From 4de1748c6fa46e66707d2a0a75a102ebc73d3547 Mon Sep 17 00:00:00 2001
From: bol-van <none@none.none>
Date: Thu, 13 Jun 2024 12:17:03 +0300
Subject: [PATCH] tpws: --split-tls option. sniext mode for --tlsrec

---
 tpws/params.h |   9 +--
 tpws/tamper.c |  83 +++++++++++++----------
 tpws/tpws     | Bin 0 -> 73416 bytes
 tpws/tpws.c   | 179 +++++++++++++++++++++++++++++---------------------
 4 files changed, 158 insertions(+), 113 deletions(-)
 create mode 100644 tpws/tpws

diff --git a/tpws/params.h b/tpws/params.h
index 13bc36a..793c30c 100644
--- a/tpws/params.h
+++ b/tpws/params.h
@@ -13,8 +13,8 @@
 #define HOSTLIST_AUTO_FAIL_THRESHOLD_DEFAULT	3
 #define	HOSTLIST_AUTO_FAIL_TIME_DEFAULT 	60
 
-enum splithttpreq { split_none = 0, split_method, split_host };
-enum tlsrec { tlsrec_none = 0, tlsrec_sni, tlsrec_pos };
+enum httpreqpos { httpreqpos_none = 0, httpreqpos_method, httpreqpos_host };
+enum tlspos { tlspos_none = 0, tlspos_sni, tlspos_sniext, tlspos_pos };
 enum bindll { unwanted=0, no, prefer, force };
 
 #define MAX_BINDS	32
@@ -47,9 +47,10 @@ struct params_s
 	bool hostcase, hostdot, hosttab, hostnospace, methodspace, methodeol, unixeol, domcase;
 	int hostpad;
 	char hostspell[4];
-	enum splithttpreq split_http_req;
-	enum tlsrec tlsrec;
+	enum httpreqpos split_http_req;
+	enum tlspos tlsrec;
 	int tlsrec_pos;
+	enum tlspos split_tls;
 	bool split_any_protocol;
 	int split_pos;
 	bool disorder, disorder_http, disorder_tls;
diff --git a/tpws/tamper.c b/tpws/tamper.c
index 0f6a468..a483805 100644
--- a/tpws/tamper.c
+++ b/tpws/tamper.c
@@ -9,7 +9,7 @@
 #include <stdio.h>
 
 // pHost points to "Host: ..."
-bool find_host(uint8_t **pHost,uint8_t *buf,size_t bs)
+static bool find_host(uint8_t **pHost,uint8_t *buf,size_t bs)
 {
 	if (!*pHost)
 	{
@@ -23,6 +23,24 @@ bool find_host(uint8_t **pHost,uint8_t *buf,size_t bs)
 	return !!*pHost;
 }
 
+static size_t tls_pos(enum tlspos tpos_type, size_t tpos_pos, const uint8_t *tls, size_t sz, uint8_t type)
+{
+	size_t elen;
+	const uint8_t *ext;
+	switch(tpos_type)
+	{
+		case tlspos_sni:
+		case tlspos_sniext:
+			if (TLSFindExt(tls,sz,0,&ext,&elen,false))
+				return (tpos_type==tlspos_sni) ? ext-tls+6 : ext-tls+1;
+			break;
+		case tlspos_pos:
+			return tpos_pos;
+	}
+	return 0;
+}
+
+
 static const char *http_methods[] = { "GET /","POST /","HEAD /","OPTIONS /","PUT /","DELETE /","CONNECT /","TRACE /",NULL };
 // segment buffer has at least 5 extra bytes to extend data block
 void tamper_out(t_ctrack *ctrack, uint8_t *segment,size_t segment_buffer_size,size_t *size, size_t *split_pos, uint8_t *split_flags)
@@ -200,10 +218,10 @@ void tamper_out(t_ctrack *ctrack, uint8_t *segment,size_t segment_buffer_size,si
 			}
 			switch (params.split_http_req)
 			{
-				case split_method:
+				case httpreqpos_method:
 					*split_pos = method_len - 1 + params.methodeol + (params.methodeol && !params.unixeol);
 					break;
-				case split_host:
+				case httpreqpos_host:
 					if (find_host(&pHost,segment,*size))
 						*split_pos = pHost + 6 - bRemovedHostSpace - segment;
 					break;
@@ -220,7 +238,7 @@ void tamper_out(t_ctrack *ctrack, uint8_t *segment,size_t segment_buffer_size,si
 	}
 	else if (IsTLSClientHello(segment,*size,false))
 	{
-		size_t tpos=0,elen;
+		size_t tpos=0,spos=0;
 		const uint8_t *ext;
 		
 		if (!ctrack->l7proto) ctrack->l7proto=TLS;
@@ -239,39 +257,38 @@ void tamper_out(t_ctrack *ctrack, uint8_t *segment,size_t segment_buffer_size,si
 		}
 		else
 		{
-			switch(params.tlsrec)
+			spos = tls_pos(params.split_tls, params.split_pos, segment, *size, 0);
+
+			if ((5+*size)<=segment_buffer_size)
 			{
-				case tlsrec_sni:
-					if (TLSFindExt(segment,*size,0,&ext,&elen,false))
-						tpos = ext-segment+1; // between typical 1st and 2nd char of hostname
-					break;
-				case tlsrec_pos:
-					tpos = params.tlsrec_pos;
-					break;
-				default:
-					break;
-			}
-			if (tpos && (5+*size)<=segment_buffer_size)
-			{
-				// construct 2 TLS records from one
-				uint16_t l = pntoh16(segment+3); // length
-				if (l>=2)
+				tpos = tls_pos(params.tlsrec, params.tlsrec_pos, segment, *size, 0);
+				if (tpos>5)
 				{
-					// length is checked in IsTLSClientHello and cannot exceed buffer size
-					if (tpos>=l) tpos=1;
-					VPRINT("making 2 TLS records at pos %zu",tpos)
-					memmove(segment+5+tpos+5,segment+5+tpos,*size-(5+tpos));
-					segment[5+tpos] = segment[0];
-					segment[5+tpos+1] = segment[1];
-					segment[5+tpos+2] = segment[2];
-					phton16(segment+5+tpos+3,l-tpos);
-					phton16(segment+3,tpos);
-					*size += 5;
+					// construct 2 TLS records from one
+					uint16_t l = pntoh16(segment+3); // length
+					if (l>=2)
+					{
+						// length is checked in IsTLSClientHello and cannot exceed buffer size
+						if ((tpos-5)>=l) tpos=5+1;
+						VPRINT("making 2 TLS records at pos %zu",tpos)
+						memmove(segment+tpos+5,segment+tpos,*size-tpos);
+						segment[tpos] = segment[0];
+						segment[tpos+1] = segment[1];
+						segment[tpos+2] = segment[2];
+						phton16(segment+tpos+3,l-(tpos-5));
+						phton16(segment+3,tpos-5);
+						*size += 5;
+						// split pos present and it is not before tlsrec split. increase split pos by tlsrec header size (5 bytes)
+						if (spos && spos>=tpos) spos+=5;
+					}
 				}
 			}
-		
-			if (params.split_pos < *size)
-				*split_pos = params.split_pos;
+
+			if (spos && spos < *size)
+			{
+				VPRINT("split pos %zu",spos);
+				*split_pos = spos;
+			}
 
 			if (params.disorder_tls) *split_flags |= SPLIT_FLAG_DISORDER;
 			if (params.oob_tls) *split_flags |= SPLIT_FLAG_OOB;
diff --git a/tpws/tpws b/tpws/tpws
new file mode 100644
index 0000000000000000000000000000000000000000..9aa91f122066e54cd14d32cf142f2b86e70e437a
GIT binary patch
literal 73416
zcmeF4dwf*Y_2_4k3<M;e&=QG?8Z;`YibO>dWi$f`oY9Fy1)-uM1|n1*5oQEMU~pzI
zr^f;6yRBAgt+my*wpCtLOn4+>YYX@&6|La&3=u(8L=<wrYo9Zdld1XK-{*er=l*k@
z4`j|-XYIAuT6^ua_g;ISGmC0MBXhi7Px_PVx!9wi%WO=Qb3^anNmJ#i@DzBeJSTci
z@but*9{<yH+27l9xXCB|oo|DlT)w4Tv0Qx1_W&F1Nq?tnmv1T8-RGH;?K|mjPoWJ<
zIiFk(vEl6Rf}h*?^tZd5s&9)^F6(>p`8GcN?Jg&_S>D^0eED%*zZ;LT%dI}n;p@mL
z=8|&FPPt~MT>9JN*faf|wx`G_|0^7OW`Ad^on3CKQ!e|v8lLh=e@h+mx$1-P<o}cU
z>YQ?=2W&ps-_?$O>F;!XS5Qvu@<07J=JZ_Y)Yol0D5vmv8l7*ul{}uar%$`_{PWJ9
zKKZQa(`H8Ioi(rG{IkwKZ}6O1gU?YSh+HN7mtvzXA1lq#EI7xEo}8!+r}@dfe$IWN
zKknV{72G!Wc4KFsw&TC)w`ue@v&<nvBXUa_p^=a9OE-BMuIEB%ls$Zl0s7?#ZVLY!
z_&?}`y9aEY@{bvn`^^D=dF;#Yf$H{?3-fOyc!Cn&hJU&n`aKBrZS+6rhW^ZM=&wiN
zZ{str8~WOA=>6T)E8VW-TdZ+PH}s>rsdrj8_BpW|J}-2GKeZeApXvtRqZ@hpb%TGd
z8~iEV;6vTWIlmiy@9jp;Z@S?h?uP&NZuoEPhW_eq@HcdWf2SLH-tUHfWjFNxZt&-K
z!{_;K=v%wN-_{ME7rU`fv>W>Q-L%W&-QeeTBhQoF;48b~b5l3+oR0h@{LlV0b;Eyq
zH+T~U-xeQscT;b&8#(K`;q!}b>Rs6lpPFv!?bQwa;%@5wxEuW6yOHPYZtA_cn|g<L
zgFn~}9~of2&CVU&(Ep?x{HAX7D(ps{SGwV|x*PoQ-N^ZAH}ubRL;uHa@DsX`|BP<r
zKc^dfc{lvu>4yKdZtxA=@bA+N|0UhfPwR$Wrn4pd&;I<h8+)$k27gsI_yOI>b4@q&
z3%ik1))U|6pKaaH--ANmM*mqi_y@b;)1P|#dXD#aPJ@6?dLI1@*C#7X*FSGN^i^5(
zA5vWSlw{#O%sX$FX=b@+VsK3D#K}`;Pq}H@obZ&{V`@iCpEYyJm`OKIpW>M~@unHG
zW=@<Fo-{i=aiUH7t%TENHcX!so>DV&vd6g$&YTuLXJQ(X`s$^=^F8%bCr_L0xoJxH
zrrEP1jdMIRrp(|URn>=YYn(DMJZt)_xl?9OoIb0b!c)Q%XNG4r%H4UBCN@l)IcfT|
z+oyOMC_V>d<LqfO!wnPbr{3&ooYpwy9M7Ea?E0y*JyRNIO`kroe)be(^30etU6?h@
zo-$?9<jIt1nB{4hGiA!no`(9F;pv|GSu<x&sSk@tjngJ8d1l=@#WQDWBs_W6+?k%)
zQ|fP(n{#H>-#l~D4DMuPpEz+E*viU@4Rh)z&1^s-(bKWlj7igGf@yFGDdNp&^vs!d
z6OzEjGp%8wunf<dHgocnc^;`ku%dTkc-BmzL}gFIti~xb5qJ8mIaAWgA^DuylQ1|;
zXVy=eGevO@&&GhFgK(eKNW<NP40C3>gg})DdUhH-(%9%2d=45%!k)$m)}7NheOf)H
z#%!L3hUt+xQ$_JPlvEWq-lp2n2B#w(*vS!en?7Yqqo;mSqX;l@B9hcM-lke;&J=_d
z7z-c+!qLbxZ<;u3=JeYzvfWCQ65+U?X)A2dID1z8j7f8D_S}e_JPlK3&z?2glUB+x
z$lOWO!We4y%}9bf&-P54RgaBq0aTm8ce?mEvQ7!lo<3~`1rU_Fl$O&Pq)HSI&$cT-
z^+}UG*hXrbR9`=((RPx#G?_@4E--N-Br|7;%T5YUqt&oq{nSag;XG={_{bdFM<^)G
zjQXC2xwEI?ppCOdP+BQGss3g$)x?HL)9}lTMbh-)X?WkLP;mH&iRTQi%v_b9m$^Kb
zbz_>K6MI1hH#Bo~Zs+ZD2X|hdGuTBUF(!w#VJ>Ta`J2l+RQ}4EuqS_QT-U$(--^xk
