to the database. This updates the user table.<br/>- *SQL always wins* - Always copy the e-mail address to the Nextcloud preferences. | Optional.<br/>Default: *None*.<br/>Requires: user *Email* column.
+**Quota sync** | Sync user quota with the Nextcloud.<br/>- *None* - Disables this feature. This is the default option.<br/>- *Synchronise only once* - Copy the user quota to the Nextcloud preferences if its not set.<br/>- *Nextcloud always wins* - Always copy the user quota to the database. This updates the user table.<br/>- *SQL always wins* - Always copy the user quota to the Nextcloud preferences. | Optional.<br/>Default: *None*.<br/>Requires: user *Quota* column.
 **Home mode** | User storage path.<br/>- *Default* - Let the Nextcloud manage this. The default option.<br/>- *Query* - Use location from the user table pointed by the *home* column.<br/>- *Static* - Use static location. The `%u` variable is replaced with the username of the user. | Optional<br/>Default: *Default*.
 **Home Location** | User storage path for the `static` *home mode*. | Mandatory if the *Home mode* is set to `Static`.
 
@@ -64,6 +65,7 @@ Name | Description | Details
 **Table name** | The table name. | Mandatory for user backend.
 **Username** | Username column. | Mandatory for user backend.
 **Email** | E-mail column. | Mandatory for *Email sync* option.
+**Quota** | Quota column. | Mandatory for *Quota sync* option.
 **Home** | Home path column. | Mandatory for `Query` *Home sync* option.
 **Password** | Password hash column. | Mandatory for user backend.
 **Display name** | Display name column. | Optional.
@@ -111,6 +113,7 @@ CREATE TABLE sql_user
   username       VARCHAR(16) PRIMARY KEY,
   display_name   TEXT        NULL,
   email          TEXT        NULL,
+  quota          TEXT        NULL,
   home           TEXT        NULL,
   password       TEXT        NOT NULL,
   active         TINYINT(1)  NOT NULL DEFAULT '1',
diff --git a/js/settings.js b/js/settings.js
index c42bb4a..0a42eaf 100644
--- a/js/settings.js
+++ b/js/settings.js
@@ -76,7 +76,7 @@ user_sql.adminSettingsUI = function () {
         );
 
         autocomplete(
-            "#db-table-user-column-uid, #db-table-user-column-email, #db-table-user-column-home, #db-table-user-column-password, #db-table-user-column-name, #db-table-user-column-active, #db-table-user-column-avatar, #db-table-user-column-salt",
+            "#db-table-user-column-uid, #db-table-user-column-email, #db-table-user-column-quota, #db-table-user-column-home, #db-table-user-column-password, #db-table-user-column-name, #db-table-user-column-active, #db-table-user-column-avatar, #db-table-user-column-salt",
             "/apps/user_sql/settings/autocomplete/table/user"
         );
 
diff --git a/lib/Action/EmailSync.php b/lib/Action/EmailSync.php
index 3c9bc79..cded1c2 100644
--- a/lib/Action/EmailSync.php
+++ b/lib/Action/EmailSync.php
@@ -94,7 +94,7 @@ class EmailSync implements IUserAction
         $result = false;
 
         switch ($this->properties[Opt::EMAIL_SYNC]) {
-        case App::EMAIL_INITIAL:
+        case App::SYNC_INITIAL:
             if (empty($ncMail) && !empty($user->email)) {
                 $this->config->setUserValue(
                     $user->uid, "settings", "email", $user->email
@@ -103,7 +103,7 @@ class EmailSync implements IUserAction
 
             $result = true;
             break;
-        case App::EMAIL_FORCE_NC:
+        case App::SYNC_FORCE_NC:
             if (!empty($ncMail) && $user->email !== $ncMail) {
                 $user = $this->userRepository->findByUid($user->uid);
                 if (!($user instanceof User)) {
@@ -115,7 +115,7 @@ class EmailSync implements IUserAction
             }
 
             break;
-        case App::EMAIL_FORCE_SQL:
+        case App::SYNC_FORCE_SQL:
             if (!empty($user->email) && $user->email !== $ncMail) {
                 $this->config->setUserValue(
                     $user->uid, "settings", "email", $user->email
diff --git a/lib/Action/QuotaSync.php b/lib/Action/QuotaSync.php
new file mode 100644
index 0000000..7f73c9b
--- /dev/null
+++ b/lib/Action/QuotaSync.php
@@ -0,0 +1,137 @@
+<?php
+/**
+ * Nextcloud - user_sql
+ *
+ * @copyright 2018 Marcin Łojewski <dev@mlojewski.me>
+ * @author    Marcin Łojewski <dev@mlojewski.me>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\UserSQL\Action;
+
+use OCA\UserSQL\Constant\App;
+use OCA\UserSQL\Constant\Opt;
+use OCA\UserSQL\Model\User;
+use OCA\UserSQL\Properties;
+use OCA\UserSQL\Repository\UserRepository;
+use OCP\IConfig;
+use OCP\ILogger;
+
+/**
+ * Synchronizes the user quota.
+ *
+ * @author Marcin Łojewski <dev@mlojewski.me>
+ */
+class QuotaSync implements IUserAction
+{
+    /**
+     * @var string The application name.
+     */
+    private $appName;
+    /**
+     * @var ILogger The logger instance.
+     */
+    private $logger;
+    /**
+     * @var Properties The properties array.
+     */
+    private $properties;
+    /**
+     * @var IConfig The config instance.
+     */
+    private $config;
+    /**
+     * @var UserRepository The user repository.
+     */
+    private $userRepository;
+
+    /**
+     * The default constructor.
+     *
+     * @param string         $appName        The application name.
+     * @param ILogger        $logger         The logger instance.
+     * @param Properties     $properties     The properties array.
+     * @param IConfig        $config         The config instance.
+     * @param UserRepository $userRepository The user repository.
+     */
+    public function __construct(
+        $appName, ILogger $logger, Properties $properties, IConfig $config,
+        UserRepository $userRepository
+    ) {
+        $this->appName = $appName;
+        $this->logger = $logger;
+        $this->properties = $properties;
+        $this->config = $config;
+        $this->userRepository = $userRepository;
+    }
+
+    /**
+     * @inheritdoc
+     * @throws \OCP\PreConditionNotMetException
+     */
+    public function doAction(User $user)
+    {
+        $this->logger->debug(
+            "Entering QuotaSync#doAction($user->uid)", ["app" => $this->appName]
+        );
+
+        $ncQuota = $this->config->getUserValue(
+            $user->uid, "files", "quota", ""
+        );
+
+        $result = false;
+
+        switch ($this->properties[Opt::QUOTA_SYNC]) {
+        case App::SYNC_INITIAL:
+            if (empty($ncQuota) && !empty($user->quota)) {
+                $this->config->setUserValue(
+                    $user->uid, "files", "quota", $user->quota
+                );
+            }
+
+            $result = true;
+            break;
+        case App::SYNC_FORCE_NC:
+            if (!empty($ncQuota) && $user->quota !== $ncQuota) {
+                $user = $this->userRepository->findByUid($user->uid);
+                if (!($user instanceof User)) {
+                    break;
+                }
+
+                $user->quota = $ncQuota;
+                $result = $this->userRepository->save($user);
+            }
+
+            break;
+        case App::SYNC_FORCE_SQL:
+            if (!empty($user->quota) && $user->quota !== $ncQuota) {
+                $this->config->setUserValue(
+                    $user->uid, "files", "quota", $user->quota
+                );
+            }
+
+            $result = true;
+            break;
+        }
+
+        $this->logger->debug(
+            "Returning QuotaSync#doAction($user->uid): " . ($result ? "true"
+                : "false"),
+            ["app" => $this->appName]
+        );
+
+        return $result;
+    }
+}
diff --git a/lib/Backend/UserBackend.php b/lib/Backend/UserBackend.php
index 6a8237b..442559e 100644
--- a/lib/Backend/UserBackend.php
+++ b/lib/Backend/UserBackend.php
@@ -24,6 +24,7 @@ namespace OCA\UserSQL\Backend;
 use OC\User\Backend;
 use OCA\UserSQL\Action\EmailSync;
 use OCA\UserSQL\Action\IUserAction;
+use OCA\UserSQL\Action\QuotaSync;
 use OCA\UserSQL\Cache;
 use OCA\UserSQL\Constant\App;
 use OCA\UserSQL\Constant\DB;
@@ -116,6 +117,14 @@ final class UserBackend extends Backend
                 $this->userRepository
             );
         }
+        if (!empty($this->properties[Opt::QUOTA_SYNC])
+            && !empty($this->properties[DB::USER_QUOTA_COLUMN])
+        ) {
+            $this->actions[] = new QuotaSync(
+                $this->appName, $this->logger, $this->properties, $this->config,
+                $this->userRepository
+            );
+        }
     }
 
     /**
diff --git a/lib/Constant/App.php b/lib/Constant/App.php
index a2973ce..e0e6b63 100644
--- a/lib/Constant/App.php
+++ b/lib/Constant/App.php
@@ -34,7 +34,7 @@ final class App
     const HOME_QUERY = "query";
     const HOME_STATIC = "static";
 
-    const EMAIL_FORCE_NC = "force_nc";
-    const EMAIL_FORCE_SQL = "force_sql";
-    const EMAIL_INITIAL = "initial";
+    const SYNC_FORCE_NC = "force_nc";
+    const SYNC_FORCE_SQL = "force_sql";
+    const SYNC_INITIAL = "initial";
 }
diff --git a/lib/Constant/DB.php b/lib/Constant/DB.php
index ce0da21..b05fc0f 100644
--- a/lib/Constant/DB.php
+++ b/lib/Constant/DB.php
@@ -51,6 +51,7 @@ final class DB
     const USER_HOME_COLUMN = "db.table.user.column.home";
     const USER_NAME_COLUMN = "db.table.user.column.name";
     const USER_PASSWORD_COLUMN = "db.table.user.column.password";
+    const USER_QUOTA_COLUMN = "db.table.user.column.quota";
     const USER_SALT_COLUMN = "db.table.user.column.salt";
     const USER_UID_COLUMN = "db.table.user.column.uid";
 }
diff --git a/lib/Constant/Opt.php b/lib/Constant/Opt.php
index 56ce8b2..a1f6617 100644
--- a/lib/Constant/Opt.php
+++ b/lib/Constant/Opt.php
@@ -34,5 +34,6 @@ final class Opt
     const HOME_MODE = "opt.home_mode";
     const NAME_CHANGE = "opt.name_change";
     const PASSWORD_CHANGE = "opt.password_change";
+    const QUOTA_SYNC = "opt.quota_sync";
     const USE_CACHE = "opt.use_cache";
 }
diff --git a/lib/Constant/Query.php b/lib/Constant/Query.php
index f67183c..86511e0 100644
--- a/lib/Constant/Query.php
+++ b/lib/Constant/Query.php
@@ -39,9 +39,11 @@ final class Query
     const FIND_USERS = "find_users";
     const SAVE_USER = "save_user";
 
+    const EMAIL_PARAM = "email";
     const GID_PARAM = "gid";
     const NAME_PARAM = "name";
     const PASSWORD_PARAM = "password";
+    const QUOTA_PARAM = "quota";
     const SEARCH_PARAM = "search";
     const UID_PARAM = "uid";
 }
diff --git a/lib/Model/User.php b/lib/Model/User.php
index dcc9551..40ebf1c 100644
--- a/lib/Model/User.php
+++ b/lib/Model/User.php
@@ -36,6 +36,10 @@ class User
      * @var string The user's email address.
      */
     public $email;
+    /**
+     * @var string The user quota.
+     */
+    public $quota;
     /**
      * @var string The user's display name.
      */
diff --git a/lib/Query/QueryProvider.php b/lib/Query/QueryProvider.php
index 49f2ac9..85a9f95 100644
--- a/lib/Query/QueryProvider.php
+++ b/lib/Query/QueryProvider.php
@@ -71,15 +71,18 @@ class QueryProvider implements \ArrayAccess
         $uHome = $this->properties[DB::USER_HOME_COLUMN];
         $uName = $this->properties[DB::USER_NAME_COLUMN];
         $uPassword = $this->properties[DB::USER_PASSWORD_COLUMN];
+        $uQuota = $this->properties[DB::USER_QUOTA_COLUMN];
         $uSalt = $this->properties[DB::USER_SALT_COLUMN];
         $uUID = $this->properties[DB::USER_UID_COLUMN];
 
         $ugGID = $this->properties[DB::USER_GROUP_GID_COLUMN];
         $ugUID = $this->properties[DB::USER_GROUP_UID_COLUMN];
 
+        $emailParam = Query::EMAIL_PARAM;
         $gidParam = Query::GID_PARAM;
         $nameParam = Query::NAME_PARAM;
         $passwordParam = Query::PASSWORD_PARAM;
+        $quotaParam = Query::QUOTA_PARAM;
         $searchParam = Query::SEARCH_PARAM;
         $uidParam = Query::UID_PARAM;
 
@@ -91,6 +94,7 @@ class QueryProvider implements \ArrayAccess
             = "$uUID AS uid, " .
             (empty($uName) ? "null" : $uName) . " AS name, " .
             (empty($uEmail) ? "null" : $uEmail) . " AS email, " .
+            (empty($uQuota) ? "null" : $uQuota) . " AS quota, " .
             (empty($uHome) ? "null" : $uHome) . " AS home, " .
             (empty($uActive) ? "true" : $uActive) . " AS active, " .
             (empty($uAvatar) ? "false" : $uAvatar) . " AS avatar, " .
@@ -156,7 +160,9 @@ class QueryProvider implements \ArrayAccess
             Query::SAVE_USER =>
                 "UPDATE $user " .
                 "SET $uPassword = :$passwordParam, " .
-                "$uName = :$nameParam " .
+                "$uName = :$nameParam, " .
+                "$uEmail = :$emailParam, " .
+                "$uQuota = :$quotaParam " .
                 "WHERE $uUID = :$uidParam",
         ];
     }
diff --git a/lib/Repository/UserRepository.php b/lib/Repository/UserRepository.php
index 8f284b6..8ba593b 100644
--- a/lib/Repository/UserRepository.php
+++ b/lib/Repository/UserRepository.php
@@ -107,6 +107,8 @@ class UserRepository
             Query::SAVE_USER, [
                 Query::NAME_PARAM => $user->name,
                 Query::PASSWORD_PARAM => $user->password,
+                Query::EMAIL_PARAM => $user->email,
+                Query::QUOTA_PARAM => $user->quota,
                 Query::UID_PARAM => $user->uid
             ]
         );
diff --git a/templates/admin.php b/templates/admin.php
index 14d4683..f64c847 100644
--- a/templates/admin.php
+++ b/templates/admin.php
@@ -131,6 +131,7 @@ function print_select_options(
 
                 print_select_options($l, "opt-crypto_class", "Hash algorithm", $hashes, $_['opt.crypto_class']);
                 print_select_options($l, "opt-email_sync", "Email sync", ["" => "None", "initial" => "Synchronise only once", "force_nc"=>"Nextcloud always wins", "force_sql"=>"SQL always wins"], $_['opt.email_sync']);
+                print_select_options($l, "opt-quota_sync", "Quota sync", ["" => "None", "initial" => "Synchronise only once", "force_nc"=>"Nextcloud always wins", "force_sql"=>"SQL always wins"], $_['opt.quota_sync']);
                 print_select_options($l, "opt-home_mode", "Home mode", ["" => "Default", "query" => "Query", "static" => "Static"], $_['opt.home_mode']);
                 print_text_input($l, "opt-home_location", "Home Location", $_['opt.home_location']); ?>
             </fieldset>
@@ -144,6 +145,7 @@ function print_select_options(
                 <?php
                 print_text_input($l, "db-table-user-column-uid", "Username", $_['db.table.user.column.uid']);
                 print_text_input($l, "db-table-user-column-email", "Email", $_['db.table.user.column.email']);
+                print_text_input($l, "db-table-user-column-quota", "Quota", $_['db.table.user.column.quota']);
                 print_text_input($l, "db-table-user-column-home", "Home", $_['db.table.user.column.home']);
                 print_text_input($l, "db-table-user-column-password", "Password", $_['db.table.user.column.password']);
                 print_text_input($l, "db-table-user-column-name", "Display name", $_['db.table.user.column.name']);

From 4d48a58bf9a8f1e34e06a788660986ad5cf76dea Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Mon, 9 Jul 2018 20:04:54 +0200
Subject: [PATCH 28/30] update screenshot

