python3-keylime-6.3.2-150400.4.23.1<>, ifm=p9|bk#51nSR^C}]2{! U0duʻfN}x[x *]olN ߸h xpzY)<xմWœ+~[L$Hpx3,Iˑiw 'Jq,^ ͹[:r,<-~ M% ׆AOQtrcQHd/z.k=>EU|?Uld & g"5 KWz Pkk k k Tk ok r$kwk~k$kL"`dq(r8|9:>b@jFrGkH4kI kX LY P\ dk]k^5b;c<d=e=f=l=u=0kvBwEXkxKkyPzU UU U&UhCpython3-keylime6.3.2150400.4.23.1Open source TPM software for Bootstrapping and Maintaining TrustKeylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution.ifm=h04-ch1c SUSE Linux Enterprise 15SUSE LLC Apache-2.0 AND MIThttps://www.suse.com/Unspecifiedhttps://github.com/keylime/keylimelinuxnoarch# python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_verifier keylime_verifier /usr/bin/keylime_verifier-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_registrar keylime_registrar /usr/bin/keylime_registrar-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_agent keylime_agent /usr/bin/keylime_agent-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_tenant keylime_tenant /usr/bin/keylime_tenant-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_ca keylime_ca /usr/bin/keylime_ca-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_migrations_apply keylime_migrations_apply /usr/bin/keylime_migrations_apply-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_userdata_encrypt keylime_userdata_encrypt /usr/bin/keylime_userdata_encrypt-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_ima_emulator keylime_ima_emulator /usr/bin/keylime_ima_emulator-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_webapp keylime_webapp /usr/bin/keylime_webapp-3.6 36# python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_verifier-3.6" ]; then update-alternatives --quiet --remove "keylime_verifier" "/usr/bin/keylime_verifier-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_registrar-3.6" ]; then update-alternatives --quiet --remove "keylime_registrar" "/usr/bin/keylime_registrar-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_agent-3.6" ]; then update-alternatives --quiet --remove "keylime_agent" "/usr/bin/keylime_agent-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_tenant-3.6" ]; then update-alternatives --quiet --remove "keylime_tenant" "/usr/bin/keylime_tenant-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_ca-3.6" ]; then update-alternatives --quiet --remove "keylime_ca" "/usr/bin/keylime_ca-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_migrations_apply-3.6" ]; then update-alternatives --quiet --remove "keylime_migrations_apply" "/usr/bin/keylime_migrations_apply-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_userdata_encrypt-3.6" ]; then update-alternatives --quiet --remove "keylime_userdata_encrypt" "/usr/bin/keylime_userdata_encrypt-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_ima_emulator-3.6" ]; then update-alternatives --quiet --remove "keylime_ima_emulator" "/usr/bin/keylime_ima_emulator-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_webapp-3.6" ]; then update-alternatives --quiet --remove "keylime_webapp" "/usr/bin/keylime_webapp-3.6" fi&*# *" hf__9[9[  xxqdd22115l5l=E=E  W W s s b b@@uu ..ddgg 4 4 | |  zzbPK=1ŎZZNN 99TTv"s} q qss8844>[wu 8 8 [ [a : " "ff/\ \R4Bm& rJ$ + ^ ^#9J &;; 4 4ee``WW00%: \ `D   MMA 0 1 1 ej`#X~u?QU{F  55//.C47^#o JS1,^AA큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤AA큤A큤A큤A큤A큤A큤A큤A큤ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMif3bMbMbMbMif3ifm:bMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMbMbMbMbMbMbMbMbMbMifm:bMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMbMbMbMbMbMif3bMbMifm:bMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMbMbMifm:bMbMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMbMbMbMbMbMbMbMbMbMifm:bMbMbMifm:bMifm:ifm:ifm:ifm:ifm:bMbMifm:bMbMbMbMbMbMbMbMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMbMbMbMbMbMbMbMbMbMbMif3bMifm:bMifm:ifm:ifm:ifm:ifm:ifm:ifm:bMbMbMbMbMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:if3bMif3ifm:bMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMbMbMbMbMbMbMbMbMifm;bMifm;bMbM97f528d014381fc2ae4a938ed426f0a6ef5988bab091869f3d1256e8c01c827b4cf6e6460b150b4d1267c4f059e5c101c9a2fbd33140dffc913093753bc77009c608980c5b58a035d8dd1da623396ef06befeb57490d6d0bbcc8329178e9bbb9a3c21438aef4192f7fe54846b99845a4652f204c8d450bfcafeed52389e5f8896bfbc87e63c6bb43aba52c7604c2e541e727e9330f64199dabb0aa9fed462d571a22f1123ba517efaafdc76d6207968563f7157cae2344e2b6a3ba8266ab5fc5888b60418cb6e6b4a6295958a3694f373de79442c5ed4fd61615b8910f8cb377d8ba22dcc5b9b97c46d9b825dd2e5999b271018876265948e3b7f772d0a33ace2f7080945933f4c0a9cef8927626cd54bd6796bbafebfd53dd7058711d8354a0f6f12a0ac557fd540aa4955252894b8b8ddd4def588da17e3333750493202eea9c026378b0ed1730d5888a42a94d2f4319b9e469aaeebeb162ae9ecc6fde5ce201ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546bf43a0226cb5bbe9a4f22d12773149d49c3251a5ed860cf131047366ae1ba401f01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b4f8272bbfddb679644685e7a14d81ede1b2d0fbe72e8a2f4993042d5f44f9188e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855295971bee1db1e78d026cd62c20a4b6ed92fb353c3c4c32ad070d943c82883da295971bee1db1e78d026cd62c20a4b6ed92fb353c3c4c32ad070d943c82883da3a55067a61a33805efcbdcab561a9f83914582905f42ea84d12c05eb991392863a55067a61a33805efcbdcab561a9f83914582905f42ea84d12c05eb991392865277851d65bb16cb9fc3c30145bf9478a92f0727114edf3df6a8b8dc68ec3cb55277851d65bb16cb9fc3c30145bf9478a92f0727114edf3df6a8b8dc68ec3cb514ae6bfc279607f489f9ff9340a2399379ce40cb746018ac570545ff29042bfc14ae6bfc279607f489f9ff9340a2399379ce40cb746018ac570545ff29042bfc1b7c01e43047dcaece36cd9fd093654bf8edafa1c9cf41fd234f4669c62d7d8d1b7c01e43047dcaece36cd9fd093654bf8edafa1c9cf41fd234f4669c62d7d8d39bf142b483a6301ea7477546d9ab9ba84a8059561128bf9c1e94d58a91a3f2539bf142b483a6301ea7477546d9ab9ba84a8059561128bf9c1e94d58a91a3f253932c05985fac655267e5570ebe0a74a628778e44fa4314f5140b4ebacf3b2e63932c05985fac655267e5570ebe0a74a628778e44fa4314f5140b4ebacf3b2e62196abdad5b76b13dca13793f3916b2f87dcdc310d8e452489590893031414f29d8878779d09eb2144c2344ba652703c603d43b284610fd15684c39fc2f73ac02a425d9d5d152ab0f914b350aa1f0a45c6bb46072745b814