z^!gUOy^@vkz4`y&{CYaI3q>B+ZXRjsUY?^I&Yj#kC9<VY!?K?3?YV`T((CqPr%fyH
zz~Qe{FSz@D@&L=--kwbkJp0&by*$*r#ew@N`h3q@4%}bCJv|>faFK$0c=kE)vx=Y3
zbI5_iieH|`hp<v#<T&A<>*?#j-&f^xJST`UeA4-xbo}4x<jWp%@-=Dv3J1R;3xC1C
zY(7tB;m7{l#y^vV|A9llItyR!;PXqmjz?*@Bnv-stIdB<7Cz+Qhh*Wea_|*d_-h<|
zRTh4-gV(e0KXUMOS@<~)etZ^wfrF1`;nVUrW#QBEFVDiK<$ov(pO$|`7CtTilUew*
z{Lf_J)AFy*!l&imnT3zOZrk58uxooI9DGR@{w@b!m4*L_gTEmQ|A>Q+X5oM9;8$ef
zS3CITEPR`T-<gGf&B1$4?kaz~gD=U#58rL;Ta|@B<j~)ch4;Q;(?_%LyJbSmXGIpi
zheO|-g+JQC@65vYckmubfbdE8)6*S%Nfv&HgRjcMU+Ca($ifeI@X;*%<qm#D7XE4n
z-<*ZN-ofw8!q0H<p3<)J&vo!6S@<72_^K@Y0}lR%Ec^-wAI-u)>EKsn;h%Bv%~|+0
z4t{4AzQw_NPVFjxn}aXO!oTL=tFrLB9Q+Mg_`ME3nuR~?;8$efbDj9voP|Hy!M}8p
zEvMvK)4n2pv&Ds%oMQU3-Gv{LM)JMWg&*g_TQ2-$7e2kdko<DJ3!h#u2wrl%=}&rn
zA^0h2B;VTy*z(J)z`n9??sVZ<qGUdn3(wG)`RsGyogq-&JLtko-I>n`o%M?C(w}@6
zUSvvt3SD>x-pr@ih3}ogdORgAd><EnkPFWQBJ&yI!XKT%vR~rDYc7113!k2o$Zg$)
z@9UzkbK%|V%<(S#_g(ZixbU(skp4_{;fvBpz8hWmV_f)oE_{C%KI+03yYNje{IM?l
zau+_mB_+2Xa^YF^W<D!i`1Br~+<el7KOsZy@jT<gpXkD`cHvKQ;hSCf5*Pj@7k;1%
zzr}@jufw;y@Ta)wce?PUF1+Q!pX$QzbKy^O;Saj-lH<&LPVDsmK^Y`5#Dy<&;R{{(
zAGq+vF8moTe2EKxrVBsFg+I%MAL7CfcHt{r__JO3Di^-oh1Xs9b6og37yeuqe!L5R
zo(q423qRC_pX$P&@4`2_@E5r7^IZ4}7e4C3SGw>`F8qZq{BjrmA{YK47k-!vzruz0
zyYNrC@E5!A&$#fHxbUl8_$n8^*@X|d@GrUW!(I3-F8l}=e!B}_?ZWSL;cHxY%Y`55
z!tZn8N4f9^U3lGv_c-I4#Q2~KpYOt7>cSVg@XnG+-7R+ELoWIf7rxeoALPPc?!pgo
z;YYjh6)t?83t#2JU*W>*F8q})e4Pt_l?y-Kg&*U>-{8WJb>XMF@K?L=jV}Cn7k-`#
z|3eo(>cU^+!Z*3_lG{#ymb>uRrjdL<<icO)!mn`QuXo{}bm1qu@XxsLH@NVtUHC~Z
ze6tIGqYMAt<#!hN&H~?A;5!R^XMyi5@SO#|v%q&2_|5{~S>QVh{GVCiGwsAfdhFwT
z-SlnVOL{ZW9M0+3qQ^GoZ%_<7hCas8wEZ2Y{)#W{B#+Qfl{@=WyE-~LmMd6NUHem8
zGq5C-_orGiuq2ZAr~Z_IC4sy@^~($_iR1mLpJZT381GLl&cKpH*q^#314|-)e`-<&
zmW1*C)D;<662<#dfeb7O`u(Z$4BSV-12eEBiub4bW?)GW?@xI%uq1}}r#?NB)>jh3
z=%0Zl5sdyBSQ5bKpMfRui~bo{629o4fhEz4{ux*jyy%~SC9#YC8CVj!=%0Zlk&FHr
zSQ5DCpMfQDi~bo{61MwO12eEBYSBLfOM({tGq5CP(f@E-{}Ki7%D@8^yfp($0v7!<
zuq0m5KLbm`75y`?BwEow151Jx{WGv6R?$BLOF|X>Gq5C5(LV!A0u}u;up~~=KLeks
z;DH%f5~b*$fh9qT{ux*jqv-!lT7TKtq5U(kBuHuh3@nLJ^v}SO5JmqCEQwI`&%lxZ
zMgI&eiBI&;z>@Gp{|qdNPV~>flHf%D3@nLF^v}SO&_w?XEQw6oKLbkw6a6!=BrefE
z153gZ{l8A@U!~w(8CVjO=%0ZlF^T>eSQ3)xpMfP2iT)W_5|HShfhF;X{ux*jj_99(
zCDDlf8CVjG=%0Zlv55W|SQ3ippMgUP9+-h8fr$PYSQ3ZmpMfP|i2jGt`b(ma_RqkQ
zAVmKREQvw%&%lxpME?vdi9qzvz>)w&{|qdNKlIPQ;}m>L29^XM`e$HC{GopamV_Vr
zXJAS6p??OJ1Rw36fhDnr{%M$K|4K@tJ?$j%9r*Vjc7=bP1wWDn-=761v*1J)ydVpX
zWWh7C;3-+~by@J(EVwocuE~P^S@6&-_^d4W)GYXfEVw8OF35s?S@7Wxy4v@PEO<{A
z{6QA{b{7147W_&UyeSKQAq##k3;ul;{Oc_Eku3QBEI643C$iuLS#Tr^o{<Gl$%3!T
zg2!gTwOMdY7VOW0hi1WNWx=Or!6#(FMOkn`7VOJ{55J$){#o#zEck;g`0XtC^(^?6
zEO=8E{6ZG|To(NMEcn-1@FQ99{aJ7_3r=Lg3$oxy7Ca*ho{|M$mj#c_f@`zjnk?9#
z1rN=F&&q;N&4N$Jf{U`?f-KmV1s{GdtNpX!Jz4MvS@7Fg@atLdD_QU+HyjujxH>R4
zFlOvk`r?n}^rIf@Q|jUR$y|?TvTo*`Dibc<h?hRZOt!q)I9%QlG(K;uF4bk`Zxu69
z(v3FD!-OGZd}!>oK4gTA`tLo!T`f_>^gQZs{SqMDPfz+^;L3WOIaj<{i(kP_J^6g;
z4R9)NUQ@-=K{xIwt@uoTO0V}_42MLs)^rss06jUq^aefIFOdhMbshZCjlH3y|4oJ}
z>r}>S-K;LHKqwKGd)1}IdNN+R(*cI0<RsPd8gpE6O=8=^+2z~T$ui|d`D1;^RM*%P
zJJ_Mc@AXmGytZ^mgSNMMt<3a8#u2@3L<v`LeMc+H)yhT`TJ>L1WN&%1ZoIkf`-aEU
z8ZTx21h3yQjADYn@O2<wx(}3Bi~HdkGCHgU$Qdw44?wyz6U~wQ#Aa<Nr&y^GaRbps
z%^stvi6UBp2J!@=mvB{v+yQe`KMav5KzT*GR@OKTMxkzO&{p{de4%7(i$%f8?7pF;
zIlsXekz+m0+92K>&WHb*#)#tOG3?_F#@Z%>7^E+z*5!~_`d<5-O7Ct*%xd$5(`lia
z#Eym4R9jM`tsGq#Opb1@H4f^@p*O#U(WKeyxH&-n6w9A}9p|;0V@h=>%Ab&?w6;l;
z#5R`LO2n}+Z6h;plo>rB)tl87>&e>WP0f0;E>E=s%HTiNYD|Z+@rQ7~z#3_whHB#|
z)EtVCI<*wH-5CWdjbkf1JSTOE%`ape!luhUr<6#gC&!f5)s(-l8)HgKVh3}yxPk1{
zE5@7$QBCDdCEBtjTp?XQgzPBaQ<Hc<++S`)`l=#z$RYCV6Q<hAQH8pBM`=k@Ua9p9
zThb;CrXh2BX<hk_+Qgp7&8eXjQS+yU*umbBE0qo6%}_;$m3qR%gXV&K+{zk^6X6Eu
z#17|bad}iTb{G-!)rD6}%;F-kLyPwm#MijdAGl~xd~3}a9;ym2sx>3UwTT1aPXgMi
z9@Lf-xm#)r|3_+yY){v;@t~^dCEW~{7As>n7#9c3k$Iv^oiQ@cItN{JGlUz`u5F9s
z7?;{S)nz*yVwJs(#kO1CiivdNZ>hWJ^V&&Ow$`x?-q_c<TEc_*LiqkisD=FoXiI;F
zLn&_w#5Q`Zla%+5>L*rB+zuyY{iP+;Bi5JdUchjk)C1hJ^%V6V28H^OFzpsHzO)V=
zW5<qzP}LfrV2WahMPR3Mtg$;s{$~MgR&Bo4SI-Zc3-h(IKBd+-Uy7EZGR|mSjG(EW
zNS!I4*rO#@z&EiYd>?g&F9{j@s3T}>YJXhxjopEq+Fc7Ekw!~g#)ZgK?Z`A4ICYcq
z#i+<5_XgSb61v>GOx^P&8;=;9jBshc)KV<jFgPv0*a3=;7sMF$J=NZV7k=^_u_twn
zlu>v+S@ik+cnNW&P{MF>=%v4MOimxXoK_E*<4U9}B(`Zw_Yk3#OJ8ogbmA=#lv$E4
zV-280YCTx(q^Q(Kyxzr4>)Fr2cewC`$YMI{i(+a$c~!oZgJq?coKBOs#nSE*SgqQk
z+Q^llTAUh<3y2-zdxh}5R`~v=lW*FUev2}xXZYjDLCm1KL&$p0V-jAJQ<d+qrc-Ok
zoLoAjT~qc5R8B0`mL?ENQNYgnEh=@1_6I?zXdm9{4)P)6qabE3p)B3JEU%P5)un~j
zZJ*hZK4iSxHPSaDJKnyTug*w6pT<){EbAj3D(QddKG;1k&1uboQ+adw4mFfnlSs3e
zz6p#PiRO8yJ9?UTJmQI=b^Pa)ux7&A^i@Ejqe<oV1v~YaKl&-W!u?@Amn-WyvJZNj
z?<T?W(M@}po~)m1kK0;8lhJeW#wQuPtBsu#t_xfnxGr#gVB&_Tf9EF@(GshuEb9N4
z0^*gpn2ek^KyMGav|L3^`2pR?D-9YSS62>w0!q{8p-S!UjgBkH6MWjLi?FoP^<Ek#
zKmnso4XZzdsv&k!Z!P`{ZU@X^r6I<1J+PVq&9hdVI%K5mlDF;0Nt=mw!zdH=2W+W!
zKw=h+m5PU6#$RD!UC+ukU~H0!ggkf|^AE9!3t(7N-eKMwrIb+W#(%6^z7Xf{&=OB@
z*Shyppo;oPeboQX9;m|C#QrKF&J(_(CXW5jfJnJe4Ncr|0OF_QwzvIvcE3~Yp(R7A
zzw-yr^sMOYd9TrO((6*U6JltpQTHN<?FB*PNPU58(?JiPLT`Qt?jmIQ0oxo{VlB4E
zUqnVMk;uiVVDjNT876tcMEVEln?N(hS%r|N9tO8o5`?;0FmWd{C20+a4*n!lwnEB=
z?Xu@~%C&VL=<7f`jUrjZb!DowDc#xH34s#Fuk`hw)+tT|byJd1L#Nx0SK&FaS|llz
z@@B#7?{rGC_0fzZe~@Ck>HTzVyGJ+MM#7r25ZFr6V^W)i0Q;;RBFv0;WaRujUz&S?
zYVM^8Y6=-&RU7*$H<xlwe6TK;;y20N<Q=6U+v}=J>(){jfBQ<=hAv+xPG~L0d@?QA
z0KHjV8d5V4DP!A15&!hduPCR=Gk}DwSN2lDJyL;kvUik-BHtLQFir6oRAZKy9GZjL
zN=Iuo4xU<}WPX<$_b~%=l(!z?mTiI5t7@<uR=Q3CXfU=hPhY%2=4w`@-9N$?1Y)h;
z)J%*+^WMuX$G=j-{(ee>{#hq_o1hok=yjm2md?6v5_J6u?Ym{Z5h;!O4|3%_c3bS-
zoY?w2?T<yT0PFSJbYrW&HKix7?OhnNyrJZ;WDd6Q*pRV{X)vl>{fkc9Z^N9Revnk|
zca_w5HZ?MmvdN&upB2+2!=-hs93TsFzq~nQ?6-dKi8SWk01JvoxvWXh8SjEP=3n+P
zLaAw%woKLwwUr;=8lr67k5v`>mQlsusWn~2`_RB0>B^g(ZcwyKh(;lYs$!!xOjYr|
z7MBp%pldUkfgX5~fXO^-db11wb(ZD$y_%s#{eNM>;RzpW4t<6T)Bgm2ttrHEi9%1)
zGf*S>c<D}vtP@WXt=5!q&FJ#kQ{@NBsrX&1^<%py#m}YIbp`fqs}QkN;FIZO`8FZ_
z(E53rv=yqT|6FSG>PcVUrH<2}|5svSt!5v6?>a<{`Y#j-wRnub+}`X@JKjH0*7T(;
zG0Wa$qgSs#V9lQ;ME+B-ON(_<z}RSQrpDA*!j`nhZsnP9d5T$>bp&_E>e`ZR=o#}L
z5iik}-UfhH5UqqL?aJGvYg}(fir*lub&K$wZb!1XAgT~{Ef$gh@htH@9jYw2IKG^O
zB(<6G8WBfInLZ%eUj{l&Ad#p2d5T9UzV>WbrFn!!+|g26W@ylVjFGH=h)frPu;K_K
z^AO2zmhTA~Td&vAAol*gx-m5j(VHo;i_#rMzk1E%`Mh&}27dFKVlm%(`Kmk^E@JC!
z2}H7W)~jQuGmdZQoIm|k(GR^xzRHg1#y-8}lS}lLgSoo5Ro{AqHL>X%>oCag*lEw}
z(&a_IsQ(eldLn0xW%NG>N}BJ3a39_Dj|8xSyU}MdvbOpn(0Q+;tjAqGHJ6)?Ji@PY
zy&p<GT<U4YKCX3tsPe7IUJwsa&zht8(<KAYRHgc9a&l>5&^W9cU*OkzTMx((>eY49
z1bUkc=a{JIS9l-``8ADz&{>z@e*vRef^1)0oDn*de6}>I?tUqwo~O!bL2EKf(M1We
z#g@*slo?DJS^eqexlCr`U#W88(!%zJ&i0YmtM5T0qDrD89MO#hxYxP5_seSIVA(#&
zEet9@fG}_#V*Mkf1d1K>&b^wDKZMeHS*vcGTO;*}1;7?dxSD_oLo9$z*uf@taM9eS
zf{WYaF<k12G|A$=4xggl_9cPU1Z6B<t<<ijsy^1M?cAhvH5~hhXy3DTTA<o$s6|%Y
zf@ba}2F}dgB0=VD4}qyRnqBiY+BaDF<=g_X>3sO&vF#g#xm7D7;D{gSMvbTaoxp13
z=uqu%-Gi<TYQHuxhTw8wtWNvIJ}!1OZ*^%tF(d^?Se(U_Lg)w;)*DKAZg)!NXKi21
zbduSm_?ylE+e4=brR`NGw0<e-$%1rclzS&d{>WEPGoanKvHdqz9@3=yU)mpo#y6y(
z5J}h84X%ps2{-D=kzU+N8WSVthmtpUSigg9P+E6K_(r|ugPiuGg-<ZHhqT7wj_~ER
z#)m;|-GEYtOmBQg_+qQ_BeA^4>@%pc&qI+nYAg57Et6$1EAT^N!QU$Pio8&3d@eeL
zx=fKVLVL>PU($bq#%Doeo1WMfp4QsKQ?0Gi8UnGea>66zt9O{0t?!wrH2oVP;~mES
zwiaoHwRo>5_11^B-g<IwzOhxUo<hc(sb4EJ{sKM^yjW52$u!>GpCwlpG+v_tzqm>_
zzQ$q|B1D&l98})inpf&kf@$$LV5fxB;_X}pjStog;#-L%!<EkyrPTx_%l8VYbXBe-
z6T*vB0^^6;su4MIOrX|CLA`qs?8q=_tD5T+4+bjSB%`Wz;De5i@z+SAYEZ^wv;+~G
zb<D;J+mq2q^$(^KMZbh$nuk?Jd$p(a?OO58u8P|es@;tb#AHex$7;K+aa5nW5SuqF
zM^!PkeZRL-aJO}V+&_-{)&f*@wXV}Yu&-m-#{V+x)Gmhg(Ws7L<w4W`HtcT}x(xfy
z`x(P(@y8HG88<9ChKQ&`IxXBpu`U)~GepV$5i=RNvhIV`_-kZ@em6ZrUrQP5TIqDy
zeX7gu<m1HdjT2<yx4|A?RDH7K5^gd-EjoeX(j9(>aoV3q=OeyFwhtF{%9fgl6}xSR
zf4+yEkCJxC<Tt*xJ$@r}@5!*d2etmYJ<_f5U$IJC)l<Awix){dkZRN7e-mYmk7PaM
z!I6mFO)PO316TygRC2MpPbPCte*55t<qh=M$Z^`LqvS%17breo!Eppv64y)_*tNJk
z#;Tij#nS8BwN<?#&xx$J%R&7dTotQ-G8uW}4rnWnj%+XsUgfg#^8CnZ^UA!+tNKNr
zappCf@H=Uy&VZ^V@}vqosM1nSJL%@oyA->*`C6hBQ<_5;3D3EOB-R0=i~23Hd4~Te
zNuK8Llc~d4GTnaBMS1D_%gk|kNZ*ut+jZZ(G_UfqJT1`=UN#@qq&P_&l|<)D^F!uv
zQl7_z&K;Srm%kkBwMB~$h1@Ys;se-a=*8}qbgvVkz<wdKplv>mRe34${}IY+vuGWN
z>dGt8;1?jwEBjSmm8Zqu<vNw*k7d2vDZj*9H7Jbl65e!NmNE1;34g{1?H6b2mvrmt
zx;dhFO_fN`{8c)=o@~sw0=tkI1Lezz_Pzk-gh4WloNJEAlW~e6)KyMGFy->BUUs<%
zxl=_S*`oY{-H%Kki}a-7#!t9zgLNjdyBt`Jx4K!h;dYo+j>`{gt7&BtKH7cFgt#h?