---
 img/screenshot.png | Bin 42650 -> 44404 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/img/screenshot.png b/img/screenshot.png
index d47dbd87cf77cf016bd21ef857f90f8653ecd0b7..a8825c164800a235812ef138bb90e67f74e95b09 100644
GIT binary patch
literal 44404
zcmd43cRZJU+&BC)LPAznwxWcPkxi8BkxgdVBV_MYWF;Y)8QCE#vNJNW_ugB`%)CFx
zd0yA+xt`a3-~V0DbKlOCe*MOAe8=bWUf(lBSy37vmkJk!LgC9imQqEbFal91v^^Xw
zc;xx+d_M|B*x|0G^-|Tyh5m(uovDTObNZKVFP_ssceOA@p<Krb;<X)^1Y#dv6u;5;
zH}TdYcvLba!Cu#W>2?rl&d*%yJ8k~Y?oV=6&l0>Hzc`+rKYyJ<+CQ)QMMLNIRk55*
zGC{fxx3lW0v*_RJ>#FW^Cu<e!zcUV7>%ZH&O&+{Ib3aU4|2vGqTT>XhHT*QG@M^;p
zMopdJ%n1o^iD-BCwVE%lhn+6Y>#Vkx-H*Q}9oBJ9|ER^jIJ?Lp4vV3@i$(6dw=>IY
z5&IK2t+~sirjWh*%bH_V;o|a0Wp`xVrS5}evbyHqt6M^Ihsxiws_kyoHLrM0E>C~)
z!OO<+dK%>;T5_-%T9&-)dG?q1yJKupiNW{v9KxKrsf1&k*|Vnb0Oghwt=Wn{cXunN
zrdtY&n`K(aMyXE~mlLi^og6L1ZJi%^O=qRBaRt$^ZZUKcZt;flmU7yuzVkl2%v=7A
zS^(GnUD?mY?MgDAWgC~;)$sVZ<*pgZ&fO*h?@1-{3$eNsjHL9wef@?T`{yw;sUJ-#
z+Y|LGLj#X?BP?onYU+O9E2#5+Kk^uB7r&&q;XG`Zkm<yr?3!IN)8QgZ<?<j^?UzGT
zU~uKV(48ne;pWzjP#;U2L614}g{+c4gik1*)h|=Wy1brf(s~?m>DRA&gVP?81ce>q
zS3-Uk_wYS>CD<l=`-vDYCGUV^XWL?;+?P>@j+&--vK*NMjA3iMLu!ufWg2+}&Y`hv
zy2X~Jzud2|qZ?JmXgn<$(%F(9qpaF}xg0SiO<|uAB~9rxVxF$lZuU9eEZ%9%x}>mZ
zF6~THdyrk%W`C1Ev$VhK`$m;b#pKm8=Q$ac6o<9qe#MK<F`>Nak|m#xiD|Q6btRv}
zGCd5=Vt6@*kGTTL6Q3=Hg#|6NxvFE`T1ib5S$cxop6GB;D*j|ae8^M7Ay%{Hr{S3B
z!n~N{;T=bx1pc^wv3A{~CrgQ{htoe3pR7&ApIA+K{~TM3Q<+nETcyn9HHS9xEeCsD
zqvPYJ#oI*&B`sVdE!NmSWrQcSo=-2oFJ>dNv*znk=zL)AMdo4|9`yJM&JRT!O=Ifr
ziG#oxiH)PM+DCG-j2?bkrXc}eC_H)}WfixsL<%uwCRt`%v7JxTcTeC9Ki+&#^GDuE
zvSq0fMaJP!KFq*#lUmM;S=laDm|C3rdOtO%Y2=vFX0DKf_E@wFn+K)3MD*@+ruwqq
z-*P|Scu=-E;YDEcO*@Ci2TMhUK}3qrEA0KB(e=>`?=s2B@Xrj72x!F1IdlB?I%R4y
zSnfYK7>n%NTK;&QaXXV>^T0eQX+u@%`O%bbE=Bha-o?kBdqxGdWSS`!as?{nCn=)I
z)zV|xQ4%tdX07GyG~Y5w&eKM@?Qc?*l{fhclgREyjI^q_h#Cz%_=O7i{LJp=_umhR
z-v87y*~S^w;Pe=hjb0OvaajskLjTp?)%VHC@Gh>eaWbi7smR`n#m!Q8jo{2=fkvHH
z=M6cg+c(eOm$hJyjGRx&4K`RO;9A5!OkJoi`6HgepRjGOqK^3`?@!mKXe9~!vUrg{
zEzJVHhiVLs@+nfP;*&ClA=)-shYl)y+G%g%?6z!5tFn1DpD>8WSEZiSdhcGXdvS3Z
zl>)yX5V6kRpenf)&*O6Rck*mCbb87!i|>)`YR^ppe0M*Nj1Nt3clYK7Rx<5!JqI~G
zzLF^4Yul0uC0RDZxEFx=0WH7guZ*mDo9j?=kEH(X-^8!d{gq;fCHcE?{Y%|6L`r>b
zz1PZdq_<O^H(|69r#78%L$5}!7}NTq{Jih1n7(!;gq5q$l;&6AWG4ouhaauTK&-`^
zvIEL=O&vEn*ZEKStq~>sAN~Bp0z%kSq9%&`;-c^Me=y4!=oV#I%Azva{`DomHLzU7
zP{7Pu;BI<{nN$3vwJdpQB;Lcj&*(SR_=p38^O+|eR(mks{2RN3y<*~V(${j^hM(|j
zlqIiG!^6Na3Byz;sjm&ho?~J+dY#>z(R_?ahc?Yj7(AJ*l$EB!aA>;%=Xg`6`DM->
zoR#XuJ01pGr-`Lu+|0N{i7oo-!8@8T0%eO>qC1@U)n*IVX1K3!)-eb2+^Nx<vHG)V
zrJwYyw33kxy*u%{8@8Uu+fIJY&O4V32RX%dg>Ix`j^!7{F>gI&mkRLhr!*uH38$`o
zyZn_ivfy3Af{gV3ozlx5gxG5bTD7m<(qnw6d^I=zgx|I9S#cm*q08aU>^zO1oz|Dl
z+w~US@gd?dUo-bN-;dE#*;5)`5{w~`3AF9%=fBiMuu81*@V@`kTmD@H4ePl<Csc=Q
zff(p3JlNr8H%ko3+Lnar*Hp>*R39)cW1Tf(h!zSoH2ZhY3$f?<<A_@4V0M!e6>ayp
zba+$n%H|1{^{3RG?~H#Sy2&b2w{&ehgIyqU&IgV4NjLM1h3N|{V#7CN8MR~D55wiC
zxr^VJDdS>gaeN?qHKOFg;D2>g%gMZ;Nwf!*hK??t)2n2q-O~AB3IiV}Ozn9F6-`-J
zvWD`8i90sYF8(ufz5;f_*X?VWFHG{YGKA?r@zAGX4@obG%|$9qGPuhvG934(tQ|kN
z7DYlV)vUNy>SywkJvMG9DrBUBt5}EfuX)1e2G$LkPkP;okup*OWp~~S@f}H5Nu%jK
z3z3~L32}=0$!8?L!6NeT&6DQ@jNA=v=X)V>=>{vj`N5=9v`-8NGkGO+cji4CZBo;Z
zY;+cR3_gE;MP$~2-4y%t(+UA*i2u~{m?o2FM_f9hZ?w*Q9WD!qV5yCK3Y6GMcKsNO
zr};I=Pv~Y#w$2J#({FN%^QD@*O-xt#Fger}5*6P%$ci)4yiZ6kT%pg?!TekxS9|%D
zHqAf)wXnJN0WK%n3H|*U!s1H9!{@&j=9Nd&OIGU#+TZsibxV1PD-$aE-N2DjAq{+!
zR4b<{uu$`9E{eL8Nv+}KEgI~U_kFiW+wI#M9nLb7_}<CWPGFu1HQhvYs)}|Crs@kl
zZgIT&>K51SixN}O63KAuK*~#QH?kfLl3ryB<GH)aJrg)^wikSI9QNp9pLFG9dHI|>
z=0uSE@A}Ed=k9s-?Cnv6V`^w~eTLe(XjP$@i7zFJUm8d{*e!6q?YZ5ps$RNONY)yX
zYIr9m;44ooij?gc-3ksJ2bI7Rk>GR2z`givIXa00n^_Vqs_YjdAC0a{FF)F|Q^1}}
zx7B>xWcao+6+L?qC8f(?n7U{#GjPxKhKwFZVm0oL_wi1h<&8b;eEfOZ8}L&6XZPMS
z_$v(E*mp|pH@8B=8hcbj#;JR4MEkwP&(ujpWt(PIe8Ld@iErs`RLug}%3)9YxK#A7
zTlC>uH*@S@a>_0omSpQ$Crv9wL@f&6^ot;7(rp!8p|xJHq<wg4tyfr3YIVotYj<T|
zQ$1CB!`xL7V)UVF-yf6HpZ!sH#z^!3#Y}rsA7kd%_CrDxK}CP|%!=>w_REnNil0=o
zEjIOiU+*-3!g-0#yjJ|HUplRnq%up{y$3VGgd)bz`&|@KwwEkQD_!{pp|s04mlFDo
zhTkd<Tt|~8)l2u4^T{R1xt_nmis*h#E}*Y&Mr#%*lIi)>__>j9-wn)alVx8r!6!K0
zN~AwcHs}LYf2}-}CjMDCie)KSq+zX^tkp|jc7@S}B*A2RA(o*&ee&d%Mqs8%<o;id
zCj2LNw?h9&L<xzT2GjmXN!Icvxcc(0@5g;(UBx)_Ka2_o(!HN1({}e(IVi;*)^yOB
z(Ge0AF|h|6x{0^j+hgZXBpJ$86q|KOzOFBcP0ti?@EeolrTZ#_PhCyek;7lWnJ!Dw
zlhTG$(pgR{lyA2F9{1ONu%f1mp{zV}O!m9`q||~Z^jUOCKLT%j$r83aoIEB_qGe|f
zwne{tnYT`b7pHUPRW;kbU$UfDuc<b=W7?O(>UR1d0`ng2)Awp=6@PmCguR65-cSp&
zI7o~%F669Hq_2J>CE|!_9)63jfcv87rfTG(rL!kDRU9rwY)2|P>wy2$tG76O`0fyf
zMfPU5CNk5~2;fq#=3_j+BHA0g>eN#tj?O#hp7a#6YMMFt{>@E=?9=h#)MAOT8MTNH
zbTsPZ$B$du=_NPVoex(S4&C28eExVkBX?#dJ0ku~K(AkrwVg+p15<A>`<xHK_ji_c
zEveFbM3?B|W4wrI$CqhU8!lO5%5ooN$390>*sor%rlR4+#o7457eza8hwOp+Mos6*
zt7o)*fqROFm5CyQkp#PHtnHX$#j8!%wuzei|BjoNG*yg;>v<fiYClU-dt_l--S!M;
z(@FTAv*$!?AWxJ*3GUiU9bECu?N!5ttn^<ya*LS>;yioliJ$kmimAp=J{TSO+Z$=A
zs~F1hTrLa{XPYqL;z<iwA>&UDAozUJ!(r|9&M*xRFRjJ4?VeXxSgBM1>I$#l7|yM~
zMuHAP^v_DO9uqL0F@ItU)n#5U(kYUE((|(Zj5jS7e{<(!RI<$TutF>?iwDxbnV$yy
zxtY*}^;A(wS?3mg?ETCPN{gm1{RO$vNzCh#<*dS<k!?A?n=hGL%`VI5nlQBxIiju$
zQW6k*H04WvYOB_Gk$dH>-Wj)I(@wkTj~_q$Oi_&NbNv+!_1~fzuO;JE_y!-J%*QvI
zU_XB^xI|%p+45D!JuPM28TCtOq&>I1htWS{MTbcQWEH*iz0aRQ%K25fpujn*S;Ch7
z&8EKo5Jijz>)Or3K;|KV1UHmYR_geG$30<3dfm5zo5l)NhKqqt3avVqIUg)uqET+b
zmVWK3)hfwI=xRvvjGXd{?-Uc|flo+oP6Z#?T>HCUzg5&x<gx8rMI)M25<X2k{jE16
zMcjTW<zni5j`_qodfQbRGrp<=A7#eUR)>D_&U1%!&L@|f>(hp>?~j4ykQ@E>9`#C6
z$0-G3ht@dLSF==}u|(rpny-;A;V@f&GVtS78D3whxUD+<8?|XsPwzM*i)Kkh$z;9b
z*=d+xv^4DIM-bfbsg1LEHlbQC|7-AvN6P(9`<H*kTr`PSPeow`W6=oLe-6wP*6hbX
z{~#3C(nq<8VY#vwI5A7H`8L+fc8F9nX70M{7qy3Ny#Bwk&mUcuDvV}u&${+HR{|fc
zY(gO<YJ5ZJJRHRm|07B#z$N^P@vxPu0{0Ff*<cy=A6Y9J(i;O`HTtLZ_!sXRNMF8n
zdr$i9L_K?dx}cwIAEn@7R<+8Iv`>+slHNAKo%W)uVNzZ%l{aYVXLwj>2z73}AE9=-
zsa>^COnjSUc#ZA*s41t^jda1=@ox31L?VG`y?s235)E(kMZ%@i(aj%XQwXN3%k{|w
zUzQ*0H5f{H5@FIdP|*DtGd`TC*oCvcp^HK9fo2MOX=&O%8p+W`tQD4?j)^q=#uP_J
zwki8#t-BK(S1H0s7(P_tV2)$UuI{<~<(HM=ABz*3sH<CC7Mdx0n;y|-^`|sBPu%Fy
z>acy;=@4Cz_8G-X^qE(-jkGOWLQKu(UoPdz)KZz7PPSdo*b&rxM84+vu(a-c^<qNI
zi|{t-oEMs2{hHO*wh_TCkC$WybUDg2ACk#L<iG7#u-}fx?Crx{k?wDk)W;otA0b7s
zc2$&qfApsb1L2H!SFXX<o8$4LS|4T#((9jT7`!iD=ZQKcli%=WYjARlxsp((z7x=O
z_DS1oD5bpn?02D~aCg#T7n&%wOIBqx=KwF>@-PowiD#Gn;Mg*ofy<oeX9g>#eu6eh
zY!NTT?(qBSgxeRWMV%F`gBLDwpl)Cp%SlV2E|C9HYqFx@k;^Y0YdfM)98AbJnro(*
zGdzg>Qbyq+_8j(QVoa>|$@hsU6g^5tN<z(bY-7^RQ~vN=Y<rk(G`fw0I3pM^XDXG<
zVBg%UKC-fmI9AR6pgkR1pTj=Z$&K8{y2h0Qs+l?uH&`!|7c(DZJeGRbR@>eA_iQ$5
z_t&!nnFrhM=P~#Gb}oC0rZ{#jJ5HJX4U;0oM3egGYp*lv>*e5oz9<NZiT?S*c)<A2
zm$CTcf1iYh6Y}p<&=~%G1{eK}f1iRC`0q2CeBb_G@+SWc*SgoK`}Nu78^o8r|1OgA
zVg1L=y2q+v`Qzc_h(?$EJ7AUuQc{=`6BC?fUDSM7gSx~LgqVC7{|r!XN!FAoca`Vg
zKW1NrBP~TLD=W3&Ez{D|?PnV=(OyO=rig|siT(}5-}w-Bou7b`l5(P}+xK{=PAq3%
zK}o6gU~{}u(mwy$^#POHw{Jg|kuj1~t~nT?rF>dqir?PejzW>&)t7orK!ZZrjFn2%
zd7sI9UnJPoN~o#5A6+luIV;eu=&5$w&2s)hC*XiNJ3DJWl&@W|!2i6R)bnWewfSUK
zS(nWD>EGSnZ}#&nwZHoM`ih*^HEu97r)6j35D*ZU_kYG0J(|I|FCZXt@Fz*gg@B8T
z>#>s3YdsF>JdJ|wZl7}!cpAz#Fc8yvy7npc2Xu6FPKSlZFV_ZSI!z8XMvum)&tK7s
zxKlhG-WV;h-(6Dpx#;jXQ`ObO!{lgt)^#?Bd?ZiQc<>~5tt0lptL%A$|D_i$F4!n@
z9x8ZR7>!W5KJ}eQ_XOq5it+TZZYz)c{JU%xg~tO}`<XuXhTq+k<8=A0Cwy_bd*5LJ
z=c<FTxYlHbOmtHnIfq{G&!3M&YsKv6ngkVm;M20)#k)H@11l={BT@IB)_K!hoFCQ^
z(b7f)T_JDm?<WZg3i{@}sZ(>mft`)5$^X(7PLBg?<gIV9vp1Jn4L2EX|BPY^j)-Vk
zXp1HyCB;M?O<$b9F04DJqVqmtsB&62-4PT!USZ;TA?&z>N5-b*%V#rI-`^iC)XAh)
zQ<z(8Z85E>Yi(o0<@V>9y}-?zmtZ`PTE)(HI&DaD&zwEfPX6`_YUuRo@8{sJ$z7Pr
z+S+ow!oS`^|CWMq=)DwULoB=Q+qgLF5GnNVM*%X?%o40#NAK6+DTI`im&<g*KYXCb
zR%1np%g9`2R!q!xd}k|jEOvf`Vb+!CC&efcfQ8TLx@{P}*!JsJGrX6fnc3^c#s_;_
z(+117l&F0D8Y&JBj-TD#uhm$C3JTa;!YDB+^<17bwY1E&gkLWzDUpOLYKfq^a`*0C
zl(@b=ZMp3vE?f<KGy#oZs%D|SY0Uig?2m5_i@0#_fkOqlOgucK+S=M9<u=zB90XWd
zSqTXVebF$mf~U1BY-#lL^j=(?d-2##P{0Buvr&Tka#|l^5EZ3mjlu2e>N;8$y9j~L
zmdsHzUTlwnZQz%bL<0}Jo|!R3T{UP)7V+SV<#_t0x?0$JqzH{TM5>dYfdMUn-|msU
zJr|}#{YbG15iv2Nx68yg`}^*D*{=M@0arzR3k&a}W~OR9w2F-{_4W6EQohxbr+GJE
z(V)`d=A$qQzu6zJLsJBVgwo~WIOe|Aer1i3MaHMXcG6#-S@Q8?oJSGVm*eHJP_CP0
z!$r1}g11O<xr)Y$O|X}`Q|>PPJzg(lg6p_>^X3aDr)H0>8f<=k{(?WZV`O0q?AWFR
z1YjiloV)E@tPdBq3T;&fkQ;caoU+}xf%*LTbFJ^r1?p%<>JkzX+uPgXj~-zOi-?5V
z#%*j^BNx%u)~1{{NWp7KiglGXKgK{$j~W^6zq`wlpOimLNas&>wH(MfMm~JfT3Xp!
zU0mDNWB;_K@Lk8EpqJ+JX>1hiUjLGkd$?DwFvQ3@9T)d!Db2UX+<}$=_2j|UR1Fao
z)f-=5RLQZn$wxk$Hxm<jH7ts+j@cwPZ54C}OACH&F0VVBLM>=5w;4CIv%4B2n;G4r
zCT43sp;hZyIrMN8ZfhQ<$#pSCv+1nm#}5qIOybPU%$3m+7AQ1L($!vGUd>z$T2I3^
zeU8U|^&AYxm9Kf*=F-U1U^@xGCWsx%@0jpvoACZrK34zEUF`R!{&msQZAmu$Y6@h(
zMbL`8>FH5^M6FhLdB2{2+B1E3bRg$R(0GMiXoqwp?KQ<@;oBT{b<5=mF(tma?xYp@
zTzE&X7x8%QbH}rGYZ`dnTv%MZ>`#vaQ>#^E=%=ir@+o=?_I40lduYdUR}zWy?}?lz
zUG1K%&rMBnt%mZ6;-KcTEi5doEZEr!KsjY1B_p%+Dojlk*E?U$N(tOu?hftf|E$oj
zGo)F#u<$IYyETI5&P1i7^nI7#iG<g#-5k2j&aQCkvD6vg*e!O!=6yb-Yj+un|J<Qj
zcQX64XU}k`!XL3*2)X>mfo%g<*BEn0GmwAERZ^bcc|*%+XRdkf5AsUS{XtFmXa7g(
zM2t*KL6hHIuE1aa{{7o{vQ>BYblu>hPg~mAxt#OaPr`zOK4}B(^t7}<1Mj~NVLYIu
zU0do(x???ArGDB~Wb~tH^Cph}cHPC9(g$9vSdHX68u^5A{B~1pp67p;1=lt51{<a6
zyl&)c6+igd)irc%;O<_9yz{60eEDUMOP4M+zGaZa%v8ON<4@oDkykD_H1wXEr<y{R
zMqbc8vo4%yW(8tdIXMN}xa{m(M!QSD{9!#n7YjT+^(_8!xHU~qOhOU_CGB#2eEi(8
z{3g?ot(nQmbM=-8WEJOJXmStnQwn{_J5(Qx%R9Io&7#CN5*ZT{W06_ou=u9P>%=+q
zSV3~J$DHSZwRL`xSvPGGH)USJC+CXt0?V<XrGr8zUT@ExX7UFrDpB96-S;hx#>;I?
z59eRCgy)V+5@ODdm02}z)m?CKD8+L>d@LtN5@*)=fq`1gTTkzN_BCCTXZT?A$az-b
zWEhQ0%YoyQO~YJjWTlS9#(w#)D|PtwroOJ;)2EkE?kApU#~D+Kto=nsk~}tJYI?S#
zUvI+lf7$o<<YXR}1?(XHI|g$72~TJ<RWAoUV3=BrYI|l5&-y)4nI0XPl0v6bYR<sn
zvNmv;-*%$sdsqAS$Ecab#h|`EReP`Bzkj=L5y$IBtZBx0d3w%lY_NHgK}R!bjR@($
z4ML|8axQiEI6gjRymybp=lm~=8tXMrFE57ZHl*rieEw{_((}o<3TpREXZ*c67ufx8
zu<)tOCn@s>zS*1X5H-X0eo&y1UR0!fdI4p-X{*elAIoKH>eBYMS3Q&?JSrX>)Xdym
zn$ykV+{8rc`}gmgPvZZb3%!c~fiMa#^w(GEhIEJa_FiUWW*Yr`%YZ@&2?>Q!@#3Bw
zZdGJ&9v^JpIX|nYJHyXXO!C($7?Nd*k=^;bobqFGl14>E<%5_{?a>!Q2??~s#6&|Y
ztGwt6s9XyUl^O~0R;zuP6#TZ-`aWk)Y`W!mPqGw)l9G~oH{T^EM|d3mo(<=p@|9-}
zfK~>Lrj+)M9u)iY-IR-9mzmB{q)fj0r%XCVSU5(yNqR+>wU&v7Q}J?-L_Rk&vl1a2
z%8(&hSYFnhw2O_4V-ggkf*K(4@+A*7HFeXbq3tAInTNu7`^T-}XF>xlM^W+dm&L@y
z?h6XONl~vEx5=gB=dt~eZa?2LN8^Ip-q|6d6Dgd~<mTp<AA*%+)<&V#zth?0FtDU$
zVXLcC!eMo&A~*J9jE}QoYTy35?j1k~Zf<U<dZEB3=|=^NYiqfVjk<qbmDFKsVFR?(
zdY!zDj}H;`I!^UEIl$U2<Ear?Z0qclvb1Ccpjk%y>oOkRKwH*Yn_bNJQupEb_wNH?
zj6yn~E6pA6)nq-F5y*AP7~Cy^&hF+``E6r%*60tBf!98C0^$%%QBlzk_sj^KH%9yb
zS>VwMBTf2ed;0?mi<}{khfvOOaBzCon(zg@Pwz)i3ozPVfj*!fkvp!y8uP~Qy=qS2
z>({S`(ivZ^t!!+By?aOe{{8#lt%YBS0wkzym}ANG-W7H$4Gpr1$;q;z+0D)H{Cu|1
zh@f1I#PoEgXWW#yxVSGBH(<Cq-S^DHs0D~&HMQhxmlQo~BmVa7TPgt6#l=NI2_qF1
zA~n_+b(Ro1&uujKy%jVG!WSn8Hf&l&sHmu@m677~hRt_LNd^7C)zw8?H1{)x6TO<o
zHm%L;^7Ta}Thj#o>6D*p+s5X{`n)^G$FJw)<S6H;z3o^;Dz|H+sY0EFl~t(Alv}Gg
z)f1<C1HXA~?pW0tL~klzpMR~IGq9SKw`BDnQ+_PU7WKHPwrGvZESF;`Vtt9)g_p9M
zja}L%B4(*PlXv~AGhJDRNWKk*<N8y&itlAm{LoO{B8Q3UCTv6)53bxM#jQR+UWYEP
z1!y0NNqCo~g@yYQVPRoH3X0&~bm;_nUAMAq_txyKc2(&Az{Q%P`|WD~VxeYMS3{1D
zj;LbNSzTOQp20%)($LWOd>HYL0iTMeJ^=e_&u4|}1&Y<MsjJs}N-dtqr-;(XW~zGf
z=Rf`K{KDS8!DZUZjAvwE`OjiUa7ai4^vX+DuU-XE4jZ~Lf2->IcP4&*O*}2X*Dif~
zJ3BiPKVIS6A8i{|AFt&xW6bA{GqJEpCmIzy)PJeoy@Yb8)Vq^9a2OGznnQZn4OJq0
z&~gX2NEH4G>$Vy0CJI(2G;>!sHwFd<iFKL>sNl#*=@QdldsysC?;hVUpQ;uRbXp5^
zT<(%!j;5U8fXXLmqdEvZDG<Pm33Nqdr2=6Cpj0p=-8tHIe9)2W@;sa-bcwouiFWtZ
zF|$>qRVX$_B{c>XUVWT_cL;*chle%SS$%8{6FwiaJ=xUnFaNrC0v*WdD@`YR$%9Wl
zqj9;vJ3b%VOU}QloL94n4Ep?G?A%EpStO#`%H(NeT4DA&Uv}hp&1W>D!T9QswL7cP
z`hK}A{oL_*>^h~ssyX@g$7_)bl=HB*!@}@LuU(6mPl$^0)2*-#>9DuAHy{3zq*zs2
z%7clC8BAkrY|Qv3G!#wPGmue4<f&Otc?R_$Ml$?!L3Ak0O-QuwhxyDn{YIaQ6N8Cb
zFI{1kzX#)Xz29BzM#jb-<fy%Ah)77d?&;~NtglaCU|?``d~6JDZmztoy`4Lc07&Qy
zXJ@j)<1=`bsln#%?ruO{-W>w!`>2`Oq^~d;l=5OmjhOicb+jG_8$@*JcUW18S-5($
zRMH=9@9zG%TX%{+Gt2Z+x7@lx?ru$ndPJUPA-bz8dBNIzR*du3RQQ`WxUf#F$4W1Y
zcpMB|{tVUb?Z=O-<+J<i!%^?vF?O}^*-qS-l9oo$G3?!2ckfDjdJ4mxb9$d1QPI7&
zu&}uAali&tGR&47$|)@68JI1<N9pjZSMZz^_Yy$wkUxJMPEU8cQOfCFO#{w+r3N28
z*giVSCwO#TUrUgu86G@gl{@~jrkErcG+JVYuuZ|}Es8aMI$>AC{o}B~Us~UF$2E8@
ztmKY|t0=@^$lx+_%Y0gzo8u=VuT$}(g3shKNmvvIjt_XG2c7RZO;B3Sk5P25IppVe
zI1QGbtxH}P?%LFkuI*G4cU|~N#HRf<Pz8HXSLu|d5g^YDfV9Ax8WBth-v^)SJMPx$
z&F{gGGy!MrNtM7T`BENECq{dn-!>3BloTWIv)-yk^&FUk`%Y`52V2uubJSQxmo%Ra
ze|fqy=`xMrlcKV+pt`!cp^`1QuqJ@lMkXd0C>%UIsY3mlP7Y}&<l#uM^INqTL)C7M
zp;MIkiNy}HjX{9fUPVWfxbLq8!AyoUjHf*eRo2kJf)!I=FJ3$eNXHMb4=o9^ysu8d
ztGGCF)6Ne@4p={aPkx_2+L`~rX@rhc;TJRFrIv&3)pr<FZ<}@{hFrU&Vb~GNj!+!9
z!+a-yb@dl7I8D2g!$Ey8hN^%<UB7<)=;Y*jjU2bt5L>=pCGmHctyj>I^<8H#AvJF9
zV%qEQDMD+$J8$}jhvP%__Ji(bx!7B5A}#gsA;aCfSJ`#Tn}9=Q@!!{n7EUYdiUR6I
zM@J{0BzW!o{2WDFTL&y8(q_Ee2=4aQojU=*@6yuJUY75|+R1Ukwi+w7Seg7@(IprM
zWDy`Wpqd|TZI^)(BYX#dhS7`fk8conCJH>sFQLbw5OByCO45Y!S?$j<fft)k*NVU&
zCi|ksmO|IZ@BR`YQ=mZ#OUp5{NvqR-ZF^sB9xL2zX9E9KVA0S);le0HJ-_vS{RI!f
zD3w%Q<yYf3*|fF!mqHn=8=t<F%|v*dMuE=FE^aDn>ae==<BkpQiJos<<~{UmPpe23
z6%~;^lE7z!SKF?vYw}4{ecYxgnCMZYkco|6|4u$fYkQTxrovdAXsKV$c{xXghr$WB
zB-$*%OW1IYzHirfLkw*Sl{9ihYxtwMfR+6~#$=z{+veNLRboV^038Yw#_qY~@GRF^
z2K6pfr-!iY%Dm^TfWIJ0k^0shVj_`_2a=NTp8i15?Nupr4>PRM)6A3%4e6PclEW$;
zm)}I@_m!}-v*QDD&`G&QPJZ3XASO6?PYA>rRaI3Aygm|%E@panzM7-CP{HWVo|5%n
z{L@nM@^}F5nnn*1tSjm)4}zi+izv73Kf>Z(*c?;(zY^nrgRmzh^?&?L{yPNIG!{R-
z9JR04f`eCb=4WRc9?>&0a!WAc_}81lPw?e_upOoH&rgj19iR7q{!RYBQKa`n6BWdz
zq|{u#=-0e4@Hx8{ch}$%=vq+gdh)gJ1qKB%u(9E(T1-AoP>_{vT>6!;12o@3l8{K{
z3=aqB5-zAZ_S)&a^$iVZn`32?7w2caz?t0drM5OT8G^bxVU=tw?8cZjR{FeyY-7CQ
zDqu8bn3$Q_Sw8^8H&|GJtkEFq<@tW0Ps7wy?W1)Wd3h;dLoY=uii`b1L$B~-5)lnf
z`x2tOk7ludKI66rUF!Pf%a@PV@(O#(tTg45g|*i&%6OIgN<vwbq|}B9XoZ8*r6Y|2
z7U__SCM6~kl9C2;JgqYP`)3jK83EDrqj{==^<e{_!SSpz^WL-;Hxi=W{sR44$rV74
zfcLIJz4`%ltJwSOnCj|#sih5)f9?WA5<k#F=h7oZ`*5-H0GfRecH@2*9SsQX*?twY
z3+znQwnr?CjClj=E;vv1^f*mg@Q^Z%R9g7HudEtwpF*Ej<$Szn!DBr_SfEqJ{jqCk
zi0tfmUlOSM(Hp5nq1SeGXM97229X_ccO{`xPfgJp85tqf^k|?HX2E`?hv8O?tb9E8
zB^0pUFc4vNIy-vS2~G|+e}JkN1u7{>iOb0z1WeKqQqWmS`_yC2Kmr^owIKPTSLqKp
z1-NReQi>=AmoetTp9`TRfcqo0UP2LcVi7PifKfrxd%4<o2_|SzRt~8g3V#6W9{!%R
zhjw4R({g=oxiylmHHt|Zq0<0+K-$||AHE6@o6MkxpI7-~g3?WB3D2HCH=3++daS7U
zN;cCUm`!72<Mx<U;i~YErR`KKUNSZTbv@kiEBIJ=7m&{{gNN|K!GSwZgoK#5$ZD7a
z$TJ#hV`GEUupU)?FlH6GAl1;fH#9J=MYBHNMnWXw_3qufo==k4C4J>~)3kRqzYH9+
z@$y~+E_V%qOIJmYPyn|D1O&8d+<8I!eHAHsjDzB|9JqyvjctOgi)z>6(M4UL8!(Bl
zDesvAHYTSE$6D@AX>AO;!es$b32bbu%sQuavfAUdJJtI`y2fsQ{`@KO{Oe#nRZR)Q
zbglo9v~+rYK3<B?d8Mlh4-*pxv|Hn8X(=_j%aPiyuHRBsbHYB4es?L{hJ9q|<-E6|
zG7FzK=K!h<@(?aeRiCU2I0dsmu8Q$|sHpr4TjUCz&uKBTkY?waLlMObQ-YBD-o2o1
z(Gz*CQuC-mw?e&2RpbudMn^MwJHu=+@bPKfc`7d-#tE=v_WbMw#IXkt9|je<?V2*M
zvdRLrVje%vO7SK>|J&_@3sM)USVu<(iRzOlWqk$uH9AL!br<X~?1(~WS*8P+G=Cc&
zdJ4p3*dp%slg~InJjlC}Mef8RWawz4q&pBW?(nUe%zeJBh?av8(Ep4;BNR*-ex5+s
z+iwQuMkB1vU$Q^|81U#s_42M#az6`xaenHSRC?{&wZ^6pk|20d-bpFUAI?_o$rpg}
zU!u=Jnr-~RWm0;sshu23es?XS``52)k0NOc_D2IRlLP{<_>BoIGni%01?M`CdFpPk
z0SMGoyp}gOgaieR=bA$9dma@%bklvO1ZxUj7!IHhzz)h60eS%A;Nxc22J<u)y_PyD
z!)Qfx)<sAFUF~g-Yp$<tz~K97mzXxRwl2?ZKCPsN9Tf;>M6pS0*w8N6RKell%>Xuf
z0dej)20cLY@$o6h8v{ABnI**&9asp;SB>={=&3~4t_1;NOifFBaAyl(Ae2FLu$9QR
zJgcgz7`eHLeNJ~?D{8aJ*vZuVDoE$mJYKI-2wqtQ=wN)%`RU-`0FcmYU;%3tg3cS+
z(Hb0a>9B!eMk=bT5oO>`VKqAJx1@_Qn{hI4Z*OGMhL(XV0z@8=*;-q}#m2@4)i)#s
zbW&iNenMzOy(DuXI5?Y|n<^R_rrb%9kypQ#lvq`ZO8y1kYt;)g+rc*?G_-`(&Jn8{
zHg=lbbgjEtz2|CX+>5n=+v(GhaQF3o7z)X$1N$NVnXBwM6_rl;c2I}+_UvE05C^S9
z+d@uG&Iq)teO81i<9|LpJZuHQwt!=NbG)KA?ctSx3%j9wO55q$g8lenmm?Y)8WlY~
zHjcW(DGy|H!5i>{O6X`t&zQTM9Q^ukXlSU@)HONK-@*TQ3*;Fp$IkAWi=}+=4LTU{
zoi0NsL{8{>D(JZDy;XCFs4eqA=P9_K;fz(-6-Hl#U+3oph*`64J5s~|4A8JN85BnG
z?qrc)f+{QhS&?ldLAhIT9~{$W*48Z5-R0J7Y-tJv+;Z3X7}B!jpp?IjiZap|gVhIi
zo|V_<Ep)Y;9v&VAT+OP8>j6CA$Oi<70#vt}+uooT^df}VAYu}fIx@*ucoNVot@cP%
zrKI-oumhp2_6s)DzL-Tvs#9<<4pLxVynKm?f=Z11Y`Sb^A?obxY<jgPcEP4=Mq5oS
z5M(JRJ=$iImSt2h&5zb~)YNXo&e|v6()u{{&OJf5_1O6jY>gD?$#csokXhPX?1*z>
z&f<1<;bLKFHBWg4eESN_co}U$VRBs#S2HPKey}W4!9w`vb0J!LaqiL7+-%g9C?H5u
z4rLkRL3CG&Smc+d-`{iq`E7ZB`w4W{3=(0j#y-#Xjt=}Kbv?cOYhhX+D{>n8p>cuq
z-FKoGA^?~oEEy%-PI5_3OV!SCU5idB85Vb6fi6Eni@;gp9%E5gQ_FZ<cI7{_0Q7u(
zWKd>?k58e3fo{L`<Ti+}&5qq7EF5w-h;jT4okxKwzgQn)f4M%Suyp~eGrTKFXjn%V
z>8&MZ-H+7NNICSr`2rEP$7W#6m0ml0UNtbFrdR8!?fFcpKw}=B?mpe!cc>Wj$*-@^
z)Ax0xFBR2GyUD7Xih9NhQ^#1{;1TM5dx2K}qm}sLc>QkPc(FzQ=WkByv7;=wuRw;l
zu8_dz^=y0^8E|PUrQ|ia1VWWFmbeZWF29>{v8hExJ%&{XzXVoD<`Yn)3UVC`VqtV`
zMg}JKRaz;aV9nj2(Y{Sdv2z|p+9Q}4>t6g~w{KrwU0q%2%aq$pwtk$sy|>5XZUmHq
zf^ZEuZOcDI#>0_2zH?@#!f{zKsT(h|jE4?&3mn|$P;w{HyLayV0DWnv@ycDTB$$wU
z0Ot?_Dx3K=m;DEP&U#_pN6)PV`@~xxSR*U<`6?om8j*hb7li3hSO<nc`k;Dpf)a@m
z_8eP)281Y0AmW4PnzK6z7N-dqK8V5OigxGDoh#t5+=Lq_<#^!c>MG70J-fHsKWEm$
z;eH7db7nElpv5f3i}_qXj~?f-ynGYz@a-v&E$y=r4^vZSXx$N@l-mytz>p*I#y78%
z^3l3q5W?to75@OLHYobY6|D>x(&@V`UP~g`gJIS8w989PMTwnmV}MAIb?-+;v0vXi
zPZa&FTR7ll4S(cihYJI5s`bj<YG2b|AGP%!IbwG^Z;pMk8vX(byC}3^7H@;}UZe|v
z$I3PK83D7<M8Ky?k0~!IA{;I>@VUW)J5-c0wKP;Lnj{Q((PnR@_XD2|6%u6tvmHT1
zt|yxnJN-&xvrw~|pegJ}@PmsB%?k@kj4$Yl<RCHBCki+sh%|(R#q#Qc>g~@;DG{)Q
zj2Z(kyF#sco1AQ0st0i5;dHH6@r&69r)OI}t>boe;m|CMk-ML&`98Ss^zx+?*wLaV
z8}}e6KxWbs)&N7@Y*@~`B}z=BGWixKR#-?A`xOCA?*55K{SO&IXd1zq`fd-m2F5{o
zLXaSMgy5Uw2R-l`*7v}Nj&O7|AGxzXY+#kCq^Q`EtDdK<tc-%D(U~lA9U2PRqT~LW
zx?a`G%kW%88ikJkNi}C?WhEFqZ9@=tbhg|-B)Gu(=Chj$gZ;+{>IF#Yz~XUmaT~!K
zpIu$eQICU8VhoEO#B_h~+ClX|$H3SDNN91k^ogOkxOfC0(osJ-#49L-U5mQplacm@
z)cWXXjQ<DN4!Gs7!i*so0y&QTFI#7a)2$$nH%)Jq@YL`kIONsAWs}9cJU-a^Q?C(+