605f34915adad9672a425d9d5d152ab0f914b350aa1f0a45c6bb46072745b814605f34915adad967cda37926844e8b7acc64ef9077b8ef973c1cb02b26cd24131486b0dd12e2b896cda37926844e8b7acc64ef9077b8ef973c1cb02b26cd24131486b0dd12e2b8963eb2f2e721b15d037d6adfae6e6372d6324178562273dc8a129ee116de6d043d3eb2f2e721b15d037d6adfae6e6372d6324178562273dc8a129ee116de6d043dda9ea551579895fddb7be7ecdc7dfafc4529ee41041fb61745d96a7b3cd42f89da9ea551579895fddb7be7ecdc7dfafc4529ee41041fb61745d96a7b3cd42f89f16ddfa022854f425461f27a5cd532e75cde3e0b4e4560d34cf5aae047db3d7df16ddfa022854f425461f27a5cd532e75cde3e0b4e4560d34cf5aae047db3d7d94ec1130e87524ef7fcf2360d69bbb472588acaee771bd4ff0ee06061cd9d8c594ec1130e87524ef7fcf2360d69bbb472588acaee771bd4ff0ee06061cd9d8c546496aad8a35ec4d817fa7ebf8a01d77203e7ab5a87deffbc6807a0d1e418e3c46496aad8a35ec4d817fa7ebf8a01d77203e7ab5a87deffbc6807a0d1e418e3c45652ec2df67670aeba073c6af69f333b83d7197892136e4573df895b200e66745652ec2df67670aeba073c6af69f333b83d7197892136e4573df895b200e6679f66df0f392c8d30803e263635f75ac60d0c23fa2b93af5ac7e8ac0f77dd59319f66df0f392c8d30803e263635f75ac60d0c23fa2b93af5ac7e8ac0f77dd5931f4aa7bbdee6a1e3b8eab73a1d06bdec369631d616ae1503580e734cdc1316eb7f4aa7bbdee6a1e3b8eab73a1d06bdec369631d616ae1503580e734cdc1316eb72679f079cfd94a3195971489a7022bf961bc8a985454d328810f521f3c8f327c2679f079cfd94a3195971489a7022bf961bc8a985454d328810f521f3c8f327cf507303b6012e9ee5854bd48bcc76ba3c503bcc4e7f98d4cfff4b872c92c836bf507303b6012e9ee5854bd48bcc76ba3c503bcc4e7f98d4cfff4b872c92c836b2b5e51f63524d3c668b8decd082dd80f86034ea40c2c00cc15696530932201792b5e51f63524d3c668b8decd082dd80f86034ea40c2c00cc156965309322017950998af11ed3f8f6977fcf60d60336cb9603bb2156d21fa533b9bd1fe8f3542250998af11ed3f8f6977fcf60d60336cb9603bb2156d21fa533b9bd1fe8f35422b5eec92820966f94557baea4a2bc35d6b4d97eae9933e213c30821b3af9ec8f3b5eec92820966f94557baea4a2bc35d6b4d97eae9933e213c30821b3af9ec8f307e89821f9507ebf3de5e3cd4ee9de5b341fdace6f5122dc978a85647ea2e2e707e89821f9507ebf3de5e3cd4ee9de5b341fdace6f5122dc978a85647ea2e2e76cc979aa118ab73d406944a496633065de86eeb7329f6077fb14224aba62a9016cc979aa118ab73d406944a496633065de86eeb7329f6077fb14224aba62a901861eec6cb2716e9426d0335d2a510bec43a73427491daded3abadf8b1555f395861eec6cb2716e9426d0335d2a510bec43a73427491daded3abadf8b1555f39516fb893c357e4905338b2542b461deabdec19365e5f96e8dbb5120468fe023bc16fb893c357e4905338b2542b461deabdec19365e5f96e8dbb5120468fe023bc94e20d272d5ce35dfdf3b357c5a0ccb4353a72aa2e9c029837b7b51615fb0fd494e20d272d5ce35dfdf3b357c5a0ccb4353a72aa2e9c029837b7b51615fb0fd4d654d2e77212abb440496686816e7aab933740c3471be25c71d9f180c4c92ce0d654d2e77212abb440496686816e7aab933740c3471be25c71d9f180c4c92ce06c1084d4b5875e3f63a5649f2304b17bd8c1e26defd96841f2dee9b06fe32c8a6c1084d4b5875e3f63a5649f2304b17bd8c1e26defd96841f2dee9b06fe32c8adae9a34eab6d12229cc459e9c82b59e9dab3854f897080fbcabab5dab618da8cdae9a34eab6d12229cc459e9c82b59e9dab3854f897080fbcabab5dab618da8ce80e1b820a343bbbd71edcddc3f0c1100745372ae11dad7185cc747156a89453e80e1b820a343bbbd71edcddc3f0c1100745372ae11dad7185cc747156a89453edbd5fcd45b848cb3320c908ef589d340ab090abcdb783640ed5f8e66e1d00a9edbd5fcd45b848cb3320c908ef589d340ab090abcdb783640ed5f8e66e1d00a92dfecde537b9a64c0582d1eed6c1d3499199bc1d9c94d16af2e4fd78709049252dfecde537b9a64c0582d1eed6c1d3499199bc1d9c94d16af2e4fd7870904925213e687777fe33f152dcc43806df8536b65636ba93980013c4b72b77504dfae9213e687777fe33f152dcc43806df8536b65636ba93980013c4b72b77504dfae90af0fdb1640335209b7143cfd832faf591ac164536b80183da08e7342f76f96f0af0fdb1640335209b7143cfd832faf591ac164536b80183da08e7342f76f96f701dbd1edce3113735727f7474fa025889eedb8ec211b4860895d541c011deff8c98abb4d5fe5dae0afc86f22df76b44e84dbeb8bd9b9aa3b54d9b1b5d52e931b7e390f8ed7534a00fa189dfa828278de586fe8169d98778b55e17b12c50580c0dc22792505bbe113fab1da2e3a2e24e85b18a8874747cd3138366c1d9788b33b743d66967b8e3593d327ca829b234e0043fc6e549b5cc225bc733b52b0da93c4a46b0a9d08737f458f4e5a17486ba994dadfcecd53af2b1544030f7a7115d14efc9a71ae28aa6268e6f4d57bb6fe408ac56d62f7032f94d5d8377b9b144da1ce3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855647223752fb42799133a3e1f45d08ea0c0b514dbea980e4e64ace22058be3f1d647223752fb42799133a3e1f45d08ea0c0b514dbea980e4e64ace22058be3f1dd45653d0ea45123362dcb2abc66adc62522bd031a863c5d2a1b71d3be9de3e9bd45653d0ea45123362dcb2abc66adc62522bd031a863c5d2a1b71d3be9de3e9bd46cf5d5a2cabac71b8c13e1d412e9f872b9931236105634a89230b1af90a18ed46cf5d5a2cabac71b8c13e1d412e9f872b9931236105634a89230b1af90a18e8e9a8c9794fe1b5ce852652a25d325bdbc6db9b39dca4e8721ccee5d8b85b4ef8e9a8c9794fe1b5ce852652a25d325bdbc6db9b39dca4e8721ccee5d8b85b4ef2bf6ae5726f62d165dafea936d4a232288a2a4dfc3e4d765301726c8d2ff70032bf6ae5726f62d165dafea936d4a232288a2a4dfc3e4d765301726c8d2ff700353b38f3898ce16d352b8ff2958ccd08718448be3b1c9470ea36e91ddca06074453b38f3898ce16d352b8ff2958ccd08718448be3b1c9470ea36e91ddca0607447bd5f85ea1592dde79e00993bff395761dfa641418a6c157840a4d94e09584f17bd5f85ea1592dde79e00993bff395761dfa641418a6c157840a4d94e09584f1bb82e1697f1a5ff2b437278da7c9eee93b20c2c1066ca3b2b5991da4c1b82cd4bb82e1697f1a5ff2b437278da7c9eee93b20c2c1066ca3b2b5991da4c1b82cd4b87ba58dccfd1546318e2be4f85b44907756bc15da9ce64eb20f05a18fe3402eb87ba58dccfd1546318e2be4f85b44907756bc15da9ce64eb20f05a18fe3402ecbfb3efcb262ad80f7b55f2939db19b340ca73c11f4cabc70634f63191c6c402cbfb3efcb262ad80f7b55f2939db19b340ca73c11f4cabc70634f63191c6c40275bd13ac03036c7498ffdb77ff91afba35649b0c207f03c932f979c2abab739378418c066686a84f0e46e3c49addd8d077831e854b93f5d47ca9f4e55c246c6225a3315b8b328839b73d960daf05e954701172530308b259336bbf76ea131c17fa2ea7da1eb41df7c256e9156989982e83d237aa7fd78de1a8fab31d87af2dbdf2971be43085453c2eae44b351c59e40e6096da882a7b3cc2e15a24b65eef6abaf91a7cab39dfcc2f9a0466a7f2b6e55274592e8603e5115448c2cc15ce65b9f1f776635886678195534052de05c3bd9ceb7b9d2910b5e1f00efbf4d9b2b342e88ec50f3f94e3c3b6613f8a69d858b78d62834a2b563c885809b4615d31df29195d2accb0b163d2de88840cfd8f7ff687fa54f3c344309f40bd1881c7ac211307c7e4ba8797a42b34e90608d7ccb923fb3ae5fbf709cb318014dcf317cf4b68fe3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8556aa54d16468278cb028dbb3b4f02c89845dcd4273fd3eb0297c908abfbcf0ade