zS?~<E%9|@k7e?N<(XQflJfeI|mA^Va+_OAgZXT%0%L^l)n4|J4NA|NBs`;$bE5esC
zFOW_V?#=YU@h3Y;+&g@e^qa^>c<Ug=dUSr|BD0`Wcp}LVT&Z$o9%D5V3l*oG<Z}2V
zhiBwzitf2hw7NV$TnSdyv0MqG3fi!4j^b?DxI$f==iI9c^<L|RtK3w4(H|zF$Md!x
zayJ#id1z9`2Wfw8RsV+Ap`7sdMV&*v!$)oCj3?TvQ8^MQ)8mEE3)v;T!+GHF-=a}U
zN^GBt?aYEIsSh3ZqobOwG#LGjQF*FeHmLSW+wY8Tu^;@toaeNq+_x2}@~D2Mc!am9
ze%7gFlm@4rU!s`Q`?Bh?HtBCvmsMtdxKrQq=IEmQBewi(H}s0_Y#tVMx9`eP`LUfx
zhJ7PAm$!&NiT*N$THA|CU5Se>y@y$zo(z@dk@}FJ<FR_Y!*Y()*!|72y&^%WpW5?_
z<ZCONB_?gKu7U)6X87k(PR;ZFi?gvSl!UP`7b2@{r(zx+VCI!(vHzapEpl7A{~;83
z+W%wi=AyHG1LJ~52iueDyrt+fHfVfd&wXT`h-00oSH3#?<kUv$vF&GlO$U@@sm%ED
zo@^S?5vqJId<!$mGpeG83+BEP)PD8JoPP(+2*Ke^X6<^}eyhJq(1$0jl}dt@Z{1p$
zi6`31++hW`9vd{Slh~ZEn$0y6U#@GvT0du(R7knV*7i4?b(T{B++}63vPjYcku`Gt
zqvNTgO)?CMW4U``PnxoPTl*`nHWhn|4Zd`?XqmLjF0E|5x(pvLtpGu*#@P8OuzFHO
zdSSt;{Hj}JWbd$^p&`<_kwJtvrq$NRWXMQdBuK3g?fe%*N(d*z!|JH{E!I4wXo}kl
zGWG~Ct0pV3PWFaK#aU<4T55otqY$L{F{{~ICvB8m+;QZ{kuSFneCgCEpK!`(A@a7Q
z3V$1oGPYK?=*dfSbgg=;(OTtcCGDce-psX*Vg$fc53;&l!C2l@U8<3BQ!|tbgtM0x
zOVC7Sstb{@T3ZQ?ES<y#nUJg{ek2kt-YBM`m%18F{EgDGH#kT~zY^<1mik~M`*8*=
z*#OiM+r%RDhC%81)#8Yl*g7N{%Lbriq6P)MEQ0S~E2MI-7W=z0A~tC6pB_Jzy(*`d
z7HhHJau?Il#xek%LjDgu-$BpSFL%|mj*4tOe?g~Hby?58nbuUDQ_Zx8SYh4{k)HIY
z$|i<IN+q*38c_qvWm9iqR?(a4f>c*+>{2x-yB1QPbuLvA&r*L;gwUa(buqQJKTeq<
z%A^yfs!R^mSRL?}GK(l<or4t4cqQ|!_s}-uv#e7R2ekN$Vjtt{Q1Yyv6b~g&?ZsDo
zTlmJ#{;nIJh+B>APidpo^gX;?M$3gIHE|a0WEt&zR8XsV1;>7Mj%tyqZzD$hKxFi~
z!Kwn*tH>=w{S|t0s<-_q83$~>hgDCHoSLD0+MzsMD5)7bYr7%}@0g%W=WLfa<L89(
z<}^Z$PYfxY!aMQNIZL4e)LDOBkIrn=4kum0p$R>C!f(N3+D}|z`@fOaSRbm~Iai~8
zY0^!Ih5Q3`^X7blOFkSTuSoz(hl})hmlc#YsCZ$o4|QWdOT<^M(vt%&z*tvcEEyRr
z17}xVb|=;fC8zcXR=z#EUrPL)^-^pTk?d_Pz5$TU?i$aq679bA!+J5+<gbtH3{|#k
zOT?4)b)M5mHVF&EYVVu&cbx>LUb!KBytXnw`c=u?y-1<Ix?BH}T(UQ^D_FT{&dgf6
z*ZnQ1q}{*1<mK@6P?^Qfzn-k=&@0<@ZNzq&l%3r)rc|@eqG`32T$OLeWYtQfI|}g5
zA?A7O0!`=j(PJ&t_qWJLf!4eM5>ShcE$;PY`L-^&<pQZC>jYzqYRIkws2blSjvn#d
z>Wf}-Ot`1h?$Jfw+{kAfg~&->(GfkAGxwwDA|DDd|HyR~YN+nhEB9#+xLrcpqlR>1
z?8q6~k}X(^0lfzyYh2HkorQsxck`=zZ4pqu^@m{5OIX|`OExIa2qo*hAP4J}t=gSz
zY<PxitE&5-;nWyRR_B~0B%#VTX5R{%emyTwjw$p8lf!c;F}ptG{g)p5B!>x2sO*ij
zn3elxU)s>J9=|%6dux>*Ys+arKI4xK)s-)Y&yf_D_e(`EKwCAJrN5OYD`AN98d_Re
z_#c4(t=rJ7+IUILvl5#FG-@qV*!!CUB`x8jb)zz93~7JIX}2}vD(zcsdx(Lt$3H=-
zV@JlTViw0L7=<MUCh4>Y%KzN42!};FEwV(AE`#V|5JiDOri(qm6p}Bm!ya$UzDD=9
z+4ks9non$?t=gtn?w=jdV~28Yy-3-D(2bupaHQfQy=;9jIV?}zJYHs+dTe)|w(5dV
z@+Qon@*jHTmRnyX22NmzkyKcEJ_ri)<=u*#^zewA%wmaP`5Ia_QRg1L(wh5<9hvpS
z=J0ww8Nl~bx;E01SaGs7l>T47jd(&A4EOWtX1>|yPfdNk&$x=azaFt#^Uh#;CpJ~j
zNo3kj?5og@-wNz@ae)Jbg{^EhjtP)()002SC)q(ieN~TrbWkt*iXbsQmWsNj7c6zk
zn_E)3OzHYWsZzFX`#5RdTEo)YhBLQSsa_aY8y~H$1G38BkQg?vR^s^-Hu~btrtcM^
zOt=^MR&Ck$5FT$y+zG9cSaNc*q&iPcJ+(v(0=g^9Dp%e@sx$trDo}fq)MmZ(x>R)A
zgE9XM*u(l!SlT14-2Uocb{e1stlEN3{HTM&NF$1YJ*n%t#?DT@ON;+SQISbV+{7Kx
zv~Z0*tbF2R>vmgTZj*f!FO{Ld(o3MDbCAO^QjEdr>B6>|GB`B^@RJ%6W!8Gkk@~)>
z4gX@U)e8da+E>BWDQr~a0beHgYVfA-7h7!`iIAy(G0HCI{_o^|9!fFtz64JBs}hu?
zM&6o2xMVV6wIXTJIAO!_kNcti7D*4z=qhP3lG?5{jRMvW5v7ZN$=rKL7xx%c-fTA^
zsqhoz5YZsov5&okVAEpbkO`Ub%J>>D%0JncUt&Fja5DcYl;m+f3En=|p4U`DzPy<P
zd}JlFufl<ER=yf}npDXEy`{Zm;P%Sxj704}w>D7N8E>6j-G7Ocsc00m#<iuK2Fp}-
zEw#c=DuqnB0u&|u9{^k`O<^@tOfAXPG_Z3~)Wg=us^Y%%C;HIP5sj+tj>D8#r?884
z7_{M;cdGC_6JM2?$v~CU-XwFWF{ODhNdAbsgSW~|V6XLrd}BsgiP>hv0C^FqxR4}6
z8@Jv2IagDD{VXNGPp1=78UIzz<XbJG#P~IKR&#(K(8(khNK%9xJM!2Yc^%V`X2lj;
znqsPBu1orz&VVL%>+R=mgEq_eCN+j+)*@RfL<Q#rjeT}z0Y!}swB^Lao_Q0PTZEEB
z`%yrW_E9mi9HVFt2RKyvpBJSSte-2R-$rJ_zk>Oq@o)Boo$Xs_t-D3=q<_!Nkb1bT
zY>(htRdRmJ7HfhMYcG0qBhqdN5a_h7+3Cn&X;kIJ>6L=wOI^#QuKVZ&?SEI6O6`+g
zF#<M@|Iy$TT^gM3kdfza{}h2UekV?zkBV%A*-qY<mMuKBnP%|IADlbO+k6OCvB7#3
zK2Ck?-!v1tU(Cl|V~sD=L>?LPt%+D0)h5U`vo+k-b1?4opt5OXjzq%=C<4tmxZ;<D
z*3=qSBANb;zAuU=K2DJgiEE0>{U*5|@BaRBxj&iv?duvOUfm|}m~QCRc+`3NxG*Pc
zU7HW0yg6vRZ@v2uG33xnxTz3ptY<Mc1C8YrT2x%8S!ulRj_Typj`AIN+NhhvHTSfi
z+&M*8MJae51@+_znd^p+XZ9H|`#lWz{rG+5+Yy}ZK>KUrS1RUPSHA)^D@>7wE}3UX
zwzFAXioh<1@mR+r1dNs-QKy)#Aluhj8Y;Nf_QGHES8aC+1|kI$o=fB0Xx$H`Kohaw
zpU}eEhy;SToR%HWO~u=~T&|FS@q#OLpqT>aqXa7ciAtf~P04cAmZ^8Rbow1P`eFjR
za8G3n|5sCC^c1CR?5A9*e3-<ykLBJhFcQ4ZCQ?}Y{|;d6wY@J{^vV=EYYWv%|B@K?
zF85V`x^4r0mX80bz14YhCzbQfi&e<4!c~QJv~(6iZd{Hz$`YM=URL~S*jup=j{J;U
zt-ibeN-5oFG5fLt$V=X-QVrV%Zb_#a*0=0V=NXt?T_JgfmyI^!gdY2MZm29}{EaCW
zQ?Jrs@(!ODZ!s)2jv8-jE7^x>_O`t1^X~V)$_{^|JxJ!txNca;m@&kttxy7<hZO7w
z<dbGmgNJU6B^?E94krWBrk`<piJk;yEZ~Ut)I#A9GOO|fW>sOpoR=Ro>WXX4eCnxA
zF6syjd?#R36$V>A%B%JMlVfA~wPydM?hP2D*`yphh)POOmjl1s!g)dCN;#t2CusCf
zR!4o_=E{~i$4ZRo61+IwXU_}F8B|(x9$vL0z^P-^Tp@!IIwVJ;^_Gu(00ZQFbYX}9
zo^Sn_b_>bYgv6mjlw}+m5aPNdXtai8Y}evjh*SYHf+}P418p^Dig0l6Q)^!5NmhT4
z=(aC8+8cP)D&L%FWmypLzEoq>43b^@Wst^pduxq<>n-o*)h5S$zfk%?&@3lK5b57O
z&0a6)#x2<K97*zz(~Tp>`ctkxPd67L@Vj{-?|$=|{N!a`<I?;<<x6vpGq34WV{8n>
zYR>dlYkz#Nx^ma8Js2#EYuHimt+$PITIli;Cfku;+iWAh4aQmuYb&=#;_T8|V>aV?
zW=+0XR~W16LyBw2)*JG-?yjsmQ@iVTXxmmbM3hY3OY9GkH!Fp{)z@Q<%s1_Q%)M5j
z@WAu)<(mdcuhrFAOQ+w-fm7x2THl&N>qOOuYH$a(Gn&JHkh|hGs+C^kY=KAXTUE&a
z5*>%(dx*Ze1TlR44;oeZ!M3Ur83kO;_qUg`nlEUy1PxE1t*T<zNqtvn@r#*D28}aI
z123LLN#!)D`3wPQUs7xI7di4mMqP<+M%W!W5YE$$k;USPx>-wJ6amc|M5z&DhNlM2
z#uDB8k6>k8arh1>*(iz>i?>VBzB(??f20rf;0(6pfAxGbkk8?<f$X+;^_KVYbno`q
z)O=Poh2e8z(+a(<zGqfp)er~VQ%_)R#~%=@R@LGU8t^e%+aD9Z(K&*_r+rh<Xe>_6
zM>lickmNY8Q8y%Z$g3@RkCPZ}Rp-%yp47j%7I}rVom}ict?SzaBVx_Vx2_PNjZJf*
zy;V)g?f5L`6N1J8d)qw|uVlUSafLMjd#i}BO(H^aK1rla)<{8e0wW!>{vh`x-OOo<
zHtR|JBhXrXf`qtKtFL7x6@C}T{%^;z^)%=Ie{t;YjjAXAkK@?2(6{<7e%2kwbm2i9
ztCH{kQ5?G(TjTHlH{)1tYgY69KaXQI#If^;W6cuBZY7T0DsgNGaSW_^`TstSS%3b2
z6~`V}?}}rF0PZ;EnsTc7oaCk?MZbl(<BDy}!DKg`v>!`}>J73+*_5o46>$7_PzICX
zW4z^iSdK~DHB#Ej3nd%XvdicF%KHjgv`D*dUX~AY^OpSN)g1$O%UG@FV!Y!dp<APy
zSCnw7my=6+*{i`X-;yUbm_yln@Rx+V?^WJBEV8${^5%+2N;l_o7?0yw2duS7!tCV@
zCtViXm`{!^J>_PaV~-D1+x{N>B>z^vCpBAzZ}Kc^zR77RIay|&Ejj0S3(Dx`b;WAj
zR;T91aX^bvjXXqzOgsAiLG(5I(ag1+HoP)l&mCT(SI#ch;v1!~p{og<ZjM#wK{x>_
z!(1(6pBn0NoS{x;gSCUq;WFHvQZr0%*@-!F?7?mbM-v%v#k-g!>WsFvjJBI)v<(!;
zenifa4)~%R&BS!y(~Y+=RB`HZ)Ux%Ra9z5I?ellGv^BQ0Fug>-Xm)Y9OvcL87-ft&
zl8fy5?MuY&#_;0Qx#~t#;mu3&?n{f=e01z`p;blonbGlF0n%PIF(ZdsznDEm4^A~o
z^4Fes%Hgy%JyeBnume%_>NQd~?zLCB*ZugYl<8|0tzE|**)=e76WbPPHWOKTa-4$o
zBYOj^rml5XQ*4v4#F&dq=w@#FtM+~qb-lzX5OHPMA%0y>Z!P|KJY&9Yyzrz<*i8R@
z>{;l>bMk1HZX_S#YqD<IsTJL*eTfXcJ&~wo!Z|!-p3FYYB#JDTebWk2-DnL~Zk&Cb
zZYqwlU1J=vPQ-D<UwTki$egdXYTyvr%(JW8SfSvz<QZyS%B&f+#Hr-x^yHN7>M)kf
z3}tB~^ItZkEBDRW>QrFO`ABWd#uw(XTW1#B_W~QU@?_&m=6f6io)7HN;xo7#O8&YT
zeT2grwJmFlDCf+VavDsIrH_Qn^wm*@y|e*#is!`%j!iM>X*7rF8^V3|OHBVsijZ|R
z8#LAr-d8*lIZ6=UQQVW$u}e$w0T!Fr!Nz)Eos-*KUd{RP=WU8*^8BW5p0E`dFV^Do
zuu`o#1)Q>>?H<XZ)#GI%^r5v_yq$d@F=#EM)u#U!QdAQD#{J7tQJw`@cApr)Oh~(u
z@9c4DvJZ~irdR%Bc5&+2qt(`0H55D>0Zxn8_r^{udkiZHe>|*L*m68VZpD^B&2jAZ
zLG*{{p@Q%r+YLA9WuM9843#fw@!~$h>g$EtT}N}Jtt^Zl>K%DC%|y-<ZxC0oTVRd!