z9K1IZ6GE6hIwb59<t%Q#kp@4g*vw6I|8Hov$o>(*zp<a*dv9F+BMJ0>Nmghr9z?a3
zvlEN#t7mkXsv%+*r_uNlO}<6vw^&&lVO<y7O^aq^WE7Dsr2-7Sd-|v2E}55N<nY<a
zq4u!51_$jOsmO>^`!AkA9h7g8f^Gx82H1#*;G<J!`F!Z`?$fG3NE?6<nF`PrFbXy-
z=AV9>kXx`GdF$aqQ@#qisQ)L)*I$jk)e-eRnSmnFEia~Fu&z_12ef8BLS~N*Gti-u
z8a|Xf4m4H7iv}-b2D&o;-!t$)foh<9A=#ksx%1Gr*UZ{*UcC7%d_@NOK_KjehL#pA
z#66#=ya%uj6LtUP3L*59R5jLF@B-oD(pU3jp`5_`gCrOL)dQ$&h{^M(i&nN?cT!#w
z{i8;ikC(GUDkq>J06TOQLJv`~v9D57=>wjZm(qe=76h3D@MsyL9@FEXA0KXk0Qm+H
zGJ$WQP{4DM4#U;~jgOF)mV+a2&~jt)yJlWBa0DpffsfMBQ19a)^k3&)1Q{Fc3Q#f|
zfE7P{_z*;{qT*tS6j3kw=(f&dA8&8b^V3}=V6xEKkv@fhz+ugrB(U`qpN5wusOB`a
zMYAB{CL~Kh=DaS#a!-TI#HqIepMXx3tvo5GI^4#<Wc+pTnuNGk5^NuskzhbHX_BuA
z;M1^#av`=c3!Ux0^9BWs7?MPpU+GPE1=C!?ncy>)u_G4xlcZ=~3_bPFf<}@UCAEr!
zBlH|mk6+9+T_z<Z6=#ikz#Pp0;T4C<i52%Sr=q1~JqkgAY?)Srew)HV`R3+kCq89$
zGt2FYJ*jT3e_}RJ>7emQxw#4GRM>`t&#|zygpLAltNE-?Ibn5tnoXc>bEx1twxzr2
z=5!q$7!kg}26?FPA!rZ+>jyq^76A3ic*R}!gAEIf<6NX<LF*1Vd*bO??YdL;<qvNw
zOkZz>odLj8?E%H(c54d}0LTcR1cZ)_dhz$qbG`4*_(&*BS(y;=kq;lF6c!c^Jt2gE
z&Y;_yRT!7;g9Ebh76f!WaCN<ZdV1QlcmY+`c-m_10%o%b5bf;D3<`DMehw4f9dU^Q
zHq~mrw2W;+2#SKooDj%p6Ic7_=;+J=FETe=<@lX#<0A(JZ3hg-;zu7~c3s`w8Ch7c
zlarHSLV$7rn__@~3*h+d?ChTQR;^{j-zalydd@)s?R)j=&vQxmcsSSB)xz=T0OdSX
zR(`A13PGMZDC@?RcwWO=*jB&Wf<8qDe0+JzJ9+S`T}=}sCX)p_HhG0oE(LT+h)H13
z($b=Qp)99EYl9ibM$N#zKrQf(j*f2N>#wNOc6gWY@ngH+$7ET^7}Z^zfA3m`+d%pH
z`=f(*+t}Mngrbj;on2mj4Q?dt`uesu87pC~nA+T2@&vFS0OU0<R<#emM_vGvK#jL{
zr-XMOu*pDfB<RkdhA4ay;^ZU*e`k)u4Y1ixqvK6GJ3DB5SRe`;`&e=SFfOjc_JyrA
z50%^W42%vsTU*<?5eyV;nvpu6x)HwPu`kEYTm!Z+UJ!~S@0LWRf=K(#aXCU!bm@Jw
z+EaWk7CV#i3TD^`XtO36%D0qtbS!(t)su?58YVpP@iCWPDh}bjhyju=@7x%R*V)ns
zM9Wg-H#uamu8?zlIQ{a8U}&P8_oah!e?%Sg_*8Fi?;J_&*sa2wFsg|w@v>Xct>8f5
z#012)Qk~vKCnQ`6e`IoCZ@wzS0n6ADTeDJ+<pt{8E-ehI7{pf$0o2c30H~hb+PaDo
zbTN|8Ec8ZOKi*$Q(Tc8u=fHek2#YwYuykRkFL!S;>T4-&jF;+QZSkKrOcQD#J~}$M
zu<Ie;fbcKj$yw;Fei+zu049ERbVwQ+rcNE)dtX;}(cRrWY=I4Qui(nUtKUoU{kD+c
z1NX95*1##hq?GORnohJk)p#xMs3=G`bm>5mklEr<j$f0?b0%0?vNEUV%yRr{>YMjW
zk;S^L-kPl-hhVJ71s^thc>%J_oKJa24~7zp1|GSw3kVb~NOh~ZdtrDCh7v+cw=5e=
zoA2q1)*~3$%Xe^gegrTOl4h!TtM|b3N=ys`d;X1IXz?i3I_vZrfLnkPh8kml4F&C#
z<Vvkai9vLbQdA^>){lQMdAE8S9V!8Ae{5-KX>da0^L6d*i+i1}pZF{?U8qARsBdZc
ztTCpLqqde`myyx5_Vq)q)zhK=iA_o9cgfJR5I6z;-wk4!q?g;Vc+|&O=vIO(a#;5P
z!K5b@-NY!#DSajA;#iwk7{FU$gP%k_@Tk>pvmAz!|0FQ;OS_eIed%6c{%4jKL)3SN
z65rdWem08&htR>%5$45mNT_7#vnFfI_Wu60$iI-Zx?W?brTJGQOZgTeyokQi2mc?@
zXLc23W&2L1+-%CtoM4=0E<oA$8yV5U@khZvs99!@c^)U532*bz$cUl3x>|mS9W<2n
z!S^74@L2RU<zIZStdz)6OUuZRs;-ZF`_>o6CE=;2$>!41(km!X;?U}MarJ84)whD=
z9NUd^zq~5<E8FKWJAs<p`0H0V4KWvezEY4%j@tbfGpH(;E&V$*o;LpsiKAfFN4ytM
z_Mc!l4k`|+jjhq_A^A>%u@PkM0g3YF{WCVD^M!5Y{LYQ4ni%R%Em-n$N<S^#(anDE
z82@g&gl)-a1DYg63U7h!48Kt3PwR`By+X;@i{R6s)=6;0{pjep0;YSmy+D3jMHOhN
zvrs+fzG(<VX+h~lQc5GEqY{~_P(yUalhu)M4Z=<m5)!&D6|`Tj#oL!g7Ky6rJ6DFD
zh6ahm+mmXOA9*bNp|~+{aS_2XEH5ud*!t+j7H|S%6O(2>n~|bVZJL_7!-HDig8~C*
zz!3C>772?B@JtX49>qj$3k(@YOSvB}GGx}{<@j6Gy97c^?n^Qtt<es*-|=}}^ruNV
zQ*{;~%5asjnzFJlm~v~I+2BkT^5%5HmTYq2%kBOXpO6p=&Gr*iZ06m9-+*vmI6C%!
z6yS!61{`{DEiw1}0%WiIj!R+panzD$G`qNUYCH!;T(?mma`&wUg3}xVax9<;awv6k
z^@&MI;YCH9sH-gOm2SJtP<(ny%#_kClpxSIB+VFA-_=C`@EiL4qhZIhW2Yp7a!`TZ
zKE7dEVFS<t^xH3v4u-il3O3^(tvw{4=Z<}br|Ya|Te#&NZ&pl0T*-fK&bR=rf8d~}
zf>y2{fcSNvlkw@MMc_zC?g)zXqw#$AaSAzIucVfP^pzEJf&l=J$R*yb*?Tu+vR~FP
zQ0bd<Atsajxr&gBenDKk2`xH!g;GUJD;Qi@L+Cn@)!k;0pO5rUR4{a>&#rcS1o*l;
z0-!%5j19n}=O%=`PeNUAeo^D(CvhbFB(C=V$MgD6iz>TIW)y@y<m*2l3jY5&f3NcN
z-9K4(OQlnMUa~EANew^4-oxsrH$EKX(o|vp90>;X=I3KrG$VLw<nLu~La#~H$Qz}Q
z>P9SDK#kwNe;4cD<aBW3;=Yo9U8m+6v9()wln@CKkqCFS<YOmBpr#;xnh#_XK{R@l
zUaH#{ynT?&AxrP->MC5aX=uZVgNpxK{RlMpNU~{$48f?Blt{>_aZ=oHe+9vZMu_V`
zP|6zb3eWzMGT4WBIIFkQd(G*icSI=C%)(*u(~(q&KfW%Yq4c6YBhJ!!#~KuG_lqx9
zATEIB?@_Sy_g062fpDl3^S@SCw<qUO;V0*}x}3yd<jf#Uwp?-Aa~GeV4UvFAx#Z@j
zIK5qqZbcB2a2g?-`2Y&JV&Z)jyLDdsIVoE`#xxc@mKX*`##|<an#{*-0~B~z{E6B1
zRVIt3i%x$QWPm$kAPIg&#R%<^N>i{1AgBRxBY;NY;^HVQJPH&Fv~48Z`H#zgv=FVt
z>9nQ>kq&eel6XFx_Mt=K&UZybXyBy*kTrmKA0W?yvReG>eDt8Ff+_|PbMQ4#zR>;T
z6YmoN4@C@sf29@x__(^dx?z;}upBCX-<GkqX0x66h6edOD5Az2BgNZ){xkxY+3A(0
zv$)g&K0OUwO<8T7<sj>Qh(?1f0G<Nie~`F<#`1pjS#%K*76w)V&EgHPRYtIaA=`>V
zfg}l0Fbov*kz(+{py+*q7Xw=vwz!Uhw*CX~Iq(ixIlbUv?5z!6fyxFU6AAF*ZV-nw
zFY;)#{x3tyV4TN4wPpPGoC=wH$!mP(SEF+s1|5VRGMOZJ=cIPtuz0{LLv#u%9&=xW
zc!PV+Tvq~Ff5blm(2nv2U1|<Y4#<fyfjSzQk#XbY#t0FtDF9wbJOv{5SmBQ_a@2CK
z;i1<9m?46|y>#nqvG8KkUsN^s+L>?O`~>M$&}CA(E+Eat<#qhB)V%kB-c*U%RYZb_
z<^$ykXyR9j34r7zNV)wF;f}{{O3yk0I9$?JikJ`WJ=0EcKoV#uumvR_JU~Z?0FMvq
z8wjK4(-$W`#=da6KpqL>fs~AaIt9Vv=dWKu(DotnxAXh^)`L&V;vnmRum#%Rd&Rfl
zsOUfissHs$VSN|+D?}=^)fG*g*#1f0R8!mnaDb%0%?ER@p+3N1x>xNW-f>zL)w7%R
zVGPc$0?M|7CTTGc*0{@KIe-J%CU6E@;oE4<EU@J3*O~cwCaeGy&_X16iiWCsx#|z_
z5`~(Zn?pjv5Hv+c!OHRjW!G{s?%$Xs7X_xTevSL;(~7z}F<>OGLHJ6#09`($fgXie
zU`XCIL20n94e$W~TU-<lK0cBaYraSl@gRd}yx_FmKz0<xEi`d3D}l?Ja{HjnC%zR^
z;Gz3QMn(<^B8?K{X)p?bUL*PZZn%Is_$;00Dy%UuwZoUO&{B<lywZs4*P?+CBqR_E
z)R&M*vhdRTgy3ZFYD^e8HEi!Ug}w#U!8pauFdRKNMMqq{vJhXD2AKy29ZmSuBBiNG
z>gDf=QFC!HP;>U<fy%dc(0v()%JdJnfPQUM?~4XOnTN2X5dj%m;yNbJ;I5;S)8Kbo
zP@sVEnt<T-6Y`tDlzX5mp?pE-S9F(buu)Yd1{QdeBM$PDf62+oB{Nl#4FrtA-K_kJ
zz9<qEYO!SV@mhTU_y$PtJ?(M@8cY!S&B@7`D@UUhrJ|ys$R<(Nw5uDtl~ugu?%}}%
z?jZ0V5G9bLdw`B(hr+*I=BMm+MYUADOY-h*WU3*Hks;{f+S*7GvvevRq>DxnoWijJ
zL2Wm#*W@kCt-G2B=r1Y?4K52jCGZI6fv>?`3{(ke#Fro2$&-<iQs~t|2nv=Y0YH0R
ztD*YA!D~R*hfaiI2I&+o`M!To3L-mH%LkrxU)I<@L)NVsVp~z5ctR{Nv?4s`^w%Od
z=0GCBo*FY3R8mrEYHbzkb7)_5z@y+qA*w4VgBVa~VCVLxIgtEYrE~q-g@U+qn&u1%
zQE*})*Ri4tQa{}B@}931z~Q0;nDz<M`_<zB0678!1A{G)QyCD8zXtvJ5~>sc8SKLV
zNEJ_=f;Fh3ug`%M1H2Am*BZ3}IKrN!#ScTtlv!h7;c-FMt#s-F=1day+{-_ZA(s>v
z_x+$`{7<T{480MYG$JUM3Lkljzdco0wBrCU44esxu|i?S>W6~E0M#7+z}m_mdMKdu
zZ+dMVb8;y*0W@z!r^C0ouVS?C0*EIZOu1FhDUbr-fDToXo+%i8M?0-_&8R}R-K9Ai
z#($Dw5Lf=Jn1qX(lj0tnrprH_&Q?h;f&y+I+Y2@46tqr3i|#~$01(bd0Dgh~g&XuB
zku>xF6+}aPvl^G2D(B5NU`rA}HV6q-pPrqSO~pjFJ%f`$0kGrLH!WFx<ih@^SX;WL
zlZW-hH<iRuUQW)Q8IKQT>WaYI{->nW!$sz_tOO~}eGS2=Yfvvf@mlznA$e_jfV!Y=
z2i$LV&V&jx3&-3V;Luv<N1H8R&suffBEP3<u2kwpfVOP}%U}-A4URlDfa!xcBlbPi
zeAXX^V*Xy7E{j1Cd8nmD!OyKiLwBK+8`TjSrENIbvsUodu)`xl$?1g6pjK~rnIXT-
zVG#ji<_a$*FU;153RcF-@?81JP>6vA-D>x#1S7FXi3?7DfBz0ROCPU2?wKD1E06mA
z3sm}}@V;YD*vxQ*E?nCUQlCas)ozFi?(gppo^Av*m>rcoz=<;;Yd6D*HBj^L;QGPj
zL%eu6g4LQ=Slf;-A!Qm5K#S~5-_%}t1+MWp&)Hi1-r~Xn2vpn@JkVejmI*9@C*Ci)
zMbv9@6$cS3K?G|6j0`Ic@WFbk8Zy1eWB-bXAjLHRN-v|0(fam+0kn60mc^5$1UopL
z(p<B^bp@&{l*k=;<ju(=9i5L|*5-%>1u_z>Ehb@M>R%suA+U&uOTc<S2I|Rq!omes
zJ075-(%+{}zb7b>13E~s4Ez~wD@LretWh`~w+*4w^|NV+6BfgHDZY0^lNirNh}-Bh
zISQVBCxg>2ScgyCSN>}tOj@_p9I=!62#7?^eTzy<Nr5Xg0AAVa;)n%O2xhqP@!qO2
zA^1j-nR0Q6)h$?(G8hETg2UAuY*?VPzkf%744(!C7)3ipvjGiy=sWnte{g}w+{Fq6
z0Qk*ii`G9N08T|9G8dA$123W1{gemlC!iPPl;X>wNeClCHe;gNjRZuP#g<gF2XOWi
zwUTIkk0N7C`Fdn1Hz5zA{+#bb`V=t)|IBVZ7<vJ<9+IVd&>Xj6qK!_Ec69FY-66%5
z|G<d`^tr;-3qD_~+?o<{0s)XpoP$2Bb724{<Nnhpg-U{sLUemnk$Ep;K`E4MSR~je
z1fdP)s>4Y!_Sm}yNDP<iS2P<74mzTQ!rl$p^f^7UuiopE(^*ACWr)6DK(HC*`{VUh
zCJ^EH`1pW8ec-pF1@Vs)5JhK_5IGzyL(wWGaKv?#c~@7mLgqXDNgjzvfdmphZC(UN
z?H&aj`*p_^DHjTaj32C11RVjp{&MXIj<x~T4=s72zPP;1lDw^J4AOUSSQzOvFND~`
z@5key^r~Hn=367l&8Bi$>FLF--fX~egijznqkMs4RiFI+4hlRZGmhZ&9E1ffRqEOD
zD1Ge=y;~cMlukG@1aXoFAk;f~^Nhd>_d4Ed03wPU4xkosCq+^sM?QdP5hn_X^~}xB
zbHVvg&*RlBAf*AancVmH%T;rD?iUF4_S2HCog~1K<z(7OC;eFjO{0*ycnTqpYg>(=
z0h?d48eF|X8V)Ba0#i~_hC-JIv)nXpk?K6L*SrP?<e(CTbU>X!b^<UTQrw^;hjKU^
z2x!E9xr-*+?cMW@%}pen4fWX=ssRP3q3_g73~YiXBr*g>5^$Hbq*dr1X`sv^{tz5R
zo!Q*PhsFf$a5bX_Kp$x0gHNJJMDQgT0we&HWeuCa|FVKH3Nfe=eG_#2V%HsGB*PD}
zQ+Thka^x%#G{}PP+>2ZJ#i#*jwjhncxFRwr*xhgt6VfwLA3wf<QRlK53{ebQl!;xR
zt`ieI+j|1%Dku^;PAZp^1HOM3f{^@;^QCJjVW8`vd7JlTT!wQQ2o%(-bhrcv9(#Lx
zG8<_M&^%T^+=hSUFsKcC-VtjA3?fk(tbD|-9lD9M=FPEdaHkJp77-&WMiyrHd+`4#
z?#;uoY}fYT%MdDwlw>GTG)O5_GDf6A6N)mEghYmvSs@{5G$fQEna9jysE{%bB{Y#t
zp$NbIq_y7Xeb>8v-*5Z=`P!asJ?ja#`@XL0JkI0TrxQznW0om#ZzLS051Y>1Eo4W>
z;6=DI=!bBN+2{(f?-$6%9n4I|%K~RrG&75<pSzH0Ca*F~BWf@~K-@6gRYHdrgt&`e
z-xuxX?Ld!3q+^(l%J7Xu6OVy3f3$XwWN-}(Ludjrw%=!7y7UVJKR+e+cf!5<M0U?d
z{*nx>fj81}FO=5tN1fTqx164aNCWZ4DXB2gk;*l$<uLy`h;9(xu%Q?Xg{aFPN57GA
z$ivLdHxYn%k2JajNr#30-*8Q!Ziny*-rFv3PjDmX6PODxD~a#Kvzhn_1i9Ik{?NoE
zkV{aBy=yBZYG=IP8%YUlhYlS2mlgmOtXnuH`}~I&L{{_QkZFdLqGIEgRDLwluW4!g
z#_vjx$sSTC(=QDLbg2|F3&DrhD_5)_pgSf)dg|x*R(3RefT%F8?L+sPUr->5#Up0+
zM(%ZNe*UR`t0fc$wR6)i0*-I0_}eM8w6~+*T)S)6iGHEQha_&FV!?zMo)?UjT#1j4
zy2%I1C}=+`8(XBf3X8NPn)sIIwnFfZdvbkx2OT9;)$HIM%ZObAoO;Ry->UD$wS9x1
z7hA}ooIGCV!6(HQT?eW41*ifsl~r`9YaE`2b81Nedv3#%2RqJmLjb|FbZI5LiaBgP
z4<mbuWWMbws*3tKKVAF0VmveI%Z?Yj`0#%F30y}7{K8b&{H(;^_M?ClV*}!3URKX8
z@YtUxL1>r$+k@hvIZyk7w>L(FtnI-n+A`y8lqJe0t=g-8)BuXSsx824)K&lD0M=(E
z1O*vDzbm3$Zgs;{u=!UMHyid`W(L>m$;BZGp9G7dkH+J<_QbxPLgVWb*HkqJ-`GV@
zPPsRFmMjt4l=9=m^OKjtr7kU#cKTV2dK!df04^Z-0}L9a=vVmey@D3q9o}2g)y~y?
zMJ1(D?A+8)wNQk9Uqd`l(*+dSrNI0bHeH@V>A!|WJu*59GcQy|exgP%eA3-3|2NY%
z__hl%R@8=#8%rQIGdO=fd1ACNK`T@v3tm3YF*-LWyGtr67Qm3H452u2$73u5KByXI
zoP@72w8Qzm6!P$^a4cviDnS8DY|~hD7OiQ-tOgVgIP`t7v$u9dhDF*_ZW;-iC9SQi
zP=B!9NPduZo)m-pk{0$XNH~A~=;V%!j3krie;@-pwO#n<v6#T>P-%;8qOUphX0)%h
z9NZMHKNRaY>M2j{-@m^Y9Xhd7@JKnb3Mk#!_B$Mnyy45+8{u<dphzE&Bmg<I@b#Fd
z)?r9T(FWc?DjV4xELyf<Q%BT5xJt+0sr|y+N0{XhSHOstX#oWu^&?ap9G>+cDZ9fR
z-pgYaBZDQt+_Rq?zP(*v5D}^)VT5Z(x)JQ~M5TIv;vX2nAi)R#WpP>*LDrP>{P|hu
zhoA>wgoP(`Ic5F5MReV|b&nvJQ);K7$ZQDp<=1H|@Q8Si6%of5v9P>AbMWS=#%4+m
z{rr0vCNR$8W?q>dYxcQ*{q64>Q-1z~bCU1>o3Y*e*3dk)<x{e3Xz0uX$VwO}h-?-^
zDFi3b`B9ct+vzbnQmbp1x2KsL43`2&ond-&pdp?eefe4ut?2<xJPEh&-le6`WL@~t
zvHNjs?72^8zS`QpG=1tqJvzLhyo;5>HUl0_2>lOvObP~KL0JFzk;KkSD+lzV!i~l8
zmrgbuKZ5w+plOYV@-Qufo1B^b-sybmxXFy{O!I?P49i!Uy3w$$r>{T0PW7hP`F9Nm
zOltDX1-8+w-%%6lonfgNni!My*m%RUxU->#mRVz|HJ0M9XvGg5$v>#_QZCHkK8?Kl
zbHt$pj+%I_VpzHCe)H(?*C5-^l3z~QhVOWNDZ;iO`QVjg?5GeJuI!IKyn(!bXRmA5
zx}lN&w9?;aMkxP@V&dLScS_B~Mv~SC1&ea|YpyJ-wQx||(z~6{>M_qNp}bNH`Sd*B
zrq&`?*-e`_!*@v2)fAQ>q!yO4C+7x?(AnA9joY=fv>F;Z+On~F&Ys;!bz#pZ?i%>k
z47PDv0~mxdG`~awI2xC5!kYU)(KztFR_J}mxuC#Iw9no^k(Qyi$B?lXWSgak!(%H|
zXBleA!$03H<}&nyb(Lsy;qs4>KdIA?m6_U}P+)Inej1ZEbOFN?qh#~yD)FqCgn9k?
z7s@)};5kf0MHY&PaA{i&0Vj|ybReRPUOtjpAt795ncAT%TWZZJKWaB{x|e(R-ejs7
z6kJ3#HZ}sREJktNAd>LxSvlU@0D~9Y^vqBD&L0%Hr!$=>vT>ukw>Klbyc}d`<SFx4
z68PNTcxD?XK3u=16S!&^6a_>?)Lwg|s)RQd!goXyT<wLbgU=C#*3kZ5dqSup|JjjI
z@$vSHQ)loi%`%>07qzjm32}ZMYR;Iq(q#K8!9(}mvfn!`hGKFnp2!NJFkM|;rp1fP
zj;TvmY~^4R<$Ih}2Q&uh3M8H4kRUs^SJgtSe4s<#40|pJ+Nm#kvMjO{;1iGJ#ki7p
zk|@jg^4GCRr93fOH#o7cU%w9d`&yaSsh{uEMPYAFeeFEaNl0R%KccK5UFybU>Yk8r
zF1lTK<3>PKG?*)BI{Io`ll5dNIc&Il_wFs{`-<8d_w*?(B|4b=L+V>&!pe)1yx5<b
zzK%e!vh(ClWf?sq%cEctaP>v4U)R=J{S>?gWh!V@JR~7@!DYI8c6Fos`}Hnjrh(7(
z7%bXQ(!mZ7Q0vP|KlEEi+hdQ$I~wd)^wLpZG}r*K?$FzVTg6YvAVh#f2iP;-^M%FI
z)HH@uaRDQv&Zh>H=(T9LK!Gq)7gFxN7-4kR@hl*HHJ~nU418c~%7rwc=>xD)hE5fG
z6&ok#hR-iQeg52?H(2Ni3{se5F&J`m1>P6|BkMl}G$qE@IqdOO^gz?H3?`;!%B$cJ
zEX6Zym_7~J!^ZK83l}d=e_(r}5}&CQdk@6OXh9h9N+3on<S&5JN`<r!_X6ypJnOTE
zip$tK7nZy|t|^K4virMl!zQy$KfcFmB(kRT|E{$hPk#~<b6r6H=&M(-Dk~~_{i5ff
z;CL_sEam;&L$Sf!@gTyC;udUiX;@*t^kaZW$@;+DG@9@exIY+%p54{Z(C`)TTgH~j
zV83cTKfk%W!rsR%nU8jGdxThGP$MP*BI>ADz6?JdT2qXtnOt+<iV4`}==Z<QrQXLa
zCbzZy)nYwM^t&?H71cc6si8+gm=G<6HPz76#Lvf9{9|2-V#9?7)kEh~Pr%q;!2lG@
zoRR$GK5PJR>#t&7wwvwwDIjM{JWGmS@bMG0yY{t(gu<pfX={DLZea7z^JQma%M_UV
z%?%zlA|W?N_K9cIgoWu2tkoZmPU2iv8hTdIn4nyEglW{44^2T51RJ?|X2=|))H+ei
zOYccNicje}uXo(2c{Hr-rVp0`W|ZSvT1XX15o#KQq9gL@(?t;X!V21N9T9k13D;5k
zW=wbOVB5KumntKCEKmm&(Ij&+&(uCXx)E3D0){}A-@oUutImD$<}=ILgN$%*>E-nm
zI{Y80@PA9`y!d-Fkd}-0ZscoStFe__I~*Ax&TorGda1}?vL$ULbKxIGtty^h>s_EQ
z<UT!9yJyh)xYpdYP*iNt^(^V!ow;B3aGBCt{-`{U=o^5_GH>x^(%%y|4K3*kD9daa
zubExV9CAnyQANC<s3~i7m%tDS-{(}Y8gsS>i0&l4qJZI^N+K&?l7+Q)^Uj?G@~ryX
z9}wdOGq(gYF;s}?<};y;e;sowFE1~ytgQSY>A|NDP;46~Gw?Ih^i{sTzBl(<b$Z)p
zs40@NDjB!i_OpJ)^%Xg=q-Z-&B^GSuk9zUisd&M#QLkfvy7?8mwiZ6lj_`NeQGmiw
z^GSaQ2Si6#0T665o8x8)1~0@APysRQ+TfFVw4}Sikb#j;^Ht@IRi0><X{ZeCEi%7*
z+0jt6oc;pZ>O}6vjR2h}ijY_E=o6WmL;~Jb!z7-uuPou99B@Z1nE2DC1vXRI#SBl~
zf2NV=%fP_Ujh#Xf*ixfSxEdq&1^m<1^yV8nwqJk^xo;nfKfZ)EFW0V*cyv+yRg>Pq
zjYNQbfVKd=#L4gZIn|Z8D{9Z}J9n<i{`t6+*T&;0|Kx{(+W4!d7|Q)`8~rxcy1&J&
z-YUv&-YJX7sv$I7d!y_18{&?9#ZU_38c8+SPS@Vu$;phGp5As1Zs6=}hv;@$ScQS>
zZYnIi(4!Pg_C9UK7t4HG!W-*R9fH{Dy@-?OuJFn3p^?uUHf)fCEIrVA4|FKka9#hP
zkW+4uu43Aj7by~F&Qpt3K-vz(-gMFRK0xGqe1#qsqj(Yz&T%L(jJFef(eY=!GIwVs
z9FHkz?Fh62SO$f2W!=)tQ`skk9cQN}g2Ka>1Xt4o)I+J{hha-d{b4yV`2fgY3t4l)
z<%!QF>-abCVQG$f!L&|hows7ns8y5)pP1zA{R%_2(Ge8V|F#>JLQDX~fn#5M?02gV
z*vsJNS#npe@X9JQO$c0JpGXI;me(&<@vqOG_zn9!GgG@SX^O!}6Ql_{pM*t=+w0ed
z2>wcu4*<`SdcMlxlP4EaWP*o&DN-}x0`_K-wF4iS5=I{G?*jM?z(EzT4UkcU4?s0W
z4=bD5SoH|vnS-yJ34~&}nm3$gk01vCEwv8>7MRRp&;5!LjnW%$AMo1avYit)5PW(=
z%rf0+glzHlXtm&=lYrb1gphpfyR`rr@l3`&d*+pwmsc||1?43`2?o!SzHhpJH&M%o
zT^DFksO_82Ue`{vk5j{grUHu|kj-I4Y6Xp*k!u-8l_iZl2&>G@Os0hkOJJ9wT2^Ze
z0F2uQ?J%A=Aa;VPAzl!DL_)=o<1#G?^^7N5-FN?}th4U~p~Jx&`iO^{Q}W^lbO7al
zL;*;`zfRXxb+$(1=ur>+m;s`xu<-GF>ZC@Q5v=2f5dyy)Ad)`5)U8ivw{kTN4NbQ_
zmLllU$VPMQoGtpY$6^l6ZL5nDV8^P8oOS>}0-Yz3canT5wAib~_|3C;z0b|Yjv?AY
z{ySuYXv_(kRbl83og{KwXejvle}VZcp8y86i}etAT<ok1aWmvukr33#UL=W-1~QU^
z_oXO2Lx5!Dw6(cNyN?GHTUbIz@r$Na5*8<dBP#Lq9C`H|)?ngD{D^837a#AA?t|>=
z-m9H_{L9=@EZcMKHWSO)lY=X%?2#<c{-FP?Y>#IGdL{A(ShJqxd`FrR$%CqyyPn8U
z@rL|*0n`<g8;Hn5Az~`|$3j5|7U(X8YcS|tNIW3k15e)e@fYLqMv*1~0b90QJ@CXl
zV;aiO8(?p*@1zI5Vvu@*t5bbiP7OgL?7Menx}v)!>OVk$qC`xIT4(_6y3|8O<KQ+0
zx0q6!GyR+BLkEfH9=OH%p9NU;n5^6WOaX=I5S$q3>G4E>*3J`fpp=>>r|Xx{CNx9w
zjW{ID^nOLfEduyZL?l8Cms0Rgl5q)TX-~tk$@aX4V|x}doijHlT7K~pE}vem5Z#7w
z1$GRn2#ixgNhvKW!!0MsEF7hWn42sXGBKHL>uv?^cz(sYhFSLn?tM#$PRT0M8Dc>2
zyC<%6Mk_CcO1RiUqMc`VBIZM>b}p#RiE%%=egnfv?L-bda@ZK45%SVa_O3QglT;$$
zOPa}I^eGU}E}@_eKRdq0H)dSV;mXP_+FsCBAmxJtjdcb3q2J!#K3ti<j%fX{)U!+X
z+?%<#_?Gf%z#9$SB>4~J)DWANwOzrOgDJ9mBwqDjlmx0r_oXhv8{HlWN&|$5Ap@CM
zT?AzTn6UQVD^ZZXe}IE8Kc6JDem(Kd5FIJmeL#G4xXw;%wr@qK9+K~t5@QJ#XAb)I
zR2WeOvn|g_cWKs@AZUdV9|d4v`I?y_Mluvt*C{yc=DYpsljD!)U$}%_(Fjy59&K0N
z1`2hbYE2>!vrhC=@fYuX&bSR6X`qVB%A)11k2FuGSm_7``wGN%5-I`wqyQ8raJ;WW
zB_t?29%&}14L~{WgOi<PSO`6I-23Nf|Ckf-Y#?7WRN>6zIZozl93P6%%<(ZnP(fnZ
zfU%X2*3BmezFvz`{_i%?r;R>Q(=RHDpEz@w83sf{YY0j8+H?o0t?#}K&C~SyxRl+q
zq=^Jut`C$Fsf#ZVPPf6z2>$_9*HQq7TvE&N<1l5&+u4bu7slm1a{BZZ-S+mjtb#E&
zogQzg-@U<(-%~4xl3k}46YD+{y`bO?Cq@r*4{m>o2L{r;%xAf|+C0u_KgypwAI~IX
z#yQz>r6cE90>bRi;9Y?~7Yz8m8}WeH3w;N->J{=pdiw(9(?BA0xWy=t?0dh!;IOS(
zgT?9#^dccPYfGkUfo>q!Tf&RrBBC|uzKqzGQotX>t!E;LdhCoo$q=<vL%@*Z>4C3y
z7a;jVMqVJQ4m|^dAy{#wQLfpBxrFRP!tL-weeZalUcwV+o|!A(JUrQ6gn^9=zCceB
zCcay?zjrE5<oTQ{mWCmN6Wh^V<Q-;cCwA5;SW5Bz9354_9)YC6^4N<JE|VKkNH@MW
zFteEZ)PB1S15$Qg*S59p6|1ytP22Y;8$}dRCdTQ{P~vov_o+m;TRBT__JiG*Mrhr6
z+Fa2xfcoWjPIjH0L15Px?ArWM5(!CKq0!Ru7bU|Tr*ET%QE`chD=rT>|NeB3)Z$0Y
z{cD+MZzvggit>E-|EZTfoqIcCa_-IBHT&81G30LN^6&nVHFhbEmw6N1mVwxjhuIwP
z%TOw4TGnV-BAd(cOSnT<e}8)~dtS`^%_15yMN5*-5P5tP@gd_8dtU86+{e&;88k<t
z(#w0*#zawrYvTiZ91-_$`0eBIN|m|XTwr(h6p#a`;krj+vMkRPNRCy8SpURx!o*~$
zDx>H694u}PTkUuMrxJ$cOi26Ld&Tm6d3tX33(M!uow>b@l4EOj+V+ZJ&fz!TOfO&D
z6DS*iH~vgJa}h{0d9?oJCEVxLFD+cOXfLdU!=#gYa#TL@@FP_Aq@<+oM}BxrKqO#`
zyII5b-trp)0WoyVg^7Z{fPPmVR$$JY*0!v~F@#u}Ik=9?1V(q7t(woKJ(4Gm$r~Wr
zM^bL!5?k8UB&Gw=jM-sL{vdslb%LqS$w~6*)2HQWsIIbjt3!Ce_KMsyg29M$m$m+=
z$I=JP0KrQc*IaP}*p33*Gcz?<2}=39ReO_@YU;$Lud_vG_0L+JQ12zU9^q%uBD>52
z)m;G8HA3fsi=Je7lEO@(XsSP9IDD#9{uPNkFGj*``iE$*J{<7pHZFg>h>(#Omu2mO
zeRJPXtpXqq5G01dG*O>0MOD=$c<2PxR+A76%QautKGr0$SZQh73EhG+wq$QFJtiyg
zO+u5HP4T<v5&5ahiFpSTkHO#Bvw;P(a(e6QYdMQibTDiE&GB{c2Ji`NYSr?YT9iNh
zKO}n9ua%9^Pdy<l^%}nuzcoTBT7KWY1)ilJcIYpop9dNlyym`!Nj2rw2J)-ef`Yp@
zL^qfNxnO3Xiw)<qSr%sRf$M;Al9EekjLOR5K*s|?n*}Ss(BWgp=n^#-`&H1QrIBEQ
zjA2i)NOS{XN<Q}YztX>1<qPjT08OamBpC4ObbD<~F-IMZzr94h*BEU}i)t8Vc3y*f
zB-J9yR6jr}$oAXU-6QkYn5UfQ691QX^|rmOCb!AWkbfN{WFx~Xt^9CqybbcaFQDEV
zCTSBOH7DM~YY0{RE3kO(JMcUIb^i$J%-aaD{^1iRS~j(lU`JSN%aurM1NmCfJ+%73
zTf9Ke<4?KU(5#B8>Zf{pT5#Bikmceg*TJWXCN1yzD8avB%i!=^0CWZq07-kf#=NTg
z%_Kq-QSUz=vG68Hv}KzZ4`O-=rk0qv4;V9$B1B1h(f}R(g(?bl9ARn6aweGrF{+^{
zF4Im#Ck2CzBizU-ka>}O!(Ep~)?r58Nxr0_qJq$yow!G!oUGyP=JZ!Wy;!9#HSDF~
zjQB<9cHB`T7g8`Y`sU<dm;MOsnQuP9rTcj{_!Ho|bQFLmA}xa)n;vcs&K;)AOShAU
zK$I^-S>&DoGP|yvMo1a*BL@j2h|JZ{Q?v84$40*j59kMs&_{qAAYyF1mlV7(MJO3o
z4vuSR1;1XDB(uguhwaiIMYAqw%t&G(-ahud66`^ENc<ol2kFg^*eLjBSSK>)2bZM>
z?+VjU$2B!2;_5(Biz1;2%pNmFWo`)zIe03uaeR66<x+oQHVHc*NfhXo%JpVOR<1VY
z=g&2={rtM*`ijlguuG?i`o#4xcx9uXAcpo~Sj7mDh__9WHmrxc_vPf~?oDnM022iE
zn<NDIBN`P;4csQW*=p016u!Bo;POsfTQFioX^e;glB!GT+nxrl3BPxlnb^D<?$<9z
z(qJSv8=;z$2qm~y2#-i`sxx;yfoM{`y_(6N;3F^ur%X}kDG-46F|%2hj>2F<(iE$z
ztL3p}5R43wcqB!su&|I*+9{*PnV5j^jGaKBt#O)8Y+h_^ti}V#K#6;iU~GI$H>-^u
zKR-A_B9xK(eBCbN38pO6=KI@C7E#a(E`hGI6sWD^P2aeE0M!hUU|?ywXTYS$vJvT4
zH(+5WS}!slU=t;|%O8T9NSpyM)nC7VXU1D%A(zf-t$o0ZZ&gMfFA0b?ea(r$Yc=NO
ze{l+Zh&G7eCB05&bJDp4VT#yfa97zPHmsI);X#zdZU~sn9Xg4O15mgl+6C?gaX^*0
z7+3d3x>XyO;?AdD{B~4yh;NF}@aK_9jM<w46}9cbAxA`*R!k%$Bn)?XE~U*GGrk0V
zXuqmz1yr5ie?((r+H~jT4^afOUOgJ0vFHy-Q3Ek9NWEB|96jr>28b~r7L;$ze)gbI
zC(?E5E({PJ+z%CyH$*42`sUu!B<%q5Hb{9*$#9RJ9M=&m*|KpO(%z3tU4JR~(O=l|
zd<!bJ**?fKi6KVcE{KdB=(E~R)#;wZLzJ-Q3AVH~U?0tFI?*7Jz!;2cLlYA#Utx_9
z4P#u;fhR->iO3Tou^oAB<HpD2FETMa?2e8c^GAWwD<BmFj=C>tw~5$L5srI|`Los5
z<fHLuOANL@cor}`V1h?fUyQ4w_((z{d}qFuT7tnP77~8_fVC3FmN3x0HcdYfh;d=H
zKEKTY%#Yng584dcv7Ck>IrZBaL-Po|rvKf{J6cPLR<#WK7Qq(rki#AR5t88*ffa<5