6aa54d16468278cb028dbb3b4f02c89845dcd4273fd3eb0297c908abfbcf0adeb3a15e5c790873b483d6fd345663b1395954c555254664cb250cfde693409517b3a15e5c790873b483d6fd345663b1395954c555254664cb250cfde693409517b12ed6cd53efaa20c0eab909c51daeb7015f517fd20e46f82416ac7f249adf64b12ed6cd53efaa20c0eab909c51daeb7015f517fd20e46f82416ac7f249adf6406a4c073d7cc75bd61f0d17b976a3d39f6e286410ae2a9d2127a6ecf5889bd3e06a4c073d7cc75bd61f0d17b976a3d39f6e286410ae2a9d2127a6ecf5889bd3e5524a6e30b91243488386ca2abf763efbf4de6792d2d0f786ffb9508b5c61b995524a6e30b91243488386ca2abf763efbf4de6792d2d0f786ffb9508b5c61b99c0ef10d646d94409fac185292272c2cf4ec94eda0adc4da6ddd0ce7925eeef29c0ef10d646d94409fac185292272c2cf4ec94eda0adc4da6ddd0ce7925eeef29a4b0a7f82d2ff616c5c702a6de9910ef962b4ba041197bcd9b9e060ebcbd1be3a4b0a7f82d2ff616c5c702a6de9910ef962b4ba041197bcd9b9e060ebcbd1be366d58c0b85feb4d376eb91c1f83086d0f19ba52be251d4130227f724fc83f2ecc32cfeef230110dffb4b0e154f7282cca32f6a1101701fee77bbb796c9e37d0f272a2cfc1b732b07d5bf13e4b3cb527290a28dfd5f4bf57e037b01695b5c38b0af208aa37afa88e70ec99002140d4829b5407954168393c37a0011c628691b0b48170a485f230c650d8b4a7743827bf690b4eebbaa5a5305633fec2d7eefb196e4309f30d74c8c5333926d0314aa7cd712415424613a192d0a6b4e5cb7260cb769e90a60e89c78578972dcfbcfef96ff20a74a70cc13398c8b9887f84f16832cc3d29a30dbcfabe8612744037af8f8ddac4e3c4022054af6494ef55269e28217611d1fadf606ce125450df0361d571f7f43c4f05e9bdddfb757078b494869ffbe3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8557dd51f7150841184f1e368fa6a0638e2c08a383e09807fbfb3f57d28504fda747dd51f7150841184f1e368fa6a0638e2c08a383e09807fbfb3f57d28504fda74b77afd291d19c43e6254fe90854f10d1c09a7f1a03143b3b7894a8ce914e3fc3b77afd291d19c43e6254fe90854f10d1c09a7f1a03143b3b7894a8ce914e3fc3e15cd1442f98e0118806237596cdfb2876f89b1a8d13342926632ff86df09b37e15cd1442f98e0118806237596cdfb2876f89b1a8d13342926632ff86df09b374b06cbf88018f0343bb94f33ffe67772354fa7fa7ce6757ef0e92415005275b74b06cbf88018f0343bb94f33ffe67772354fa7fa7ce6757ef0e92415005275b754bd27e7ce45a1cd204a95fc9efabc86b8735dd01d6c80a0f3b6b45245185163fd5c37e3ef4e13165762c2fc5257180bc5707686b8e57114b129b47515aba9fb74bb724b96bea7a3b6926662fc343bc524e8784d4f9b4056161e62cdaed89aa060afa5702484068ddbe75b7f311156f4ffd75a18a5db45560d0bf3d6860270bb68cdf959a14f8734b2155dc724a9518d0f49a4162bffe0546728e010827ca0ce304260ce014182c5ba1d371302d4ef952797bfdfb579cd7c4283bc06a1c0ba66304260ce014182c5ba1d371302d4ef952797bfdfb579cd7c4283bc06a1c0ba66212ba3284f91b19da2a60175ec9cefbc2d256abe0d0fbc23496eb6f59755f823212ba3284f91b19da2a60175ec9cefbc2d256abe0d0fbc23496eb6f59755f823743a94392fb1b40f41b346baf48859f3c4c92ea1a193295406239179faa45fe5743a94392fb1b40f41b346baf48859f3c4c92ea1a193295406239179faa45fe52c90005fd19472dc39dd3e6190ea0f49f047f8a1f88f66afe759a6ac0506aa212c90005fd19472dc39dd3e6190ea0f49f047f8a1f88f66afe759a6ac0506aa21e5115169d4b45c1957a5da7eb1417dc4662552de56f34c57c87b480d1b746b91e5115169d4b45c1957a5da7eb1417dc4662552de56f34c57c87b480d1b746b91c95675822697cae944982a0aaacdb8edf31be9396776e87a95edeee2d7451d58a50216831ebe19af288d6185bd7e75d6cc347f934054f44b415ee686ce5b3d47723109c37239bce6cadb3763b2eb17d700acb2a1a1f34f49eb35ada5d5019eef8f58c5b688f7c0052702898b3b51cd2146208e2c632ccf0d667034ee3f7c1ad45d77910152a06104f8b70432dae67897df54949c38505ec1f3822a660e0f66fb2577b6b4883e24378c308ceed333213556c7ea3114da04af2744cbab2805765843b3ac638ab2dea77e776364215658e5c2de0c6719789c798859956f08e90a1ac53f978542e2ce93037816e21271eb6a02baadc8fbbf1d98354b0e16c436297f1ecec644bb1f200d277ed984f821ba7db92681995e938476e31acf5bb575bf8d72ceb43bc11d7a6a3488cecf55e23f29b20dd6171412bfa089df9fa37df6fa38bb39cecd961f3bf3aa67d3073d6bc0ca8e66a43a3743c4883c9025f8f0d2fb38949b6dcc4b35e4652f2fcbb3e86242edf840959c5281b523526bfbe89139c184cecc72bef997e674e97f97649ef04f023b189fdc3418fd62c5512097b592b4ff3a206639e2eccd1506bdf2b75055ac70c097d22d2d79661ff967aba64e0ff702e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85548f48aa563d076ae2f51b19a67917168269646b83689bc83db4fb35d9ddb817a48f48aa563d076ae2f51b19a67917168269646b83689bc83db4fb35d9ddb817a05cfcfba83edb9e89bad914aad5d26704c2d2017b19cd4ef695bcc9da767dd9005cfcfba83edb9e89bad914aad5d26704c2d2017b19cd4ef695bcc9da767dd90a1d1a261b4348598eaddccba8dc86b2a2c7c9680e2cb4528732291f78e8d9b2226f2e65f5bd4f6e9e891563b6fc8f31673d1280c3caa70e9052037eca7309e35c1822b5d40a0f023305c7a0ad01c0cb392018800b2e593a546bb6faae74afae9bddd88f821f634619009ddfd8a9fbac2990bbd34ade94b191469cfdd5548d8c0e8cc735c51f5a8f47e351c738fb5bfe01a5c70f4a323d1e12b96c9a3903466349f1cc0efccdef3dd27b06402222f82da9605968d7e821a9dca26207affb082ee6e802112e11a883f72a163190200a7cc506251a9c8bd486e6c06f0a00ffc632265d30936651b8cf226f32434ea8caac8908d2e244a3ca77e77733414eff7794a891c69acae93b3cc73ccd62313295d46094d0b668864624c8f02fca7e7727887e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85546207996dfbd744b35396f3ba4d13d8314ff4fb45f2aeeaa61a7c1ccd3a1151746207996dfbd744b35396f3ba4d13d8314ff4fb45f2aeeaa61a7c1ccd3a11517e0a74f840a771854ea6b981503bc7c0be579330b92eb70ec36370dc30fd6a56de0a74f840a771854ea6b981503bc7c0be579330b92eb70ec36370dc30fd6a56d45f5672f5bced09c973d9f3766d8244762ab39782338cf7b07d597ed2ff6f0d445f5672f5bced09c973d9f3766d8244762ab39782338cf7b07d597ed2ff6f0d43c1538064d0d921e52034225fb1e35572ee3d6ac533fa9dc5db1f9875a19bde23c1538064d0d921e52034225fb1e35572ee3d6ac533fa9dc5db1f9875a19bde2de79aa663f03808a14ab1fd5f7188c2058ec4de83aa3d376ec5f305387477dbdde79aa663f03808a14ab1fd5f7188c2058ec4de83aa3d376ec5f305387477dbd41a37c1e8d8fe6cb769936efc45007d05fe9d58f50adf9bb8e3c66fda245f95a41a37c1e8d8fe6cb769936efc45007d05fe9d58f50adf9bb8e3c66fda245f95a26c1f20810278b1dc8b954215e0fa6a3020b5f87035c1285013704a5a1316c0f26c1f20810278b1dc8b954215e0fa6a3020b5f87035c1285013704a5a1316c0f339d64acdc65fd448f5349b133b5a9a38f616162aefe7bef3b1375a64a614a2f339d64acdc65fd448f5349b133b5a9a38f616162aefe7bef3b1375a64a614a2fc1857731a9fc881a271174ca53efc70c7a32484429b53ec889ad5b680800c21fc1857731a9fc881a271174ca53efc70c7a32484429b53ec889ad5b680800c21ff8fac0efcbdab12535f6346f3e91af4d6f15d69d922d87f2e67699a3d4e476c1f8fac0efcbdab12535f6346f3e91af4d6f15d69d922d87f2e67699a3d4e476c1aba83255b284306e7e695