zBsoHN*NY6Q@e`y~uvN#xV{D6W|6!-apA}`bb&m)Qr&P<W5z-^f=agC|tG=B?V&pRW
z{ZyoCsuSws_>KtMqsn@we=!bLz75MIDCoZ#NSbT@yLOYy+kkZQ5iy(iSJZzdYZW{u
z&R^Y3N<Bfd2J4>iL&ORie{Zi*ekkj<)}Fm}^L|B=oSPHO9gCU%sh7RX_J`NHP&HGF
zDokJtGR>{6{6>ra8~=cf!&}XEKhl%udDUYyp|TIHU#^pG#KGO>$WP06MEyTojVR&k
zwUtHpa8-*i#+KMVFDFje*Ww|Ei`0XdbNyz)gKKeIeE%1$d(cS)i?fs*C!m^f|0iUu
zw|<G$gRvTqw>7tS`3`5j74@GZ)o6)d@wXx7AE+wrtGe4oDjaBc_U`GyJ_R;i1gDMq
zzhMbNp(}}CQUAv_a1h4})t|Z>NN-DsVI{t)vjRtR%k*vMj%;njzh=5G#}X3{V-w~2
zcPhyf5_j}m)hPNIN)O#APQCfHw2?H7j5-+mqWdLIX|bE=V)TNCXgTHjhOl$mE;*8;
zD|lY1_tNCBa_K)}Uv@!Rr>k~tq-lsL((&$<ax92bU&Gdp?+mWQ)qjlZ^vIJbPH#Ph
z%A`=@N>)p$O)Lzf{v2h1_&LZ)VEc;o3Q{Ot3~y=xSRA0%co(F|U8@cMS1{S{9KG^o
zZAm5FPcQp4XuM41;k3ojzl;ZAyzJ!Rh{aOG`t=KT01KH)b=}ympP{-q%6&g%*ho2<
zzh9o@TLra4S?e7uX%RcPIAI~=ME&F=tKl6oe%~Zg8L#Vx@~DvUTvQ?cBjccLPSQVe
z?4|6bP-SXPq3)O8`UpHPe?!{Hoh;*O%RUHI{$4!q)*eA)V@>%UYw<dnBDGn!@y!ko
zQ{|88w_ob@Ta1>#IF3nIUX7~LwvGOH<K-=1ofJyW@3{_!9=+wzDP=FOk;|L69apwR
zZAVup^+^Qc7dWsVFnbueJk32ak0<y!O1E-kkERhltnX2c;@!#8=A^IjIv>T3EvQ)Y
zBssUG{jntw`zBwD9fgAj4s6WR61{rKPEfc{psDA9^*HF=z_s3QqW+_wL!1eLiCVlF
zuNF7z9ZX(Z>g5@8Eg?Hk*j8F9WGZWhOl3nXDkd>~Z?k|9*H0{$oW)Ati@*#eocM`Z
zx$({60($w=LbIR#%@Cu!C*)<9d5ew@ZRZJ}P_o{qy!9CbFpGYLm+_v46YS9W%Givf
z>Sw6PWX=Ao?J}9Mpx=;S<!iGqNR6UAPHy)ntNnSAT^^wG4ma~w2RKk9x`@~+2qaap
zId#}MuXI@N@Tg%0;SnKi-9ZfIjWk<duawlSIrRG?&jD@eaNOONsb!3$S$Ue*7Rb)X
zzO|NKQvyxYzgo5uL&*_7EpZxFiTWQGgce`TT~`1x3sz(M#O8&=#eq6KUt3ocqd=Xu
zuHX*7={m(}BUFR?5jehmllaDQCR6YDYZ&7Jja<Ui2rg7?`hcO-^bG@4v1uZTt0U7h
z5JOp@-gi1T<=8>2j)!(rC3JkkD%+XsrL$cM=d}fNV~MRf4aWD&cch*;BqaX5S26bg
z3<F8jO5G@WCH)10On{`x*RTSTz@8du7x)B|S<|?es-z~u@jVc5Vogtn;zx;-QU9HS
z)e=t;wxa%9Y@nCAGsy;SB}k*=L?ET(>*6xL@qkK4mCou6(JB=8C6<c1c&@a4dh&5m
z9h{6Wtvotjdh&7U0SUWB1Mydhn!GNAO<qxeNkMYxp(`@37%JOuwNp^NO3QHrD7JS}
zSbyg>A^deLEK{G<aP(GIw_Q-&gLj$?QI3Ba`UWevXt8@_;?yaBbiS`di{GRSaKoRJ
zY1)X(7~py!F+h9~kLw9r(|0p9m2Zyv{fh8DI$#US@_$lEd3sz~Qj0P&g$vrxChxnF
zR(bVV^r#Soj2Qi8#OM^U*4S7}Ulu`Gz*TOUeQfG&k>ex}y`_jmD*Gr~@oY-bkG#Wr
zbF$bD!h(;9D7;o=3+)p!Hgm*4UM_M?)PLVI+~85V<8cet2!FtHR4*b~zXdx!bA`Be
z$Vf=I4jIWNz8ElM<h8=9(#>h#HSN2mx~rG{BbdC6ByPek!WqneP+k?BPr<1FIBF)v
zs8Gi?hfGBn+qr|IHi0G{Bw`j3^?&_GW$Q-On|CW9{z=#N6O*KLC6}6&@xauM)SfS#
zHkM)ZM<RRI32$31>Kf09II_Gjo<l8Dfy|9?!f@F1J&w)9`CM)wEq1c1O5AYHXqOuv
zvL@51aEMx@wEdtS2C2`~@O`$ehqOY}f07M64q*CD1d!==GhN>F6$7dMa}oZbVno$v
zIK>X>*P_ZOE*w>)j&v6~7?NhCWt0lmS{$jXIvgy29eZc1!z(L7!dmsJ$1m@q&i&XV
z^)6zV{@YoMGw)AaO9wW6VIU>rgSe{d*u#WJXJ<(rk1m0~s({4+meWvU3@BBjSYHO2
z)KH44gOc+#-59}{oR1C$jq3gfWj<7PsM`B(%kErbD-SKEK7c&x|LphT198>;U6ss{
z7-@TW>Ig;>dt|lpuFJZ#@~{5lHVab-Eq)`7Nt{`O+4bajyl!I;6>EMVy--<YDW2lY
zltN{PtVPmCcOh3+RkwDns^Y(^dQMeUaCy3_WIqluRZ$&{U}PHMq^{K!Qk^JP%W>`=
z%;+viUEk>e>DE7VX%{u0|Fc_7oLP%YG_E#J-A2pV;q-lN>55F9PvJc-6(2@+sZ%|v
zE>p%3PueAiZgo-Fvq5XNL-{|OGRC2HO&L>L>7xOoXMnc<CUuB_pKeW`bOryZ2+M?|
zhm7?0@Xj*sTm+fyGEq9bsI{r}E}GkJU`HKOq4hEz0_0=`A?QP^Lr7vXSligHL`3(b
z2I1u@Y^?m0AyEW6lA4A<)~-J~rg#BkrROv0{bB~%Yey5d2S7wRV7j;|8JMI$M$oi+
zfNk|n`vpNxGAXY8`?~RJmJ#z`s7lCNM9R6cUi%n6ZN7nm<zt88<k0Kj#_Xa8f-98u
z7FX_kVus)Drzxi1O0tV9^?Wt_whESyUHH+ig=M{2H-7D4?mN54{^ul3B-0?X;IT(w
zlca?85IsMwf8F>sCD1cktc5iFT)!&eZ<G=@ONj<b*y|jzSJXd|JD%_e3^hWDSw>5q
z|2wCu<hnejXVyLJGxMgblUjY{LT%e^d8_XffymLs`QpOX<n=#^NYze$aon1>nPl17
zC!SB>YzAh{p&Us^5>YfW$)-GYXh7bgrh`x?L<R^)VojUxesWDyXUz$>`6hBD8-H!S
z>$nmRY4e@S6&iI|OW#&97VE3MfQ$Iw>N}I0i*&<x0^jnwmXb9R+fmT_AYbx|v^&_p
zO%4qQrLJGI;D7Qu8M<wK<fUFb(<%P>i5w4^{s(o=K#PB$^$9~mBG!w53y0I^zQ(5T
z0KGmh#*W>^>F3m2eUCkfm$k2Q*4wSVpD6e@4oqfZ&Chw#l=-8l{D75&y}{o6N!~46
z4;sFu(57xfjm&%<dc#G3U03>Rgg%%>|3er3SzYN*6Z&Jb=*wL6hkxHip8dapK1Hl_
z%k$OG(gzgD4faWEvO!Av4rBC`tTNN~<axc#(63dAxTJq80$3GKNjq(X)RVef(N;0J
z8v0A<@RL7-w~GE@XKiX(sc~zGi^Wo8vcCA8uviQ?&OS^4<4p}0G4ana0=4=^D&$#;
zJ$~8htFZBd6~3qwe~OJiM&S<=o0T88`g+^=BToqP4?6KaMfjRRh}{0vPo*i99jq6g
zwiBQoJy~}6-l1%(?|H@HSE>N?MQfm6!+lXUXB1z?8=pO)J=i=z-k6cdW$NDM`>B+H
zq`f)gM+*ei>YJ&!jZMo#{nOx=ZUsN}xB4y>8pBt|SLzJA-d10wU4F1CUz9H2>O0BC
zAEWSxiS|l=<m?My-T0So^eeS$u(vK70G#2~5(j&TULX9LTFjhQ-wwGj6r6fqF{t8E
zYQ%3aiki9SexH^2|3jVfCUFJBcNawTEn|_)B3S<kK|i!lN5KO@n*1Id%zA{u!I95@
zi;GW<;&YM1=K`BgqYxCh_^c2<mkOV;E<R;0K8MlM@a-jHkjnFGrxO^Kq-1P13r-fY
zJ}z!G!tEOjZuL~$qTHiR3w}#!)Z9k6k>iX*59xxw;+s~V!5wd#FU}WzaFI0;snL7c
zU3Lx4lvpb<Fs*khC9R)H4Zmgzl-Bz;$gEOn5Sgl8>|^3uS7=uCYxR{0f1{|BFT-~-
ze^Y0vp|V<<t4MCD?39c%2v{!FIdRAbJNC8~A3D;3%6GNpN#prmCrOyvjdGpm#aewY
zfb^zbQz}>S9N+JN6Pt}brCL)CvcP!z1D%YY{w;FW_bJ8KCH~66j%1#}|7f*Qeb)`C
zyEA-l?BuhS>fy88#b>g^C&QrN&)jwREWS2Xo#As_C!g6iA05hc2OW@+XXq`UGwhT+
zOU9?ZQHI7o^}el-DX(lg6D}dsm!s<I7o|lnurKdvtA1dN^wL1IVrJy1Ky;pWmKGn9
z+u6OhkCdfAt90-6(KmUtM@#&bu}s8<&A$8X%eLwzW59Y+vTAkuyXm`<>dAB)zMxzj
zJV{%2JDhnYA~|#w1=XuKZALI_*_qQ?-GhyR<Q+Y#2$*A`u(teKZ13wuc?#X>)Fx$G
ztCx)Sqzb9d^zHtoQ_n8Bkb1u7)Kf4zQ;#_`*HzrE&RYlDJG@oaRJ)#EQXcm|&PCW-
zy_kBQWQLv|4@}?fkg<hf6x|~A9iqO+P#y#S@;*HORP4ant3FH;L+sUA1D=q1DkoCv
zLE`Y?3tOd@Mz5`Zz3&XW*2gKFu}1Qa#Z}g}$EBq2GPzM-l&8q@?m@uYz^tvJ9$LmO
zGHkK+IMmqc?G;Lgt6kjC;Sx{keb%|sZ(4mDAi@6~IO_jBuqS*6@^g`BUevqIcdwxM
zMEwt};LCZ_1Lq}WrsLZCdfZEGi#N)I$hCp1`uQ4gGBVI_3Tl|BbPf=`DAeYg2V>0U
zNj*#>k~k^@rlMPkE5xc>??uJFVA7G~AJzCn-IGL;2~6~5AH_GE5=Z&Y<F6LK!7g@*
z6dUL&cDYQRkCkGjs#sNek?Z%tu#0DhFI&@#lE}MnMAj`WA<s70rXKqBJ@%zIJ@lT`
zkD1%kb#f465tk`hdporMbkX9IJe&Z5J&$D)9{618`eTUJmU1_(>lLK1tjWJY=vg+!
zRG}zzQH(=EYq(I<+7u&&LXLl>d2EukM2S$G0fp7@D|x!WT4qxh3pGPShI*Ay@5fWE
z!=EX_^KHVtKgnYIA0gZ<gs(wJh<gQ!kkO*5mBFHDfKaRwia$fquskqUy<ANZsF}1p
zZ17*l>E-!U4nlswDQoqNanRV#Q7Y?2#AbJ?SIj?o1x~x@M>c+K&$R5!aMMMsdosiq
zC}N&ls8$E=?TI?C-r=yl{mKmSpFX9oXFHA~Q)PWh7ixbw9lyHV|L{ugZ{>dKc0A4M
z|Csn-6e(nJGl<iXY8+Zq1;Vv5;5h`bNx1ar*6PxueR7muTG3N255a=!>$Ud$5;Mws
zF6?9CybvS(q_!LrAGE=G8UpwFEav~=qhgBmdjn)~Wj(k;TyALeYG+|)7Sh-!BQDje
z<znafCmZUAdHQ$^o9wT1K;&;cpvY!9*$H8EJ++a_;4~hgYF@ow`Ptl~g+t~YI%+S~
z`$aIefcID3EKdTRf!SrxQ1)yIZ&kvIXD;u<L_B0IC4+4>N^N0ehY8pE)!OkW3zUkZ
zA`g`xV8^EYZtFNK9B<a!n)&VsY1KQG%?S#Vmf?-(V!yPLuO3UQT!fnT8m=!_%dd*w
z-Y+*?r<-@KhO%{dKi*UN<7O_^WaC4*Fq#zXpbefZ=T!!6ik{otzf;}kUCc>^<P;?9
z*K0T$vLn1eTREcNuv`v%#OBv|BDe50-V^x|UyYtfz3#knGV(*NRtU4mXx)q{Nk)hy
z_bSeqsZlqUt7`{k<k(UuS}CX-F?HW4<~4!BKsT<>pRi$hbiUUU{*nicKQn!WEPUX_
z58+r-#E*;-C9dakM(3xBv0&OyjdA(yKcPRS-@P(OTRC?yPv!N?c37U=JF8;U*;@Qh
z)XI~Q+DZ;%@OTZI(QNg!yj##~t9ezv@lx!iysG#Ct>&eezx82Ul4Hkx79N8e?ji)J
z7QqQ0K`yA}Ig38#{JeD%1$pk*y8lsUSt`r-==^>;JnT4PFfUGMiTURVH*Mu*XDzy>
z>9Vt{n=UJ_ZW=KppiZ_*pO#Ky_h~Khh**Y>B1eei9V^SLD&`K+5;Z7}=yn;HR*Wv!