zN8RX#W{^|X<x2GP@huOs)f?_YLbC+7)9PmdRyF8Fe;NZFpl#)`+sTC_BF_o%Oa`{n
zmreR*{hu18o(MUm6?s@6Dym;tm67#kWHBSSdJWnc0M}JjRVhy$2#aC4#ae-H*RHvU
zV5q?sU<k%^DbGq$5n+2L!W(!R%i-)D!doOWB4uUAh{W&ZwoJePNgUeu_XRpU`;}tf
z`JVQrDgN+b4IEi$DoTUZWftPofdlS}^j^J;E*~sy7~nIkxNV^|#Iu#-f~!ty6;=li
zneEZC!?;pOr=n=zsqz#_A}yKcR${*d@X%_J)tcF<%eBv$Ts$z`*n+LQifJ(E@DR)e
zrUbwQsj!FucO_V{LwM!Tzq9}#^x>mU$;}xV8X_}SeZgf1U=koVc@bqSA05xD+UN=u
zF$CNmYOy59NA%)X0?GNlTZrgcM49GxuDOiX9TqlZ`j$pwg75S6^sGnojl2~^?vStu
z1geOVv=GR_$_!Jx23=?OKx@Q;DT>L1xIrYUGS64%J4a;+i-@pLT=Z9Kd6=`R-QJ*`
z%KqTu3Ce^hLBK4NkwTUO;L*8@1u-u*j~^F15&Prp(PRCamM=nqr9-ub2n4g97XnF$
z`@i9s`fz*WB9a7w?vkLi$n|}4)Bsr-q~bx33f&qDMXc)_NP0)IIk9T~kHMo7fwlh%
zr@_N^t<~a%QJ{2_{_T3~I1qjU<3~`^i9ax|LLlCfe`yCXUjYwc6Hs~tQK(cPQC2~w
zN}Spl_=-{CNS_+ac+1BkH~9Ef)E@&x&_cLFOI;bQ*-28Ip!Mz>8t+etkC%tC|9&&%
z7bF1LN8Jfo>DP&{9En23i6R~#%b{mrq{1Za7QyfheY&>i^v=6&^~a}2M@EKTZcg@*
zw!vUVf_H{DYGWt+>Es-I`ggm6+y*G+kH&`xw;$JahQRcM1bqI`Mgb0RcXy}UkWJHa
zW#ntscxW)z+G@{I%xA*d8CCJ^k5w0VVc5oMDF!k_L!os5D#qrS0mZ_jr%w+E>)o^c
zyuTHjM8c_Sh<SMgGp}lrP7yaSt9^(VeDv-c5qab5*l<fbJHtODnLg!~iwVH3Mw-C-
z!f}l2=*wI53!p7c$a{x6h$68<4|)Q<utiY;^COl?o*gPGX<96rvVpXdV**SwpZ(ao
zIA@H07*lLQ<COpD*K9$y*jh?Z(VF#tga0mf-MLePCZ|y#Qsh1@ftarVX7z6>3A*hE
zw;-CwVY|T9(!_|yun5SFA%y?%GvdRt((OgG@=QCMYGV<A56y_yx;hfll=V~(Ek@o_
zrq0ezOu30pimh*t>rQ_x^S&_DB|q$IgOOEZY1|}DPq;<V?n_gO16wxaPk&%$8hpFd
z^z^-hC<bk9+T`?xIk7N$LDD%vaNvd$5@1wpTw0AtreRPOBufcRP`1uEDn}_GGGYJ+
zYy!#nDnJp&!BZrXAMpqzCH{mk2PyQdB>4qP52_AKlJxQ^PA@S?*Q$uz>wz}wT*@C<
znK))UJB}}S^l?Kql%CA=R$unNyb5C3z##Iz!Zc>H>ooT@6D+sM-37H_Zf;)Q3{tel
z{9a7o;Kz>!V}*Q7UmN0sHGWU-^laY@v<ScxAwR1{QpQL6fL{@>2I2&in7<nVh{%X6
zXr3$Ix}JL(yc~iGgtpts#sRv>_&wvpCa?_?<8Wp{n!nwd3&yg5>!JO#_$iHsAN0k&
zGw2q@Uxh#3bP<cGB5SKIeU&lcz27_aZ|T4-CR<#@FX-5zDbT)?oRoC!l*ktv3mTGz
zkYYfG34pvlR20Sf+knEKT+oKMIOZfxh`6L!M7N1EGbjYhUz$EOb@z3<5b4tu6?@(G
zsA!m}$+a9unMLbR5i#>KmO=e82F}AU*28o*T-}KV?K<>$lBWU#hQyLHN&SVcz6HJw
zs29+7lbr*Z9a-{faf$hpYZa~$&F((P9x;O<V)9vTi$qN7KYwe3*B(_3Gv9#^wg16p
z>WX6{g*M&`_rp!+Qb$eos%H^xCGss?vTC?M{)Jkyb)A~J($?p?cy+Amni;w3=1MHT
zxhws_>DNY495(1e;g9h{#=)R$rU51nj2bB+n}=|>mEarL<-e@%JipDYL0M&4Fo`xt
zvBp8yrE6<yXf%H9C;;&zno35vpx_Yka~wz<VFA&7p}Y>zyRU5v-o)I1)b|J^I(PVL
zPamH!#=ILx6VU%ie0jki74XVTOk33l#16*W>V*g@{*URkNq^)5CMEMcLSjPnK$>A|
zK%%t@`+C>S&8|;&sYuLC59@?t=2>dIT*I}w_r>-fvl^qQ^24g%7k~0xDltqw;dq~%
zM8k6oAZUSZ9mYPPdW?O4(E+yI8~=-k<@q=Js(+7*U#R4)5PlFu<Qz$6e(oF_D=X0N
zT86bYwBq98Z_G1OP6%VeH1q^Xn@NXBIx#9gp9i};GlOrK&nXdaB%_w->mxjajEZMW
zB|`UnKea{CIP`xIu!;@LWcn2OAJgX*Nv8m*JVH#e?e^I{qF5Un{iSLLAHXDj8&=z1
z->_rKwL!!%NdELbo?}esFA|wM|7xM|CD4g+(ILp70s5?C(k?swlN~^OOBMMseC_Lm
z4LWeZ#t<QsKb)+$(uueX6i^E*`5r}<o1Hb`MTh{#fix<fpNJI+TJ7RXE|Mu2Ne+cd
zEKv^NA*~Cp5ea6#d6SiLE72!}fy>PAGbmd`&qwlBz?32iNRY$@hfCTaS)WbU>DzjO
zFY8?yUVv~F-w!TROURcn&^k^0SORhgv>R#g0q&Csb9Qwp1C0p48?ZriVI|U1WcGs|
zB+Stf$B#g10As;Y3fnOSvPlWJ4n?RS=uJfq95_IhCe&_2d|<!Xj)YbUd0o^(^$e47
z=E4C6#iYsm8XX83slpXkNCLkCYx>&{vqOEY41LBwrcJ;NIB4fS&JzLY&c@B{XVsZ&
zfCNVZy`pB(PzZl_hgT`fqSXUqTu+el>a&L<a9R1W{i1y#st8PQK@T2$8=9Lp@tnAm
ziP#aX!7!3pM)5X}gf@r#{;Aj?Q`Khk2?z{Xf6?_!6rd*tzyJ_Ov7jph7F`0-E;4s2
zp_Z?YRbN9DLmWslBXJdoDux_G0}O!BFQ;&n4KTHTv(6Re|G`oFsCz=kOOH~FA%Z})
zkhVeo8FWA4^Wb105PT{{XKNY)c<587p|17=CPon^8M}`+3C5wwi36y7d_qEuXoktg
zgcxHo#FKz&I2k1-E)2AZ|E0TbR$GPt08F51f?H$_g&c{u^57#`NDt0DEWu=*Sj(mZ
zNC6pVH_)t56gff(Z4TgYPsRs6E-S%sp^c^Cj^f=7G~>PNtTREsz;%!SWf&3>da{55
zy;y+(hy?TiVnE+cW_zgHS7r}mS|{&Ht#$LKt1ESj(aK`27YF;s2{3wLz}Sa2VQ8pq
z=}yP3|JxLae*3?gvXI6#?-3a$fO||0!JE)U;x9l2Qu=6Iari(O=gli4)k2UWQWTQq
zKHkyNB@YS3w|n<0GCt!-5*iA^`#1e#=y~k>_ci^$4X704*)fM6cwkzA?!V-R3^G~3
z`h3rFg<kA7^7XsEKq3x$8nYP&?Yt=xcZ|WcuN!Lf8oEQh<uFAyc71+FY$aeB4X5BW
z=Y?bR<qIosAbzPZw!q}Vg9b<ma3e`DoO#b9bA=OG)QX0N{MgeF(?T2-cn3&y>A{?2
zHz{!=Fwh%qp1NREz-m^A1Bjp<Ts*s{DD~#sMd<bo<<O~+gJVdJDsGh5-bgtlJ~n1y
z=r4!;3faMlxnqq*_c5xLU?Qn#1}Ko-R)iPDF*d@5KOknu1EVhyI?&|zY@x@SuQpJj
z5u~?Z;{CadLx3dFV_uCv7JL2lfqswY?XMD!Z^E#8|Bztl?syRJ7}No<8Frx)geJM%
zXk&0SUaZ3Ir&B@WB#<=I^pnq&p{ZHAEr>mMo<-80_PF0BG&dlUlaYYrK-a;{v+M8`
zSF8hY>gi4+J4q0;b_Np;%_+q)E$4Ai=GkM<jA0RZk_)hgu@0N~;>g(&O8#6|Ar_#`
zxnp$!(wRR4=UwTn`#*z5lO&qW&~}_Ers5fUA83vObeyX}=;qJPOp$c%YGaR6A|z<D
z;%C6;CIhHu$jL+?x>o1)EIT25S8(EBEn$UFpX{RtD_|(Ve}LN8PJvW$+xhoWS3o=f
z?;!Xh$?ic&6x4nRVLLoa+=!W;HBYC(VJckPSCQX--vTRXe<_@W^lK8FZg&yU8a5=t
zilNyKXPj!2A5XMq0vqD$mdgHN#ZU#Y_zG7D6s3t}U?IDpKBndqndU2GaM%^Lf@4y(
z7{Os~pr}XCr!X-ymxEuba5n}w(!$G`)A(s826A*Nj#wx_A5x4eS)_ixQ808PIV8k#
zkM0=d3o^5n&4X>3n^Aws2_Qy*Y2uQS$T1g=e7<o<YE%?b?$wf?&g)dPd~zDdWDjD-
zmcLr%uY_^V0O*uzj1~~&dGk1)3!<Th&a_9~Qjk!83l@;;>PTo3mtd$$@U)fdijH0N
z_AbN73ZfgqJIQ5Jm{b3E4MZYsEiMwVH2~SEfcgXY9xY&PJf@^zAQCYxuRwYAC3^Bn
z=t_|>@CSq$^tq)_wj+|(8?z)Nq<drE5v_sdn1vc|UxKU%qTh*&g<!E5<@aRh*{p`F
zhkC=e;o@igp(I8x558i<R53>agOsmX1FI-WXEokVtb!=BXj%3G`FQBm7tax2iCP8a
zi9f+|i^#w|Zm*rITMKoz3EECYbgeg(1aLb!Km{Y92&x<d7^o;WP~S%2PDrp1)~P6o
zYR9G?;XJ;I_#w%4gzKmh;EyN{MY~^PDmC6>v_xr@s+t<Hi0w-I3b40AmW#RxR~FVb
zF|q>sCmtLaN6SYYVQOp1xgaq9qjND_MZiiI5;NW<+*bF`kJq*wJY#k}F~bj?2KEpF
z-%!?|w%}BzF_SDX#OJ_LJeRgvx>YD>e+uds31Wa*iTGat@?6FIfH`{w@JtC$4(xKk
zzr@bDj*Wi*x7;EzciU1NRYN`y)kS1Y$hN~}Ae40F>dVX+#=C2@blSP`hSBu{UxF2#
z41wg#5ump)|7}JYCb7f#o3#4SiJJJb0So_wT~#jC&;K!D_a-rTLBKy3-zLCBfx$M6
z7@9migtiyq`wP(j3=LVMIeV0rwhR{9SzBpnN?36|*^mBtQK<R2eS^83UsHlW!j!`4
zN(`zfG|TiZL)g?=lEjWhi3RABykgM;;0c=we|#t^+O<NF7mr{*qRs64F{uwj=-K-0
zJcfaCk<E5}B5(U#cxES?i?j<qocOVsZMQd6rTO67HD4`TwhWJOw>4Mk!1L<t*d1aO
znr#)hsKapj`O$ntdsp!TXGd)Yfq;wUS;D~&ZXYZJF&jaA<Ouco@V%lx3jjVKmGyI`
zms;$(aZwVN2w-J{%oY*EwN@CWZequ2dDyVfyAUB1qCeeZV})d9|Jah*8NM2h%O6_W
z9%3dU1(ZA(MB_vZ0>q?~ujJI@zjFw0$p|_ma^4RjYtP>4`4A@AQQMS5AMpKN*v`Lm
zxd#|MR^rTtco0nmAT?Z%iagnW3S=DFR-?Itnx8C1R(fP;j(H{TMuUA5acG!k<v?h_
zrrO7tx?4L<7jucr)^W>Etdb$us226P=X5ca;M1p@K&GJg>fAJxaZeXd%r1S+%|QP-
zB`i2eXegQiLYZUsQot!(jsD7AP47$|9BO)Y?lv?}#4bVlN$o@is=T~hOxqsvERv5(
z(x>5kE(7|GZj><NZ(ty+`ZOY#y%WI_`M*Dha!NUFLyv&x$;2+*2#^>=>y-onN9;^$
zrMhk38%~{`WxI0qY<@htN%Qfv1ULnlatrGx&<P{Bp!MrzzySC6I9Npwir+nUVG2<#
zvgFXNKOc2-tRrhA-xvNE2)xsOD<bsiN(_q8+Wg^>sTqDK>H<jY1^omlKeaRda^L9q
zxDs+NmL6J6XfH6XZ=hI#P?v=4k-Qg2>E*c8IKBkC_*&#qAT5H(Q!vj%*bpNA=mtb9
zASCf@QC&dKF<qHue19bGNz!TsU=Y00O-{2yFQMOC6~tmW`0(-%_XAG|ZL7cHP2WXH
z?AP#+p`aj|ZV6^MhvVL#tuGeM6R&ZqzxCd&vUqa3VSyJKFhI0;vb`1BM`6+e6#=-w
zQ^>bL3XK8UP4fN$%4#RRKzQYrfSWQ`ep%y98-T+mZx`4J9;Bd~H{a-|JRsp3;^G=t
zc)7VZvmBtO@I03Q@ASj)gno>~E7%=LI*<EFCI>^qsGRTajH~4i9Jub-(-AbFiWCk|
zQ^jbYpV7YiZ_){WnaB%|S!zChb@83|di$Lf_D*>|$~u$$jd}d72#Uz5)2BnF19ecx
ziNXt(drA(qUwKsl9i$hkwb5`SxkDyF6%&3&cJ_DOk{ER-EYr}AdzexICt4Qj$wufR
z*GF%5@?PT<rnuCQnW*>yn(WUk0XJ@B<X(Uk*<wXbTlaomtK{s03k!KVw+8KC7tTJj
zf<2RP;o6^;u(B1+He`_+LRzE{C%3jAznzhWOd9>Ig}?Y$J9fECw97!fMHGhwp@my!
z*b7JRw$sQ!DZ_8G9nBgR3o}D|5DCsi_^)Md04jQp(-=9r3YzCRHa05D48<R#`4T}>
z!AU*ja)<cKVaUZ?+qRv-11_vJLY2{)Xgn*PC-_ud;`D#PK&OYnix9}$fj)vB0N`oC
z%rA80*fCFZCl?OTf<LzRI;|A10iz%ZE7wXo<z8)!v41xW*aDnkr*=XWV=~|kU*J*y
zgIe$9`&`AoJ2oIppl<GM{1?-#3;2LzHGDYy{FT^O<&&Ft0Jl&fxW&KNbG7Spl4-pA
zu;t3Do@hqD`=-B*v*pRPDi!Oth4?{y;~dQgSP=&Tp%SIb`-I7%OUEz<(KM1UTKMqR
z1}Fl_kT7h>7vTyOLS2Sr6AVfV=lnZ=@Sx^1%O0)8Y^|TWyGyOQ$qzBjgAd|#1Z+5{
zT=y4jnEyl(0S^W0MCK0KU@-)_KKeh&^@gB-qAdUVME{UD;G*NtKS}h&Qo~d^G&{Mu
zAtr-1C&`tu5ed6rxBw@E^uRDs2J*0#lLc0YQsOv=p>iccKPU>h<13L{gXzMk^+PHG
zcYv4(eLI(2Fy7YL_8U_@8BX9YpaG;uWSofVZMPD-TmbQ=%k-EQWJGn})P<p0Mk|nK
znF(SL#4(IJ*I#97Z^6#Qgn9=nWUz^=cba0+#6*P8mz`|GQy=U*8bzYvk0e$_B17)5
ztup{QN%a185<)2eLrFj9UwB3$G!=4V+~m~ngNN_pZZ^-W1*)#`*%(?rePsqm@J}ac
zstYFmQn>s+B6%ERJ>)nfP7oSm3>V$U0x@v$;iOZbjs7AZKtBM5p~#Xhj+p&(=5>VZ
znmMH;FohmWu?Q01i11Fj2ZyfV=|EJ4KGZCRoqz=xPykOAIISQYE2atz)`T@e^(rwF
zivqkZ70pAm?m%{{tR7(RCtkTgsS&1ES%$4>g~Ei^vDKd@&Lc955OWMHyhxq##T)li
zUqg&}cscZCXhQjrYKRuN0xH`IOLE#5sAe(XG(8swCJ?bq&X>TEa9!1k4M%AAVk(E%
zxvOyM2OULp3osPYSto?H!wKSnBZL2;a<|BwL5IwJ`hAhBEBR}PQXr*=%noEv2_|TO
z^8jLzO8O5Dg@QEyYJR>HydrcIG}TwZBm%oq?HC7x8n|FF$0N`)lpBmh_5v5=uwiNJ
zRMH`j$6d=$X^IU__*@r2x54d9r0dWfmB31f_Oroo>aR|mJ1;yQwkBBeQ*p!rN!-B}
zL(ZlG@Jn^!5|EA-u0i5d$6dj$j-VR?8A8h&_b%H2MH)b}<94=8x4br!jF=b(qzOPk
zrVKeKIn0bSo+N3q!Ukf393-7l<nrRYUIE;~#4M9@zX2Kr;v-UW_VyAuVn^8CA34+f
zXwbn7{`J+d^78uQND-wgiSv#-j5Ux|2*Po<4d%v&M_3>%u*>0jm1T93-<%h~UJ2sh
zeBe3ON8^AKDU_hlh6=L2%c0MeG`te_dmhh8*D#YagEsB!yN=mpFaLA9lUX=q6HJ}~
zfRC>TqD2dW3@$IkpBR941XFXiX$E3}Yj|yv*Fkg@nB2H-pTrzHGxcHidU7*D4#-25
zOb9NdTeo+<$1Z4%gX0ngL?GHg#__cZ!xF4!Q4F-OFpvXO5PVe1+e`*GLvu2}6#nX7
zOisX<)4X756FCFL)3$XtIsHkV)k}#4u-LZQKTl9+`ed^kEiRYyAS5K@?B8FxR<{+=
zydfUtBhITrW^D;P&TsJ4g}!Pu7e|LrLxH|2hD;pL;zEqhz$guIb{KXbxDu_bQ%}t<
z{V||Eb5ZiNryVBZ->SB5KzmS^L5+RCi?HoAud-0-%z0-gTxW^ed0&2U^3*heYss`s
z&LgDAd1y1-l*{Bdp;HJ%AWP9rN7~rp$&Np`OiKUMr5o?)jFQobUkP~85!#*#8^ERz
z1QBoyfF3#0r3*p=Y^3OJ_8&U5Ts8tYEzVO!D+5&o_)o{+4BrnW2>B)BoVx6EMx*Fk
zGcn@-h0YW-9i|aXbL1L=!m@KDD5(O@h-feuC)6!&mJx6?&7GNyxYPglvu|D|2P!;z
zA_ds~NIEzkVg$gjq5qQ%ukBO1V%vW>0(TmVKGm>d5fEjPnu67FqQEIrVQT%CBP)N_
zJd|!XzXT~eD%|IcfwzKR*5+UNy&X~gZ0ziwSnLQ@koa{Z9HA;ia8Hgt#72JB<`Tr9
zQc_YV767uW;jINffdj~(<Mov{3dd0fdC}pZodFXhm|$l76SLdqt;#xNvs~-k4*Ha|
z@AJ3tl4Ljw%#5#37fqL*imu<4pNNz&en@{n783<BcJ6ZBtzb^cEcwuR{3MxbixV&U
z;ps9!r6#G|D0Of3L+#>M!VrY}Qx1HG1d`0pxjvuB_z58`#d`ixEzB7BCKBw9zctjT
zBRVW>4k%)uKCEPPVZ?{q$e;<;ha~n&+0YB*XthZdMfu}Gx(9(+hRXZhyQh_&yc1{}
zW>=aHu4LqA?oDWvV0zJ4n@Hj_Ap6V#a9-XM1}FlHx~=m)XgeZn8s?F89O5I618hGe
zq~Wgz0ayVZZLU*i#A8{qL$?`tI3~6rZb)=XY0&ho(FIrMxZT*tk9XN^YcZuOh2WV)
zDCvElr;`^IC$cT;$2b7KYBBEnXB&$Ae$?&tGbx>z*}Hj<Q)E5@65Y6_1yAR4aLySg
zm9ag;nyM|m56;KW*{|gTrN=qZ6k5($7htl$lrKEB=l1%jyBavPZD&M&s$8mQz~dbq
zwVJsV13SIA4yF<TRHNH*B9tSzL=pFx?HUCIg(Jt08?T_6KNSTTp?HylPp~^k{TV8o
z8)VV=m*AXgtS~6`B+l;=%T8Ph%K>o}Bo|I@(sdrw02&G*#ECmlw|dl@l>@CISPKEh
zF&F(MO~|@IOWV@<&v}+|1LE%6BM)ejWRpOjs{o{xM8$|zIh<GHwL*gGGg_<Q>fRxj
z>Pw!bc+w0}pVdCBwj8;>4KI#GPZHqpwuvcnO%!BjS0*|g{`x?Wtp#Kfh_<X)E)N9(
z1;LU4>G-*Bfb|w(898+rPK-@Wuge=+Tc>E$>Ki#sJiIcZf^!;Gcud4LZCX_HXJm1a
z2@5GykVRd?#!XVGFeSer^Vl1Or6mYeHF2%P)@g&~74ki8zzn>qBv6niIvp+_EjEuu
z!5oOI2iC$H3!UzD`!RlG_c<O(tT*Fo2<8EFL$)MB+7o>;cH6EmU%a6X8J3JugMSF5
zZaRbDODMr0`yjTY;dtFchYm%XKn>-C+Vhc|LkM;TbN$U*w>(Jy2Nw}&;`26_@xYbC
zdh3g5Yy}(&1GR4VW#XVC#~dPViP)b&;oO&Tc1rJm!zs^dk>xIcGQ+$mehIx7v}UQ7
znk@i-`4_H)4ie4~?|aRba46K6w-UBO7Y3x34k0RmCs2||6v@$r2_|+9$Ern1)!enz
z!$c=rm@ShT{U(}1v|SR8%Wx{Yg@bYVWIR)i>Y2EM*_f2rFSk6?$xf<Iv)jn=Z^?@y
zW*;=T?r^0<gV}=g$NuXm$!8N1@@6bt1y$8GU=66kbhxPGF2POV31o&Y=T05CauTr#
z$_!WraorHjBd%F`t`xX&A};*vUg&4oxYdsA)<l>@j7aR+sQlO!mA{KOHjERP87kr{
zLnVxwG>QMi<G@w${NsM!kh1#ezcU%fXq7-9AM}~T<HNZeavpsEGa!XlylQM}x_*q0
zCOfygvF5CfY&cm^a%C5<<yu{Eo4)8b**BQ%a(&-vx%&{zr?(=?&1u)qlg>D<^wcS4
zm|II4d5qz?1j>v_4f&r~E>hD!-x=0Dh9-kRA|(C^k0+56qn@MKFnHFGa3oCd-Tl}T
z5^lTy2SJYmVpi|6=0l44&HMK^h+OV+XT<Zv|6a_&c<#Bu>pipj1GfiG2_UT?c2nr<
zEPpQa7qBy9QJy&1`<njMKzNm}HVN!V%=IPHZ|!GjTz8>pA_5DX3WhH>US3P_pmD4^
za^e84eKZ=r0;e$#0AO4uKe64W95@qq`8quXPIL>pPofjU1}K0Cudo=>`Qhlt%?~eq
ze!wu6D_zkYANz1wUPl31a+FAR<sA#S0<LMpZiXFz3z+<}{^yq`tVCtE3kyFhV-dF9
zSvv@&<SJLhrKQ5VBsEk_XIbb!gG_gFekbvXm&^J<GC;Std*wBsU(>N9M-880|A7N(
zq5TaU{~qRVx&4^==P+*=%CZOtW2IWOZWlh4bMqZHKK%gw+$fouhNXgM&=3O?lB9G)
z6VE`Ig)8D&B4Gw!M+;PGp-D#QC&=-7pcxrF|3Wi`kicYpo3w<3RXZ`O#H&UzKpU~7
z-0t)FwwcPz^u9h}!CtCziSnE7*mP_03mJ=XB?>CzU^xuQy<YG}qSFOIjigz%C|qd>
z?|K^O{*Jjv6VR<G;k_Vg#86zFgU#*~77va%4oeA{r^MOeUCrM{xOaZ@GUycWxAT*{
z8t?A^rWq%!eg1!`;{!H=Y|~9Xg9$nK>%ZmaWS*ZNt}&@@41oXJvKBRm$RX|Z&GgWX
zL8hvmXiB65nfE@NhejbPs~4h3&>O^Dx#zo?F7KUc<GmUhD^T807c2j51NUjW{qp4j
zsK&0A=<ivFTzd2m=rhwr=RU|XHgPmk?tDxZKI4<o{6Q%RTiMvAT?aZ{j~|<ut{m1{
zwqH(kot*yit52Ws)E(ZFIVRV5Orpujz9pqU_2G<lns07Sn|X8iNM+n;@_5F0^D4$?
z55C5PueLsu{&3nlHbJL9$neX9!<`wUE01-Rm+xm?zIR!ntK*@fjgR!tCG`IORoPLu
zexh(tNK`1fqwb4ththooCW_idD-)saQWVjyMu{3`e6aVBBY$~FH(ATsnF!BswOYg|
zxN)*F(f5uyHGcSz3{3op!xiRL3n+>+rnXk?No*`TgFC08MCd2$UA+@i%AbbWkZVL;
z+sMOWTfdo)p`x-fu+5;G9x8c?@;Ng9Z$4I9@}Epz<bNsJwN&|2%+g=l@E{uh2Ejw1
zuuOEE(?4Tn?^O0YU*As;NhK?-Pkh%nFw3Q85FRz*zN}#JK5v$X5vCp|@A95}kJDH}
zLPIk#22OV|%HAydm=j;w`2Ky;wQJY<vz)WkD9Y_)_luvD)nzEICp!mSgo-{SLuIJ)
z7JQ5yfNXS{)n@sr9}3}oT9f(RKF=h*RSd7c^;6Ewcy>{B&v4wMM_nP75sB=0EjcE>
z7+P|C#TdBP_?(;*w|+tuchFr<4n*6nbrE&3Xb}3adJpX1{{}mhhPL)5I09qe#Y2zW
z2hEweg~jc6-x@G=_g<6~KU2#iJzUP-mSq`=*(%n0*E0w%@Q%J=wC)=mY{tOIp9w|Z
zOACnveB~_%i?@cJUh=hT4454^0_sFNxJg);CoL&ASF!*pZMPod+f*ZDP6Jn^YlGF0
zT_bkg?r^o52wA;|D<i%LLXHFvY7Ry&WRFAAy7<UQdDmZMYc75)U9f<bM&(w$SwphR
zSi)Lz`EloR)<1dt7;u*Qk|j%m<XT!<VEq+F$l(Sa7IHxB@m)NcIJ)nOOavfi<4o<b
z#PiMvZ;=BvfiRxM!D1mWF1R^kxROIq=OlEh30QqE4O743=!draOX=D=I_T-1G&O04
z@3vI}^mwFh8Y1SgFS4^IArv_br6#77L@+C-(vzTW<lSwf2(;oIgaalLp?DY=GnSZO
zpVoeE^8}U^4K1x$NF>a_oGqfK#p&iwaNixrsb83QbO7zV15_np98OtD<BpL7n7~<I
ztmJi2oZcpW6wF^Ej$wKP_Dzz*NB;F%`fZ!g?e>BG8F4D;>+5@qy-wgv7I{N=?{YW~
zUjA?l1OnNjRl_AU2s<KB=dg<hS?+hRTM6ZL%IHr)#&|t2@Ls*y?Hbc#fShpxb0Q!X
z95SN!_Rfy;V7?)M4RHE_E^(a-65x+-Sbh{DL0Al|YjU9;GT#1R`I<FbLu+Cnr(tfB
zxD5&SS>QTp?E|^kfmSTK+H0TJ*w*$G&kk^oRm=>?_)Cb5Rfcj>p=lwr^5x5U0Hjrv
zncsnk7=!4h561a77<WjF=0HoT0+xN5(+rw^bh_*Ay?TNh<YHh4E%hO*?9i1=ScAm_
zCU}zYF|>?~qRFrfZGV;2o`^aj74Rs*VQR7Xhn!rxKW`lpRL_=A9ooPDFg^uIq{sVu
z@j?m7lm{_H9dX?WHHkDjhY?4qr_Y`>K$02<o_T3P68G4wLSnV?t#u1L<xNaYU+QlI
zaG?@;ct5ZQO&gmubP3m<u?tK<K@t$hn_B(tVjpCdO;|R>Zvy=1EGFc#T-GLVG<MCW
z9Zvt=e&$biVJ&<+->?w#cgZmuRBdoOLO_xb8RuNWgC#URh00~a`t|#6@z28a5R6A?
z>L=Z{AMXN-xu^Gz)tq-ZhU}P!AV)U`Rz_n9vrIa`(e?(*7h$%daJiqwQ#D!ZP-t6|
z%gj*bHo)8@aX&IZ2xr6tG@T%e6@FP|Q0z`1w*?|Eq)0|M^=*8wUtIHNJIBgcObZ1=
zrHgGO!`q-z2YWAo@&qIh%B%xQ(MJeg1sd`=UIyoc$}xD#qvd|1?lQuDI>%amkNx*I
zXngPt{6ycUC}RXXKMp^PqM&jM8n5_!x=t#9GH*QXX)c<{3<(Koz=Kj=u84w=q<`ZG
zBKx*X!U3`CYc7ep!+((#AHITv1FQJ}9!&sJj*q9Il5M~m$OP8dI$(b?Q8QfDRhPrh
z<ju!O0pf~5$c#BQ`2*_efs5?5!gpQRi!&QvR#yjA7}jHY#}k~SbFb5?8KDh!K$K1j
zbKoaf+9ZyWm^1)t;@~YG91?_$MK@iog9kg&*w`5U{+OO#1hBPdumNvKbAejmfQm{`
z-IrtJ_bgfj;XTKyT0~aILt?CQR9V>@VA)!~im0R{5ozSxc^0lzPOIr}Y{q6VIq9^1
z-MS5&%q%S*tk0Fk0vfc#eSL}tjO-);YVJVm^1$d1jtbo*B%}<ku>tL(Np^cCqCHiP
z;($oFR(q{?T|@|;^wjrsC$y?byECq&Y%Rx{Z9pWT7y{sRS#L;cefi}ovHXP%=Q>te
zP7Mf9$hwWo&ej4YbN+FsnOGl`R<H?&Ba|Ty6^9gY{JKAT$ES+vmcnX>!-!_aADtO0
z{g^WIt5Wu5|JWuO8C?jFv!M*Q*qK{6)j8OgnEn1O_xb$D%RinggF*Go@>fJ+91n{(
z(2Z!Ya{F^_nuZ~RgH`7JBfIX;kkF@NjiR2cJH6^@b4SNBlo6F%*f}*$o{Wc(Uj=H^
zt59A1#Hf1k7P_~_`ueq@HG-%II2W|aJQKjoHz=s;alqk9JB}-l+w*mui+<Of$D#92
z_jdtrHR`p<e{9g~WrmL5{OsAF=Ke;wMaKN}{_K5wCx`_jafA#8dU@}hGbSecrkPCB
zThU<L2@h9|rEO-qism_2Gg+7SopWjIcDMRbcPtJ(h4Rg<77|;Kr18cMOT5fn4;sHm
zt`11RfV8C3b#~e_2}iCrqKxe7&V?y84v+k|Tx`~(>91h(@clD#QbS{XbbTDk_kPFs
zxpoO;w2yoI*tkkkbUQWyln1&taEY70y==|CapT7RmRpbUKs`T|w7-iB#+Y?EDo2qL
z&>+1{=+J$>?Dj<KUBU^CoAA%Kmtpl-zSy@+i&xls=hf(MbF7(^S{?W!rzapTT^$X9
zB#_O=n@8=vb=aexcUr9%5_;7$3<deVC9OXO26#toO`*nULkr_k@@QRrdit^H>FJ9b
zto;xFYOTalEcVIB%IZV$a)Q|y=X|i*+4pLGnwYwC|9)Iyq0HFNpH&0)qwA*yfiYqO
z{Ny&Cu=38ZQ$bK<uGUH6yH(C>pQtCRUA|MI?~|(^RBwj8<yK|Sk%I^QPKjtW^oK=6
z$m-9Qb$%Y}8~uHSu1N?_{_4QTf{L@VQr2B=xEqNeh_P_ua&sqhZM_3|c1IzN;~SjA
zcgsHBT(?Cx|JS>%moHp6vhwM-uU|QBbjreGnQz1#-p@x*b=(9((T5tC4L?W{(6*7R
zxJzgVCZW7aKq|BDN9z+3p{gH#z1W$7sYv(D)}T(SHP#ETT;HF2uVVusbR!Ulz>uAn
z)BDr46Gx_|kMwWV&38O@j;n^&-Hk+sgKbfLuzeq9u3IJgZy>7601m!IJ7d3KunI3P
z?{-e+BOj;Ci@EpMTNtbTB=tD1S!na-g8;>kIXUH$6$bGI%gKY-UbMBf(H^s+k!>D*
zy`!$fUi{3NGYL^q9xDeo-wg_i%*v8D4bzQHlNCx`2#kt8*`)o&-rL!kh>pr-<CuxD
zaom$9``qRDmM!Dv;^LS8WZEFc)!5L0RUMz4td30pRpcl-f?nayI+yVsn8}|a+OtIe
zuzlWXNHA8jG7aVp$~a@#-?Vk>y&BVZzyYGK(Qbv-;(Wo_T}b3*t1TqX;g|x+OC!CH
z#K~s`yc&aOgv8i~PS^G4K0t8|kd-7{98_8rtsh#K>}I<5Z#kK!2wfT?!Evo_;#ZzL
z+4?0{wllMD2bVwTk}{CCU!|c05oRJeZ)|5~OuaF7)aL0>bjyiw&%LojDny__U{6m^
z@^1xoB*N-m9>|Q#f=s2V2hYX6)vnY1dTXrrETW=ABO_K-QdVn$^A&CR+-+bc6S38%
z%tBwxMQM13;n%Ee$j}a6G6<A!z$kz}<ig_*9{OL`k>?OMW%6-+8H@MxKpas)HYHIE
z#TpI{J0piApwevU?3C{M{Dq>rnkp=XsE(tB<C)2%Q%_G1KI|AO%E_FjooKU*=OV-3
zpJws)Jd9s3v|hhz14R|XdMJoCLz31<6juTkJ2C^YzIvvafaN<mIr){DPl=wE22ZdW
znD6M3U(8sT)A_IQ4$ExODdT`ktm67ra?E(8v{nl=V|bJJQ~b5$<`MFL{$t$1-(h$l
zU*g=?{S~v2+ea)qJk=fcv_5Rn(^>4~72FI+r`g{R4gFo%!+B}T-Q@WAlA9A|W?ayS
z-^lGTn*RWH_V$~krNg%|m9wU|3VWBWE&3q4DKKz;mc!D*X9}PU4_&$PCyrN84eJrF
z&AD&x-(>hA|2h9|{vY1xe|{<TQ=^t1?~y63)6F$DBfZsepFn|*ex94>D4zvTKl^J#
zSrmJW>f&HmUWp6-Y1FCUX>zjGsZ(LNu40!)jHRJ33>pI*b{M(~3=U3CPAF}Uu)a_s
zRgNO|4rI@IvVPlAjl6|9{BSVZPuN4TA_f;HRt`=iBqgb#5khAO=urb*CJ}J*%DS9F
zm;!!E8)uE<4A`GgKkdWbd>c0yYaLr#hFw48x0&WGl@YgZKSq~;9pq}60XCOYN&-bD
zbd)>9^z9w!+&^8EymR~ZI+dph3CC=0)3J#Qs+e0@X_}Zkfdp;63I?=I8#mSi)D>2F
znwY48-orv7^pwaw&1WapqNhB(;W6Qt$T81Y9EB-PkhYV-4#vW`FZf~1jk}hOxXey{
zI0yA#h^%WNh=r&%(_fW$W)#K52ujcX8O=o&@_H50A#rhYYaBjY9LhL1Ja^=x_~DH)
zW<&sST^0t*How9CTexPQY@YMGn<3^jXxj!AFg79Bn2axhinht?T;yGb6@h<ltqZPx
zJilux0h;B}END)s{4!c?mA#b7Q)|Kj^J)n0h|I*yI^Zdrmocp0h~vMY+xk+ofGkAH
z$`XAcOv*fOT*jhA(5qp)KhlreMC&eRd<lVDNBWmAc%s1)c!mBIH)(aC@|G=IFp34)
zxfJO^WK@<k;WXwb^^m4Nc@mzzXaL%Zu=5rEc|IYeg5`Fk-(M-(qlE9g$lNNjzMS4Z
zAn7`D<+u)7oY$tKKG}C}-HO7jBaMk;XW~O>p`D?|qI>9o=1g2nj7+H8v(N9+S~kre
zxP}_~y=@0K<+k;tk`n0owu{(<_O}DO#o;dbZ0BEnw8kEqke4?V(-?gBZp`?&{qO0S
zxG#{VoW%nkw9OF^!D%G5rO7N`)cLcAk-8!iww9ji+We0i`xaXd|L7Mb^Xgmc$tZtF
zFqoOa6EdcTlX(faT`s?0=_zI2xqElho;_2!W8f;zp%jy`a2<v<h|Nx-6RpP{$)Dc(
z46*%jms|l>5N+M<hYw}Cm_M()^oMfeKJ#^Oa4?n|Yd2{S$YE}OQr=f4x7pcf1_dQj
zJ^7U8aG3wwm0iw+M?rtveq~BjkdyhP@%Fi&Hhj=%4*cbap5B^pnsOgGK0?-S+`aqK
z@zoKLMMXss_fV1b9g$D<C?J3Z<~>O|9~$hp*vswn!v9t{Y0mA7NR62<iezEokKBCq
z`L9Y({__8~Fa3Wif^O~dVRc`kQP^;`8CFeBO-+5n76X(^dJZ2$jU97s{9JVZrQL5w
P^7ktH)D)BU>U;bj7&u|_