feae1cdbe13f07148459eb319bbeb931034b8dd59e1aba83255b284306e7e695feae1cdbe13f07148459eb319bbeb931034b8dd59e1dc6a5eb73110fb28c387c9411c315ad3af541d65b94efd58f7d5b641c8278dc8dc6a5eb73110fb28c387c9411c315ad3af541d65b94efd58f7d5b641c8278dc8527c6e72e6c0d4e7aa6ab0c2d475b0bc587df7e672ca69e75b2bcfc6449cc18b527c6e72e6c0d4e7aa6ab0c2d475b0bc587df7e672ca69e75b2bcfc6449cc18be28947d44158fe31761a3ff6d1d2180f072eeeefe84083551ead5ff2e868c889e28947d44158fe31761a3ff6d1d2180f072eeeefe84083551ead5ff2e868c8893ef8ce971f48b38c58aafe21378f321b551432e85fc5e308f5241833c48877c63ef8ce971f48b38c58aafe21378f321b551432e85fc5e308f5241833c48877c697271a21cd1b21df116e9e869f026125c2d5dfae8e4d30cc28c9ea025a58be2e97271a21cd1b21df116e9e869f026125c2d5dfae8e4d30cc28c9ea025a58be2e2d98345de1fb5a30d4dbbafc55957e421b878bf13c7bf324653d5b84d8569b7a2d98345de1fb5a30d4dbbafc55957e421b878bf13c7bf324653d5b84d8569b7a98b72212919f4af1f0dd38582708250f07abaa6ba11f2863f600e1db90a03d8098b72212919f4af1f0dd38582708250f07abaa6ba11f2863f600e1db90a03d80764419fe2da2da3d42373d4dfcdc8bbe979e61f285f04a2a6fcf378e9b40db47fe9ef24d1a1b513a1f17a462a4dac5a0dedaf2227b86b70cac699b84139c359d5916a23d09464509193500defaa23900fa508327031884c91da9cf4f73f8bc180bc21bffa4fbe36692ffb7b9e90d539075e0f78a67debb00130e7b098dedd143de496fffe62af8a630f4b2c67993c5b838fdb7d7460f4143c66294310bcfa15e772d452af09e1b55f601ed241866d082383465bdf6e0dc4e80c20a2697ac229e8b15f38155affeab4587d2741e1ecc53b32582b6a4ded1b3308b79617a1dfe6a390f8ae6410324022c4935efc91161691388ecefaec26210c4d56b7863b17319cf564fb7625a3b98e034c30060be2d45876e60f8dab3221ba0e778201c3388353c20dd92688a08bc127658eaeb3b091dd4c61d721b746a8be08eab1770027acadf4a09887c54f718a71ff8dba7845b361182761c814d27d1907157f388f8fa28f316c56c66dceaf8f3fb0717778ccecb0079b063b73ca2032964861e39d65954cb1cf948b8e19d7c20239530f276b5f69840926bdfeb81ac939f49ca30c7c1dee3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855c6cc38c7759722c3641e849f4a8f7105f556086004cc7708672d01f6a3c54f1ac6cc38c7759722c3641e849f4a8f7105f556086004cc7708672d01f6a3c54f1a1621fb20c71f58a0bab2de6f849eccc2b1c349661ee6861d5b419019d422f3331621fb20c71f58a0bab2de6f849eccc2b1c349661ee6861d5b419019d422f333e9a644f524578c27cc142b414df372beb39ba26cfa595d76587eac22b60b5f85e9a644f524578c27cc142b414df372beb39ba26cfa595d76587eac22b60b5f8582f0c469038b6ddd478376bdc096ae9f60d70eaebe1f2bcb9e877c5cb71620537ffc3d01d94bc2aace50fb8544d7bbef7dfe21cb340d1afd3afaacb47163bf8b182208cab4454b0bed36f18df662b2b3270a030b2908f5e2f166f221668ec6c4bac66f799fcaee48c56de163a40411e4612e8e196866689693867a579341713b0a18d86e7b597d516697b6c401cda15069d81919520e252e52ed0d76d210461fcfcb34d19f9985632ab049dc94882a3393f9c5c347e8870dd004476e3be1b9dfb3f22ce84cba8df34011f5d420ec87ad75d7f91700f21cdc8589ee388594325ef7074d5d0144efc2c2347a3e1ead9e5cc4f1f9805fda08ecb9f55325cf1d015d8cc6b2471e621ec93597f70b3569bfc38535b482b430312418eae7c40a45a704cccf6d68e3c0950ef7cc77e8ad860d25bc6c2c73b2bba30e91c3a29928074bc5ce03b281437d0e67d7e864060a73090454a19ff1de52ba006ec5fad2a1a4c5125f101a3abbb2dcdd7e2f13fa5e4be040e7a6c2ec4eafd52d09add263f85f0cae4f19b10e6a5cf124e34a2f82e439a13fba3cbefe5be5037371f8523cb38a8d9c687607e377529e60a1b07dfb17d6dcfa4f4e4f3e2ae1ff5847a5e3b18dcdebdb62ae8833cf44cf0f540154950efc98c6ec024986748bef10c168e1e8ab601f171921c6efa41a77453a0d7a316b3b54683a743a257d39a30d94b54df3e55fd57ab735efec0ae4f99a0d4b65af94c4bdb87e0f3f459bc10b540b48944ecbec7262efc57784de051b85bebb76dffc9c8ce19f5d4481f587a96a5930dbe09113beab49b4458b0cd26fd3eecd2d620713e8ba5813703158924a40bf40c28fb9db2adef8272c2efd093798809af1fa9c091d61189f55a2ec26ad2d7fe820b2bebdb054824e19f5f080791f323482a2f90d3657778fc04867d3514829f6e1f4d8f7171a7943f98def6d598cf8606927378d30757ae53b4973f50c6ed12654245835d595c37e156efca6f13cf566cb5b67cf039311d6f215847b248054e141a40edb1f6e2efeb6c6babea131e9a6c1ba2126c59e5bc8b52be11dc5f136c965abcd39268feca4d34761578df9c77313474d701750cd074eb5e3408bea9a709d05d2af618b209f5c82772090aa514b43a122cce54e3c97da67c162c5bad40837de5a64259618e42f974247240744f1f212056f963c3aec31aff1cc35cbe993d892c9ef2e58af804a3c4911cd162d5941c5b1e6a0f2d746ca6867e36df4adfa4eaed2f8e5a2c48582a8b4fb1c82b41480df27339cd56720e67ee2def5df00c1803098e5a512c92cf6684ad12f72c03f37d9286715c851d257fc52ffd377011ab6f71fa06920892a42ce01ad6007b4e8c0ae64d489a964bf4c93042c911e3eac1ebb2f04ed2b8d197415048d3db2efbe77094da68a3fe0c02abed6d911317653ddc971ac5d1eacc6e43333f374ecf377202b13330c30a58f9dd40cbb06472fadf62318d121ac47a04c10250430890f1b698df7d7d6a2a1312f27d7e760169ca3d4d0d60c0164432e844376bae22fd2cf6cca7e25e53cea795e0b1d8b5e1be9154e72db5d903cd3a46c50bbeb06695b8ef02951b85fb7bfd511ec3bc4ae8d37d67afc80e8e2d0d85fe74a6f86e7edc6b27072f38b8cf876ba5e1b6ca24e4f11bffe0537dcc3d2e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855d86a0952f6f3416e5455b54e7d40e09b0c17b10b8058926909cdc8d1d2db4c6fd86a0952f6f3416e5455b54e7d40e09b0c17b10b8058926909cdc8d1d2db4c6f1142c20575c518164d44296f1eec0bcbe9f6aa85f32bd5ef5c38b71de8f4debd1142c20575c518164d44296f1eec0bcbe9f6aa85f32bd5ef5c38b71de8f4debd83def8eabf720bd4d88348da4e3d5b6198925f2410d605fdcfe3a779d27f788b83def8eabf720bd4d88348da4e3d5b6198925f2410d605fdcfe3a779d27f788b17a76b5dcbf55af4258f0f5f4d7aaa7ff8ba28c6ae191c01ddc13b67e7b5981417a76b5dcbf55af4258f0f5f4d7aaa7ff8ba28c6ae191c01ddc13b67e7b598143d2f6e1f2ac447c3025ba5902d5aa78bf3d30d80daeb2d95876897c138a4ae813d2f6e1f2ac447c3025ba5902d5aa78bf3d30d80daeb2d95876897c138a4ae81cb624a84b6338c4b3c2f962187b26949a643d5275e60b0b45edad6ad3035c20b55153c8240a55a93808813c131ff4ee9817a9e95f4394429b001c37c4362606a8acf7cfad1ee50136f3a7235f77875dc11d99fa4d351e6adfbb1a310a848594da9801d5369c0ed815779adfc4e1369bc75e08c8cd4df8fd5a03450cd8ffbc90921adcc1738194532895dbdbe9f33ed1bdbe9d43440157a7cb430858a46de6bad453ddc364c50cc045535764c00f1f3016ead9781ae5eb939a860944d5b753f18ef17c0102263540f7b5d1254152d084804907e812641b9cc86cf914e61384c5f5b85bf2e773e006593ee2eabae7f26c1bf2ae9cc0729a13a88dcff26e333de1c33138000e18a5ac57a4a5a2c15a583d77c52f38dd4f9249582cdd09acaba38e876c545c2d6653d0d857fa8c33c8551441d8cbad6ef98e868322ebf68a6638531b3f22ce84cba8df34011f5d420ec87ad75d7f91700f21cdc8589ee388594325ecfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30/etc/alternatives/keylime_agent/etc/alternatives/keylime_ca/etc/alternatives/keylime_ima_emulator/etc/alternatives/keylime_migrations_apply/etc/alternatives/keylime_registrar/etc/alternatives/keylime_tenant/etc/alternatives/keylime_userdata_encrypt/etc/alternatives/keylime_verifier/etc/alternatives/keylime_webapp@@@@@@@@@rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootkeylime-6.3.2-150400.4.23.1.src.rpmpython3-keylime@@     /bin/sh/bin/sh/usr/bin/python3.6libtss2-tcti-device0libtss2-tcti-tabrmd0procpspython(abi)python3-M2Cryptopython3-PyYAMLpython3-SQLAlchemypython3-alembicpython3-cryptographypython3-psutilpython3-python-gnupgpython3-pyzmqpython3-requestspython3-simplejsonpython3-tornadorpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)tpm2-0-tsstpm2.0-abrmdtpm2.0-toolsupdate-alternatives3.63.0.4-14.6.0-14.0.4-14.0-15.2-1rust-keylime4.14.3if3dF@dE@cY!