z5<@_?uS@sutMUV}U0yZ8eUjd9yU-_eB#}mH&q(B)9gR~JQ`M{T(E}Bf6I!qQ!qy{E
z0drXoN%*TkY0fXDMuW53AL-J8?I(E_G4(LM))FVmxDs15o{{hS_GKfN^1f(2_F|LN
zrzH;Y7ifh*ynUnCEE-R{Yl*)>C3~DQiGG6X=)8WpT3qIHdTd@Dqmis&)Ki-3-NT%o
zU3h-^wrY+xDGl#ie<d1D@Ye7Yc5>+J1h^}zQO;?&YUAJ4#y0CekIF8TvOL=ok=}O6
zW~wdU#tXf)_+f-<y6P+fLDPuA)}yS-<ao-LO4RxE7*3__1`t1s9zwjg0aU@axR3{C
z-jDPUAG^P~Y1CO&O|u3|fJlu~tGg&9XgmUq8(2TvZ?h3~6SDWCgc79|ly7qsD&JGS
zS?qoax6|`AY$4YDob@u7VqHlG=&{v~b$8g%3aauRyICGSj;*$VJv`l%YUQ??&rs8%
z2hxTJ2Q&EuRrUSrIimIjqz%hOev(VlajLZYHYpXg#7Rh$>c^ku<$L59^D<o!f1re8
z(e_m?_09pG8UO`+>_bq_^Iv#=Chb%$?{*V^kf<A!#wQ<Ud~Gfgbp0plF|>8E5hDX6
zyvRTP9AEVx$Ew&Hs-Ik%r!9LCt!aWq=X8z_!qfen8uo&SE>_%ShR1w&elgFF&F}<U
zKFA%N44*wd7`qtjz5%ryndyhy2aO)eJEf1;8V#IoA88K+QjXJAYP^(;EG&X1EUZ8L
zl(u0G`a@~<OOw|Q8n2rdDKDBV8Z46AZ4yH~sjF=J$QxUBId2ibk0W*Tzd_V3yJ$<#
zh9-3-e>(N!AY!rZ9Z|vi=gz*Nb<|+5CF?`-gvnH{R59#l{CSWGzxeT98bTCJUCJ#+
zpm%VZE+f$S(%sikogF@wapfAUWxg$k%w@_`LT9_l+ok=O9Mr_$4<Dl%k)w3dk$;bB
z(RoGQFz-C-8tHOW$KF^XZ+vz=KO37jC@1o2Th$=33a8!!#uwVksxycA!ZQ*Fl!4U*
zL`}kE0&=t%kM0(0zD8yt)^ssx>|j2jcVo<d_yL?_VO*?VZH@rB^0jJ%7rG6tNyqeR
z4*V0>H{naEA7T|kf%>7g*pZpx35)ddW*!sh9Xm3G35`1RBeNeRhMFN|ra)>!)Hx0M
z@F68dZ;>Jufo<%_tnh}|ky{j-D$<eaz0&Q^SPw(#GBM-XSmW@EFQL>`#%Fd+{wXTS
zBu4D{A8thbhgcVQTC4hbjH&re<GtbUaYE~8XHMgsH|4RR(mw0tfQYpQ-RM*A(BPje
zp}_}II6dXqbU6esK@i}58u^?IoG2H4xM+~$72|`+r%PqD&cp}Xf5UyO4G*BA?Yr!n
z6ze>d_Fhoh7&$pI+E!IeG3h#3)OrBo)CBCX+`0&b+kckfXPp5obrxC!<&J@rx=2~(
zl5%e?Ql2bL)E^!$bJ^!B17nO&u^L`k9P{^Px$8B;rF~en<}Vx&Fl48;2WrY|j%~Nz
zjzI|ueR$Yrh|H;(l248Kx3b3c+EHs^PY$<!Pu2{?iOf4BqoR<!m#B~Z-Xi-g%k~3i
z)?_r~8SiHpGv6Jh1~SV_*MrZc52Dt}O#G&NzEfVN{muhwR;enl8DSKJ$8!#k7Z4R5
zJ>Zd=CH9kdW2(kuzRR0-SbJ!zF6q(@ac7Rf(z{fo6q&8xAPL^nbOBi2A!D?y6~|z6
zB2VtFx!=Bfmh?#Dz0NmevKp}^<%xDH=1`pmm01*Fon#KZnZJ^hpG#bk`0`KK3EY3B
z;ut>`+Nl3zsFdCEY;I7nf&MpjtY}>ik>GTPw@efon2P7v$pn@0Uo8nZt!9h$JxswQ
zeq_vlI_~dXc#PU69lC2|=j^NlGj&}hX^B^*a#l(bXY8>o3WoQ|+()mhm=l&3i^IdZ
z68960pU2D{)_sW7{ukz#3T*!^R25J;cTW>ny&v4$>}*=aT}oa<Nj1gd_J?x&E2QdV
ze39H9XSebZG6~k3U2YGM+ZFch?Na)$U2Y#nYPDft)pNyos?Lvh9xS%K!uSlw7{u1?
z5lr93IV47NYUwodYI|lx-&i9;Y{LEIME4^kW9>&ubMLh=$Fo(3&q(tw$8H?;{Vhz{
zm|b*jbpDw>IaEwc?4!lybw+k%#JAK;j_}+^Y)x=1m|$%ahFOEaWE{|*?yAOdUi+`|
zq2wn;{kQIsIYnnZk%v<%lbz{L2yKy}FgA&UUylr`cNlHfpBV>PLP$K~c};FG&yD%p
zQG(;T<2i_abFr~N-U8M~dVy~6?6|gU0hjVhsXjb7=uGZEwN@iJ&$i;<aFMY@9fC|Y
z*~^&a>PwFJ$(x*XL#@ta1sO7)Y=)ibi!Ua_rh84_EGjn&B7n>ZB5fn&C0EWoQ2kn`
ztmDVp4YNjsQnUFRB{^~`ZecFSOG#o#&EEp6eH2#qCctI}BQ+fIYcyzu)itkmE%r+#
z=%49zLeZh9FjkR})<3Em?rqW+{9Be`8g1zm+xZIQ#`Qm;^cWDG@%roK(v1Gc;o=M;
zMGuj9H#r%`?9jR!L0S5o$$=|eW0+5iOFvJrM~+cD-9rXW<r|ryyTJOBRQBd!5w(g$
zaBY5SWvARUvlmrVmFb@kC_x4~S&<khk9ysHqQ$pS@3&NFJ7bO1HIurqH+BsfpDNDQ
zE8wN66S5%%@0{WAuE0E2uC4dei#qjwj+>^;9v*~1=2dby|M~z^Ryhwcocg(DEVb7~
z!Q`y*waGt<x6sb=Tn7`uaDjFEGHPn06Y|kxn|M>#9^OObOoUwnDerHFGOeTYdXVth
zohr)Hdug-UT24gfR1>|UbH2D%-UzG8IOMj+NQzfEk?l37Nx{(+Tpl|#(|+g3B32@t
z%<LUI<em#TO)9$<nb{aD`uLa&71+GqMCw#7yqtB%tZ-}WP-Y^u*6~a06sp8rh1PLW
z_diw3iwhnl;In|ZAn+QIKg-=^rLI)6E1V`3-t#p}syxI>jm3Sfq2TO(qhh73Kh(R$
zJ=p$R-YtHRN?dU>UTP6^%9~^Ur|(wbgEwUz2pF#|x+1!$h(o2aK8!6I#CmWKSAp33
z;4WhV8&E4%c`#qfyO#Nt8unVe@gUf0!*Z=emg94eSE2U%N!oe=%;Q%V!rXtZRIDvc
z!k-5=ifIg)XI-e)N$05rvYi~@<)X4ejFhO=VT1>-?Ui9flOpz7kTY<+NHMmc&R$MO
zPUV^+C-Ozsr@tP1p^0idkpdEFu@_dzHP1-XQ-~LzGcj@2)YfvECS=ys$xD?If5F&_
zkCrG#b;XO{15=kaKP}Ng$jWd`d@2zAdd*%LVbqVLsOL~oPsQxbaI}*EFLI@<8vh-R
z5HfF|%J)f@NFTM=!}r*ivL3!mU8dK=^6vk%+FIgfAo*!4CdVaAe`Gny!74gU2~N^s
zEyL(B|4To{)cm9jzq|F19>lI4+R{qOMg1``3&q14?;Z2<`&u$6PGc4)EmFRjHx{iy
zU0!=cdD#QB_L{<Pp77)OoQ37qIuH!a`PfohS?e`fMt*9Or{nP**td?5avlyl{u+Kb
zOKVz&5L)~#r=E~EQqfr#&+OOnRKGc|Ppx-f$f&Bb=BqmMq)tvZEj-h@RO;j<i|K}w
zEjIBWlVg|LwUvxZbrQoiEQJhRn|{Xd&4W8mbsV%N7QdyJjjz+a<ExfSgXMo>PxoX;
zTw6Jyl%Jr|zuXew8L$@Xl0fVWZ(!i2n18W>2-?yk^n5uaxr;L#X(dZ9!Nael!Z=4c
z--aOOzsjcG0zeli5rSPmrXRnk0!NjY-HvqfD3i`x`FHYdT@Fdi-(SkgQLbeRF+WNy
zoF-i-Qg7A_GK&t;YU)JZEqIYSH8`GDl1V`$-;!~;h#KFjmO0BFYr0f=sS>GKntP#~
zS$f|u@^VLBPyiQ?^*RqOsdz#eb)v6xKEmr9hVC8K*-L(eQ#rr5MIE~Hh+4JDqkPHh
z#`7Bk?X%T*FrqNz<?){ph5AJ!@@Mm-3z8^cp>>UcN$iDI%zq{_c^3|}A|Tc4oa~>a
zspc)v>|es4mi+2&?s?DTY`{fyhl}WCfmj=Ppbf==SVx`~FOz=9PY$rM{gBxVPX%6;
zFYihFlIJz}$p@=U8Fl?#)Wm}Y3s1B1MFR6OMacWDsu}C?Cn`$^g1e|ujxa7epI&4Z
zHBmG?Q-&1ll_n5eAYdSN@Tl;3$rde@A7DUw$#vNB!|z=9Sr@~|^y!r6;kQ!VTU*7p
zzqa&2x}Ur+D>?KOS|VL*Ux-t8a7*S3if?b}#Me-zsN=TG8zaOr(!Oue8&dyKg`za1
z%(r+iL}!PxE~0qMzj2A}QVUPEdV}Ce$~qQ72yh;pP$n%yQaTq8gGk3&EOzzQROw~c
z)oF>78Gusl%t7sOi+D(Wy-Y>O$jK@?Mvl)!T3!<3#M$^$Y69ehyT5)V8HocD4ik?l
z$A4HketW-+zo|2b-YFHe-VZZ<WbhFr;b{EXcd5)laIxs?S@>$q|8WAnw58MFYn5}C
zi4O@YrH$=FuMJl|^qh2q5m1q!qaA9hV*WqbMK4v;YH{)hFY0WIgwUVOE!7Sm*}Yf~
z*nO&)ic$v-N<*psCSB^IN}9W43AmN~1}3T{>%NKN8+ScL*`}H^WB!2Dx9~V^r7Yk#
zL!P$zvD8HXCMTrD3+ci<|JGAm`T^FDKCf7DBIaK}!g&{*hcSqrNDPhnKZy&=V{Dc`
zBgUjzw&LMfPbR4)D$L+2GM_0C7g6hcrWOMySVxN{XQD}FKAg5s>NDCK{hX{d22YK_
ze9WK7j(!9eq|DWpz5<maC68UaXhR|-GLA!+HNKu|h*6RtL<4i15;fgXVu?&Ai%f`f
ziq~3%{Zfy7>7L(N6B0B+#Zg*99(Rz(KT=cisEoY4$VyIUPf6R;`Wx<z_bxjDX=DDs
z$CQ5r;Ypv6ldbd8lth+Cp-r8|J?o1&=b9KAs7WTYJcU%fFSS$rh4)ca(6pt9VHPcf
zovnBoI(904JdnG2uBEwnc28USjd-eR@evnyHqYr&?=EiX{2q)ri#-$|s&aE3VPgKi
zBDxH-1Fdl&=-4>7%d;0D7CP*p3DvMFr#H0tkNGP@s^pjXX^pSQ{1f55geTrBoN)nb
z=tk)Zykmy<>uYf-8uPEX6UDV<%kt3CT)^94wz5}f&gCK7w(-{F_e7=zkVp{4ygqWq
zgh=Bjkk=X?TYrg3JN41-;{oX3;89{tNk0CZYt@M!v#oi>1$HNT75dblz7Vdb3s-IF
zVw>Qr^KF7Z3&C;-@Qo67TfffHmcECComPKc<Xw56>J;*P;wA;J=lM<EKDj}=`#E4)
zaz0!7E;erG-KEXmiuKx((a0Vh)`Qn4MLsrtzgz6_RLGNaV2RFZfE<PlRyhK6=|n1%
zBprwGl6#WFRO4@jl=M%64_f>ceXS?%lu%^HA-rA<FzX2~wAUHp<7+-o$5CrOq>kr>
zw3_!)H{*^me?ObqOqk(;XH!&y{iD#P7Eo4v?LBmoP#{NphA|8_@r{+ZS}J$=t;{8S
z3+4NKqdPB4#VEG`h-)r8okoxP$H)|e<sq#orc|V)7-Q>u@TPC=?pCDX4Tg8;eLykZ
zt=N*^AZOU)e*n)jc$?L!bd~vHPDF0?O}OzS-o?kWsw70=cASTGew^!y#Ui*}hk9_D
zWU4fdu;y);Rtq*||09YSTjK+EQd<4g8HZ)xrQiNsnNRt@^%4C+9K3|z`jS;QXK6V|
z_}NpE%*5&C%)ua-daO_AwZ?iGZT_lU`~_CK1WZhN%usHRMk0Cfa<S!mlm;_-ZM5u!
z)~$&urXTUTC0;xbDYi~SG<i+%i8LPbKK0VzkF2^qYNDTN-%peOC5rU!=<yh?D;?lx
z;^Q()_~ilBm^WT%H|919q@JOu`Vm;(MZmgC+QwfjLTXEIq?~mfMDp4L=9}2yUrfU~
z2W#GwV7-lCvUXUip`T2HL*5&zQm0c?TXmmu`v&RYpTL+^o3t(y4!9?tRaO07wf@qr
zcF&8-7<Q3})hvkE*S&cBjwy(8mxGkkR>{f_N5H^!IW#o3Y9KdrrNf)cG3w3Nlr7Sh
z_DGj~-YNTex@>Q|>}T36TPXOc!#au?z*GwGDyHhv@#+^UQ2nWMJHw|%H^>C9L>=P-
zog?Poxj-~q7Ncm0_*LtjRVDek65GCIEn32-lwPgqmgdlptiuasl|GKpD)t?Xk9FGD
zib{8rpUl8t{w{;SNsC-vkJa%DjP26(N>CIL&cv?o?4!(Ul(8OzwcT{GLGyQ7y_2;x
z-O0jz4O0wjDr}|gB-}PKXwMsOeet&Rg`-7Md30rIF&tB$$iT-m^h$YuXPxbbPE&~G
zt>)dfKTbdf^8a@zH~NB}iu`NKk$)m0sgq^_3G2yzxxwV3M$1rjJtpL;uBWL+45+4+
zF~7kLd)cs$&}|(L4_P)4Z9LX5-h$!g&!oB=rMwEBzm(wl`GTzAiG4Ehv%|VyB>4*q
zWlol53cfppf`6r8TaD_zcDf;Tw<60CF|?(ZQW@sF5Ova%oqvnRo+CmmAZ3xLg*^3h
z{-`zeWIQ?5pI+wVWjgcAYR{J6Tqp8%NsT-NLb4GDBIin`LqJ!iqeox*8Nclcb~UZu
z;mUQW^%L(uE^XxXC%W;Ol24~)3gyo{JsB^JqC=anYC2!)>O$vA2IfXV>1{TVx~5c#
z&hrbhZd38a`N{NR+<4tfLe2S}%dn*Iw_l`UkX(V+cqmxrwyIxzn_fD;otLk~g(nY{
zwt0h#TcvcU^6PNj2(#bwfz}>8yJ!CzEb*F|!nFb8>U?WCO+oT7@;CJmOw#{1X`iog
zR(VEQ*h%cnw~YCic<T`{@&9V?+ry(et~{?EV32U59pepSJIS?!g0PVg7zhyLsL?w#
zk}L^h{79>%zLGk$y4&5i1@dB|i~yrZvPt4hGGk|l&E!FL_$GMbnK=2#d|KOUXEr2Z
z^LZw($%brR(wL3Om&8LdB)z}isjAyo4YoY9yML`O-{sWfRMn|d=T&uYU)AG#hRAU`
zz$JmO#GLqX5X1}~Xl;Ga2+Bv;-&cu`FA=Z&BH8(+dbEO}t;8rerRV7Qjtx2)-%{%0
zljU_0w%M;}ID8N-fc!MzTncIKJE!YPiP8g<x$Q#K7`mkAjeHGSN?Umzwlauy!npX`
z0eBa%9zN>u6C@F(QPR0(?gSd4KYqgxyX`|aPF{y#YI@T_=ztNtUa+3^{G)ouflimy
ziK%yvA;VAU{D24(FTnpC>%o|li`w6d&s{FMID)R_d(4gaIpS}@06c|w+bG-uewF-|
z$?L0tg`qyaE<e<-u@p+a#-Ck=zkIR$@Qvs&G`X*Ia?#uY?ueW4`NA>Si{(e!zzLGP
z5#J@i!P?*PV699J)=K$wI5@crA4tZ5kDkWlbr>s4)#iHRk#ZAXp!(?Kb+0_La`}<9
zOD*e_XRrhLDkT1u=k4W3zJzG!m1nS5c>v>Z<tpeI-IwGHMSe9nUbh=06&*syb??F?
zW`8#7=^q=wBIEfeHo&t#{|;7Z4f^rL^YScDP9?~l3usFIoyDklL|^^MEZD?1TdoCR
z*#GUvK+7MkT!LC)C;n8h4?kb7u#S8VK}hTLnN<~7+}Yzl;&RA?l^YQ@tbc_~?)@Pn
zx##7C?qxJnk6VUH8z){Km`JTq$LN~{sac)ly$5YW_@v#g$wMnAULLO-A`QWbB%i(T
z0T3z=t{OUI)2|4R^Upp8ZUq@@Ag(wWE@eG^(-wI!6a2Deqw=N)Mdy|uxe1gLgP1~u
zpw3<fKjc9FG8h8>u4j*f=#kX$ygq>ja$esBGLe?^`rDCin|}CdA<kV@zYAygZT!0!