literal 42650
zcmdSBbyQXB`!BixL6H_|l@yee7AX+~r9q@aq(K^_K^mk~QW}vG5Rq28yQL(gyOECj
z%)P(Aaqm6n+;Q$7cZ_=uTla9|Vy!vf`Ml5bsdon}%1hy0rM!wlq41tQkx)jVF#J#`
zwE8Pp@SU>W%LXVEp}eb#x`VR56OE0XwXxYNBN_)68zUMcXES3I%6TmRqlF!P1(Dyy
z>~#@zUH=x_t<WtzcXzMR&piE|Yt3J)44*J0OqixJvvA`$EQ(%KZ|Dix?e!Vu=I<#B
zMU2}=`0{tv+$tFUv%7oYc;{qK<aoVYYx_*K;K96OJjdc+O01Uk7EIonh@Q<B9i0OH
z!m7)zUUjuS^vm6@H6kW^4{qtTG@KNzZmvq6e@{Hn)85pd^1V0}Q1dAa+g5hi{`^kp
zB7NgSoS3=UmgXV#wLq6CmlT)qsDA3kZjb7-yUx_x=K`-iD|?<yiBG$`q$qm6?K^S)
zmJ;rTn|;M2NogxZ<7D68$m?vlC3a-u=kKb;k{|DJ-ZO7hWk(Q-Y~HuM*1o5$>a2Pm
zdhplfb#mBkcCOO4g}DmtCE9E2RCXi!epKDNKhRMj0?FzwVYW?sH!O0RZw*IY_ZJPM
zVrd%*ztL3OsySnGnkeJE@jK-tzqfoBKam2%7xU}k{IaLhmY0hszC%GOm5<M;ZsAK^
zr8r~C_QZ30Qf%ylo6p>4PJ|{*G`)nPMkKJ-vF#1K8+wKb2kHr4Wia&w?{=Cj>SYkE
zcoIAeDlg;w_^$O02d&1Px?ysQD~*NkQ|dYm+HF60zaVw8i5>r}@<cx52mkQkRw5N!
zHNH3-L;an2Y4bZ|AEJxAQ{t(}DPvd#xmi^6HOiEf+nS{BmIS3s%JHh@W(<v)7o=yz
zB$V`<TjZDZ87L^m{q4_P%|8&q;=hS2T<&VqOwQfSvs<iToMgE#K)R*jGRmC$we*-$
zaHII{h0bfopX=2v*q84lxvxb%QxH50#Tl~taWuwOHu?JGW{QTJ$zQjjdWDZCyLtXj
zLs5mNiE3VkVGSjoxI_|6nThWU<1i=++EH)9+do><E@pS$HK~?*TTiEflR3AR8v4G@
z{ZTQMi2VV*y;nTH$&vLu+qu$0qVj=)VfS6f&Cav<vMEE$2q~rhNSfzqFINWqNA8<7
z@--*VW385SKJQLkPpncKDatB+GIi&Us&>NLR?7`xW0`h6z2R))Vfi1cx+^ZB$^E9Z
zs-hi4j%>|;o~_7Qzs}@ZC04p>uNA;{7(=4s5bVA2#URU6pO9ILB_>G<k2|YdXn|H?
z+Bl4h!oPR&<L1h1gCeDq#OgVUx4$D>glWYqjBJ89+<5RyUwQtj_CfEMSSb%w{9bKQ
zXJ;B{qtcs^Em2JUq6~jm^=r96QuWGQ13N>kkUuGHVv$xdF@t}@E0Z5NF#}KAs>`e!
zI~*l98_mWj1Mf)IXuTZEkhpV4j-kBt@!JvxnyAHzLAR@)`mPOOrX~FR>4pj`!+VRB
zD%zJ~LH>6BDak5be@2N6R@Uatt+n6b5g7rVYWhi9tA3K@1Vnuf!=_EG_f6@{I#Y*<
zt;!m&V&#NY$=0IKYgLX~^`DllC43+*lDE=&pM__?cK>Cf?>j2>I|KV)mdPKNIy@3&
znegWL-az@NJcGN91pD<idVNWstC4H)J)Gwm?|LNHlZsqNq(TVE8&*HR+|8S3p$!VT
zcuUllBV2nOS2Sn&_0FG_-Bx?^vahbjjNb`PG0{HQY3SZ|^gCbs$bWu?|652_A~6{g
z+Y7!Ov&ftt8#Dn~@ptsSE1XWP(%e|q6?P^IYCUot*kb<H^8Tz=URS@EACW3&oZ5{?
z>RXKqkUmr|`NB;1z(bX;|LG6vKHjUU*5^~hUgoLO?ROgQU@Q;@^1dX?QGUYUFVnyA
z!01L?dc75EV$&@Y6LU*1){Y|oH{7n9wlV9sPR(r|`@PSxl1T4<cX_+q!pE<j6E*Ro
z)!wR>@V#`e^tn%daurq8O8b{PQ)1)8%b4;p{nL{2Y)>`21!m4p#wU*n^;~4x(Zx7*
zLWh#@He_DkNB@+*Nc!E7s=CLd9&>OkER<Y7A=x5bkxbbxO@F9FE%;AH#XPOFvx%SZ
zwUF74)f7A2{Pi(Aoh-cYPMosDiYu6nWI0K{1;6-k>POcT>9K}<k$=I{KYFc0!f-3p
zN4Ey`Gv!st(pH7eM)^u~t*a`w)m{8RD-~wmXe#^2QEie>xSkv__f7I7cuxo>3BK)8
z`U>vzVMp0?6u+lz={4KiVc~0?lGx@6ygHqXi&>Ht^jRV3R@o#|4rj-`JaLkrE>FHS
zxFn8~U=4;IJz^T~Cn!7{p%Cc_9XR^Lw@vKzbRO4c|KUkiA}{MAnPHpsu2HEVruZ|Z
z=z5pDH)}q1SnT(vJbkAzL_a^pD6{dOST}ePW|%Qcr5x(VRj?>eD}2d;@DpBr`3R-Q
z)F%s{`QY9>#u1%&HQK8o%$GIqsmf)r?Oce7<ln>UM2qcx!q9|AFCNsJ`J1=`?>_ox
zYU*iL*5Lf8eb4X1Z4CM1?@fH^Gu>*@`KjaI<*|{d4K~v*JR0v_K<8>TUpryhh}$AB
z`dFvgqB<VK5m~Ryx$pht{rTGz?*NWo{>uxBc#@BK`-CPRp2R#OdLJm_`jFXvKP$gC
zM@;rmM7R#cAGA>$JsC&;h5F24mjUf#;d`~T@RZ|q@j;i+pcyk}J$gBHqE7V{eeZOQ
zE1tG<(wgecy4lW>Y5JZkMxVIP?qZ{p60}dI5;tOx&xv2Zo4CvB|1}~(Ffl+ltB0*d
zWsIAcFd)d=#T3)_A&X=9&5C?s&KD_aod+Zvn|l3CacDyVOg;j=w>~B}VBJ<e<!l}%
zN?x^X%J-E~p61MtSPe<OB*w;hlXbO8jEnxQm*SZR2A%B8zI~SdJ+i*9AAi&jbl(Zy
zrLoaTNno}&8G6T=XPR(NRl9-dU|D~;gyq(!^uM)Of)#gfv;L}}h(Om$ze2?=$#rK;
zY}BzXMn1$}SGF<j)xF>J*YcFcnnhit@1W;gvJG_qDf(vT56`|2v+%<17vHbHB}(mc
zRBoy+v}0jJvPIq+&a=%YnX^L^eI5LfqRl$8`Q-Xc>0;(RPK85MXWg6RFCpJa4J;pe
z6Xja=V12tX>sMojx08Iu_sQRGXH19A*XhO;$4mGO=3lEOzOz%|`HE+lHa|w;1Yq?1
z5@zU3te+(RT_I8Jy%wJxH?M@QeoHp#*j%l{^(W36uK5oROAI@So;OOBBgJ{^NxmV*
zq=Q0Odh34r8e^S}mscZP9QgyecY+yi$w<gF1i##Ss^xPU5OsI3{Vsp&y7_>_nmK`z
zP=UD}{uqH6-gL|C-WFPKOjtqSoaI1>*3K;kl1BNsngiL?pFCLmev*E7xgypjP=6*o
zGQOaHC?=1@zpcEhB;5a{)Gj|O6-{@D%jc^0Vs{f>Ti`EgZ>G9ogEE`;Y|`gpsnH{5
z3WiZcX;SyNqbstnX0GV**LjgjU6f+w-lpzt&BXZmJjQs|=^Mvo4EmV1kz`+~cfZnn
zt0L|nhL`-g#A@vzwc(xfGAx2Q*32s9Xtfo~{E1M|jd}m-mlOmdi@jemW0?t9>CJWd
zyS51r#oH3*`qT9VF3&fOG*V1N&{3%Dowauk%JR6R+n7eQ7QURm+3IR)TztUd9{RnW
z_npO8oArr~J>gg9p^|^5W>+R!S~p_Tyqn|Eo}ugVop)=xT}i@_3KhO=6-2j5^_c33
zocQ|Ei6Er|w+iNU?x#Hx&IV~mdVDK-;(jbbWWGt7Tby#L%AUy#1S2fgmZSF_T}bTe
zKD-OpFg=$tv89nQnI+8m@}vQq<-G*AqC|vmNA*~Vv?Gy}^8ng2a%J{x>rqX{4-yQw
zAIIOad_yj*ou=g@=^gN3>G?OO&nbK;GJ)3lCtvT?pzy!8aJ}eM^?Vq6tK|n{l++8s
z$;%pSJlEXK2l=Z!{v?Yu{d#pxJeHIvZHRK7V{<=^{~p1IPs+@*$8l<!RnLCq{H5jh
zG0CfHR<vQR?W~&1l>fpti}}*!38oJYSHpcS_v^V4tklUYm@@(A{_h{j_=w-P;82NV
zrxN66(0Tg)QE0HRFhw<~ZEZs24sQx$)wDRLlzOM{bOb{(Vdli(wtmFwH`6B=)$bXL
zUXiNc4e_0JejxD2zk^jsB9U<xX!0pnbt`_^pv}yxuH?p%Yyjtt<%${yd{*xBfOn@^
zVmC)hWKP}CG##j%>+=*lmQ+pWCg$jTM@{>-)!OJKPcD7r=QWJu7&kPHV|7d^C;nD6
z_lA9s+)!?Nl<$_orO5P9F5f*d72(h~J+Y@dG3;8kS$!_4oZqS%o;XfF_@>lF;QGGN
zLYmG=hFl|2F#VA}Yu<YJ#Q^D3=eXfH{yGN7s8dFj{^R1$*27`@{qGJ;JXBKGA~=rD
zkbXty+8aa2b(#8&LMIvbhrhEjE25W3P?-J#77|x7Rm*yV?XQo1qTQn<<PE(~F)~N~
zt}m#ndO(SZNw$ERtN3TOimqi~Z{wvr5|2s_T7$;{&g@2=&F}A(TzT;>`X0BT>s%4H
z%$Snn!-AUmuZq{TX_m9{GT(m29MzN{<xZ7Dp-QGEZ}6C`SBk%SM{Z0}w4zictET9X
z|DX!3Y{{XMbuaafaI#gW(cDeJfc+Oba_d1q#~23Lw*G1*tySp|vF!+q?Yg-D4tJNs
zcrqP%>+X{yM>IO3@iL2QooybHO^ei{h}`o(d>c*&XbJb_gsv^*=fxSZUx^p~u1OUY
zQr@fQADeQI<?Md@pGO0;=DY2Br?G0YpYhfAT3zPmT9sc@zL%sd))JD9jysdgCp&8G
zns)10Q(=FAo>61&F=2^$#1Ne3SV0qpRq)s9wpN5jG#1&YL|Ke7%|qpJb1{5N>hCyY
z`0rL+%wkJD4VCC8Slu1$$_d6!zWWih&2d-@HLP56>$!s65T9}BxKNzT4Y$LSW-IHC
ze8Ksyadqg?DML%>l0MU%N?~1x8G5IsDUSTflHbEF&OM!F;$%H`)cDquh|V^}uuH~F
z7hz79JT@(<8M*hwpWH2Ujkn30{q*)KdYF*Q>B@KBiVUe>+h5vPgnwi#Khx1_Q*x^b
zq}vYnm^qkA?R5>SwtoA&vv%odcDvjjTezp$%j0`N*Oix^is*IB3N2Uhgop~{tnOmI
zd{;8@Yp>|}=pMEDY}%AW_>ZPW_u-<thp{|=;`(u}MJBRUPFUgD_V;$|vK`db`Y<x$
z$Iyp|=o)hdr^?|7v`?p938&M1U-4(eRL4x6D~V4R&zFR8CQNj*=T@0nk#qfxElX+4
z`<%>W0}C|VbIh!tJXM$3J0cyf3;g+*EYFs+Ft{}yj4$%50Pnd*JSt^vDrNqB%uKJl
zy+_xqGwL0a*7F+uCU$QIHW`JlbvJ4&Qw(yx*M#m<;sl7ZapN*#o{clx)U4e+-DAGc
z+R`*-D#RN0DYky1;qEz%<vXUljo+GDp;~+~zb%{2eyU}W7~l~SX86oRcX!Em(m`3~
zo`PsGmrtsBV7UIHlFuE<U!;VV&=ghgpC9>Sd}rjQO}_TTb+XvXv^M6O!Q}JQRZjiJ
zd_i2L?BYjp-iyEUGnq^yKMrA7e3eAs)_?ND&V6nCa^VL&4uKW^I8?QLh*hNP(<Wk4
zO}0UbV3+rIELR6)ES2!_W#%F<5^U-@7Rzhw`bGH^BjvuU4L%fey1-0+S@r!L8@dw+
z3|KE^q$E%m$Umu7S&{G^Y?~(<_9zrPJ@OmPIYaa{eDkuyQ@O{NXRz=tv)*FG@VJ3O
z(V(76h^aV_txdQ%$U0qI-a3#ieai6uG2Kg<{KCwaA!EE|N?-a$#GeY6j=hcfq!Ln^
zouT<?ewt>b&LHP+&K07Z+k=x=DBbv;GX7-cw)gV7Ur`e}y20?N?!+<N-f+RK=HTbV
zrjv+$?0ak<nm0lJeCZ0>@u3m@^M&z<?w_xh51&Z<^M!jQ_}>?y(f<1iP8x=PUxMZL
z?<*SLy!-bR<b>D$7kQKa53V&kRQ0Pi_D9)(Dz}60oI(G-W8dm$213J!PdI#TC;YQ^
z**oL{b_|J$iCe$a^a?q%>)S4g5su*gyD$YQ(r#@_OMU6@6BAE0W0oJUXQig1raTUA
ziX6=m=cyO^NQvJ~;J0qhR!Scsyh#1?=f&Dcp|8hTd`_tSMTh1h4jKEO)q<LZR9CU`
z%<ngovwk{l&TLHle09Z@_PkI=QuJ)^nW3Q}3bnJlt8Za}^HCPd|B<)j>d@1%^AL{e
zH$Q*=oICp%dEOjGWn*veo144J^82VIf;uoP4A1lY$i$Q<-fofK^VFHgVhER*N&dQ?
zjGSB(Q;NIK(@4fNnOOFMK?%5htJA;3daYeu{=U8#l)UDC+p{eVlatlTQQQ3)GKcVY
z+gsD(cdlO@EYPD)mx>^b@GdgxnJJs{Y=9r8xq@!~>x+N2$H}K>S@JJ$ahr7eMMe@=
zAI{*UpTrB;GhVxPEm@v9CdS6eDX^wS^mu>0Lt`IvfZu7^t!rFh+vTIEmk7M(g_#+)
zjEoG=s}aJwy1K2sJ$K8KK<2M!x^p95lNRPiFXa=Sm%h%H-Az$pQTy8HgNgHJcGeee
zYO6L&jh}|~EWhs!8pgNR>zXP#%8z&UX=!PV*|HZhr>fleeSCa$mmdpqauVTD@}N+y
z^X}E}RMZM|n`W9qrq|X&Yil1mJ3G^Ga}!7068^$d_d->bG=^2fXQ3;>;7_f0Yg?O`
zw)PFE0u-tx{HD06>7969ivX{)RlRS;#S*fzxT^V@{)ve<_Evs%ta<RkEi?q+iHnJ$
z$tT|T?n>ZKmrr`IwY@!^>f*iErE{#y?IiD>%qSP{_j-LSEj#-PJoaW-YP|$*?1F|d
z<&R^VkHgQ@T;zDOx|p>DRZ5R~;yOEJFJWPEUHLrBL=#2F$4C19{rfwttbVz<EJ(4z
z<)cu@RruqO)lW>^)GD)Ts<2;7RnB=~Z5^Q?dUl=HVra0vBXLiw^i^Gn#qhhRs7q8-
zRI*7ANJ`9qacMASC<p&t9iE-6a{E?TSl62--dAd=mE;<BQ;^i#+dC*M>@nQWjhi<)
zU$3ceHyjsPezRYcpIclMC%lA9!6hN&8~Ogd_qT8N#w%Tj%}XdTuy7w1=vFaA&(>U=
zamc5L;8kdcXJ_A$P2j`3>W{9kuU~Gzh|kK(+FNKKg-d=9MM_HgvO@G^jr;U;x2Ltc
zyEy=liYBtHbLCl>q%WIRDb0filrAnVP(>|4MD)Es94$U)Waz^>2Ze-)M>9X~{pn=A
zw>)sUcA(=jvTr0FKb}54+C5y!E$GcwqR+2PPfstjo)TfWeY>u^8-L=bQw!W=)B4H5
zW<*CU2R$t<n!LRH;Zk};Z>Ag-s&>ljA`BLU9*QQ6il6T|fBN|Es#1yhb5^ZV+}E#P
zyAF^uZ_c(v6xz;8Ha0cY_4i*}|6L|!V{`BNRm?$iUMzxJp=siQbocHlve@9@;P|Ge
z)BE`P5|NV!<*F6TY}Q;zcE$5@T8-a#c5yLV7rlKOv#F_R=~ph9W{Ei_YH27xVdV1f
zQcLlq2aflwCxvY5Hbx5RNm<q3z{kw4mrVtfl$2<Atp54)#<(jU4OLlLX|vEtA>_P;
z5)l!RJYnSJC86TCYJ`hVRn47VTnxk}W;C5YTk4~CKbns<{awn|96@bumlsu15EiD8
z(~^-htF^LS&}WL<{X8Jt*28`n`oQ0AliT*60s}8Mhf?^$YSY3~@b~verSg^~2|D4s
z?XRJs7#J98+uN^B{BRV1@+9c<(J-Nfg+=9Vx8TT6Ck`IUu<k%91N)C@B6nndMwd-w
zbYGBEl`=3g((&+IzkBztjg8Hll$4aAliL;nX#$hI@mz+jgn3$J_~GH<s5c>G94|K~
ztJJ@}KtsLgjN>HdF(vFy77p3lb11K<NK;4=8G-%%HY7wzMFr_wA-hq9$K+HY0b@PA
z>i43m_eS`CF=mE`z14o!WvTYev9GKKcG6P=nHBf#$}xRt$Hu>^xI(=b^;ZUS)C*r?
zX38hMg)+6BVEkh9=r-Z?>kM-X3+7e(+bz^M&@f5fzI_W5z;A2IM!)GTiRLEL?c3O~
z9D1ZkzZ1()hM9Zi>C>k(7b#smiF?oxNoHneyO;-J^*ryc{Vr4J<Y!=zcp@kFODm?g
zS8;purr_%<GBK=ucXMg3)HehY_`{8f5niHYXO|}zaW7BpGetgaw8#WU&}rkk3Ujog
zy84~Dxw*LK;V=fUFXP`Jyhs*yEB)qm;R!#NmYVudz0$ex8#MKNyRH;bJ@_n=4#lx@
z+gZO~xoQ?wF&{qAUBbk~R#H-eORa|<;g_09Gu`=-yZ-Ftz`wQi3GMCMj}>!&)x&1;
z|Hy4})oEj#NIqHUF7i{0-ATl7L9jI${rvo{KqJ0RM^E4MBj)vT|7}_>E@kJ#t+a1W
zo4T}j?mQ{Cn}1t=wl&@04-1EFW@c7j?~mgjA#(f#-u{uTZQ(s=CHiB<X7$l5YJSkk
zufT35mJGj<QxqW;aSK~aOiXiqXReKSJ4G{}PhGb}lMT9uT%3r<51XSMqv;6IbHYcD
z9{Hts9zP|#B&L|7^1ww(LgEVi+#^-hn7GZ>_w@cX=f^Tnq@}MdbSJU6@3b*JFeryL
zBIh;^z2~xHINc+9F}P9yJpc!OsvcI-VMXnG&4<E^qs0^)C_X+HT(9$^#rjW=LoP*2
z--dpNbF#lqjD<^1GycP|!*nY9mpM{8^>b~J{`QOA*oB3K^+&slO+R3_iaVbk{(F<l
z{TV)*`7u1I?PJ3M&5K2$H)EB<tqnF~@A0Wo2sZ!i(g|27`rxuK8zD-nTA<4|q(4>d
zF*6>MlEM*6$t#^_Eg|9e&0$$N(ul`!veKm<3IY@AA}^1XmX%djz1Z~qq#Z?W7VI&L
zfA`o=l9EzW9?E}Kx6b!6^5V6%SNgDv>tS*-^lS$VMZxz&?B78Vq<Ed*?M&cT$UR*h
zE+FgR^g4IfpJ@z!q^p}ubH&GIZ%JwTw{=al3blbjpW+FH;4Qf@kGreMg*z&9@#a=P
zV~o5O+^ybo=?N9QzE`#pZG<bt@jO?R1hu4-70mo7qdGIqX>;=1_wVSa!{g(bzI3Sv
zW<o+j?_y#C2C@{yGnDHZ8pKakrKs%(WZ0fbOJBVu<V-WkJwH9|4V`ToX0+?>@?_P|
z!;6DSH-g2Ult9h=p{Hs^#&YH5<tS8TRaKg5?)%u-z_~d?=qsPRF3!Jw`}U@!gm-Oy
zy^CEc82SF~+sH+rP%!gwZ`>yY9ILquPy~mcpTDRFHzr%Ngc<b*cEP)j`K8G!!SRWS
z_wU}laXZ-12LQ0Ov-1c_zYpd}qJX{Rcqz>DI4+~BKb$td9`wsnQ&T%^PTqtG+bFnM
zN$+W(`$^~LYZ&<6Fr6PbuJ~0}3K<$3&+M=Nexjhz@{U%#_tRq>hxIWM>#DyolRG9R
zCK#yk@o^Li1{|{O4+|UwMYSetF3zbAHmCmif$v5#4okggn^gz5K7IP6sIARffp>O#
z+WYw_GW%2YYCK=2#2OnI_*z#VVIfxn%f{)rqM}`HBgV>&sxtX3qubHd#rxBmL$@*r
z9=$<h5YfmFN0tCw3OZdr!)$B7U|WFmaH;rkEq|9jPT;dF?rtU_A(>9FuJ+E#VuH?i
zwL+WS3>g@B{|t=5S*`YMYtygHtDIKS4<Ej9*5)@Kd}3i`Z(~Ea`um%{xNT*$qsSR-
zB~I5p({0?put^;I<GvtuYW*|X=wz{vX<kR`!-o&=06W0uduy_Gc6N3fsm|*;KVGk2
zMZIe?%vLM7<?i9p#Bzs{$MntT&kSvUIeAF&I30yzoF=%-gnI1dqQ|}(jq15H=MVDT
zRS<lV?`Cup!^rVqL&wm_$V_Kcd{0x4Yh`VX^<0lV7V2&Jvn`;A@e2Dw=v01zf$0DR
zmj<#T>Q;xk<Ty%XmzS6C+__UbnDeaZ0O#t}t!66grLL^Kvkx%#p|T#z%ZGOd?#0EC
zOGrtDoG9g}^qTUtwzj@0Dk_q%=wg#vUI(aHykqa^_}JC;hw1|Z0#7I_=Y2I<X{$RN
z!tcA|I57lYuOS~W4H&j9k}2dwqwuA_dVr4)`Zk7g8~TgR^Rp8o5)#Y|<(wif)XYmX
zA&;%6Pu*fZb71eFQUM{j9w_ag<rq?FX=%CdcJV)X`m_#E-skB3(VfhUjODrYg#|1z
zLRi-{r<CJrhC9NqrJH4pjWZ_;p`E4B-@S{C5R(tLWwy=^ra~O=XxK=zv}G~e;|eS*
z<A)v`JTvpMv89DxNazN@wJO)YTqFFqEtRWW9jjb!J#e`4`0?Xxt+KBpCd$py8Yg4D
zhpZJU-GjDw{~pHJol?c;w!4NVDE|o0SmbkZaxyeAL2y)Za&o!rUuH_aSL$Dn_97KT
z#D2bBm+gMqykeG3(Ei)XX!P7=@2Sf$Da=taGP3+qj-;#{1QNXLzCD}KQJ{FI_?-P?
z$LGP8UUi<v!EN<P$DZ*Wp#t7t<F9$0yyhv&lz)E~TBj-5h<3z{`jsIQi$cMa{B_dA
z)@MORC@qZhJWKwjY_brAbjCH9y57FNzC-+5Mo+Cxrvh}HY;C=(s)PYV-_GfzprDxX
z;QRRTBaEsC)DLE7W(aTH3P-?oQxhg-7#1?AFuVauB%N4w!V@RJm(EaTsVOezNlN${
z_BS{oA)&j>__oP4X|IRYQ`N#_W!4ceEnkd&HyWw1&pMR*0~5KCAOTgpVZgmFHV>0=
zq|${Oh+H7>KY9)h0^lzn+I6|6;c2E>P5i*Z$oufPqpb}a=$#ZGA^^~6*4EZl2iHWj
zCO_~YWBwpAKK?3DL|D33LoWDrorEO#_vg&al{u|z648kycXTd$m=9)q1Noayj}Up}
z?k<Fmj{awE&JSw2^5XnNbKP!b@b3Kw58lpm2PP%mTp2FlzzT#mB*?Dw;}SebUyo-y
z-X#tRQA5zcD$n+RtA97d4!<S*_RSlVtt=%K%lxv1$LubQu^0z!Y2oUO8y5i!Ux4Y5
z3pfA$rPHo$ekTmxS2C2`+hup5uA>8IV`Bptw&BM`y`0c4qs-$})^*k7*9!9TF^Nu(
z^Vx1&07`kOD<B~7VbNLKLb@%MIYU%?^@Qu`iYr@&Nb`>CzVI`HI(6M1gNfXw%8ZSl
ztS2n1i~eufV=GRw^9)ie(UAVtcE?{gF7}*L9iFSE3GWxR0;|0p!JOrrH*X@`wrzfE
zYwHc5-2JstdiF%v|E)be!wKg=5bm(E2S}#ZLF?|T_Havjd>=^S{{H^VXgs}Cc+iye
zuWTg@D=Vv!8ZS{EN<8=#C7m%kf9K|sv#aaNi}N#7vhJ5Mi(&R6b~Wdd^|GeRuN#}2
zXGRJQuHfK^0|A&`U&liQMMOxcs9fKesv!^*6a=Q-I&U|at43g5xs8Q?<NlkdsOx|{
zX1kLFA58UAC@YHsmjZ-DD<q`7b4j<x)8oE?z_jSa5y4lTp8)_mX&D(MFVN^?>F?hs
zC%7e43$4!f^w3tj(wPYG3FE;4^ya}Y&vAfWG|YFz+5&I50ecz{eL!?HI8y>hmB9N<
zkCj*i1qas^8nig<1c!w+1rsyb%(s)Qjg{c=nh!n%YT|%CCzrqnABYvpu2VmhuSFZ#
zrU+LAcYu5I!F2$Sbx_;3J9AGP8yjD=eYjozdYuxu5o_{ujAUI#x9yq7+bL->Ms{{~
zHfP6<+STq90NGfSpFQhK6~jpPcn0sKQlNWtdV2c4*SXO7>8`@*rq>1WZXS$<u~N$r
z1QWolLeOgmud3|dlC<r+f6Jp>-DL#M@w%R8B1|T>Vt2IYQ+hh5#Sm*}k|3Eub0|>{
z7gd4+zvb9x`@2N~p}z*ysiR6J+6OikIuYzN2#*yANKk0#^~J{i*s725vv~P;Z*Kz0
zkrCRxMndwO_KdlyXx(JRnP+GcDZW<Tl1~R}lhxU*>styD-aFln&FJ+2YG2H^M~A9r
z*K1U-k+inA*RTA_RZ>^K0#6XY4aM1OP4i;_;CVVfNdas$!AMXl&=rm}`Y7V@fX{La
z;WXm;stvz>kpNa2cH7T}eG@0_#`nFbNC}oEl!{-T2_AqYAu+Kp5WI(JiZnDd4=Zt%
z7$Xt12UXVKjd8h=tL9|mr*ZV`=+4DX2giNqEt<Uid?1BPBJ0X;p{`&mPS<*41igLh
z1Gs6@eOC^bT130D;7NMli-U~`XfOVtDQOm)dc(!Sv+a!M#X$y0do+uZq9TfbfFPfn
zySdnU>K0&!Cg2AzEG$Ccr94*S>iwldLqmsaMLk;`95pYtXPQh0vxz{GK}br~GK_$$
zQ1n2K2&nj8y^%~unlKDFqpkjy4{uDn69q=T>0`vO>s*CVhkO9AB(i}}kR@tPcW_AA
zH2vVk`T%Csi;TnM1*L%Y!)DEXo=XbNG>cgF{{8zj?CkiU+xSYR6K&S9P>2HeCtLky
zHSqu%B*NPVGUdbr@oyII{O~y8BjwO#J%?9VSBcJft`4!e|NW%~)7!?@R;<SJjF6oC
zN|>a<H)~clHl&(PPo^%Kfrwl|feaWZKMB%Rx#!t~7!JK~VEEOY22Cn@RFo;o5i&U~
zWl^(JBicr5<iq?<(MBR}`&xTIzv`Qtv0`Fk5R`*-e?aL~M%OQ)k+Ew(3?XGxgyrGt
z*$h}Q%OhwXvzoVb%GtGozGzo*gWI_CAt+HGAz?~MNg)6fAZjE}3zgP0U`1Q7NvMDx
zzJU!5yEx0SXJdCo?U_YX^**<wP`vr(&Q~{*ip=Vuv*;`iW*NcLNP|BvU5>}-^_V!M
ze_#gTURm~khut%|_n5?LZ>eu)HaxhK=*Epu5s%{+TYu_$c&9+UL^kx5D_3ga=0|%;
zoZV|)wOqjJLrJ^=?W2Bd3=s>i5D)}LM@J9EQb<Usc)|{9faNVT8(<Vs3D6~%;X~`|
z$e^okFq`<nD;Y-V4;m75z)P1e7o}m>4otmyHTpfnIU-Y*QQXz_foAEewq{y7*Y3mg
zJw%s2=M;9^zfP^8pz^Zy9W7ERpk0G(1jM-)`t_wtm%iD8c&&?8X&Cj7h`q#n+k_Z_
z|3pOpI|$wXbIJXG{)+!-+y6`7@c))B#D6XQd%g~@A1GfeJRcCgQ4a|(0rMUi8>|2Q
zo9g`h+;qI$Hp4U<x+NWeX&h44KiMw+O)V`3uwCN>o!F^-gOWo)ubuu==Zk2WuV3@M
zvb0nxv(iBrqRtNoZ*5)MsV+Ntdb&^2)P(4@pgq6P*QY&C0@5@xqRy&UeWSX%nq1hm
zc<5x|hx-wiySw|yZ$mp-bq$TW$;o6q35lL2=<!hUNcV=uextj)8yL<*0D!Pt10$If
zW_Ei-10SXRNtBe3xCoMVY0C}?!I|_p&_UErY;5ci5Q8gr1l<qsxy3Vt1-t%TK~#@d
zG<3{mpn=Z9*g}vXf+km1fF<HXM=v)2b#-^KM+)R+LQ2YZfv}(;a>A8a&?}b*vSvY>
z0d>Uo<IWRVSwH0*clP=BZH6~E3*IaWFa`zf-DPKQ1~9>C*3Y1lulegwJQpxX;3Kop
zBNGRLf|jWDHAZokHa5axNFvfOjDIq{h~Qu`2L~QyWo6j^U?>FN5_U}mayN5E4)R$e
zpqEq?W=^B_>!^pI7=Lr#ep$3bMAgxM4G<r~g+Z$WDFK|85CBp$K#Ybf@}8SdGDly9
z+58xE{$wE+^b$=x=(mT5hcA|T)4mm-URb>i4Q-rm2t)=UXw@-nT6BQBo_|q!KbQ<~
z3mLXRalt2f_3G81&CLkUvtzT2kf5Mim=NJ0;Xt(v=4+9G0JXKhKP2t6yC8Q%#GM>Q
zQj^#DE;WeDAS{ZdDW(D<yMl{5$Xrvg+@Wl3;K;+v7&^hCsbu*`q97T%aV-e{U~t@v
z?}o-J?7CMA;GwDFvmri(i2MCg%ijTjtZ+b^2SNvBRd<=%o#rclw5>e1i5yZ}4-W(J
zZroP{9ZhoJ^!#MA9vq(BzhgPivityS274{e&tp${p5)v7sYT0oKx9FYi&J}F7nv?5
z5fNPgC8hVAHnb6$+y^Et$b`2<Jz3okCY<VFK&mfP4j1Tg<mpyvDl$jUSb*~T$k6b!
z>JLOoJwH8qBrW|G#3n@808v&Pc{h-)<x2m0U7YCY0}6nd=5weCx*iN4jC=>+KlS`m
z?(`t+AeyUriDtRO@`rmMr%wageX!02Pg#E`Poo}KV51%A0NCKmB>{=k{kpd>q$Pbb
zEG+o&&{-eUv<C%hh6#jyxh7Ct_3-o<GOAv$$0PD!zJMVjPlD!Cyg-<te3w<{hl)v6
z&MW))L0%|l=D^q)6DAOD9M}VwL7W#77H+CpUt7CpH}@n_$fZB8va4+oJS6h_HZ<{k
zmdv^$n)#Z%vMC}r`K`ul!58X?I%o<ZD@iWZv@<S-5}TPq@G=NwoCeLf<v)Lhn6O?3
zr7<~-X8|TMfYC;{w{4Ikf(is5Jop4ub!G~AE4asd_6xHAm_UHuVgKKQ+xH6y_*7o5
z&aw$lPycXh8U!h#9`^?i9=tp~+`jL+mo2Z+`P5pzDr2Zmo8yyQ(9*9DAjttfm62YB
zjRjmbe;6o9gqSauSr;vsBXJKLnXSgly`fn>9}|#kkB4Rv-6BIo$b9|kby8AkO_hOx
zfsQIs@guO{Fya1&T_ylt0j+2Tpwk{z1}f4^1A{Otr<q1<ht(mu&4HO8j;jICC8#FO
z54UFlO58hQ_=)tRB&SJl01e%4larHR1~$Si7VA3M**yZV=GYH+Uq3WNIyyRPB>#WA
z17$@;8W;BOg@s~DN<`p23~BcPQ>|K+%aTvB0d^-XnDtZx`bYMT^Ii72o}M0{xk*D7
zZEbD$p|>G7he$AgO=^DeG$pztJaMaz3+%EX0U0LVP2fQ<0r4PR8Yp-lXm3fU#MiF%
z7MUpciWx%%_qj4MFr<2%>@)sGoV2C!ilVxM)uH?lc(`eRjAtx>D`E}&uIF5P^<P<l
z(NS7aQEDI?M$-ScTloZX$AX8!RU90BOUrymYnL_>qGM>ZEpyLlFXj>%jbPK#Vfh(9
zm6q<;yiowm4`e?Y=sYlpuK7ML(F}X{j<D@0J|QA3ENrf6DzS26d>m1GX2BLitQqL9
zfpC$Cmqbc^<6S~RNWNCtO909bPE>P$*}xpq90uhQCRzL|cqGZ>XR5zPM=3y~)GSy&
zi5Vrg?@xGUo#V(e9AZjL=UM^<OV7*uTzPD8P(>wIRc_}7JZyS_kyEAxp1T&52>#&d
z0IC1a>MG0mO;XZ-3{=x!U!vuE4e;%E?=mxU#i@CER;%87X*CG|cYUlx9N_P}4<CGh
z;Y_cM7R7O!;6r_b!3N!6Pxldn|D&{rl9B;KRgT9aFm2_sRG8(kQhFi<{>ErZ**`Dk
zqy5xgU_0A<2=~a45f&0M;PO4I@HYb&H+P4l*=b1JfNZ`Qpi&o=V~rz_+>j>=m4Xry
zX4wN>pz44N1m%@3@Hmr(+dnA46P~PmlSROj1N!dAUG{vKg9x!f*3M%1>pvzOXs8Wb
zWd;CqZ9#yHT!#H*!ZQJgR|(#jZ0KTPP|N%#URZE!h8$F(1%TcUk&(8G-8a*h!Nww@
zpg@L}X;pG!;wzhESFlsM6Q6xt<nj1-0izh`=`p~r96qiR08<emH%v@YOjXs^26!2~
z{M0BcvZDI>M~M#{uX=iV8g*-B8O+(0|M>CN<TfnjTi?qBk1~{_bJ&pofB`cN+N0!v
z<8nWyRQQd)ll47t3*RLshC*lE^$$a{Utuc=4>(>hG9#w@a*9wM_d}c0y#WOX3-HES
z!B#}593{V1-d|TwPm!<M6`vxjAp!yB63oU18Qv`6pP2wVFdn7DO(O1VXQBWxGMPXp
zPcMqI94p2?IyyqV0q^`3{2BK8gV?_Nf`a1gv9ll>%vju>`WzogfI_eY;)QB!Cmw2Q
zYEmL}P*hYDoYRjw&CsZzHZH>+o*`bav$sb+XS~Wy&HYObXqg}#7lLz=Ula<m9l!Nt
zBV-mrOOd~M@OmxiaR{kdMpsu?6PT(^HLJgJ5&3QQWV1#}S^2|=uG&}aI(UHK(w39C
zdL{l-Rt5%-Qrd?YCHCyVqoqQGJ&hvcX^^&GzEB4f5-b!0=sDmy)q}+6P-+P)^m=W?
z8@?a1`wS?I=i&5a2Uu}XCiA2IYm!7r+Y(IsVG|dVa)KMcV?B8T=K0`>pge*C0HbY>
znxu$<4$#*}1gJp-F%=+aVJcN=Cy*)o(Fc!;?*&Mbig&Ibf_tu%E{RvPgNFFRX$CFf
zz`t4mGa^|46O+qcUS3H|`qEv$!35XP&^X-qx%n<S8uS0eY{&;+y(RwWkqzK8nAen`
znSl%s{teQ5`wH|#BiFURdjR$1;^IP3jiqH@t{MlAY45|_HE0u!U!Lb8?+8!`h^ImS
z=cf-2Dk`r)-6KO6Tbx-7hHVF8t2l#jZM*eH?A62%5`|<T?~IJw;9~cdSg67JJl+&`
z1PoONQW+6Quh4@Z<*SPSBX6KUj{Z>DU9}|8mH5vbzWnh;ci3eJ<*1}tO;!f$d7Y8K
zOffMaBvSI9O|J&x$NaHhR9Qhn;{Q3z#C#d(=zl0;6Ze0jPycUd$u~R5VKf3@L=**(
zF*c(&vVWIZ8-Pzp^5FogCryRfg$FLBV)(t9k=*pyVUIf_?WbW@n(<OgDhMG3Q+u5f
z!Jck`q=Ys2HE7CS*t3A5V8!d<?)%ED_5A$(X<1lSOEw1s38?7=1ryRwFpF7QZnWHb
zpZ0ehAjX3N7yzUIs$S7_>*R3^Yr<r>?Ru~g1{>U<J?bt((xLU*%(W6d{cUV$m<mi=
zfrT!%VQPvRA0NNKBP&_NgR-Kc;>H9=s*b?I{r#XId$QGzl9(kUV-1a~FZK1k;c3n`
z5Qs{stCJ%U1<-uJi2eiAA5n)uW&p$HEfyZ-A3%E#Aua>i4n)!0TOB5-Ioqd#>;n?D
zff<zwJ}J^@!2u?Be;_D`@utpQ<~OL{r{HIS#kO4nxr=m@o@5w7fG{oroTrKHK&Gw3
z+6a-|(Ezy{$mntR^wHPW)*yI?jeXyK0XG2u=2g@ocpFH<0yH9e7^)z@`N=X8A4Dc6
zhhLm+dI9qMR#YSoIIpDrHE25^Nv3}LMu_UIus7kc9J|gWpI8e-0v?#Yk<mYqCb&_o
zf!K1FUB<7vRd2x)LA1!t>J#=aDmgD5^q{36KLc|U2uG^ooh^XPpw&HBK8e{Ahf9Z6
zehKyg*oAe&!)opmiYM_aQ#*S#)m%m<Caadi{RUqvjo8;0Q@jFFQmCz_s>42gqC@ga
z$|>ZOT4mN#d~u#25-$zr5Cb=P9~p@O)T7v97(YuPB|sYSlqGwTg{L<*tcurh!-Nei
z&t7RT$;Q2b1Vfd<+ok6Q-G!XCGZGMCkd9aDN}^7ds#adjwXWvqaIG-zqAXg`e|65w
z<Mi~1RS}#K)V&|Kq;paVk0u9CGKZ2)eiwk)Xx#HFQzUX})x=<)Q-xaGW4m%l)8Gs?
z(zk224h|A<b+((6!T>#AfZCm{S0i$Kut@-6A_Pl-D(AeKU-k~JTTM-^*la+Oi5hUp
zWrABTYTuwiQ@QW9&kDNiHY^)b1-YvE%nREK3Dz^PZD#1+#l?Zx_D>gqUJ2w#^2G}p
z7?MbXPlWUdOt=p#Ien%!pe{o?p{}n_iG>`rGuV0J9WiWukmC_@*|`LpF)%+rKdu?9
z8*0x(+8Z}+AV%lfcm=UsJdaqJ)x_4plow(G0?_37SZ!Dn92`u}YknQ6V0h~r!mih;
z-M75^EH?oS1DKxHyErBT90F4Rh^O)x8ESuHA_O*UI=HZ41<uS>fv=dpZt=ydW8mVr
z-O$1!w@fD`U&f{VbnOsWFDLAhODIHGM;IW4&mzxqtY1;c6o8El!xs$$3p9jRQ`I+N
zDAz&Q2?`4dJaCE{SelrwQCO^+bhyHr`~K$%gW}H6le^GO&_l0x7q{!cNQ0v*Kd|s<
zxOe>ae9=Q}gVnUCV~T`LxhiY(^}b<M*f1X!&7qJYQ=WEe;Dr5ZQPGQX%4bs$C8}y?
zo)<R)+Z-h7AaJ*YJWt61hGC#!CZ|IcKY8-xU6cZ>ZIk~Om@eREUq-bZxw^T{0{?C8
z=)l<8OKyU8L=P?rcx+GuSSU~-(tx>^yB~em`1@)g6Yq;^{+FUS=4fds%lhGAG8Cc}
z1LAnb5|*2r>wF}UuUP`yNl{Vpg^gZjKRh2w2#2BGz!(gfN~ZWd1TGjDLNHyiAZL}B
zltdfbal5QQIY&ZL5(|0=Gz)zQ6M|fPCtCXHx<xkf7y{Z2+jp7m&Db=Hdns9voi)l7
z&>WMq2Q=j}3d}OZMF(aMBNX)pLXbfOs`n1!qCQkRXyAq2{S?dlN2|gvW2okXTY9H3
zU#Gx+=SS*flj_Wc*6*G9%|kNwtNPuiEU?_m-=my1xcH{1-1Jt)43>5SqAE1oO|IDw
zKYI2zKf5Hx0{6XVOmv|l%wEW{Ny*FOBe0K@l(AY(MTJ54hp}|qJVot*8?Fo^RnC#7
zmR360b%<$#m>s}aK^UcHVZnjX*cUGWrQBI9_PeR+@#ZQl$+xny;r5!j{&&}GZEX)B
zSqc=o$$C6gIJ8COxZl#qzyJe$2bj^R($UOVWsY`s^^lnaUZeqOIp|PiKvAN{tB+T(
zQ9!Lej14PZ#AIFIMYlyQK40jUM(46WZtNZ5imu+PHsqoJIivWT?_lKaL`!CWEPHMm
zXA@?Et|YLZUq3ntosShie!oGraKmk(lc0xN&!GK58Ko9dnF6~7Q9bAx(f`dd?MLo>
zY#cA?Rq<dk&!49h-}`XM4{8YZA`GuL{{EN%G$2Q?#5HfUlyJ|@&8_X|`0(%#sAfp^
z733-~-JxvW#l~I^lcblYgFDdV7t&H!H)V?gkZByv0j{bKO^}(i7tRT22yn}^z?Q(w
zgFUNW?Osv$;K|dJ*jT1X?thgW45*;U-#`A1nL!4$4#<+eiAf;Lgs0|H%+J3p6&tk8
zS$**cE75Z~78MrOvHmFQqHDy?#?P--SwIW_wo4KE39%L`=)?59XGJGN{F%~T39@_4
z_YOwhxvqV5s}${V@8Ft>HL2n$yS30+qb!0W)B*c8!!uyP?b)ViL5WoR57Q;?ry4^@
z{j~m5KVPMHqn`l3JwHFOK0T<p@Q;Wf0MLa6$PqCDA;mINCWt&h4kgaUM0bcA;saMm
z6n0as%<G0G2<ji?IWbY$D$FnegEnK=5O=<IV09D{o93!VFjf(l&vu5*LqI}T_ty2R
z{)c!YNJ_}lK<oP!IMPq$^>*T6{?J@OMlWoaOBLEy4!_68wYRUu!^)&WBp7t055LO{
zm4JQvgR3K%E(W=Y&-?k==lm*+9_z=ibdsGua%h*MqNNe62rc623b9A0oL;iQ;wT^2
z0XZK}Ch89WAgtdhOGXA8g|xg?6)kR$=X0&Yd3efVOsZHd+*WYZ!@4+*MR1-Z{ro)G
z)9Y@%a`yeJ@Iogtw4#jIcvPp}YFkt^6D}V_q|gdEED_>Ui{Qe?!3CxPi8BRr;m{K?
zc7S+6A`jwRpf{2r-p$ZFmXW@EHRNd+!Bgn1@$%X(fnJR$V_-GmA<@-xTLTE?h`CPz
ziUOJgi|P*;7Wfd@a#l}5`seN3x9Tq6x0}0iemF}oGCG<D1GU_7l@yf<q6%Q32EbJM
zuqz=!l%G&A<+{p-_^<$d9;b+S$Y!eDxen?vXX&d^u*=X9=mBmAPelQ+@*DSUP>>e|
zXDVCgXXznZLezeAo8i)M0X1UB1NsHdTKRWKYwPb{-qGrLqdfP3_Ptj>V@~IS2RZe>
z0)cn|Z5(WFsW3`jhQGlg3z-}Wzn3lO?ZbJ+4WtP#oq|$;Bs_)&E`oH87rt66_s7mV
z7i7E3aPuMc%BtWNV{Gopzo$_<IDY%@?whnD-S!hB4Y$su+%OMDmzby>@?3?-UrV$N
zf^a+gd<Lmdx&|PJ0$6Nv+pKD7P9=N!cjea%eQ7W#PiL$z%&WbA4Pkt>mWU?U{KQKO
zn-!v7!zTlzfa@E3&?O`|xMldf^&!6ug@g}%UJ=45d{<!IMR5p;s+67E?!cdki25wv
z#)kfTP~rb~hiB=i$dFj^aa(KaLx_~aw4(A|;sx;@jfsf~MrzH_y3Il<B?~?o9h=lW
z3qk(N6q$cZ#eN=>-jJ1$*sE^^5p@K2uQCHNAm!!cU%!6+R$6N8OIU>kF;vLUVfjBo
zBO{9)F1?9W(A_ed_?<1^DxB+8ifKz7EE)$c2Svu!_en{3kleuXl_(&BTrQ+$|6vkV
zf#0!wQCs&Druty5Fdn&Lf()&$zV)5y({LDoc@AR!$XKe_mvnUhoD|s`Tb{8DcBKCO
zQZ`~oM-ItzF)%T$o?bjIx0yz-K0jVvj9(1-DsHs>V<-W1et6HSn7TiS1g~D0HA`1|
zp1C4IaP$vd2y5O2bAJ>r@E>y3s&elzg}X_eTEoyT0g7C^%9RAvct92f#f~`G*hqv<
z@MF-@?YfjC8alc!G`d!H;~sgO<hWJ>&qL*yLKx;9A+u8aYV;aNYluV&6HV6YzryGh
z_Ll)WEP*%+kxdkIK_o1N@b(8z8@MR-avNH}amGE#kih^!9??-jdCeChCMG7Lq<jmx
z3s6{UdwLXB&mhsLKV9#S<j+Akv)vdMfc6QZ)9iqP=wm>^NG=`{`bab%6BE<M!J!da
z*Yw=n=VyUn(jZ_Hh7jQ;H1PmjF;IfGn#lBM?%g8<bVWQMAJ2mgHi{JR>!#uVCTaaf
zLFDMtty{MwcR5C1_oj*=khy<gV0vL80I_1hoQH^tBuoQHa}&UbL%mVXX#_Bepz@KC
z5yYf`tapB$X9bWLB$tj${zkXTHF!QaG*kj?ByAm?F6P`q*W~{`&fNgq?sn{d9_M=r
z-_yK%KYsF7Pw52(SuiKP*b+7QeAyR;<U^s~;lorx^f{5!E%Da*W{$n1=|E}-&|G%k
zA2mT3^3Ht6HpED2;ie(Z-v}J94`>&XYXO@AaiidT0VsQ4^=j~uc6fS8td>CZ^bMF0
zR3O<%!k&jRvw-KZv~~h*6M=sqfMdclg-UGb>cT?-+ClCbiMONPfa*L0sp~qE6pzfv
z2vD8@uVO+p3fwph2=+>X&N&Tc3<RDzX)3|@hv-f`kJ+b^DoFc4Qkv7G`v#!G)BWGp
zBh?;)5Pmf0@q%y_j1E7)OP$HWR6aB>>U=QO%dBozU!1!^bEl=FLkF(WlBZFGLb0gk
zJ%m^WBFn?&8GwNSA<}EBIzRLPKKPprWP+NLp1pL@A_gWLoHapbVPSdoyR<9sJLQ)}
zP+P$=du!AYQwQT3uCxJc0%Xq>waZBqFzRwigVdoEl7|~NI*fJR#n$2Q(KHw?3xXMy
zU=P^X+4;oAlCkSnnmQ!>kHfDh8Z5usfy)h$&maf!s1Z^?Xecmfq+lqN?8r(>KLRZ6
zy1#~vLh|`FH8qoGZg4_|jScTV%rh`BaA*KIuf%?SQFSoc0Ga2%B59?t$TORoKnNhT
zf~43W-!1_+2zo0T3UH^y@K+t6D-JsV=?L|#K^g;wY{+$S4Ms60g2Iv16PTIbirkL1
z-h-F*P+9pJiU!U`K#b`jWTKmn`7MTIvr<4#d><DV1d?q-eLXtlO91+kO>Iv6<j>2?
zL!sa;jH7=k3d?ja#Job1sBkQzHqVZ@FE_*lIq$|?>(za|VeA_DXcHy($=E~s+O-Y|
z8HDH|d0Q!Jk4t}+Dfob@!d9mmXA~B`3HFDk36YMDPSXiNRb}P7l$40jP+WwCLI?_y
z(zm)(L?fUq8{i}al+SScvm6!33O;600900W0v-5&5I8Nj1RJuk`2P|sHA?5?<O~WA
z50L)5$C?WW3y>3N+>lNoBq2c*i5ZCHt0Q^u?-0{F_j<=38{$IIQ6sTjlme3ZRsTn;
zn;&TS;DVtE&5R2DS@uYQ6j^|(28eZkAY8JwX0^P}Q<fL7vJ4&%d;<jT`hfvrV84$+
zLF{7Y|4%N0+Y<UK9m&1SK;Aj7T@GTlBb!@PR3VVg;3S90E4iqr5WHn$k;pMR4&*ff
za$`|L#(xGw52!&rzjZjo9g*M-XfP76vpvuLs=?VV#YH<M6x8P<V`D}bZaot7b93aZ
zZpaxI@Y{f|v1)w31cKDe$2wTv!8{FO)Vq%#u}d`bNqSL;s#M?5P-rv#2$J6qA({k%
zkC_uRG_=FztQ19X%#qj@Bnn+S(l+zbqE5psPgr5gLzg!A_2s$bKy<PGvS-fH_p#AY
zBrz1nZ+!~{$3L(T@9CxDpIgznI&ObZqNDqCRpr_xD*>ZPqffU%o`8^Ux}$MBSXnn8
zIMjj(glo09yo{}&ps+SoLyb}d)fehF4Q#QO@!%iMK-WWbao|Uaa9#+pMd;`rAvX@^
z0I_b|ya^&dHVU8@8HbpMD%cm!0w!>IN&siBlaYmNQUe48Xa}qW={z7X7ZB4J85`G6
zPTqncgo(N#U?;H}I!a|-i3Uvr6i0>CYbrUi^Vawv$ss}vNJ29jKj9<^G}qPQw1fnz
z{mm(YFi8yfm7%OLZ4?$B-V9v|v1>yqxFsuPpPN?%FZ}}9QzeH@yPOb_y+JWn1h+E(
z;N{Dg-|Xh4ku)D11Y_L&0TEt!3b6ekT!sS@ygo?0Gi9q}9J-Alo+GZu6`wcI<)#5a
zwrE*bWjs%Y_-HB|0$IC3_u*AX&J35e8w?F3VYc`e8o(dW+gk#uJxy(XBhdh)YePUC
zTrWJ(`16nYTUsusrKQafv!kT~L4_y+71Y<)$P{h%7Px$*Q^N9t`a=XROA9!S4*kYP
zM*09QVeI&6vr82jcNP1Tf-GSG4j>#YlRP{AiyXX45(0PE7qYLiare-`6o*1G?M?Mo
zr38)q)p$7(DC|5xEi>k<!{M?FU^pX14<i&tCa1@-!*;UxpJk0o3T|T>R#sfdTA@&&
zLQPLNP38A~2VK)(W4r>+(jl@o$XS74Lj@c0{8MDeAyVCzw|b!Uf)>_T>9TwODswGZ
z5FI7iG5EFMVf4ZIwj`-MF9@F@;~gf6ES4Vt2spTcn<<wN0Fw_nIJmvNZ8}*g02l^N
z*oA?kK+C{z30xKAGiM;P3`;{Ga`;d?n}YCKRr&0N5wEkO$gRaFOEX9NDE*U0wF~h>
z81l%D+GZkZpM?lux!VCdqkLkkZx3?NEFIh&ups;)6bMEn2=Vw(a#ebKgng^?)K!Li
zFw_yp0r7?4KoAn{bKaQ?KJ<L`igls$qc5Cz1-)Vxa(|7WJ{RxAiF#E}S~I2uA}11a
za&m6mzW4^Ufv`MH{%$x+1=v((HS>U@`Vbuk&Cu9ucw&bTCq|k8oYjTf7GsR8gUB2}
zi0d2*V-VT^VYx3uh71O99mF2s>>HvCL)szp?-QF(Y7?+pkO$j4XQ|i>!c7?Zjb(+;
zRa9mVx9@6A#g|F}qY3dKDj`Su3YQ+L(GMygNv_on6h#3N#oDZ3_%z%h`nt{3%8DJf
zcK|%_R2a<&rU8Kq#4DUX%OxAgS-Tc$uTZ!|G!zn3h4a7Y(ENCg4NDep!>O;zqvUe|
zurUIPinx(DwVs|HN`WJ7=iq>hIsp&0S-FcJ4*%-~{F@I@hZj;`%PfBbawW}vmW7WT
z<;A@vq`tZ{0A3do=sqpyLKU0#q5II#z_~@R&DL;T*`h9aq)UeNyPiR|yB=<P<RN2m
zuC@1iq;rnW;{<?a{r&w2jTIpp@S_zEKnx=Qy@Xyx-$1f~f&5~YuuqhX&=^`xf4{Q(
z+mA4KAcEL<(9qDpX+C%d)ORKKeBkNGox?(O;$Qg}Co`Xu_7qW{15OF)5jnvXy*TBD
zcxs`316H19$yM-^8sTs&WCvNXG66Kz`(Yn~g@^#y|Ng+KuZy&YCdHYk7$K6B2@1Lb