@b@b@bUbbV@bs@bs@b a@a@aaq@aq@aaa@a@acaC1`` @`i@````aplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.com- Backport patch to avoid re-registration of clients with same UUID but with different TPM identity (CVE-2025-13609, bsc#1254199) + CVE-2025-13609.patch- Backport patch to avoid the leak of the authorization tag (CVE-2023-38201, boo#1213314) + CVE-2023-38201.patch- Backport patches to avoid DoS via SSL (CVE-2023-38200, boo#1213310) + CVE-2023-38200-01.patch + CVE-2023-38200-02.patch + CVE-2023-38200-03.patch- Backport CVE-2022-3500.patch (CVE-2022-3500) (bsc#1204782) + Moderate vulnerability where a node can seems as attested when in reality it is not properly attested- Drop cfssl default in keylime.conf patch (bsc#1201866)- Use chown -h to adjust persmissions for downgrade migration. This skip following symlinks and make the migration possible (bsc#1201466) - Add logrotate configuration for the services - Create run directory as non-root user - Conflict with rust-keylime - Consolidate in _distconfdir when possible - Add fix_exit.diff patch, to exit properly in SLE- Remove user downgrade mechanism from the package (CVE-2022-31250, bsc#1200885)- Fix "run_as" configuration parameter and set it to keylime:tss - Improve downgrade user migration during package update - Add patches (CVE-2022-1053, boo#1199253): + CVE-2022-1053-01.patch + CVE-2022-1053-02.patch + CVE-2022-1053-03.patch + CVE-2022-1053-04.patch- Update to version v6.3.2: * general: bump Keylime version to 6.3.2 * tpm_main: flush transient objects * pypi: add notice that the Python API is unstable * installer: use OpenSSL by default * Avoid mounting secdir while unmounting it * remove TPM, VTPM and IMA stubbing support * archive: remove all archive files * Change GH reviewers to be from developer group * added suse / opensuse support with zypper * Fix tpm import in test_tpm.py * Fix cfssl configuration in run_tests.sh * tpm_emulator: improve TPM emulator installation * config: Add option to enable DB debugging via DEBUG_DB env var * Enable SQL query cache for JSONPickleType * tpm_emulator: move everything into systemd services * Implement broader key support for Keylime's signing mechanisms * tenant: Use exponential backoff on key verification retries * tenant: Move JSON parsing to capture possible exceptions * tenant: Move verifier stop from do_quote to do_verify * pylint: Fix issues related to W0602 global-variable-not-assigned * tenant: Handle 404 error from registrar gracefully * pylint: Fix remaining code with issue R1732 consider-using-with * pylint: Fix R1732 consider-using-with * pylint: Fix issue detected by pylint-2.13.0 * pylint: Fix issue detected by pylint-2.13.0 * tenant: verify agent quote before adding to verifier * README: remove tpm2-abrmd and OSX sections * pylint: Fix issues related to W0102 dangerous-default-value * pylint: Fix R0201 no-self-use * pylint: remove W1203 logging-format-interpolation from ignore list * pylint: remove R1729 use-a-generator from ignore list * pylint: remove E1120 no-value-for-parameter from ignore list * pylint: remove W1201 logging-not-lazy from ignore list * pylint: fix C0209 consider-using-f-string * pylint: fix C0201 consider-iterating-dictionary * pylint: fix W1509 subprocess-popen-preexec-fn * keylime_tenant non-zero exit code on error * Fix prepare step adjustments in packit-ci.fmf plan * failure: fix Pattern type hint * mypy: add initial Mypy configuration * ima_ast: add type hints * failure: add type hints * logging, config: add type hints for logging module * algorithms: add type hints * json: add type hints and add JSONType as custom type * Full allowlist processing when not adding host * provider, vTPM: remove vTPM manager and provider code * tpm: fix that the set of missing PCRs is not serializable in failure * Restores the option to use keylime agents without mTLS * services: make the services run as keylime user instead of root * State in --help that SHA-256 is used for --allowlist-checksum * config: change cacert.pem to cacert.crt * registrar_client: validate connections against registrar ca certificate * tenant: validate connections against verifier ca certificate * request_client: only add custom adapter if TLS is enabled * setup: add static assets for webapp * Add TESTING.md describing testing details * Fix some remaining log format strings * Fix for database_url parameter with sqlite * Enable test basic-attestation-with-unpriviledged-agent in Packit CI * Use lazy string formatting when logging (#535) * Make Packit CI plan more resource-saving * keylime.conf: Document setting ownership in WORK_DIR (/var/lib/keylime) * agent: Make sure tmpfs is empty even if not mounted or cannot unmount * agent: Drop privileges by switching to normal user and group * agent: Move mounting of tmpfs towards beginning of main() * agent: Read measured boot log near process start * agent: Open file for IMA log file near process start * ima: Refactor read_measurement_list() to take file as argument * Add the policy name to failure event * tpm_main: Check if tpm_cert_store exists (#553) * Remove tag input from container build workflow * Push container images to quay.io/keylime