z&*JaZ<AjOl_Rs7GBVK3%3atds?O#&o_MwSihOlb&l%sj)_s7v9h(GksCjyIQv_mr5
z&%nlA(+NBs_*;&cA0k{Z1pYK2hY-H{yZ-0dO~7oNToiz&$j5IM{SLA=UH65xnC+jS
zZtho?mAygXUKU1agnl4}W1Iorx%&lJ#g*L(V}u{Ki@uy$#aez?ISOViKOBWzh+ef#
zepJ!=@C*=SSM((6^vi~Ald5<EU*LS7_I-Z@GREunK^}_?+wf^l2qL`Yn`CXLH^o4j
zu@)P!vSvYPZN-6BA5hCF?}gzf+i#|L;|)Lj2>yGAw)3e825epbcWsmV>vv6dY~dP|
zh!XEvvPVDl;@7BmGn_q#2}|SP-rzk=Jk0$|5JQT`tH0rZPA-%#l7;#_s@tZ+Sg6l%
z^75S09MgS1OFIsxfeAQj<6qms`w;4Nrg>8E0U(AZ6=TWMBTvHWV(q$IwRVrnL($2)
z9iU+L%a|{ow!IQX`bnheY-;Cz_8ZSWC~7M;wTHW48)m;fA__y25AR~Z3#y=E_HU6;
ze|XUNH{&noI>q)=MSe{cX#{WP9+$E)&I!6I5vS2vaO=pM{{`cWJye8k^dBHe^C@N_
zu?RaQd3*0+oMwo{hfBg1JG82YKP6E%WA;f9L)AR|hY$iF^x!=Vd?Di98J^BkB;<j^
z_cr83;;rC-yt4)iieI8ORnPwJ@6}PXjUk~oE2VZ|qNRHFN4jP)YJ$%<ttcWLv)}&+
zdHC|g^Ru^qPqq9h2vUPDKk{9subXQ^kZJfcUiZbcn9MC$T9H9o@6F%Aba|pTx#)3J
zFF*1_NGA&TYTiGnBp*e5Rg&iE2frEIX3qJJd=5DtOFwc0M$>a0^v(5lYVGf_(E9vv
zy6#T;=~Gm6nBiZ!sD5i+4siZKIwhbCtO4SmXDB)MtxEB1^6&;|I{vIp4F-7WT9I3p
z-h@&f?oU2WaSr0|pRTa7KWW3yDQ(OBK1{;@fUM%j8vB!={5D2cThATD(f+3&;7~Wf
z_k~u0uXxc0J4*9*&4Uy+c2(m3Y1`yu^7;_ICW?F;!owL1B-Wx0>*84pU5;0jfpQEe
zZHVhg6R$RebTfdV3A^q6&#^Q#@kzm&+YISeZt1!2D&qy;clcvqE#8hQnt)e2HgrA0
zVw=A2VhU6T@#aG#p7lqmNkfNjP_Kji{%v_7`x53%ELiH&yt|qGJoqWn`WXlUL#$NW
z^dFO$wuz$zBKhyd$ofs_$weQG5K;WSyDEjB*wAvfP5jLauqUq1uol({;hwxmFuv$M
zlpwA=ExjS8LRkC=aa$)&6HM0CVgk_VN2>lAdxdLjfG)NY=B#OzL~J<-#bn)5jaCFS
zP6YLzuF22uyOf-tyuvPC>P5HL&*6XI6iFY_<LuuM=Kyq?qPFxK$b220F-S6M`Is-*
zItJ{Z{KYLQ8otZ&GCpdMt)A`uCK~<+j0B@{-`gRR%Mk+2eE~w3e;%#k!A*%uRM&q9
z{Y<<tSu%cp<@luv*T%1cL#P<Pw9;L{cly2vHozHeYD3|!<xRhs-1KHhCZ3T!`d6rE
zocKL;^PX>sic63%I}Ix^KZN4<!{>hbYpTOx33HZzVbMcz$`r#Jd{ZU_*4J}m-9DRq
z9B5eTdisX1V{PSEP{_|N!m|gj=2Ms=zqx$zQOpe9vwiuI520wh?oa|`iAsK-KDPof
zHyOHxY-qovGLM6Kc%NjYgqRFIzX^wh??%J=b>itD7G`TTbaRh!i#I|J@7X)I9Fotk
zDj%5pFkJoQwJR_bKbG(p7*Si3AljK$KS^V>$-18p)5qkzRs6IM<r$!86YkzG;qRW-
zNqM;ix`cQAkIkTKQQa*f<sXo|E}p<wG#?Y4Y<*#j0?f<&CICMMSfqqnDK~ruU+s?k
ziUWRxHIy5eha)p=#RHhhA~ydc=1sBRI2<uUv`t8x&_q?+`~NEoLldWzX(&POMvZ;(
z;Dw}8<0D%khLFpfZ7j?lOx?tTNqSVe<s?WzS{#2T(h>uzm=N}(9^dV6!xK+@U(bsO
zPY<I@9TD<P4*az!6%pc~4EQfm-RFe@??VF<5SGbsDj?*0bGxPwA<p<q&Z%wkT?{#w
z&2|7^|7kw#OIPmN`n&9p<}N^%xdl5gcLtsWQ#$!pOo_V<%G%ikWbJ<fW%Bx8?1PBl
zQ$aSo`rNk}AWmNU{rm8I;}(peSTtR?jL!cHy78lI{3)-0K1*-HUiR=i&=~RlY?Af2
zs-8Z~p8mksQx&?M9o9WH5tBc4!xw5n=~=XyU5_#_xMH@7m3){#`xd770DpD`Qx}lJ
zgv!{{=b=1vTiNb6ifa|K7m<*&BgMn)C?J+A8)=&slS~tj(EX4Xx@$HriO*vr_Vw8x
znV|iu(e=0Xsrhof<~{<!n#~#-;z+#o=&VC9Hv1ka#*}s=G54ik0&^!*pJeJu3_H7B
zFb-AB-p=yH>}w5E7lDDP9-%mX1u{B!`sesKqxyaW-x$DKa!Z~?{*CJm4!psEH#qSB
z3kQm<VrzZPhMM*3t=;WA+dKBOhns`D+CqE7l~JoQv#l~~-CLQtpRf`eNAH61O!rw0
z$!t7oCz7t6OgRa=GE-*7laXjFF=(gakyyfZodd2Nk7ZmdgmNcpS4M4q=O$whq?5za
zAeGF-+}Ma?C7i*CBwB&MHg^Az)4$IiNTz{kZxieX<FP)wKRKLAJDE%@nXsdd>-4)$
zw8qXROgYBM#2$3m<iTv2(A*9hokTJ_IAjky!^!lh?I!Jvn@l@GkI<-x5PTUY>X;rm
z(m*5@N6*`A44sX;m`a&dMq0O7EloZ4I;*pzo1nER*a*<k+0)k1-p%seEN*NHHT5(h
z(a_P}-qgUNo~~d6OK|li-66ZXBizx|*3#A<422ufS0oX&+d4P*gbOP)DK}eIM>;kb
zOGM(}L&inIC8gWIp~Q%j23zb{YGkuL97&~+jzptm8>f!qjU4x??aA>>vVWiB+5^$L
zO3s<0fcd^|d?hq!G3dDLDiIlWtaYh$vVUD>G_!7>lTJACb^Vc4I3CHkVI-`6Pne?V
zWXkSKW-)zK2&0L~;;<B38OKerO)A~*#;ZEJ!re_h;hjxQoejax?lr6)OeeFcjHF^w
zf-FE+Hj$ukMl$y9w#K^3tla`&Rc6;(nDahsUDO#_m&nHB7S2%Bg-{W%D|lD4P$jEw
zM_e1iYgf9MW|#9o7ApWIv(AngdBu0=f>BY3rjC%^=U^BI66g*kqw>KgJB39dN&90E
z0EnyIH|jdjqssou+KmUc*%l=?(vP(rw6V1A5V}sQ!K4E+R;h;2*cfpmc3&JEx8up=
zz6=C=A4J@BQ>GQ9K9Y8gtgHD%li9wwW0S=Eq-yML7weFApvwIizJ{8lCj+%kN9;^0
z((l-j0oO^JIq7=nD}-!_tRR72uSOlMU9kh4Q8YPBGtnQ(6yS70Nk@pG#?Xv=^$r_`
zA_*wMpuJkwX0=^+hrJp+lz-b+djxQ;c;$r+{8xmUmDpzYWd{Z@B{vBZF&u$3sE>1b
zYn67Q*?ufFrs%C07+TnjBY{IyBj}@xiDvAcP`BL>k2wjq)rrTG){qlVSwmJ|ED@~+
zC25t44S=y5ed*0A9gijUVQnLEmE9kSxz(|OY|5XVpQ*lDlVl=3YDFVpal*=GoU}C@
zIRFY1gaa^g878We=@gh+?Z%+FWIPv15}6c8msB+A3QQzrnIsK1T3A-W&ZOd?kkVHT
znYC0FI-^sO#Ar24f}8A5#x123svnhhP|AVbNS~EW#15Fe_>)vDN>Z(;)0Z8D*8x+i
z)BPh@1D(kvqRgZ*OV=?~I;ZPsm@-x(3F0!zI9yO>Uo2IfNJgD_WYlWi-3j6Eci@|%
z_RTOg4upbsqTc~I`y&ZxyVVzo!U#a064~KCCk?&L(pOej!`#@JAu(xv^hC(tyKOKQ
zy}wM_XpVasVY`<LE8d66`!eBy)$V|bc_VEH`|hx04)!o;F0-JM2{14X>9WDs1Eab;
zFYNo%G1sv*@5(F+kj+7&b~5V<VIq3sYB@E^rML}kFC;ImATLq)ZJ4ACoK9vS24?I4
zHg&L4sRpc=@**_9OeIsUUDeik*XD3XduXqiX|EVAuB&NxH+*Mf*Zi8c&M+Khdv|BB
ztEs(bjmWx18E_Ilk1~*1M;=y#u~y}Kvm7!Vj}6CMD-#=}-x-c%_Ssc%N9a8^2well
z{5lk@v3eRheY~@)5=q;Q45yqlCbq_EI)FJR2CYms2C0O}jHNuU$}nhv?g0{I?TN+X
zkRC=uHf31i889osfXLWy*ay41+SC2I?IRn*Gy-=V+&;2drQRvw4_r9)7$zNJp0Vl8
zu`ZRBG00$=wjxX`TV^^_=A&-={OUWFzEiCy%$7Uk*aNXNJrx20wZh2(+iNhttIe;w
ztIe;`m1l|S63K%`fetFQIw)#YwiMSp$^M~OU(8(#zt``i02Pvrute}wP?P6~Ov@wL
zvx;@wGfw{<>`^2ZP4g3^?Is%|X^FD3se<OId}HO`Xl8x=<d;3)5fG4Rw=pV|BU9L8
z-W2P;-)UE=iLKESg@cce+M$qM8m}iVR|0g7+IE#;-266!@njz*L#=5+!%%2GDI8@U
zS468lh0bV=X3!xK2gY_F_cf4PH=BmHhOx10?bv{w$zp*rnVK^DR(lvRaV!OuU~iC7
z#5tL4iWZB(xfAIhk{a=HYgJO@^i~~^B%J-;I<i&WcK(m$!}<wdk_lL@yr~t%fOFR4
zAuRHS<8;L?O5@lts2ZkCl(LQMHfaTiKXx7HCj|cr%gHYCjzRi~#xkPv(#s|=gO0_H
z!l_64V(@dLc9r%cYWB1Tk<4hKe=XN<R7Yi`n4BF!gEbt*@4D)?OZ0a~zFc`KfB8Iz
zc9n`NTll@2nn_ajY_NAW%w4#>1ACL;UhLsy!Ko+k27^hOa)t%iUqKKuc2!JvSTOgr
zd=jvVN7oHAG9B&M>b4^h_O+Hdp-dc|s^y+BEP0xyyt70I8h5ZOu&eIA)z`yq>o>1i
zYwsU&AX#_UZH6w}Zhy*Wtk<G=qZAv1t^6ODjDh{}jHiH*Vc|apM5qa)3Moo5`rzET
z{pyb=GY-}hNxk62q_DZP@P<5Ki;nh368%oT80r&oU1u16PgxO9Gr7Vl0#hp@!5H?e
zEZ6S2ZaaBH!>(+YaosdBtRX6+x4P~8-@}v5Q#uLZOQmBYVucWU)Oqm-_30`&5=Yh5
z9$bHLgHTjk6?Fz8(CIaG8Is}J>+7(k>;pUO4RwNDR@M{T)!Ee5*50y>#27zUK)5I`
zM4sChqR0xt|A<ShqE<^OTr8cOvle>Xr}hQldsdm(xYCvR@noF}6A!XE$M?d^y6uR@
z;IaF|$$<e#xri4-QEmeez4pf#u5j~KgRDP9g|FX-<%U^CeD7c_#mX>%g^e>K_`_Cm
zQz-$}U8X9VEeZ@1!haITcvu+Q&z*`R+r(|$rLfXtpM=(e<{Ti)Bu`m{jk={3n77zN
zFj-Ez2KE-LL}<AY$0U(7W}?@N!g&ijy~V5vqIBt!JDpo<ZqcI1-nPl^%-|uS@$is-
zRXiQ-3oeyn1eV^n6O@ikpV$o;8%0);glKknc+}fVsp(|Q*4S&Tw-7SOaO}Xmo#Hml
zy&k9At?BO==3u_<gExs++ok65v8BjkV+)oXpqGXZ^KaCNuJ<2$&fF2h1vb_Osf@Kj
z1iG@RHa<)lM_*{SR;QK6!^RK>DK?xP=DH$UzKY9K+f*x-7>UHOl|WPvL%@wT%$`Jy
zUN~j8@`xragr13NIBN#Su5Ijsct&hGvG=85h){X*BZ7voL(38DVPde%YSZIJ(t}VX
z^hK{QUsr^}*T92%m01mu1QkQ6h`0=Bk#Co!r)hQKn1LaKgd*U`HVGu_Dl-T(z-uN(
zHuJ!S(+-QxW*Gy!Fhet*QmKqT8IH$M!7*4zJ(3`hp&S{HcnPyoVH?`3xUDL)rlv;D
zI>^s??a+#coUhd?n&n2p7hn7P)nT6KGb26DMaT4J$bVIPIos2rpY9;vr7)1EeVl@9
z^5E2K;Q06Z$k2@~OC?lb%`M164fEruQ{ns;GnN3SA+tDt#W_g~mK3L~_RTlnEK6<r
z1{YzcBt#m)xheyz8fcAdnp~XDa$ywfl!U;FhqJPugJ=vyp+0rk<uMgYgmIz>C(8mO
zPTc<G@%yuB*%K=~ah{9_{0-*e8@wo12s=np%Cn$&a(@jX#Zg&c9HA!q(+E=>ngDO;
zJRi`btvagSA49;50cB*K)b^)iDR71Q;T?LaL%Z&_md>`$CY)an;#9ZHT5>9v<301)
zT&@%M?8#hi2)B*<+n>P?;Bb%OZpFO?w}tz}r-6%m3GSIs<#H!+^P9DuxVPZ0z<ueH
zsKb36_ZaRW+?}|$;I?sp`_FT^)40cQcjC5jU;G5x;69D}1n#l_jQ26*e3+Z}hP!s`
zZWe9x%DUSdO_`HQ#^Yh~MAbSYFe;h4%Gxb=mszS3C%JYN<YOHUGv=QFc->!7tVTdF
zP8ZO3m5#^4DpnKp@ID8oCC(=dy7o%61|8)>b9Iy_RI2j}EIzCtDThod>LCy~nU#$I
zLuI-R{Zyf9{TkCMKV>JK7IDVUOq@YB75jw)bv>FKt*hSh0i|^t0)=SY2}?hg&d9M&
zn8!VK8mxa1#;rTNC)m~#ZVk3KcDDw1Hfg#LtjPnCN+^Z5W$7QWl|Ny3nIQx_rjEg{
z?Ulkr?6W&|s>+QZQ%<)b^3vKAKj@^BvL!P#bT!?%yQ#a!^m)~0o1pb-9|tZDVp$Rf
z9XzIah$RM+cAjOLb~-LOO4fTUIbzyo@z{+A<|25oH6wb36m!^()O0h-69-_<w|Np>
z?dP!Or@bF7$X0*dHoIeYPq?EwysK$fN7r5vq_8^f%|NKZIn%1Cvm+F0>guv3fg?oA
zlo%<8&2S-#*as&2VPEK}WuIi~sRgRo=G1v6r6h@V+-g=2p%@j**@(9T!BK7xY}7DM
z3A`<hJcYnq@~yOd`HR4Fe=quhjhxj%@i3PT9LUKmx*9nlKV$GvERIuQ_8OM0k{nq^
z!#qt?RO2jFEy+AJM=4&S#6{+5PKIetv7=TGw{T>TPA8JueOt}=7;p%ha~1r)EaG5w
zVy|5aH(aC272vs$-5l!Jqs0PzizUz}wUz*3o9l$r(IJT-(8N>P@BqwxI2DN*omYl|
zjS#4~2`3#^wxF*ylG&XAUD9Db*Qv0sI*Mgss?jiHAPha!^RKFmu90J8PoBvi9#Q+2
zhl&Xojt7y0a;8yZ_dy{zh@vk{uKBWxMiB@_ulA66zaxT3zH19cD`%`wGGQEQ9$&8#
zPY@Z^Ar4N(QaF587yYObTcaOFA?0jdxFHAgNU@E=#j?6~2M!|IcZ50`c3x?q>CcI3
zq|!SoUTbLeOuk2lA73AFT#4O?XNoC0^!$|R&y@z5V1+C}aEQ<jhdlK8I1MrLmG#lj
zW6@A|W5W;36JQdPF$Yh1Giwa0F@gQ^Xb2%2oFg~CIQMg7{pzVM<$OO5obV{g9Cc~=
z*i>M+#UhCXMNB2;Y#uEnUFg|}XXf6a8Au<7^}w-m?FRT{|NJ&ac*-J=X(VLx+IZu?