zCx*bWM9zBEemCm)X4FB-IRQPzA7ndvKqJsM8^Ge|gF~d-2Z;+kDG?Z#@n1lw0||fv
zX-516L}r8=T6Id5wg*Q6o}!?S?rN$Ha(*u&gNZo;08o@5fw(BA*bj(sxP;&mQS3$N
zaIHX(hq(=B5#<+`HNjf}QX&P~vSX<QB>JIJ7(^;$%^z-qCju0K03_-LaMo=>P0Qzj
zlnso7Ch#R4(Luoc0p}()PX$FpZmFuOBC|m?Pu&}0@h^Zl3^j7F{8ttr4$ezI5*Ob-
z+%|}G`QU;$lt^X=WH3Y%fDYt{ejiRSIjjsmbwAdDs1xX6wAI#@mSKQ|X0uW}AHf0U
zZ>D{8<JBHiplpE#qba(f6|bB#c%;MnY54XXfWP#7R^zQNkTd;g)Ao~v+ToD+tOZR~
z&wU#cjMcYr8V<wRRluyxL%ZjDSy>>kPYsh-|K}+kbmwFGA_%rU_^$(0NwxW4=^#Y#
z>eZ`_57Xh!k@F~EHur*eg;JoN7|+w-hV*%#VX|TJ2WlD-&(m_}ifj>Rxc6Ol{*UI~
zJg(<;{r~;MGSAD9Opz&}5*ecqt4x{7ltRi<gop~2Whi7wQb}cq(jZBbN@P`(v}lq_
zNTfugl!o)Xv-aNK?|1L-`TcPok8_U4WAC*V`h4EQeP7r08m{Xe!SiVcG^O^_`TDZD
zx_T};z|Qhls+b76iERFL9)h0&@-q_p;Jt0)B4!W!I*=g+n>1E$l&$K}ZNL$sDv=sQ
zLI+%Kq~*D>@jzUUDk$m03$Ck_Ih|U5^T^4QC$ql}oHk=dnQwJXO=e6SZatdEdJP=d
z#dX0^g1tyl;vG}2h&IqMD{gE+I>VfwGd*LoypD<w?d#o#s0m^mwP@vzi?Ar-!BO<*
zOrP<cmzE#1uLrMQB0NgC)lTZn>Ds+}5}AkgQ9B_uVI`x|N+iT6)8-myxTMvJ8uwWt
z@oUeNVvEW<Poa4Ce94z#Vb9&REhu{?W%}qdHrCcMv4yEiHQb1UvwQwI(Gs?I`X?u^
zL{{BEy3D08+zAsIKgJFJ@w1P`c;^gnnFF?TarB@Ha#64E*|VoT5oi;4_09}}aCOYy
z@tCx_f@{!cM2Knh3MK$OAi&bv`;dB8^wq*GZlbb!H`jClRYQB64t-mw(LVJ4(yEtA
zU75y17oJ~|{%n+c*s~-c+n=M4cB5z@F!qsc=^>#%V2+j5RMD*-_DvUwngUi%MdjBW
z@lBJNZvb;MY}WIYCxoAmbc(E|0a%byi_^?}^r$UYBkb2u`_A6p-63Y1-OF~XP`?Dn
z^SJ@Fb-0HtBe0On;eos@De>>SNO4`n(~|q5bIi{j=2jY2SQXOF>4Jk}$(k+ZfuZkq
z4tw#mar~Tru`b&*<>YK?+a?4BjjNOzNAwkFpWL)8P;b0M=WAXVo$-`7l_aFAyi8EJ
zyPEZ#><lfb4fR#UYqz``rQ;oBsrQ?r8yyBR9lLc)L>7KiQsT%DdDi|oDmH)4t-+L(
z;cZ_0$C{%3k(RR*<pOq^*ln#C2cQ>zF)>r(?|A{CyN+v}b2aYRUh2)R)Aq#<T?|jk
z-e^((_C;-0fI@mpOJKmAUSTUQbRITat7p$q-S0Yf9Neqt(%fHusTutyWq?M+5tG5s
z+k0f2q{?@8zb!x8=JuiX;pJO5w|BnM>Dyo9hq~+ao7ZuKZtgE(nN>}P4b4}aUC`!^
zW|i%%A!<Vs<LdJFm*xj#Hs$Yr_VI+HR>8(9D>ZMQx%05%FYKqN{}^x*P2;!ahtjB!
z_~uvcKKrgU=EXM+Bzj$^4Ql>X*<Lqg3tR5_{`h0J`pw4CVdfbQ%po!FAMdkpUQ4lI
z^U+?z=ilD&unon-TyoEzZ-1sz9c6Zus|s`3Fmbn9dhoHHy_`K08g~b5v#?NMDe5ZA
z%gIF^>9DpwbdzS=`Rd;@RAkN!nsyFbUaG;u@}}AlyW*Vq=33pz7)Qr8b6954S2yhZ
zX0OqB>y4Wg%^8g!ro=BR0u+irbY3^Ce`A56!s_U2u}LaKKEbob6r3(FUp4%M<73sg
zexum2(X#?B%3AGG{{Cf4-=O-tv3frmZ~^^}wl&$4feCxr+h+%)P94;p;$qs~&;9$I
zJPHh_)AEnRO~P@AvDXztZd+wKZJ(M<q&{u4fyB~SzQc~BmS*O|@(~6JYWp)}u7rdH
zQTOQu_Km8DeS<~EqPfvpZAcH8p%EyT>gJK2lztF>+trfyv9~ADzLQc+5Dl<w3fS-C
zYUw?B`v8FbwWug}P!*+O8g<(=n0v}<vU+IJ-lxbL#TFBYNm!bUV+*;7rFwevX-a~Z
z8a;V(#H$Di4&zDG3`T6r^RBK^R<3E!o|#mCNRtTMOv#M?pMtG-jJ&+)dAT%o*B{X3
z)H5mY1A$7H9OZ}h>DBAzSnraO^vC8>vG;<V$~$<uwL2XDV`2H>+4l4=rPJ1Nfus*1
zmj*+w>=`Iq5=J&7&i;vdEI)Rv5fvtO5m$OzULfxht2D7uPopykTiW>x7nZMGyI|?k
zp5SE_@3sdfxTT7grSFk;Kc+}T)`Nda<AWqn?_!4{7+T<nV5ouyi-}VFJ=gE+=VuhU
z8i!M&Nm#wU?a11|F9-Fqtub`b^m4MK<o9cfAl*JeHH;iNvaum2e$=E%nOkOHmM##}
zG~80>S=Xzl=dCh4m}nLfcZ{5Y^=AtYj>g02R}sn{i=qn5>FRnwaWKJS5qFa%|AUBf
z=Rmy$dq`{Z<`F&zsydN{w{STU0Pzu&&xrsIaDfM{Kj^nFw@p4+srmlI*2n((()~`h
z^UJt-tmn-wmzMZFA3J=*<cBr3hialyzXlvTt~cGLM&2aM<Ig`egY?Goqd?a9S1LF?
zF3mc4k+|5FmX^nS{WHEq%E`Wq;)s=E3vYdXwH?;mLaC`}CLoHN7KJ>4i3W9_G8|}{
zALN$WPT0qpLegr^;z0wv5I{z%tNS2QyxB8d^owl@{jP72*N{~+Yb>>156`q?Pc{n%
zgRL>d`h716wazE{X43bnS(f%WGxM9+DYO#e?sKXogCwD=*wf%r36dOGb|8G-b((|+
zq%Si^wOJN%C+E(cZ3GEnVREt*_TEaX>u{}9DyEHUj*j224w)0J$mXF67(RXatM6C(
zIIml0Z9NSfMb~fOgs7f1?Y=(@>+y?noZ(RO9;?(A-F@NH(zxY*)3<fr)*ocv%sJzh
zTKvv?|Ch=&N#>D8;cMe;dR@DE)v4Zr2YE@|ZivI9+1Mn-9%L03;i3OX;7%?q^q~Vv
zFZyeq`HzobztUwIx_aFC^XE5&ugzsz1>QRq^Ul+~mgJjHf$c%Aa{$d?nVN_ER+1MP
zl3pAhTuA>+z(F5ZP@Gc^Tn<as#+4xDUllifP<I5W1K*Mi^q*~;yuYApZB{?&7Ck-P
z$)iRc!=i#tKM$q^K&q?~lvloY!NP^7478$@<0nm+u*`6JuVotYmZIH|PZciZD6?^L
zk&{m*{*h%`YrS#3Y}}7E?TVN5Z`vR+$#Ct_J2>`bVdM^3T44dVGKc2TpWof#QOUdj
zg{AED2jzPQK3s(N56hp#ebJ~d_sSH-C=67#r`Xx#$B!>&_g}+ir`ugRZmQOaGiN%8
zI*46@jR-T-sIg;D!X5TTe#<L2fzO#AO`=oAv_dUuRUV#07QIeEIm<2QhOKH``U2OP
zyCiynu9zIvhMWnF_4V~lsaqRep7^6KyzpdJX1^@gZj>hQK_6h)M+_Tw2z>8-@Y@;*
zgDQAy!;onWm0O>|I)*AJcAe+@I`H$DyY7ou4eHv4#>SIC#{mzAGLu9WR_YyH%9S4a
zqZAcSM@0z_{d`<5W0aIWvLgM+K1q}-cSSSpRS+Tc|F8Y~)6meBituA-@{sB^evG?t
z1QKoxT`iiE&_HC_j9k1};s)=4H7`qQEv61~PcvbA(&Pw7cJ{=H&OWJT>*8O<rZ1$;
z(h<%L2jOg@jtF#owjb)DuDMxQE?kJ`ghgTg{{BgYk)^M$MtnR-Si?S;Z)ObyM{e8p
zI@SYhU^Lk?G_M?wo;{HK;9E^isVk0-TI;JxV5`=DOSfyDs57%R(>N8M%WQ*#wYoS|
z-iK{7HB}JRnJ~>zs*@?6Yu#=07p)-lx0!E#`b!j`c}=|S%zXuxZs|?0Epyh35Xln!
z5>?ba>Ga?(8e}!G<Z)aLmzQ@GyH{#4S_Q?ybYo*<?wZXi<QTZ&Ad7m}%#a&()?>nQ
z7vb^55htGVXi7E!0@>|gZp0{;;~-$NYW<tTJtY0rtdx-mc7}fpz8B$-A-|(28}JBW
z3}WJy6HFbQn)A2|v+ST@kjQSS#^Y9K$jhyI^uE$c&9puF-mIu)f0LT^$W?V2rd=k6
zZk$ta-(QxIUnr<khMXCi^O~K^DmF$&p_xqNM1(xRkM8S1J$u!UId8mDQ}g|Ri?3$%
zT<8BO;E#uyuMe4OyoJ!BC&HUh_GXUK^#b$JG~}KdE|+uZn9~VINBy~jzudn4wq3UZ
zm%zIBE;{F&okfH3sV)6p?<+i5^Er3Lzy2;2cIJxGVdu+|-tL5G^i5vknAzLr^AUcZ
zdgV>R#LEf_3b7wF93KY<S3Rs5awhp>SS8}0ulcg&GSP~7OE6F@Q<h(ThRfd&mMgEI
zu-u3rmLGb);c59^GF@g*xmqU}{$t1KNomc|)JV?vmhA30PgC>OmG}eYo1Vy~K8{at
z$jF<scv1OaEr%JC?#<CWkeZ(EhbkGF7n~F|n=*#gi>G3Y$nwsm<Ks?j=s7gx&qwdn
zFNALV!+WE=obC*ytK#Bfl2>C>Q`XQaTJz?$qd(9}jXAs5cEs7Q@>|WreD!2(bVKrw
z4}Hs?KahL3PFuSZNv3oA9m<p##69S+`y&f|T8lML`G+@rHubtW_)PNQ+@N@wDTjT0
z3dhe_w8{r5*xB>_AwAom{?F~7_jtYbOo<F{m9#hgp`2W2ach6BQl7eBW2kNT_mSR{
zw*CsB(rs_R)Tg)sD>OCx^yED?4m$j>u<80At}{}yC^9Wp$fx?}i<w2Zm|cic`gKi)
zUyY7Cem~b*nwC%Of1oa`bM}FTjKi}d^U`Q-5Ob_P?P0P;!uc^P0Fumyvxf+?p#Pyw
z+qN>(_sFw@z8e47Idu>NLJ&0$rxuGwMh1zUgp?7prG&1KT=e$IXrK2u4?-fkK0pNk
zlXPJJ@VF<~Hd<k`moi;Hx|fJ*%eTO&lW4?SH*$Pz{2!{V)bLL2rNFV&I==yTlQ)G5
z|9YB9ThYx)hpjir#KqGymHI?mOG`O>6>Y!0SeR3weiDl<mKoSyF~?uTG^WF-XQu~E
z6C-7`mMlrytWrO&tr(P7`N}K=aV;GgGMA`_oOS=|^y7|?YyE~@lUs%OwfKE;@y%hH
zf7YD|>U5*7i*NFJ+Z;>x-w9ddW?|;`%h2XOs0M)L6)>v8c5D>G@DG^mue!6QOmX94
zDqk9%A+SPS4Tbi!2RRetrRXT=iz)&mp}VgAWrn`YH*KVbkl8)hY#q-idV;xW578sU
zUG{*_uUPAS?wlBQ#Jxt99%S$T;+aO_d;Xcl;8m+vKL-4M$B`(B`slr%*(_6~q@?eB
z>D#BzZJSzCvYb=KCttpU5okvM86nWd&V)-T>LGM!tM6|e0@Z|c$+U^LPym0LhO3|x
z7gg&PRL&gI0}mLZF^Vjr1^Y%*&gX&{H~6ca2-?g#d4OC1yBodahGT!*I=9Yk8sFr0
zXyg7`sb{1^;E++KDjos)Un;FAC~@&9qgUb+VenBu$dapot(QMDzxOnIAjGe|d&hk%
z+Bub-@2}$31Rl)|H<MoS@u<NPzYH?(t%$A~Yzg(YMuZ5%JYJU8%#IyH{Aj$GU{$f9
z-4XS++=6IfS>&NY98DBM6)^EXVi8F(acTlgs0lNJB%&&^$6V}u;lh0QDPa5tG7^l2
z$D22AQcsJCE6q)XEnYMtifoDu1cC^x{BCGlKav7`GfQywxPF7WcVPYndF&E)-0J+@
z>CWfR`??T9Y}jBaUdjy*B~Nbz%8oJ(%N2S!<x@@Pt01c1_(}<;PBFfyPoF*&tV4AC
z1#kjCQ-9p6rgg!3Fxk6e3Jj!PV_JNYlCp{RGs>%Xdt+pnOcHKv+IiFP;ls^zTQ^k4
z#@z`GB$C^!$D!j+1R$|0)3s}u-y*DMqKF3NfcqDb<7EB^LRxGQV*aiXg5CPv@zJ8?
zW^c@378g2Z?%l1unXPl)&CTW9xlJ|Gw<a7Y$DnnA@rr`gz_d&bLvlF}e5rz9H;T-g
zX4^QGMV*-bH6a-yqid9M$o1uHrB2xU-|k!~)AJjpIgeF>Vw4W$WM<h&?s~U#s_0N*
zdrm&K__$-Hp0UoA#BKLVryWK!Dc%?VV=#Df6lK!6bH7rjBr4g}FQko=fb>605~2(x
zy)mz==4+vBSguonxu`=7?8XjcW@MU)5e*tiOP^t2=J|@pO}DFkYk~8rTKB^{?}q`I
z5liGOijZuM@v0^w8DtqsZ7ld-0bau;&6dm+I+b=Ub#|0_Rt1YKV+z3I_DsJrQt_Z+
zGcadFUFoQ2F$LzBo>JhZDy-CE8>>>q=uPmKE45C<j>2a=2KNa@?Jsw#UiE7Q?>{6a
zm2!2e*OCPb7TnG&UyW4VKlUZXi5ShYYZrd=KiCmfQ>6_rvljIgR|TJz9XvRViJOn1
zy{(wRWQDEE`g3S<KoA_Y(pOu(N|zKYJu5(;ba-@kIGkr5a|$-U3hiRxp_e!@m#kSM
zL*+*VBQ3Po_^&m|JZf>Y5QB$qPd3YqAAbsZan|=YZ6!>}czU?UtjBCtnJMOj=nthd
z$ml=hYoJrel^@c9i@ive4aw@w4^gS>8_GhcOOs8)p3{vc22&+1)3Dlo-OtZ(@2>UJ
zMko_9nIMtDU;_!M$GWjHc@5i^Xj5}hvk?0HnqSCt;VwHCikIdbi$kUi%lWAsX`M?U
zmqrw#uoV4vn@$&)&&=<Yrl?N5@3zg;HZ~W#8Mcod{Zzf?uelAG>wPUAJ7;{FG^+z^
z9r+G~H)j0!>#ZgK(Zo#?QU=dD;0|3|kuo-<|D)?nf_Ym#_5Lx%tUU+p>Fu4kG2s_#
zmNobGjN#+O@Xc9uW8`W*$7gC99RFCFa;&~N=0)88eLm9WWVmq#u`fRsMxXpxR<9P3
zW|E&7yL#=~i#aV+o$HJ|pgKZYBDtB73oq#J5)VsY+4!dN9a~}GVW;WUI|9A2J8yer
zfy&oqImYTm_B#<Xbw|10j8zT^r~~x1{eDUFtJxnj8h1wxv(mBXP}uw9Sl#v=U5&>&
z4ApCnzmucg`-7R%<jEJXUw{SvWVqMPX#F6=c%gZ2nC!Xr<?Uevq_@~KXY!Tp6}u*n
zA2)6U#?!#8&JUmmMLqK&Io_(j9vwA!@vdHdm*CY*SFAvxX~X*TQd+UU!=3Nf?u_l;
zdHcpu%lCH(kec`Y;(nk6JOAT#Hv>84iiAQB=6j@n{I)m7i%jjtY#Ly_7Sw2eWpG@W
zM|@+klJFv;g$RfOKVnsS)6c2wE1jmwoBr(B{4FxR(k;I6C|;c1=`-u}BU&IqaRQG`
zNlg`#8A!Lmy9)28NJZ%@G9u$C>^@(=g%_k&@u02hec78ubLXRTW8|s0c-z~@=c}vy
zjR5T$NP}u?w+A^@>{G)}UL6*@$E&c|nQE(ypM^*h#f8Tu+3R>scV*#|D-P$Ce{lY7
z$VNH@8o#zQD+vM$3;@-$lY2I-E|Tus7n945rEAxo$lZ1WM`hAI;!x<eT$Nc3CBuOo
zfe)5yN=kM*9POs`d&xD&%x)AF2U?oy)EY{z%~xJMnA(gru`{MXbfY;udT7^}Y}d12
zzxik<0&U{(M_c=Yo-`2<2k*<@_`X0QET8z&-+65DzQQhWE4QP`3&N?2;QDLNo*G-X
zj?oDJaqHHg2aMNEzya_nFH*_w`y<)a;ii4#zb7hn?9}Pzw<fK@JvuT>O7KstZvv@L
zRh7kSyOx8HXPw{d{&l8)Nhf+1d~*gRl&+kzt9b#5A?-E3(4z1x)3|L~FA|yl_B|`a
zR@ZpwD$gdv#sP{o<7oYf&`Z`?v}iNeq<c&B6bjD=bpzmG4U@Vg;Y*zM(anWW@DNn~
z`>VTSNbJ|i=9C{9*M92}GVl#jvY6RP=V0j_v*47^6>g|c{RQ#N3y2^0c9Ui6-NiST
z#Shr+E^CAC1kT6TG?z>j{`EK8_S(kC0M-mSs;_v|qf^I@m+3uY*4|&=?SEX<RHup%
z_d$&!W+f`c%-D4k%=6>YRJ-un>?77-j$Y9o3L!JcwtaMQ<&w0N$B#E4W=P181Bchl
zYW{9Ci`lSn0+c&$i$mK4#C^GyZ)e=y@uY6#*U}UzgX06o`WTn*nLcLRxS(%Mj~93E
zIM(Hse(Ad*UKFV}bbJho_hv1=8eeuRW_83ikDNQDqoRNO__1onuI3ka+-`(#f8l$4
z)eh%TPXR%WkJI{Lb;&X{#z`R-jjG9lkk2S?pZvDct{R%ZDYSz9?8OcdG|><+Gi)rZ
zSflX|e{*vK;}3PnPa)6TE`BQy%ulS1c~Ljqa;U&XppvrW%_^d#!aRc-J_~t%C@d`X
zFgnyibpF@~UgU@g6P!irbiZI6nb)avXO$11J<?1Baof_E-twkWe@&ZU7(FJbJtk;Y
zR#(%<<--=0Ipi5~@P|SUmhS;)K9)6=)W2xOI#BG^wEQ!b(-A`A@#AYf2M^w^mRhrk
z&_I8G6(A%OkH_B?6c)v|kX|rQ-D#YspXxCZ=OSpUTjRc0RMX?@Dq@T<=0)Z$=C?~o
z$l*V}>E0TZ6(?KYvSWbNtw}-BH;;ny8%C!+?9=OD%RJ5ZRq-K|8hUf{M*#L?N7@zE
zRCE(hq?fbJ0>MUzU#<K+zXgz~>b+)MKM2hMb9}vbP4`+*JRV<;{nFAH*pRBKDkzVo
zMnGZkq^O&Sm#TE{Jx)I|WX7-@kx_rLTfe%cUT@#)W`}Y8y3o^XWp$e`0s7jE!;vF>
z3^*w#XX)Mw%3J^7=PR1N|E>9CGlgf1-&sT}d+td4OZ(^bJx&(`clh9x_qK<pc`czz
zWeh>&`yUfw<IgM!6L+9huq84N9V(%GFKweep)%0Cs5bt74Vv$>uZ+89Q2+sog?Cc+
zdSCCqj7Edk0h|&{Wja7&b|P5af3{}nA%X+a7+eMQX~1m$nr-{@E9c)56brxlbUl$d
z9AXAQ&4*?7=Vm&0ygqApOaWz!>JhD(MPI*$Y<$=H+W=mE`QFMHBqR{$v6p?f%GIU@
zdrw;2dT(0e$85c*)wDZs^x}-O%f#PUyZpr@=Z24ZIu~!)FBLy};ryh<zP9&VU2e2O
zeE!Z&zgC$1uP4{5SGyx}wHi=_%!w$s%&nuV=aH|rOXg#)LA<^9^XbwRo!q9vw=Mqq
zYi12<o15Qy)-aylpucgUxKz`(H)grpVxbZ00)+%L$M57)nup(z9Ug90$y(hE_~71&
zh<iranXnO(!CWsPD}lx<SFTjXvw+arUf=3j26L*W?RxhM%biqF`Jio&ipcn;Q&b3o
zaYrz~Y$Eu=%{V$6bL^U=Ay41XYcB{hx@n)sTJI+Gtd6r$g|Y<Ezo3jl&UvTn1C=MT
z1UK6D!OXh+M|6Lm`naf@?5s=puZqI<5_N?zCd^tII1dD=#qC2sS91|1BSf@uY?E*?
zwj!Ymtpo>WT(S6v7eLA{<B586Wsko#B;ZA0=x1yluwJ*@B=`(Fll%y$)D!6A37%>A
zi(RlCPGnHD1Py-ywn@x*tTL0Q?z7=4NI<p^#q}ZS%Fx;-Cd=W$nS@@&ROe8p2eaX)
zLB=^5jW>vOr=Xk&1uKDkuv>Ewd+Hprl?M|~0oL5A%f8pv4zLH=rA_13-gP8wR5Ldl
z?ImT0ZS_E}&EnNA(^y@0;(NU?GMPNP^n{pi{oeVv-?M{csLqVI8-WzL2ME?D(0u7J
zU+<?<R7^YAFbSI(T8RfQ^hf^v<q+(Et;<0{PLx=pKFBg{SFt9$d~X>2w)jj44p@)G
zzzgbCC~0MzJOAQVLT0TA|BHI@>4z@YE?}`)l6`A^7Y+Do=pJF>wI?}%mvs0NAPcik
zofvt12gzyM<bgPdzgaucYjIju{h1iNQ5{pUt4EhE)vrGA3R#xtkvul3cvMtZ8$k~)
zx-`|9M$Xs%*OZ`{D70Sq>Bvg(pop2?NI*H-{dzeE@`w|7Wm`!%1LkU${-&{-U~vK@
z?LsO37d8n9e*sqDyzu!Q!J0uo{?ipYGZR~Y&Cch}%|XaJRdqiiWY8ZMU0fc~B~SP-
zf@BA?9=?0`u4yXcbI(!$o~7wEaT8rg(w=GU^-I>6Vp;(Kj0Ol0uU*cb-4G;Qh>`D9
zj!Bpda*ln0c`_0pGh>Yo0#;A}e_@oIJtp&t>~%Y^h$Wbw*%+A@O3$hC>b?$-4xtxx
zZe;WAobH9VVU-njF1cuefi!d6!`C8sB;A3K_1e%Y`U6}13C<YMV{l#VO|$L0RK*j8
zBTWZ@16oF_sa?X7E;FTnhyzs@L^!gDrKzEuMRn#AUlksO@Y()%ekXPHD%Xn<7=9yr
z4H9J(Y?;g<#}FoegyMSSe1ajDmW<{<h=kNAk4RX*;UAC)g=);0<FE>4F15XPbVkz<
z(*ZElYwPH2LBv=4@i|Pw?c9cXgTDF=g2Fs9Pk#TWe5QtU1lgY2t=~5=YXQ!An3J(*
zYpSb<Gss+WGVz_|C9rQu71m9IvV{v4?2(&S8p;YeCz$IhS_!ym+k(?Gj8o398<kO&
z__bJsukvr}N+${t^20N)g}mA|j8PI+Fz(=kVN0!HNZGCs<0{pW7QLfYzh@;bAm2T|
zyLE+R@7LF9pa-XumVOzZEZ-iyc`+j1Dry7c=PAd2YE1_(oH~A7jLu<#+EHp1l-+qy
z59k2Ytt!}UjeHQe@&A_cC>Uky;_m*~uKA;#3e^eu5@r?(0QrpGxM_sl4KyE&(~mj}
z*-`=VCM9h%n7;0HM%~2_e%5m*+Sk7_e_mNahBT;NVq|0lrM7{f4mtJ<lo5}UIoKzk
zoAsBL7JZMCJ-bnfQ!Z~hzk|q5C?edQfr)dtb4R7Q#!vl|=84DM>R>+#RjNysY?UH6
zJ+lWR&|sX7;$k|^3{#40Uc-XB?JH3DU8ydrC{*59L<`V^Frd71*r9bGZGx^?^*FXx
zdK@TUJIbQ>%~VDMJp$;gD!#YH+geOckslh=1%Z|PB&@*<U~=b?VJOo<k40eTCS~#r
zUJYEC@ondoEq<6eC5@E1kO({>({Xupr{kK`!a5WZ_iX?b-Cgs7iwt04Wz}|zNrE7H
zDnc(feu-c2z^oL?aLC~sw{M?C%5EdD5TRZ8JcXZ=2`-yxaX(P={5PS9LmJ>mTEJ37
zw0>B=xBBt$Gx`^dCsBxz!GJA`H8doGpr!4-?w&H;MsIZN8hTS1Kw0hn{BlCk?x}2R
zMh!fHa}y8;4^rdX9(I2n@6*fYmdR@y<LH#=3aS(*S@qZbCwq8%n|HlNfctN9|8`F=
zuQYfiDMkm$qkv#ysJ*j!t!i3Y$jXA|LERmkCq08oCR%}kovwTn9tQli3=ngoT%p``
zs;lA@-RP7{QmWyJ|3^{`fh?h$dL659kh<+9qH?zBe#7J0aOuK7M{;Au?uJJf2@dhK
z6F#e=N<qqsM+J9`R76D8zwnP2uJD`Z`T>2iKW@0aq}>tLz338Q>gEO5l??j$@R^F!
z3nn;}p@n}NkWCm%!dQ4}8lxAEW|{Y>c>bI0bB1u!clPp*ahIP$Ui7Ow-5uIOg=LwJ
zB!<B=Enl{5_WzCWRu)i6EVXV@A2ljTOJRkzxuMnDqp2w)M~!+RP*^#(z>SUZm^qTJ
z4OIZRRR$V11-zOLLuI76RTm!qVPMGp(r_$^=1FA;k_I-PMuyaaAucbu>-c?-YIU}h
z!0ZP5%T<wBgfz!Y&58jxmp>`ryPL6H7%NUa*}MrpG$}&8`TKBo#ul2Is4f|e@53Pi
z%?cC8=1iI*>%YqmWnG-;!pQwo>_>t5sR~Yc?xzIc0w*y164fT|Tlv^68jH8T-5WEF
zWr33=p{TNg5u;(75<3ea5qEAbE_N<M@W4|V^Fi+$CwrQy7RKJtG($#6iU5l8^aeRR
z+Nkfq?oZy5ZnXWI-N@tlnzpBBzXhoWG!6`~uV`=6RGULQhk!7TZ`w-~*rBgQBeyrM
z?}@m%MW)RS^UK+JgfgO9q%6#$>^uFUZ%pOHGI<=_zHIsOIb3A_8GE;#N~WZI$LThH
zK|x)q(;4{Et1IT(I}ApE0))juUU9y7F@W;d*L$IkPW-qlS&3)jZho$8TUeb<O=7j?
z#d#bQRM|Z=fI*L+KCM~fAT-X0x<qn8uuHZ)yEF`Yi2Ia6#!y9=7pyIwbs%fvh!KCT
zHYjK&+=y}qqeFXI!Oo%&T%ylspwuu8Qq`@g!`3a{E}YG8612puSP}M%>geM7K%Y?g
zjRTX-W6CFEAz+!zzp>lUbiv&Svfkb=`CIe<R2(y=@}k1-%KDg#O@`WXQ=EO)Ew%b&
z*6zrZhj_8|%WdrJT2gJcGXUQ#_WnO0aYJcD%bAw%J?s@6?ycMx1kU26>l+Ua)-#KX
z52X3d%@duhRWjieiA}NhUs#v9?!Kt>MOVc$&F$2Y=$DDrACzAIn+xHxQ2)PNo4mU|
zFwf99;^V@J(+n?;fDyj+D&XdLh2DpCZ}sThxvIg=vQzRcKMXcNo0rsVr)1_SExD_g
zwbJ8nz7Wvb?E&);0tyPR1GHOQr9LDc&lh{3NMA2J?s57A`IV@<a&l8Lv!1RC8RTIx
zQu^)vh=20~xGN}~Hk~*n{zen1h%p29dF7Ma9A{^z{`%+2y88!$18<HmwRoVi?WMAy
zEcgTHb3qmo$ArZuW37xDSx0a6YOS3+Z$D3sV!kt^W#G&&*PrCvGM1Yn@GF-QzLO0Z
z5)PLN%jRS{ac;JWx$WW~_)v%ACxCr<jvE_(%^Gg%6WJlS%x3E|`*jZm2hVDL$w(AR
zfz!S0XExPj<P+er(k!@}egEM8<~q9;H>kSauvTz+f<p_OX|DU<zFjrym33Lpa;A{%
z{_s?E-2tME44M*W?h_%qy!qeB8iVQ%W)@rli>=^SpTme|&nYn!a@Jq^{&dw<)u^+n
z58M{^j+&kI_xIG-PY}TO;_O@DK>fAp!+(8VXIScwof>W~1rAJ*K-BFdQlgPHgrj*w
zb4`6e_<$XQ!j=SsmYb@m{d>#G>X5;9ZoK8yDwW?@@|jUR=7YM)^aW&Y@jg(cP5Kbc
zFr!>LQ8M7P`VD5L?9XQ8;-u$imqjbWwI?y-%Qkmn6cGEvp6T_Nf^cH2G<rN<d+z*s
zHBIqZzYDVzfE})7z1veOx#d$_-Q0F#*B(CnIw&mjVCjA5GC8Vo+E6+0#5!Y0<5;;V
z7ZNu;G!3_zIZhu?+J_<XT+@{<a|Oh4p1z2W7GU+KUhJr4N!_%>Z$-CZ%hRb0P>Na!
z4d;eM+8LUqKI>*~y$C(Q%CKk$oRl9oZY3Do=G{LrHYnSB`GsZC<}eFv>wAY4mg|&+
z_T~qm4@Ae1-_@&sAag>SW)1~t|MW7UpQC$bu|eh3+b&QTo-=RPE(+)go!ieVb;g1K
zl;OinyK=?tjx6_yF8H!;vTBIq_YeR7X9t!SG8XJO5KL7V9vrpC=Vx}v(78D2IBP$H
zY#dSy(0PvlF^UP4TT1$=k_TvT6%sjSL9AMT2=orBdXuo*Thu?uY092yT?b5Z>@dX2
zUT6U@(YI-TVZTi!7SnhlCq}dinse&THxfE^ufiB`2+IjdpA}1&KA@Fn8lwW2__+}J
zg&r8v!0f|2rdbO2>pu*Xe2M-z<X8_`bG0p|j9kP^h|Jec4B}ivudzVg62KuNTQ5=I
z|2kyIv$j3dF1x@+wZ7tjca>J(NuD0G0YFs%K<`k{@WmY-&_ThVKjfiq5Y|X&zl(w!
zR4-&{VdJLr<K3w#uis#NN-_zXK<Gj#Pp85agUogXkykQ6;*_WzA7Hmq3QQ-j(ic2_
z#f?Q6KgG<Qs%JC4GP&~c+BhEqw&=|ra<FC@=CS&;9k$p0agBDJ|5s<jgOb^uyLR0S
z6war?Um|oqq<+E66C5c@#raJFVG|FR>FKq9fMpv<*lq)uM9AhiZi*_ctSCgHIf_6^
zxJ`A`Dt}>eVj|wVuw0yRO4P>y&Oe~V$j}U<k@!cLSLukhuWk30P3yUX%`{X?K!7e_
zV^F#j9pS!ULwIfw?}OVLABh$VN}B|PGH%f)8FOF}S0cv3tH*bdtt0J)Z0CrnRK{?6
zFrJr?L*NuPR_4cAb9lz7=?&*RJr_de9BinO8VaQfb`7P&{U5xCRrr50S18t${F}Gp
zfl1g~i)hh8Oid!k6kC@kM^HcL!V=ts%acE;xc)X!w5ONyG@VDxsdxhOA`Zj?s?5(7
zf-$8S{IgPgqY7QeZ}4A?oI2H==B+R~a43(L85O+u`F{iGU-=v8pBm`3Jd(qwe89uD
z)t-e`O}35Ab@3l5a5l3kOh@#J9#*<%xd&cN*iFcY9_%LmgWyTM^cE&aOj1hP%RySW
zRSV_wFn<ulM!7s$osGCz)B*&34}CBtn=#5b2RmtqhLLD}Sb}G(g;FU&Kc}<i8Y_+V
zv$lUh-@%=CTN-#zyO#CSv2*85AW=3agTbC*g|?<eT}pn;n2pd<%qu$s$jmp7T=wl<
z^?DiizWw?Qcxa*vD*+N9s)uO2NKZe*tPlzDJ!copYitVb75jsg#*BG>ywA;KkbEi&
z&FX{47AHHFZ`_AusIwC)V_Te>fQ+E=dEJJ|P03nZJ}kE8T^y_lY-X?Cy&o}WR$vQU
zA;SMd4BG^iJbt{YO`U{osJ&>>q-I%Z>3zAjN<$QWpX?de#-5cQM)6_fk@2bK-h+^?
zT@_N>w`*tJ)bj3i@Ws+mStn1Q9)*-3M1#%rr0|4cFrW(oHKEvz=^lEB&w4eXiLn}Q
zaV)k~teFmV8<{jH0W^aa+S?Wr@I)AaHwkB7r@U8ooxOj~oHp!3VN;?M&kixvL1uI^
zcmy2b5Qp2j+psr_CXZ_e-~~c+w>4ItvGe7iHaz2%e(FuyqnG=7|6NE%-AcA%N5wUJ
zKS@s&92frV#iE|!WRbx98#jEntn&0->^o~M;+qg9UCV^t0(8G-Uok%{cN@%q_Sn?l
z(cVCSSbPWA|GRe-tO7j<8D=~0;f)XpV?7@sYKSwgNSfF{h)6+t#!7u<WY!oJ_?qBV
zG9iSBfd&|3kbr1cBY3R93B<NM)TMd`o|ylKI6X3Frx#42H{e~+9KDbav7ggEH*wZL
z5SKCTc}o0KEHNmXMA_zw4qjTlqMy1xTNq+~dcTd0P52|tgK3F&MW?1PTKMv+2Mq~b
zlo*qmK#~ab+WmFsRG<jZzXPNTSRDS*ZOLcd+iQc>>fgJ>)_?Gftx6fI`)p0fm`}M`
zqqYV%9yp#k+VxtRVz<s^yOpgn+9pu;RmBuGorZ!XY--@aV~4#%A07#*0IQ7K4-YP)
z3ksBQ@j<k4tjQhgY7=1DncQs%=NTN|VbuSlD^(5$1pethRve+XzjlbhakKT2>$2$K
zE3R$9n>+kwSN)Q-gKv*YD~@$@ch^FMjg45xX-JhVM8AP&{_y9NhQtut+CbAXd~Mnb
z7gnz+<k*J_4tBH|50dq)oK9$TGq8DL)`VTczxQ}K-S%5osVK$WoAyPuQdK%0L6;_n
zM;$w&N11_`@G9Nf^{k0A-9+K+!Bk@~Ejh(2Gw}VM>DDDz9E4W~#`_w8*r3eJv*xp@
z%iZJh^07NJir+aO?A&q3ZTdOHp2R-)cIQqE1fm0Rh+X5ZHwkLNIfiy#KxQ5i5iDt*
z)qgO1tm?Zb{C`5%(eyONm)2R1FB?TAr$g_lL8oB2_f1cA<M$ZYK%~WexW0oK5%T*g
zCt53c7Y+IK*X2fo6}?Zk`ZwH^rcLu;waaLS&f@&bdwV`@`o+WTS#%*dbmy?ZDs(>4
z9|zfcGI3Ma_2&cKSTQ7N#Z)bWyuWwa{SHUn?(1n-xp16>7tF}2Xhp&Y#lx!TXQtr|
zP9G+!sF><!Q+bJz70iWbF^-!{daYga?Zs0=d=8bRt^v2q<>Z#Dubkp=JEHo<l@HUt
zWbqQz$&(n<Lpd}Q9xxe{Y*p;K%E{vXhx{3>es<FXgU;xCfc}h1N)l(kP1H_T*rBL@
zu_kD`^ysaD<(bmX4gLFM?`t@zNcns?>)X3ni_<?~kzj_plRfXf+Yn@-*o+hLCHaJD
z@4qP4w6R68Jy4k_O+$>MySw{<vQ;vdGbayqeO1O0Z;%2)(M`H@(#0DXb7{#(W9@X)
z&XdNv+|_-(nPuzC@a%4iKh2`0_k5-&7hu8V=$1FC(z1$936*tqAA8t+Kb&)^q?9k{
z=$V!TyN0WP_(yfW=jttId}HTuLWGZlsl!Npfsz8|e*~O}HOav=E**wR01zQvfosL<
z*&DO|)Ofk}>Z*rOGs7d{rb7%aaj=ViWqvT15O**7yF`$&bhpzO7N_@PqQ@c*LUs1=
zc)~n)$pbuT*0>HW6GHwXohYvBCnNL8bwfAPB{qA*wO?s!I>ncxx?D3kYgUdcsagBD
zwWemFU39Z>90^t)UNW<P!-11pGn<;t9{W>s&s<6DqdQ-VkyJusto^B%W=^Dn9YwcC
z@{s*bXwj<F=WXUVo270FwYvVKpL4^*PkS~Acd=!D;u&|Ewi*`ConL&9nE}iNNq=lI
zS}yWFdyY!0toH0Su*uE5%!6Q;e@eG6%A``|EXwYz9tZtJef$r7^FEr{Uq@R7W39nA
zFqF3b`l+w_PIm=q`PxSRQ>DB)a^&LPH|@-8eYcLnNBewhKk-#wKs+*`D~hIfRMvl0
zG%<AF8tCwd@!`&2E}!@>R%>wv^G$#Mp+9Zisyvsa1_nz|l7^gdKtvL^|2W<LT*_n1
zW%~My7A<o6W45!+h@nFz82<P$#2#U~&)i}j`QyUkw6Svc>wo+(bB}6$YFv`Is<KHA
zLTP>9Szc(d7HF};tj=ayxZvWb<t_Q8+8L8J<2V0Xi*1hn=av7wOCR%M->v@;noGx^
z#r~H^)B5#%8^17lN57_Ggr_GdZ_V?J1&RZJm2A4dwQQx*A<xfB8y;A8YS}5ua#2S%
z|A=q##7HWk$1_oAcJYm=@xSK{jQaVbIu{7QpRRjaR-kwYFvM0!V$rmEjPWx}npCr;
zz+b4WvMt{`U`4nYDLc;L(X#TxGwhg$4C9bUmjY5=QWe$-5x+!cA>@UZcYCS#e!gAH
zyr0BD*=f&Nn`@3r8;BhsxMebaMP6aEo==3$1`;>^m4FmW2>ZTc_1LWb+jl&O5Km#b
zU6#kRBV;c%Y-+eR2Sny|6EIPDX%boV{Tc1xbMTwTuGv2X4#I|pk!T@p2*MGbUX1He
z^t~m8q6nlDWSm-X*m@o9B0a#lWry95bz%p1QHp&)(G)vm&NP#!{l%~%Ml&a{uW==E
zStod)&JaP&?Mfmr)I13g2M7IrX`vw$P%h5Hh`48Y^cbeE0M-j+D#Io5^joxlEYQ{#
zCvfUsJCV7<(xm%F@ICd~6^K*!H0gJlR9=DwN2p+6=td-LLHje)0BiOf?1;Fi8O*nB
zvS)g+XjXxj5q4ZY*~QK6H)<!yaAdGuC4UWL#AKHTq(w1rmS=wr?uOVOW?81kF=QR>
z@up+v`d_->nsa;XkMl-tDpGZN?nW79npeiUdK`Ykx+Z)g<(43(q0%sJa9+nn@~4<Y
z6(4VRs+dC$j`P_l9+cl^!zf%3*w{f!&S}lum9f90+xT@!EF^0pIkhV~>+{vpva&mz
zGPeKI>MhJO>_ySEjNcyfPU5D@=vbAZL5)}L{fBNgRMG$GhJ>Y#S>^Skw#*^T<k4o8
zT@5u`VPVdwRdtl0=5PYiT%RCQd>NUhF&KWg@Ar!A>s%&Ad{7-4MyQP(c@&>i;GtiH
zUmz6JE(9jAB9M0gYqNvf#L^b+J%i4egv3kruhu`~T?l5wYml?e`x|vV3BKNV+*U@L
z)8|7UQfjr8Q@upe*GpS-_R5lSL{{<&%&3^L#mi?<#z}Ce7!K`|${7UWa5Q|U^bUWC
zZ?Q#@Po~0r1|@cy21FRS_q=xEXoz|cG7r}95F2z#nGlY*1R>Wb^oG>Z(Nh&3Uq{Ew
z{CZWsHqtzJdq_3AXL$$3q{hamqSG@3cor2hrymGH9X|BmNfoM?Fi!RYf-y028pJ1u
z65Ic~HYY)>8a;ES7o&<LBJm((TT{@+mO8t-Ci2iwtokqjY6BV{K5+ffTIMoz@w|=x
z=pATLFfm>25!Q}AJ+nvtryjDThJVKatvzIgv?z&!K*)O}RY6liRs04Y;Pm#YtMqfE
z-i{Rn`cvwcT^EgVseEM`zMM(8=-L<D&Yv$CxT;%N?o*>PGx4q8NZ-z&$ER?SeyvZ*
zqMEw+KlJ-bZD8%FRsPu<bH6m5#Azni2pxjfqRoq)Pl<@tT`Fql;X5i;9sk9jxDBpb
zP`7TyOpK9<|E*j1d6`vsu$u-Nq39(SLmTK*6L^-RP;lKJd-PT)Et9ssIKoo|LGnU{
zbem+YwQwOA=^`^p#E?4%;4NadSMVA2|IQUHam=?6{c`rHe<U;v>N;nzt@1&{Zhm1}
zX<I=NKXB$zIshM^?LTD55+EK)u_AiVWrC5=D}{NO{Q=#8KX)Tm587?pNBva|LQW<p
z*mvn2K|~dH$I>uw?5=WHJFyx_q`jN=e(Jd*I)C^XwK*_Cf%@Vnkb`hHWJFBau&!71
zG^&103Vv%w_z5-*z+@zpEE^apLDs06^<&nE@7=rSiTxtV(m9SIG#c$mIl}PH=HsF9
z^n8RJsIO9RXkP!xHZagHxo9JnNgCUn`4KS=iAm07ma(t07b>zX-edasn@Yl1<Wvl$
z5@I25QC#>fCBOYYRjVuQ``(n3XKrD5PN9G66Z<lZ;mtFdjb_5M4MMAMWE;Jl^S}1J
zP168ttU+a`b3^6yF8t+ppp!%^rO_I&!~bl-lV4%1xqY$=Hz=qJw1ZAvx`>$@vsyNs
ztSfLAwsZBCYIV_?fB~ME&RC1}a2_urrtIV~enXO0im4Pm<Px9V*^F)aT<f`_UTvMr
z6HN+f%%L}*7iB=16t(|AaV@%Qt<Xvjb(vdDuYx$}vd7Gtzl<#d%Wcg9{6eg2TxY*^
z&0aWEN$CvS+2_4808?O%0c9yEDT-x>g75xAl~RKsshlSLyr|Ou%JtVBj_SsNG<vUW
z)>xT{dy&4r5M$SwLm=p}b$`F3!uruw?7%EE6IdC8RI<f}eCxnI@L#NogV|$;4==i7
zj8~46tJBTa6rZ`a@++D9J^#y$uoUYhf*`ObcThdn3(4ob`-49O8D0u~B|2uGl17q@
zoViwVA6BE>)rL6t39hb|G3T1}R;6G3@Z4}~TxkpePMmSXXhj|BQXKf40F-GKus~Pz
zw-SI_F^oY1Lks$sjqi7I)lN=;c)#1QB_wV}j}!Nri>5ZeDv-=RVw_{Vbl3NdL#C>B
zTJGzg>ptDc<HMS*rq;)NH<p}#S+er<H9O5KcB?O%Ty%Y9WpeFw)_H5UHLt8r-<UJ>
zqp9ib+l5U{Z=*8Wr#N@Gou2G8v7(^hYh9er%p_@_z<Xv=rzZ6IwWE~e!FpY{X=Ra{
z!gBiz7!bf1ya5IAH$Dd6dRF@3c}|3)U9m;<9;TTG>qjp~!&?etVyxoPXW+m<CW4qk
z+EQp+O!q>{qcE<vj?MVA5<NUfFL1<G3ZHvS@2>ks_d_X0F8Wnfy3XZ@khH~Sn80%&
zls)El{N8KgVu|EILF-k}cX^%2zWwFxhk3p6;=Lby)yA(h$b3kXS3qFsYU)2B+c7Ia
zk1=s85pz`OZ{HEMWZ}XUoB$)nXyCB;#34X8Gf$3N?_<(?@ZeyMl}U4-FqcOE1zK7a
zuV>Lnwf%MM8emAam=QtY>6twVLVkO}JzZ$+O7q-ymv>!r=qa(^e>q}zwwc9!Hn}{f
z+nYzO17?A*!`B+$iLlJx+<H}4_7hhE<8)T9cBgJzUc8-rUe`RRXV1$uH8q~zevpZ4
zZ*Mr19y-u$oYo7D*N#))2d(g8Zy(8kDJ~8kiBWBZLHG4MiI1Iq-4w~JmfAsc=SxX=
zCOW-%KN5+(M#ubF{Z1yvNdGEnAq@{ZnK);zM4~bDh&q$hR?MD#NSN)rKG1<zEB^R#
zES7>KiRAL34X(@bdvV3g8%TNf?3?+{u9tU(tsZx0ZSbstE^Q@}Hp3c01;4aR_=PVi
zop8*l4gZuJ>dF5_CS2WWZ)f`S<c-!#Fm;@lA!*5YDZN-&R(mK-<lED53qAg{=g#i~
z-i#jb<LcI5=7^uJSP`Vs`SNSr)S1kNH16O2)N_06Kt~-MQsH*`OC&uzN?ra&s$^Nc
z-#N7p9M<7ULvbguh8PMW`a`<4k!ZAia8*T8>I(6)5Py&IOG&$5egV?VaZ@t9F#)Gz
z&o&z6T!}~80aewN!c;N$pp^JsaS5d}K8SzGoWns8G*kQ;(c9kV_s@At_-2X3)c^MF
zrF<Q8oL#Z|ZSDD>2Tu*IHl?WYu}PTfy^qOfm+{C4h?NV|*XgjmY^SbW&p&$m7gJsb
z6ju*#{p_<F`?KyR{qklDn%aPJ<y~!tiLd@X=I1|Kze*zEk=Ua^-o;Sx^((s}1ByBj
zO=s-*@rwabwRe{AGyFt+XLHKxkUa-TDi@)AyFT*Iux8ZV6`bz-?OKSWHGpnYXjL1E
zkm8+Fzm!y`q@`uSh6K#~_I0|ruM-D5N=>qY+o%5WLTwg1@aEmSE2(qzm=Cada!&aU
zLk8Fd_DSN8n4;huQx%Kqe-qp^a`foJs+aL)tOK55#Xy#97P_(}&X3yiyjACLm=5Cz
zcgwG@*Pmlk`Z7-N6WRxC#d5Y_?bC_rkGD-W<MOC%E)n8_pmxS^q!Xc-*{J8Bi?2u<
zSj~nDd;vqax&JX5{jO7menM#>BG8>yn@uw_1>ev#kBQ0qpDK3^UK2K-s{A=!ubU(D
zR3VbZMc%!I&^8AP#n}<m01JrXraZFiM(oL1mJ7H5mrOW+uc^D{02%dwBH{;UetT(j
z&X*pg-?@E-F=L!li_eX~7JralrYXU_e=bRbJ9*{EO&N%DaffzNr-}taWanZrxzCh2
zc7>c40JB4>0I}iD87bqn*FrbqyPO1U3rDhgp-TJv2xe+P#(tuN*4wb*G6Orr(6=!&
zW~_Vu{CUcgC(i+YlL$dR$<54sXrTSd_1w9u5SplVOJEr98?SHMzUyBU{kK53pU^1v
zG&JnhhUi>3ni9t0r*Uww7nL{uA=qqo*jNNiMYo0Yj$WZB>I%rTl)=JT0P)L=muR_R
z*+ycYbaL7e$pA4*#%tEWwWtyIEQ(J6^4^sXZp5_&s+%Sb@I(3~KrThP+{26iT7)rF
z75i5$edVwWuFqsi50q#;xi!IhM~@uwr#|T1y?ZujR9^d4-2O=R6Njfu`y@|h*6O($
z##*E*cjdJO!Y)Pzjh!@UWxtd2fYJmYQygBd$>u_SWs%&;-B$WKE(YyH(ID0zEW+b<
z7-FL}%0*jvlpstkf#{yuog|V0N;a(X&Q!l^IadL#GK5+sy1<;jp!=fs?bUPClCoPd
zWS$$r=?*akUk)D7jr$`@_-1LKyCGHqQWDl(9~`xP1`YbWJ03;I5MS7<s9o3CteK1+
zzV7Rr>3{29!xsOzulLIgYw5T&WpoIYy;$6^HiNMQ(zecZlhbswt!I?71=;OUM%d5J
zpFMk-mMw*G;}%h&*0h)LOdF*=fMYgUDzRs9BE9x0yH~M@O?ekq^B}5;g1r1+sDy#B
zhMP8BrRCNVe;V^NmkMG57sC_NvVcI(nLd1RHyIU8;0#BUcybW;SjrIVkTtqqq^-Bz
z^cG^+c#a&x<&W?wqTgINpK7sJhP=+&>xUgqpZfb_k1p(s47|ih7f(FfNje^p?A#CX
zH^b1yj(!1Rj!VXb*_RZL*W`(5xB};e3nu{2aLTxBU25m7TkB_#qi18WEd?N6{{c_2
z0D=0%sZ+WvdWcHn$)171sU~5c_@e0+?;X*}Gg+JpXR@+cmmzGkv17()^MVC=ZS3{H
zPAH*_{mLBOlS1@@_ZAU}9+YR@TrpZKwV<G<Tg*C!<p$*#>|YE%jD|<PO1DY?wk8;#
zm)oPi^wv?k!fMeV_At>tplTMStuDDym>zhinAmq`WvlLdqk&O<HDgJ{S_fwYs_6~H
z_s?0JnMB+0gFp6apL??T1wtG{RaY5%MNK3ugd;|KaSj6O7bb&a&>zLdg#(B(!_sF3
zVhRrQ_t)y~FqePJfu+_pU`wW6r+(bA!$@2ExVTng93FG6;q#sRYx|AK%Gy)(4M3by
zzSoTT9!y&ELHqS*p9nt>dC&%VD+@0Ztz!$2A#~|<;0fZty#dqB<!*&QKtT*xHp6Mq
zwB?w{makdkF+#*#>Vw$hk~fo;MWRlVT)vMz;VzE5fh*I9n}1<LaP{z5^L77BP?2wZ
zOY=Iq>e!7psk-md%EO9X#KVa!9>AP8QwD$=#-A}$*}R8vQ~D}A5Sb<fiGs1R3W|zL
zz>?=ioRU>HpgG8Y)FStxFvO9sZ5FavM9ITm5Gx!Ll8y}!eT23sxp3MBaZ-)El9CRn
z;RXI~@|o#MPhV3r3gZj-G-;j~%8n-C96feSfn(}m+}UZ<8UBZ*!H?-xnyecZ@e0n>
zOP5um%KqBzi0W1c94^;y+(_B1vK88G`tA=-46gi=yYD<hDx~b1)fX5wHcsr<QBo?;
zXQCD|2+H&PrAzrkk3FC%hp>jNCy<OOhCRSLdG*VB7%Uz&_Jdh16t^R_DIrO_wa<ok
zW1k=hhI4m5yT#y*7qtfYv~l|Lnmc#u<UAsLd!8PjbIzBM;iXU%HYf%owRtx-Zw_^+
z!AqAJ^}5uQvMqzfd=uj#^tZgS@=_?HbG|f&SUVUdCnn;)EaQc>)L)z;432p}UgP0n
zPD4few)S~PhFy~^{f*6-0f_A@D;okwILYxMt0kC@4l}SksZ}pfm;QtSDw{hhm2Cfp
z^re?OSAM-=eKxAh)8}{d%3r%~*%1}m*KyCmlHK%s9I)LNQ}DXl^}>aQnv49u0wcVV
zYV}sFpq7FS4Y;)G9vlt9cp)+I+^vw`&H5+V-T%-H^ffE}N0Q~wD7fWI*4gkDIfj>T
z23)LF9pgEU&@)Xgozj(3ORv=Ue(t4AJCxYY-MZ=O>17WNB+R6I+S8D)s0}>N;HFhU
z)w$ay%N%<f=ARMl{ixi$gG8fz!e)-yi3uX3ihxX0pxmd1W*3G4Tt`H!obIKhps;|a
z{Ob0`!;xEVu`8*%Vz#S>|NeXq`xE}ld1HSb3l%Z-rucFztEdrMfzh*OT5%7Q$@j;W
zOC<g?$ug3t4nW>;q!fV+Xf7$mg}!f?>pkxsi~xmOb<Qilz<@U!n|u47y;WyVG}PQ%
z>@{7N@+r=Eu~?&iIyp=qt-)HMeGV%~05#86Xu69`{}V&w>5=$8?w<0VlBFUhG4OCD
zhZJ6~4~UEzERlpiQn*G5d@L$O{y=Do{D2?(`h4ACpKfQAAPQ7bY5%OaMJ+t@`|^h5
z<qf}E<(uzw&HMFdRk<<{<0|#eMxW63{#UQgfw-HsKS@er-*8HIzEtK|9tayXB|Sal
zc~Z8&`csoI*q5>8!#YSrPFQM0Pw-OG+D>U@9y-7HO^GC`@5#i3L0ca5&|SIm@utw$
zLbq`Z1re!ZCBlZ0#5SSWVvM@FA^GuCRlNsBKL<A%;0WiOE<h&DmFrN^n>fnKq^kIN
z3mQcaf8NvI6@2SAwN}P_Bj`tb`~TN}^ska$Tum!T0)YwSBp{9W$IpBDKmXCv9*wdu
Y9yHwSuuo>1_&M!)OEhoI+3?5z1#-@V4*&oF