org * Enable code coverage measurement for e2e tests in Packit CI * config: fix config search order * Add defaults for ephemeral keys for agent records * Update outdated greetings Github messages * services: add keylime_agent_secure.mount service * installer.sh: updated tpm2-{tools, tss}, use system packages if possible * revocation_notifier: convert the data to str in the notifiers * revocation_notifier: mark webhook threads as daemon and add timeout * Fix Packit CI test plan Summary * Enable Packit CI testing on CentOS Stream 8 * Enable Packit CI testing on Fedora Rawhide * Remove last trace of TPM 1.2 (hopefully) * verifier: remove start_tornado() function * verifier: wait for connections to be closed before stopping ioloop * revocation_notifier: kill ZeroMQ broker if it blocks more than 5s * Add more e2e tests to Packit CI * Enable EPEL repo on CentOS Stream in packit.yaml - Drop already merged patches * drop_privileges_of_agent_process_after_startup.patch * config_fix_config_search_order.patch * services_add_keylime_agent_secure_mount_service.patch- Add upstream patches: * drop_privileges_of_agent_process_after_startup.patch * config_fix_config_search_order.patch * services_add_keylime_agent_secure_mount_service.patch - Configure the agent to run as non-root (via keylime.conf) - Add keylime sysuser conf file and deploy as part of the tpm certificate subpackage - Prepare the systemd mount unit for /var/lib/keylime/secure- Drop patches beacuse merged upstream: * version.diff * cloud_verifier_tornado-use-fork_processes.patch - Drop binaries not used anymore: * keylime_provider_platform_init * keylime_provider_registrar * keylime_provider_vtpm_add - Update to version v6.3.1: * revocation_notifier: mark webhook threads as daemon and add timeout * Fix Packit CI test plan Summary * Enable Packit CI testing on CentOS Stream 8 * Enable Packit CI testing on Fedora Rawhide * Remove last trace of TPM 1.2 (hopefully) * verifier: remove start_tornado() function * verifier: wait for connections to be closed before stopping ioloop * revocation_notifier: kill ZeroMQ broker if it blocks more than 5s * Add more e2e tests to Packit CI * Enable EPEL repo on CentOS Stream in packit.yaml * agent, crypto: add localhost, server and contact ip to agent certificate * Add better default repo path for run_local.sh * Fix incorrect variable name in test_restful * Run existing agent tests against the rust-keylime agent * Fix small wording mistakes caught while reading the code * agent: move key and certificate logging levels from debug to info * agent: allow absolute paths for rsa_keyname and mtls_cert * Add missing backend parameter * cloud_verifier_tornado: use fork_processes * ci: automatically push release to PyPI * setup.{py,cfg}: Move setup configuration to setup.cfg * Add iproute tool to Dockerfile * Pylint does not like single-line functions. * A small beauty fix * This is a small fix to proactively fix Issue #840 by identifying non-escaped double quotes in the tpm2-tools output * setup.py: add version number and new Python versions, drop unsed binaries * setup.py, config: install default configuration into package path * ci: move old keylime.conf to keylime.conf.orig before running tests * retry: fix pylint issue * Adding Infineon Optiga 034 RSA and ECC certificates for Infineon SLB9675 devices. * Ensure columns "mb_refstate" and "allowlist" are of type LONGTEXT in table "verifiermain" * tenant: add exponential backoff option to retry timings * cloud verifier: add exponential backoff option to retry timings * tpm: add exponential backoff option to retry timings * test, retry: add unit test for retry algorithm * common: add algorithm for retry time calculation * registrar, tpm_main: ensure that correct types are commited to DB. * Fix typo for config param listen_notifications * Lint is _really_ unhappy today. * Linty fixes * Adding a unit test file for tpm_main * tpm_main: check if PCRs for the hash algorithm are available * tpm_main: handle if tpm2_checkquote returns no PCRs for a hash algorithm * agent: output supported_version as result not as a status * Add missing subcommands to -c help message * tests: fix mtls_cert generation in test_restful.py * revocation_notifier: fix socket path permission check * Remove unused database_query config param * Move umask calls only on entry points * config: move directory utilities to fs_util- Change back agent_uuid to hostname - Set tpm_hash_alg to sha256 by default - Update version.diff patch to point to the correct version number - Fix issue with Tornado, when multiple workers are started * Add cloud_verifier_tornado-use-fork_processes.patch (bsc#1195605)- Drop patches beacuse merged upstream: * 0001-Drop-dataclasses-module-usage.patch * 0001-config-support-merge-multiple-config-files.patch * 0001-ca-support-back-old-cyptography-API.patch - Update to version v6.3.0: * Coordinated update to fix: + bsc#1193997 (CVE-2022-23948) + bsc#1193998 (CVE-2021-43310) + bsc#1194000 (CVE-2022-23949) + bsc#1194002 (CVE-2022-23950) + bsc#1194004 (CVE-2022-23951) + bsc#1194005 (CVE-2022-23952) * secure_mount: add umount function * secure_mount: use /proc/self/mountinfo * Validate user ID in all public interfaces * validators: add uuid and agent_id validators * validators: create validators module * revocation_notifier: move zmq socket to /var/run/keylime * Update API version from 1.0 to 2.0 * tpm: do not compress quote with zlib by default * verifier: persist AK and mTLS certificate to DB * verifier: use "supported_version" for agent connections * tenant: add support for "supported_version" option for the verifier * api_version: add the option for basic validation * verifier: add supported_version field to DB and API * agent: add /version to REST API * verifier, tenant: allow agents to not use mTLS * tenant, verifier: allow manual configuration of agent mTLS * tests: migrate to mTLS * tenant: connect to the agent via mTLS * verifier: connect to the agent via mTLS * tornado_requests: handle SSLError * web_util: add mTLS context generation for agent * agent: Enable mTLS for agent REST API * crypto: add helper function for creating self signed certs * registrar: Allow the agent to registrar with a mTLS certificate * request_client: add workaround for handling certificates * request_client: add the option to ignore hostname validation * Better docs and errors about IMA hash mismatches * tests: use JSON instead Python string for IMA tests * verifier: use json.loads(..) instead of ast.literal_eval(..) * Adding Nuvoton certificate for a post 2020 TPM device. The EK cert of the device directs to the following download site: 'https://www.nuvoton.com/security/NTC-TPM-EK-Cert/Nuvoton TPM Root CA 1111.cer' (yes, including the spaces) * Improve revocation notifier IP description in keylime.conf * tornado_requests: set Content-Type header correctly for JSON * tenant: post U key to agent with correct Content-Type header * Explicitly set permissions on new keylime.conf files installed * tpm_main: close file descriptor for aik handle * verifier: do not call finish() twice * agent: fix payload execution * tests: add initial tests for web_util module * config, web_util: move get_restful_params(..) to web_util * verifier: Also retry on HTTP 500 status code * agent: improve startup and shutdown * registrar: cleanup start function * web_util: move echo_json_response(..) out of config.py * verifier: fix failure generation for V key * tornado_requests: cleanup TornadoResponse class * web_util, verifier: move mTLS SSLContext generation into separate module * ca: support back old cyptography API * Fix test branch reference in packit.yaml * ci: disable DeprecationWarning from pylint in tox * Enable new test in Packit CI * tenant: fix reactivate command * config: support merge multiple config files * ci: use only fedora-stable for packit * elchecking: harden example policy against event type manipulation * elchecking: add new tests * tests: fix stdout formatting for agent and verifier * Drop dataclasses module usage * revocation notifier: handle shutdown of process gracefully * verifier: handle SIGINT and SIGTERM correctly * ima_emulator: fix IMA hash validation and add more options * ima_ast: fix handling ToMToU errors * Remove leftovers of TPM 1.2 support * agent: improved validation for post function * agent: better validation for mask and nonce * config: add function to validate hex strings * agent: keys/verify check if challenge was provided * tpm_main: do not append /usr/local/{bin,lib} to default env * db: only set length on Text type if supported * json: do not make sqlalchemy a hard requirement * Enable functional testing with Packit CI * ima_emulator: specify sys.argv as the named parameter argv in main() * elchecking example policy: make it work with Fedora 34 * elchecking example policy: initrd* might be also called initramfs* * scripts: add mb_refstate generator for example policy * config: change tpm_hash_alg to SHA1 by default * parse_mb_bootlog: specify the used hash algorithm used for PCRs * agent: add warning that on kernels <5.10 IMA only works with SHA1 * tpm: explicitly pass hash alg to sim_extend(..) * ima emulator: use IMA AST and support multiple hash algorithms * tests: update IMA allowlist version number * ima: add option 'log_hash_alg' to IMA allowlist * ima: remove hard requirement for SHA1 PCR 10 * algorithms: extend Hash class to simplify computing hash values * config, tpm_main: explicitly handle YAML load errors * config: private_key must be set to -private.pem not -public.pem * agent: add UUID option environment * agent: drop openstack uuid option- Set /var/lib/keylime under the same permissions expected by the code- Add 0001-config-support-merge-multiple-config-files.patch This will allow the merge of config files in /usr/etc and /etc. - Move the configuration file to /usr/etc in new distributions - Add 0001-ca-support-back-old-cyptography-API.patch This is only required for SLE, but the API is compatible with new versions- Add 0001-Drop-dataclasses-module-usage.patch, to support Python 3.6- Fix cfssl bcond logic in Tumbleweed / SLE- Update to version v6.2.1: * Another addition to gitignore * Update .gitignore with more Keylime-specific files * json: add support for sqlalchemy.engine.row.Row in newer sqlalchemy * ima_ast: check if the PCR is the same as in the config * Fix permissions issue on volume mount in run_local.sh * Make run_local.sh use a local copy of the repo * Small updates to GOVERNANCE.md * Move cargo-tarpaulin install to separate command * config: drop registrar_* TLS options in [registrar] section * Fix missing && in Dockerfile * Remove simplejson from scripts and docs * Replace simplejson with built-in json module * Add rust-keylime container dependencies * config: fix getboolean with fallback * Clean up CI scripts and rewrite run_local.sh * ima: for ToMToU errors skip template content validation * ima: Use a set of entry numbers and file offsets to remember multiple positions * Rename CONTRIBUTORS.md to CONTRIBUTING.md * Update GOVERNANCE.md to match MAINTAINERS.md rename * Update MAINTAINERS * Update README: remove Gitter, Travis CI * ca: Use UTC when setting certificate validity * Tenant commands return json * scripts: Allow passing a base policy to create_policy tool * ima: Handle the case of ima-sig with a path with spaces in them * add length to string object * scripts: Implement create_policy to create the JSON allowlist from files * ima: Also add a sha256 default boot_aggregate hash with 64 '0's * ima: Use seek() to get to the last known last entry * ima: Extend allowlist to be able to handle generic ima-buf entries * ima: Extend JSON allowlist with 'ima' entry and 'ignored_keyrings' * ima: Populate verifier keyrings with keys taken from ima-buf log line * ima: Remove methods from ImaKeyring that are now in ImaKeyrings * ima: Start passing ima_keyrings through APIs replacing ima_keyring * Extend AgentAttestState with ima_keyrings field and use it * ima: Implement ImaKeyrings class to support multiple keyrings * verifier: Extend verifier DB to persist learned keyrings * Fix a couple of pylint