zzJ4}&>?!mNX8vNqm4`B%^c|KPx-sAR-hd0JkLRL_aLsS!ELiQeSY4S}t^5yDW}<?R
zwbhS%h7tcpuuI=RgtHHBxwMnj&+hSHzlJ=QCysdhrupz1?IQ{B+Btx;2R<YA37c3T
z%X9W%B$j-wR+^zmCag-RIQbmxl9(W^L>ynKqCtMpcqGpQDz-q6JbR-Y7mjw|@3K4$
z5tx@3>D-5}Je^pn0wnakALn(L7}t;P)23-F@WDcXrc;@vyh#-*&|E?qKh3X#e+2<T
zXEJR}DYQ=wQHWT8x8Zf--TrELWleYCp%mOM9xgGM)x#?14B?_&!L}9JH&qW8n76Bp
zF#RuaXyc;=^mW-O*dH;=eBv%A<tT`ZByoIzcL6A+mesB3QOv0lGq=WwBhLq3Wj^_p
z8i>vlzWM#l^NedD4Ll-;9IfH5Ig_MwN-`j`t159?OnT%MAKy7~*qoPgmnWF2lQkx4
zmXq2j&N6BwP>{VC--+<4l<q?I@bl?2eQ9J)SYHj^Ik$IWtBtxB^(%UTmsd{OPf=HH
zWEuZ}9MvU9@ZllkHK_B@ES<|gg!N6tu)t#@x}HCuSLe3`V^PoF@j(u|!J}+!VUunI
z+KC86G+t%p$*|;QYlbDsGNR#*y6DD|ch=*b^cL{y^446=Mf$?Ka=9k}F9SXW_>WE4
zCoTi*$>sR9k+ZvVxwC|Oa=BIbMaO-2=W_hb>9W1pI|5DtJ_UH;o?Nc9)UpoVhkC;I
zU|$KiJ)Fy(Vjge?@D$*S%=cms%sk*_zzcvC_^C@gf^h(+0QvokQ-C4BWqsJ&0v-fB
zOxTb1fNKYUho3aA9n9sX08asa8}PzVF1HcCs@fjIo*FRpUd#vZ6kbt&4Dbx#Nx-v!
zX8@PsJ?hJVPXOBZoz+cvx404T3BV!d@q+d#z$w750N#gJ;aA|NqW9rv26qEq26O>K
zF8XI4Kf$^Tc=n-Oj?#JN5ZVFWgdde(27Cgr3cqKZ`XJ~6JPYUo-t-~t<pKFU%2TWd
z{0iV1z#p^z!#Eqj`o#Yu=mre^8TRvlX8@O7i*W&00siBOTrS1@e*!&#2eI#;0X&5>
zgCzm9$N54J;8~nM90R<JGl{1FFW@ZTJo7lKSg{;@{i|HA7x2DkAqRjfw4N0`*ku(R
zs3^K|*)>b}BW#x6g!@2OE{C76;8!NsR1mDf%@@?h-T^wXURI!@Ik58G%ggsK8MEGX
z!?s&*S0CzOd%PKMwbnrn0L{g67k53%&$GS0dH|<zU&465=X+hvfr>|qcLY{GQnDjp
zPnYfpR81`k25OHk4hFW2U(>p*{OPfxJFmT_C2;QjMI{qOWq~b?f!bi83fO41BT%s;
zu%xlvT8plJjQa%SpZ&Ansp6)<%A+MMf!c#*ft8I0m9<tY?iCy#dh#h2T#XKlr0Hl3
zbQV8!)v<%+7U$iIzM|+0zuJ~7g#TTXokLl-p64{@IaSgau#c8D2CBvvwFG*LhXO-g
zfz&;Lp<tl*?y^8tFklDGyqe30%A~rvoc%qAe$L;8-*?RK4=u(^TLQ<6iXRAktf(t+
zqUavLAPN#?zRp_8vt_!zt=y_Ye=A@gY}kcMy1%Jnj66<$75~IzSc}4?{rMGb24~k4
zs5q){8w080PXIR<s0ap@XkNsDdkl8vcH-h9f5uSu6w0clM3p^;vU4c=Z@#jVD4V)B
zms{g2JA<;5D0`Q$>>SEoL>WFFAQ#8@G0N&;$KLEKyM(e3%J7*6xmM!;Ww3j9qwIc`
zv<B?rjxwR0b^I>-6Q~<7bvselRBrVm--x=4sQWeRAbF2cz8)z-57VVhlv}^N)EB2A
zFU?oT>W=c_ASxQJs0hj$pTrnb_vdo_Qlyee8KXcq8mSvCfw7X3+pew=pxClHabH4z
z7s9#RFOjx70u_%?2B)cOQ>D<NqojF!aq(Y6@|t}b)l!bi246w*v(KOX+SirdgkbkS
z)(bzuKA|^St|5m<+2=U>Ebc;&=)jZZ)^dnEhVTlo258RDX`Dr08|KS&i>D(Uf%@X}
z1${M_Hy4!b(7iVp)uBB63Vol3A8IC@xLCFXw&()N_yGW38*$%+vRU}2JuK^{-2jnC
zOGK}VpEH&t2o7MW$4ifvOchICJ!n@E&E?=0<YNEyb<0o&AlG*Me-N1^D0_!q)9K<C
z&kjIt#uwcg7%M8C!j$~V55>b}<37Xo@R!ppfbNYKHwNmV+f=z$U=fEl)&<TO(h8>q
zj2l)+&`TS|rSPxkfFm|abhrz`f3JsA51cCC&?n<p&$70U6nD;-7ue?U#f^d9l3GY!
zZL`qq8RDjL>QEeg48e~NBMtqkFAgjHqRl;qx-+PIo^@iQcaqmT1NH+jBMoAs+siw>
z^v-$dUV~!Qqxp;Is~&N}FLYm5$hOeh5|}A1eiF1oG{Ikw)<&UqC1Qum=;P1WM{A&>
zI0{-r<>C_=hm0ZqXk(r5>wPkjhQJalilQFWpGH07q(c88_Mpw@KT;)kP*txq2+ids
z2U&BaMc~?U9L7195Z^pEf1D=IU*^YY38YH8|1IP6Vw_cok9rXgy@a&Y<@x3OIC;PP
zZmjCZK{PZSZ1wx%mh#rX5-}FvfRv73b9C|4qUq8{N**n?YSHa6jBx>D+@s}d3bO3!
z+SipQdAE3U5&?O{eFkk-W^*}yoXXlu-xH#rx-(!qp6h7<uh{=AaO1$8r83HzHD9~9
z`O%U`N~ag?np!-5P4TD75c-IHWOplY--LLt>S!*9?-Yp)3}byM#~V@JiSkC4D-VYt
z0<<98iMqq6TYr_hIO<NKj<oA`yG^@es5^tYTk~~$Ox-6@cMf&;vaT;sac^Kr59{dr
zXHd7|;asjA^Hj118=_+-k+q$ktRWOAFZp*%u{v0<g4Jne^C8?7Fj|MVBBn*mSSY&%
zF<49BX*(1+zq;gx;=t_croctqmsZ33RNckW=|xwS1K1p1T$6(s>m=gj@2~)VbDHZX
zanLy8pxWY5f0%+;j{H51Ha&=)DgPFc?ol>`>vfj>p$^};08*f$7wgrE<d0E)4&^^!
zxr`%rR{WC0TOEPgy|A(fz&tM$EQe0dv%5RXZ8Wb1`BB8|Z=sxG?Z=CYzYhv_l=tF)
zC??mo2ROZt<#Ji#U_38=sxST;1XBf^5KPL?7;vBZ2;v|50E26M%&|aKXP|bE&_SEc
za0+2<sGN37XTTTEk$Z|KKAOw%V<hb7HDYJRtO$IsA_eG+>#|}Q<ls-RpU{2f{W#a9
zzPJ_Z0`0^oAV$Z5t!Tr)x$`#voR2aF8ZXUw#I}@^KQ3_V@e}ixkyf@I?)hj5Oki=h
z#~<*Lw44BL=@Yr!wH|+3iHoHY87Wx}qefyBXIjh2ix<)6{Ks>-+vscy;&;&ru~#})
z>Mj0@tI8=X!4R6;*ke8S3B;WY6knUKvL`8(J;~|ArNx6+?RH0b$xn*{PaiG~2WAeJ
zwlWnA06mWGr!dyB&%?)ZtOB~P(7p3ZM=-!u-9~(IV0LM1;NsG5z#W0}OG_SONeCso
z0D~yO0B>AxaNrFNyupFj$AR-Z72XLA-|;P#-!0DDvToJ+^%~L*@G684sA3*@sf$J)
z7fheJzN)|<>g@3wR1Y`m{1Ods(C}lro@Z6OOg;XJUy}LL*yr-1E8ulp4}>j(T(i0!
zA%a}18B61WJC%zu2e0cD@c!4$teKk>eRNN}&S?S|kMKf>F4vnhJg+Ba%C}snDh%Bx
zHDSg=oAKYG+Z()p$*K8abSc6YBV@kE_$dlpxqQ9kFY5f$^ewo4qx0tMM3w&E`+r8S
zOJR?-dcEs4?9{MV!<2?&8Xnj1godXzoYC-{hUYcBsG+r9ja;FjtzoT(^%{0+*sEbm
z!!ZqyYj{G#(;CibcuvFf8eY`U+MvhR(AKb4!+H%nHSE<erQw){$2B~m;b{$LG(4x_
zc?~aWXz4??3Jq-yYc;Ibuv5cc4O1G9X?R@26B?e@a7M#(8lKniqK0yS0v1&8AO)AL
zVXcPs8g^>ft6@sRF%6GvctXR|8qR2VPQ&vWUewT%O#sH%(AKb4!+H%nHSE<erQw){
z$2B~m;b{$LG(4x_c?~aWXvwBg&Hex6|0TAup!0ia{_iRu(y&{@do+w{_+AY&8a|}q
z{NAq2{lD&i?C-A}(_eCAf%=Da{nfc+Ssz@W{^JYOe|CZTrx&PyVS)M=7pQ+p*ZX<m
zPw)6Am3y`M|8{})MgQ>H?f>bUuU)@*f%bs~>ff|L{c2tBpR+$*yFmMG3$)*{Kz;iH
z{ol1f`}Zu+et3cU{kq=775=$1{ecC>|KkPfPb^S>a)J8Oy8hMV?~4o6{})~VYV&(x
zf%Y#hQ2)aP>R(=<{&%{*knbj6qT^hXFNA>w>I?A;^DPYx+w7{{eR$ZPwYS!6tf{SD
zpOxJDLmO&qYB$#4RT?R`teVVF#!d6r_%-rF;gnT__a2;@!9=zO?}y<BT<)l^s4p9f
zN2~GG4TTll(N^t71}#Cyt4u>yO>{Jo868&8O{*IH+VZ?i7<Kq9b%YIcDiwE01>T6Q
zL9%8LA0m(hUemK`_|+M!W&qW|PDb%b46DW&3J>rnG~pq9WWmd+KEjc78bA1#7ADPB
z926Z0fsx@DdRBe)WinO`UzfwXAB7D4H|Dtypo|+i<==SYWuV!2sM7p?$K<a=g0a47
z&(EpyGSGypsx-fUG5NP6;cq{r+Z(vbAZn<$FJ9@^g7#Coy@9resS<_lTTqN|IwlSM
zW<O=13AfCC%Ir@}w|62z9-8)Mzh&S_z0u(u$!F8v?0fd2j3k@(X8&fO*{=abu0neh
zK`Hk_roGw!7>GxgavAy!o`DI}a&KkwW`AYiY2Ch%eqC%mgamnN+ME5Jfo8vF#xI=z
z!@B(r-J#h(8ff;LY|pJ_VfzoFj65;@TSnkCH2Z3x$W^%hQz-Sfw{<%M<sA^+mY_nX
z4g4tb{`M7{6@mvfz5%A4fhSPmZ*S}N2J-o)|1#|i{A@vciw|CTY52QGRMz}&+L`?4
zknoRh>GKH#y>koQppbumt=pURx6Wxq4d3>5o!6jn{4W=@U-gPYG_cX@Sd|x!PjX4W
zK^wZH@C>|MFaaY!3d^z>M)FaRHXD{Xk2%iocH%0;H+chp2%P1(O?z`*^Rd_2{(qq@
zM>6eC=yQb=y1k7$|7H6#NdFc$W#6<n=Mpozy<rUXmzSa2ti$6d^N(-NduEoY`PZ6`
zrFFi&>8Au}{`Quw+F9mB15Ytk2e$6VfTciZU*0hMJLJ6ny@IV|uJ5vaX(j_eBW7(u
fxoLk}LAmZ-+OUdwZ)_j#ZF>ASnFhM9AZz_^j7(C{

literal 0
HcmV?d00001

diff --git a/tpws/tpws.c b/tpws/tpws.c
index 22f17da..e672fc1 100644
--- a/tpws/tpws.c
+++ b/tpws/tpws.c
@@ -172,7 +172,8 @@ static void exithelp(void)
 		" --hostlist-auto-debug=<logfile>\t; debug auto hostlist positives\n"
 		"\nTAMPER:\n"
 		" --split-http-req=method|host\t\t; split at specified logical part of plain http request\n"
-		" --split-pos=<numeric_offset>\t\t; split at specified pos. split-http-req takes precedence for http.\n"
+		" --split-tls=sni|sniext\t\t\t; split at specified logical part of TLS ClientHello\n"
+		" --split-pos=<numeric_offset>\t\t; split at specified pos. split-http-req or split-tls take precedence for http.\n"
 		" --split-any-protocol\t\t\t; split not only http and https\n"
 #if defined(BSD) && !defined(__APPLE__)
 		" --disorder[=http|tls]\t\t\t; when splitting simulate sending second fragment first (BSD sends entire message instead of first fragment, this is not good)\n"
@@ -191,7 +192,7 @@ static void exithelp(void)
 		" --methodspace\t\t\t\t; add extra space after method\n"
 		" --methodeol\t\t\t\t; add end-of-line before method\n"
 		" --unixeol\t\t\t\t; replace 0D0A to 0A\n"
-		" --tlsrec=sni\t\t\t\t; make 2 TLS records. split at SNI. don't split if SNI is not present\n"
+		" --tlsrec=sni|sniext\t\t\t; make 2 TLS records. split at specified logical part. don't split if SNI is not present\n"
 		" --tlsrec-pos=<pos>\t\t\t; make 2 TLS records. split at specified pos\n"
 #ifdef __linux__
 		" --mss=<int>\t\t\t\t; set client MSS. forces server to split messages but significantly decreases speed !\n"
@@ -253,6 +254,28 @@ void save_default_ttl(void)
 	}
 }
 
+bool parse_httpreqpos(const char *s, enum httpreqpos *pos)
+{
+	if (!strcmp(s, "method"))
+		*pos = httpreqpos_method;
+	else if (!strcmp(s, "host"))
+		*pos = httpreqpos_host;
+	else
+		return false;
+	return true;
+}
+bool parse_tlspos(const char *s, enum tlspos *pos)
+{
+	if (!strcmp(s, "sni"))
+		*pos = tlspos_sni;
+	else if (!strcmp(s, "sniext"))
+		*pos = tlspos_sniext;
+	else
+		return false;
+	return true;
+}
+
+
 void parse_params(int argc, char *argv[])
 {
 	int option_index = 0;
@@ -302,40 +325,41 @@ void parse_params(int argc, char *argv[])
 		{ "hostpad",required_argument,0,0 },// optidx=21
 		{ "domcase",no_argument,0,0 },// optidx=22
 		{ "split-http-req",required_argument,0,0 },// optidx=23
-		{ "split-pos",required_argument,0,0 },// optidx=24
-		{ "split-any-protocol",optional_argument,0,0},// optidx=25
-		{ "disorder",optional_argument,0,0 },// optidx=26
-		{ "oob",optional_argument,0,0 },// optidx=27
-		{ "oob-data",required_argument,0,0 },// optidx=28
-		{ "methodspace",no_argument,0,0 },// optidx=29
-		{ "methodeol",no_argument,0,0 },// optidx=30
-		{ "hosttab",no_argument,0,0 },// optidx=31
-		{ "unixeol",no_argument,0,0 },// optidx=32
-		{ "tlsrec",required_argument,0,0 },// optidx=33
-		{ "tlsrec-pos",required_argument,0,0 },// optidx=34
-		{ "hostlist",required_argument,0,0 },// optidx=35
-		{ "hostlist-exclude",required_argument,0,0 },// optidx=36
-		{ "hostlist-auto",required_argument,0,0}, // optidx=37
-		{ "hostlist-auto-fail-threshold",required_argument,0,0}, // optidx=38
-		{ "hostlist-auto-fail-time",required_argument,0,0},	// optidx=39
-		{ "hostlist-auto-debug",required_argument,0,0}, // optidx=40
-		{ "pidfile",required_argument,0,0 },// optidx=41
-		{ "debug",optional_argument,0,0 },// optidx=42
-		{ "local-rcvbuf",required_argument,0,0 },// optidx=43
-		{ "local-sndbuf",required_argument,0,0 },// optidx=44
-		{ "remote-rcvbuf",required_argument,0,0 },// optidx=45
-		{ "remote-sndbuf",required_argument,0,0 },// optidx=46
-		{ "socks",no_argument,0,0 },// optidx=47
-		{ "no-resolve",no_argument,0,0 },// optidx=48
-		{ "resolver-threads",required_argument,0,0 },// optidx=49
-		{ "skip-nodelay",no_argument,0,0 },// optidx=50
-		{ "tamper-start",required_argument,0,0 },// optidx=51
-		{ "tamper-cutoff",required_argument,0,0 },// optidx=52
+		{ "split-tls",required_argument,0,0 },// optidx=24
+		{ "split-pos",required_argument,0,0 },// optidx=25
+		{ "split-any-protocol",optional_argument,0,0},// optidx=26
+		{ "disorder",optional_argument,0,0 },// optidx=27
+		{ "oob",optional_argument,0,0 },// optidx=28
+		{ "oob-data",required_argument,0,0 },// optidx=29
+		{ "methodspace",no_argument,0,0 },// optidx=30
+		{ "methodeol",no_argument,0,0 },// optidx=31
+		{ "hosttab",no_argument,0,0 },// optidx=32