From 8b1fb2306efd53370e5f99af1ad5395142c14e2a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Sat, 11 Aug 2018 11:30:44 +0200
Subject: [PATCH 29/30] Better description for Home mode

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 92b63f3..faa18a3 100644
--- a/README.md
+++ b/README.md
@@ -53,8 +53,8 @@ Name | Description | Details
 **Hash algorithm** | How users passwords are stored in the database. See [Hash algorithms](#hash-algorithms). | Mandatory.
 **Email sync** | Sync e-mail address with the Nextcloud.<br/>- *None* - Disables this feature. This is the default option.<br/>- *Synchronise only once* - Copy the e-mail address to the Nextcloud preferences if its not set.<br/>- *Nextcloud always wins* - Always copy the e-mail address to the database. This updates the user table.<br/>- *SQL always wins* - Always copy the e-mail address to the Nextcloud preferences. | Optional.<br/>Default: *None*.<br/>Requires: user *Email* column.
 **Quota sync** | Sync user quota with the Nextcloud.<br/>- *None* - Disables this feature. This is the default option.<br/>- *Synchronise only once* - Copy the user quota to the Nextcloud preferences if its not set.<br/>- *Nextcloud always wins* - Always copy the user quota to the database. This updates the user table.<br/>- *SQL always wins* - Always copy the user quota to the Nextcloud preferences. | Optional.<br/>Default: *None*.<br/>Requires: user *Quota* column.
-**Home mode** | User storage path.<br/>- *Default* - Let the Nextcloud manage this. The default option.<br/>- *Query* - Use location from the user table pointed by the *home* column.<br/>- *Static* - Use static location. The `%u` variable is replaced with the username of the user. | Optional<br/>Default: *Default*.
-**Home Location** | User storage path for the `static` *home mode*. | Mandatory if the *Home mode* is set to `Static`.
+**Home mode** | User storage path.<br/>- *Default* - Let the Nextcloud manage this. The default option.<br/>- *Query* - Use location from the user table pointed by the *home* column.<br/>- *Static* - Use static location pointed by the *Home Location* option. | Optional<br/>Default: *Default*.
+**Home Location** | User storage path for the `Static` *Home mode*. The `%u` variable is replaced with the username of the user. | Mandatory if the *Home mode* is set to `Static`.
 
 #### User table
 

From 4be294e8b711c45565c1666ec324b7c5f4f374e8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Sat, 11 Aug 2018 11:45:52 +0200
Subject: [PATCH 30/30] Release of version 4.0.0

---
 CHANGELOG.md     | 4 ++--
 appinfo/info.xml | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3f67f24..905a81b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,7 +4,7 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
-## [Unreleased]
+## [4.0.0] - 2018-08-11
 ### Added
 - SHA512 Whirlpool hash algorithm
 - WoltLab Community Framework 2.x hash algorithm
@@ -83,7 +83,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Changed
 - Supported version of ownCloud, Nextcloud: ownCloud 10, Nextcloud 12
 
-[Unreleased]: https://github.com/nextcloud/user_sql/compare/v4.0.0-rc2...develop
+[4.0.0]: https://github.com/nextcloud/user_sql/compare/v4.0.0-rc2...v4.0.0
 [4.0.0-rc2]: https://github.com/nextcloud/user_sql/compare/v4.0.0-rc1...v4.0.0-rc2
 [4.0.0-rc1]: https://github.com/nextcloud/user_sql/compare/v3.1.0...v4.0.0-rc1
 [3.1.0]: https://github.com/nextcloud/user_sql/compare/v2.4.0...v3.1.0
diff --git a/appinfo/info.xml b/appinfo/info.xml
index 38207b0..83352bd 100644
--- a/appinfo/info.xml
+++ b/appinfo/info.xml
@@ -8,7 +8,7 @@
         Retrieve the users and groups info. Allow the users to change their passwords.
         Sync the users' email addresses with the addresses stored by Nextcloud.
     </description>
-    <version>4.0.0-dev</version>
+    <version>4.0.0</version>
     <licence>agpl</licence>
     <author>Marcin Łojewski</author>
     <author>Andreas Böhler</author>