+		{ "unixeol",no_argument,0,0 },// optidx=33
+		{ "tlsrec",required_argument,0,0 },// optidx=34
+		{ "tlsrec-pos",required_argument,0,0 },// optidx=35
+		{ "hostlist",required_argument,0,0 },// optidx=36
+		{ "hostlist-exclude",required_argument,0,0 },// optidx=37
+		{ "hostlist-auto",required_argument,0,0}, // optidx=38
+		{ "hostlist-auto-fail-threshold",required_argument,0,0}, // optidx=39
+		{ "hostlist-auto-fail-time",required_argument,0,0},	// optidx=40
+		{ "hostlist-auto-debug",required_argument,0,0}, // optidx=41
+		{ "pidfile",required_argument,0,0 },// optidx=42
+		{ "debug",optional_argument,0,0 },// optidx=43
+		{ "local-rcvbuf",required_argument,0,0 },// optidx=44
+		{ "local-sndbuf",required_argument,0,0 },// optidx=45
+		{ "remote-rcvbuf",required_argument,0,0 },// optidx=46
+		{ "remote-sndbuf",required_argument,0,0 },// optidx=47
+		{ "socks",no_argument,0,0 },// optidx=48
+		{ "no-resolve",no_argument,0,0 },// optidx=49
+		{ "resolver-threads",required_argument,0,0 },// optidx=50
+		{ "skip-nodelay",no_argument,0,0 },// optidx=51
+		{ "tamper-start",required_argument,0,0 },// optidx=52
+		{ "tamper-cutoff",required_argument,0,0 },// optidx=53
 #if defined(BSD) && !defined(__OpenBSD__) && !defined(__APPLE__)
-		{ "enable-pf",no_argument,0,0 },// optidx=53
+		{ "enable-pf",no_argument,0,0 },// optidx=54
 #elif defined(__linux__)
-		{ "mss",required_argument,0,0 },// optidx=53
-		{ "mss-pf",required_argument,0,0 },// optidx=54
+		{ "mss",required_argument,0,0 },// optidx=54
+		{ "mss-pf",required_argument,0,0 },// optidx=55
 #ifdef SPLICE_PRESENT
 		{ "nosplice",no_argument,0,0 },// optidx=55
 #endif
@@ -498,18 +522,22 @@ void parse_params(int argc, char *argv[])
 			params.tamper = true;
 			break;
 		case 23: /* split-http-req */
-			if (!strcmp(optarg, "method"))
-				params.split_http_req = split_method;
-			else if (!strcmp(optarg, "host"))
-				params.split_http_req = split_host;
-			else
+			if (!parse_httpreqpos(optarg, &params.split_http_req))
 			{
 				fprintf(stderr, "Invalid argument for split-http-req\n");
 				exit_clean(1);
 			}
 			params.tamper = true;
 			break;
-		case 24: /* split-pos */
+		case 24: /* split-tls */
+			if (!parse_tlspos(optarg, &params.split_tls))
+			{
+				fprintf(stderr, "Invalid argument for split-tls\n");
+				exit_clean(1);
+			}
+			params.tamper = true;
+			break;
+		case 25: /* split-pos */
 			i = atoi(optarg);
 			if (i>0)
 				params.split_pos = i;
@@ -520,10 +548,10 @@ void parse_params(int argc, char *argv[])
 			}
 			params.tamper = true;
 			break;
-		case 25: /* split-any-protocol */
+		case 26: /* split-any-protocol */
 			params.split_any_protocol = true;
 			break;
-		case 26: /* disorder */
+		case 27: /* disorder */
 			if (optarg)
 			{
 				if (!strcmp(optarg,"http")) params.disorder_http=true;
@@ -538,7 +566,7 @@ void parse_params(int argc, char *argv[])
 				params.disorder = true;
 			save_default_ttl();
 			break;
-		case 27: /* oob */
+		case 28: /* oob */
 			if (optarg)
 			{
 				if (!strcmp(optarg,"http")) params.oob_http=true;
@@ -552,7 +580,7 @@ void parse_params(int argc, char *argv[])
 			else
 				params.oob = true;
 			break;
-		case 28: /* oob-data */
+		case 29: /* oob-data */
 			{
 				size_t l = strlen(optarg);
 				unsigned int bt;
@@ -565,35 +593,33 @@ void parse_params(int argc, char *argv[])
 				else params.oob_byte = (uint8_t)bt;
 			}
 			break;
-		case 29: /* methodspace */
+		case 30: /* methodspace */
 			params.methodspace = true;
 			params.tamper = true;
 			break;
-		case 30: /* methodeol */
+		case 31: /* methodeol */
 			params.methodeol = true;
 			params.tamper = true;
 			break;
-		case 31: /* hosttab */
+		case 32: /* hosttab */
 			params.hosttab = true;
 			params.tamper = true;
 			break;
-		case 32: /* unixeol */
+		case 33: /* unixeol */
 			params.unixeol = true;
 			params.tamper = true;
 			break;
-		case 33: /* tlsrec */
-			if (!strcmp(optarg, "sni"))
-				params.tlsrec = tlsrec_sni;
-			else
+		case 34: /* tlsrec */
+			if (!parse_tlspos(optarg, &params.tlsrec))
 			{
 				fprintf(stderr, "Invalid argument for tlsrec\n");
 				exit_clean(1);
 			}
 			params.tamper = true;
 			break;
-		case 34: /* tlsrec-pos */
+		case 35: /* tlsrec-pos */
 			if ((params.tlsrec_pos = atoi(optarg))>0)
-				params.tlsrec = tlsrec_pos;
+				params.tlsrec = tlspos_pos;
 			else
 			{
 				fprintf(stderr, "Invalid argument for tlsrec-pos\n");
@@ -601,7 +627,7 @@ void parse_params(int argc, char *argv[])
 			}
 			params.tamper = true;
 			break;
-		case 35: /* hostlist */
+		case 36: /* hostlist */
 			if (!strlist_add(&params.hostlist_files, optarg))
 			{
 				fprintf(stderr, "strlist_add failed\n");
@@ -609,7 +635,7 @@ void parse_params(int argc, char *argv[])
 			}
 			params.tamper = true;
 			break;
-		case 36: /* hostlist-exclude */
+		case 37: /* hostlist-exclude */
 			if (!strlist_add(&params.hostlist_exclude_files, optarg))
 			{
 				fprintf(stderr, "strlist_add failed\n");
@@ -617,7 +643,7 @@ void parse_params(int argc, char *argv[])
 			}
 			params.tamper = true;
 			break;
-		case 37: /* hostlist-auto */
+		case 38: /* hostlist-auto */
 			if (*params.hostlist_auto_filename)
 			{
 				fprintf(stderr, "only one auto hostlist is supported\n");
@@ -649,7 +675,7 @@ void parse_params(int argc, char *argv[])
 			params.hostlist_auto_filename[sizeof(params.hostlist_auto_filename) - 1] = '\0';
 			params.tamper = true; // need to detect blocks and update autohostlist. cannot just slice.
 			break;
-		case 38: /* hostlist-auto-fail-threshold */
+		case 39: /* hostlist-auto-fail-threshold */
 			params.hostlist_auto_fail_threshold = (uint8_t)atoi(optarg);
 			if (params.hostlist_auto_fail_threshold<1 || params.hostlist_auto_fail_threshold>20)
 			{
@@ -657,7 +683,7 @@ void parse_params(int argc, char *argv[])
 				exit_clean(1);
 			}
 			break;
-		case 39: /* hostlist-auto-fail-time */
+		case 40: /* hostlist-auto-fail-time */
 			params.hostlist_auto_fail_time = (uint8_t)atoi(optarg);
 			if (params.hostlist_auto_fail_time<1)
 			{
@@ -665,7 +691,7 @@ void parse_params(int argc, char *argv[])
 				exit_clean(1);
 			}
 			break;
-		case 40: /* hostlist-auto-debug */
+		case 41: /* hostlist-auto-debug */
 			{
 				FILE *F = fopen(optarg,"a+t");
 				if (!F)
@@ -680,48 +706,48 @@ void parse_params(int argc, char *argv[])
 				params.hostlist_auto_debuglog[sizeof(params.hostlist_auto_debuglog) - 1] = '\0';
 			}
 			break;
-		case 41: /* pidfile */
+		case 42: /* pidfile */
 			strncpy(params.pidfile,optarg,sizeof(params.pidfile));
 			params.pidfile[sizeof(params.pidfile)-1]='\0';
 			break;
-		case 42:
+		case 43:
 			params.debug = optarg ? atoi(optarg) : 1;
 			break;
-		case 43: /* local-rcvbuf */
+		case 44: /* local-rcvbuf */
 #ifdef __linux__
 			params.local_rcvbuf = atoi(optarg)/2;
 #else
 			params.local_rcvbuf = atoi(optarg);
 #endif
 			break;
-		case 44: /* local-sndbuf */
+		case 45: /* local-sndbuf */
 #ifdef __linux__
 			params.local_sndbuf = atoi(optarg)/2;
 #else
 			params.local_sndbuf = atoi(optarg);
 #endif
 			break;
-		case 45: /* remote-rcvbuf */
+		case 46: /* remote-rcvbuf */
 #ifdef __linux__
 			params.remote_rcvbuf = atoi(optarg)/2;
 #else
 			params.remote_rcvbuf = atoi(optarg);
 #endif
 			break;
-		case 46: /* remote-sndbuf */
+		case 47: /* remote-sndbuf */
 #ifdef __linux__
 			params.remote_sndbuf = atoi(optarg)/2;
 #else
 			params.remote_sndbuf = atoi(optarg);
 #endif
 			break;
-		case 47: /* socks */
+		case 48: /* socks */
 			params.proxy_type = CONN_TYPE_SOCKS;
 			break;
-		case 48: /* no-resolve */
+		case 49: /* no-resolve */
 			params.no_resolve = true;
 			break;
-		case 49: /* resolver-threads */
+		case 50: /* resolver-threads */
 			params.resolver_threads = atoi(optarg);
 			if (params.resolver_threads<1 || params.resolver_threads>300)
 			{
@@ -729,10 +755,10 @@ void parse_params(int argc, char *argv[])
 				exit_clean(1);
 			}
 			break;
-		case 50: /* skip-nodelay */
+		case 51: /* skip-nodelay */
 			params.skip_nodelay = true;
 			break;
-		case 51: /* tamper-start */
+		case 52: /* tamper-start */
 			{
 				const char *p=optarg;
 				if (*p=='n')
@@ -745,7 +771,7 @@ void parse_params(int argc, char *argv[])
 				params.tamper_start = atoi(p);
 			}
 			break;
-		case 52: /* tamper-cutoff */
+		case 53: /* tamper-cutoff */
 			{
 				const char *p=optarg;
 				if (*p=='n')
@@ -759,11 +785,11 @@ void parse_params(int argc, char *argv[])
 			}
 			break;
 #if defined(BSD) && !defined(__OpenBSD__) && !defined(__APPLE__)
-		case 53: /* enable-pf */
+		case 54: /* enable-pf */
 			params.pf_enable = true;
 			break;
 #elif defined(__linux__)
-		case 53: /* mss */
+		case 54: /* mss */
 			// this option does not work in any BSD and MacOS. OS may accept but it changes nothing
 			params.mss = atoi(optarg);
 			if (params.mss<88 || params.mss>32767)
@@ -772,7 +798,7 @@ void parse_params(int argc, char *argv[])
 				exit_clean(1);
 			}
 			break;
-		case 54: /* mss-pf */
+		case 55: /* mss-pf */
 			if (!pf_parse(optarg,&params.mss_pf))
 			{
 				fprintf(stderr, "Invalid MSS port filter.\n");
@@ -780,7 +806,7 @@ void parse_params(int argc, char *argv[])
 			}
 			break;
 #ifdef SPLICE_PRESENT
-		case 55: /* nosplice */
+		case 56: /* nosplice */
 			params.nosplice = true;
 			break;
 #endif
@@ -802,6 +828,7 @@ void parse_params(int argc, char *argv[])
 		exit_clean(1);
 	}
 	if (!params.resolver_threads) params.resolver_threads = 5 + params.maxconn/50;
+	if (params.split_tls==tlspos_none && params.split_pos) params.split_tls=tlspos_pos;
 
 	if (*params.hostlist_auto_filename) params.hostlist_auto_mod_time = file_mod_time(params.hostlist_auto_filename);
 	if (!LoadIncludeHostLists())