errors * ima: Fix spurious attestation failures * ima: make ToMToU errors not a failure by default * Simple fix for tenant error message printout. * pylint: Fix errors related to R1714 * pylint: Suppress C0201, C0209 and W0602 newly reported errors * installer: do not install tpm2-abrmd * tpm: by default use /dev/tpmrm0 instead of tpm2-abrmd * verifier: add option to send revocation messages via webhook- Fix keylime configuration file attributes- Requires python-psutil - Disable automatic execution of the payload by default - Use ramdom UUID by default- Introduce a bcond for cfssl detection- Drop cfssl if we are not in openSUSE- Update to version 6.2.0: * Fix bug #757 where revoc cert was treated as text * Code improvement: removal of extra dependencies in measured boot attestation (#755) * Sanitize the exclude list while it is ingested at `tenant` by removing comments (^#) and empty lines. * tenant: show severity level and last event id in status * verifier: move to new failure architecture * pcr validation: move to new failure architecture * measured boot: move to new failure architecture * ima: move to new failure architecture * failure: add infrastructure to tag and collect revocation events in Keylime * Simulating use of SSLContext.minimum_version on ssl v3.6 * verifier: fix minor typos * Add tests for ca_impl_cfssl and ca_util * Replace M2Crypto with python-cryptography * tenant: status now shows if a agent was added to the registrar * tenant: open file to send utf-8 encoded * Correct some comments about and remove vestige in MB policy * fixing a small bug that resulted in malformed refstates not failing MBA * agent: ensure that EK is in PEM format when used as uuid * Solves #703 by adding a "non-trivial" example of a "measured boot policy" (#734) * ci: build and publish container images * codestyle: fix W0612 and R1735 pylint errors * codestyle: fix W1514 pylint error * systemd: Add KillSignal=SIGINT to keylime_agent.service * One-liner to set the minimum version of TLS to v1.2 * pylint fix * Typo fix: return list order confusion between measured_boot.py and tpm_abstract.py * Refactor keylime_logging module * ima: Implement ima-buf validator and validate keys on keyrings (#725) * Remove Python 2 leftovers * Additional fix for the processing of "tpm_policy" * ima: Return an empty allowlist rather than a plain empty list * verifier: convert (v)tpm_policy in DB from string to JSONPickleType * verifier: Create AgentAttestState objects from entries in the db * verifier: Persist the IMA attestation state after running the log verification * db: Add DB migration file for boottime, ima_pcrs, pcr10, and next_ima_ml_entries * verifier: Skip attestation one time if agent's boottime changed * test: Add test case simulating iterative attestation * verifier: Delete an AgentAttestState when deleting an agent * ima: Remember the number of lines successfully processed and last IMA PCR value(s) * ima: Reset the attestation if processing the measurement list fails * debug: Show line number when PCR match occurs * verifier: Extend AgentAttestState with state of the IMA PCR * Consult the AgentAttestState for the next measurement list entry * Introduce an AgentAttestState class for passing state through the APIs * verifier: Request IMA log at entry 0 for now * agent: Get boottime and transfer to verifier * agent: Add support for optional IMA log offset parameter * tests: Add a unit test for the IMA function and run it * agent: Move IMA measurement list reading function to ima.py * Add default verifier-check value * Use tox for pylint * Use Fedora 34 as base image for CI container * Run ci jobs only when needed * config: merge convert and list_convert into the same function * Versioned APIs * Refacator of check_pcrs to parse then validate (#716) * Automatically calculates the boot_aggregate from the measured boot log. (#713) * Set default UUID as lowercase (#699) * tenant: do_cvdelete wait until 404 * Ensures the output of `bulkinfo` command in `keylime_tenant` is JSON * ima: Convert pcrval to bytes to increase efficiency * tests: extend ima tests for signature validation and exclude lists * Allow agents to specify a contact ip address and port for the tenant and CV (#690) * verifer: Fix signature and allowlist evaluation bahavior change * ima: Fix runtime error due to wrong datatype * tenant: add the option to specify the registrar ip and port * measured_boot: drop process_refstate * check_pcrs: match PCR if no mb_refstate is provided * ci: make run_local.sh work with newer docker versions * Fixing pylint errors (#698) * tests: add IMA test where validation should be ignored * ima: Use ima_ast for parsing and validation * tests: Add test for ima AST parser * ima: Introducing a AST for parsing and validation * Make stalebot a bit nicer * enable tenant to fetch all (or verifier specific) agents info in a single call from the verifier * Flush all sessions from TPM device (#682) * multiple named verifiers sharing a single database * webapp: fix tls certs paths (#659) * Corrects markdown to have proper rendering (#673) * ima_file_signatures: Extract keyidv2 from x509 certs * installer: Add '-r' option to cp to copy directory (issue #671) * config: Add optional fallback parameter to get() * agent: Fix the usage of dmidecode during the agent startup (issue #664) * agent: Rename allowlist to ima_allowlist in keylime.conf * Fix decoding error in user_data_encrypt * agent: Fix issue #667 by testing for an empty ima_sign_verification_keys list * Addresses issue #660 (database path while running local tests) (#665) * ima: Return 'None' when ImaKeyring.from_string() called with emtpy string * tests: Move unittests into files with suffix _test.py * Fixes and improvements for database configuration (#654) * Add signature verification support for local and remote IMA signature verification keys (#597) * install: Remove TPM 1.2 support from installer and bundeling scripts * CI/CD: Remove tpm1.2 testing support * Remove duplicated calls to verifier * Remove adding entropy to system rng * Cleanup and fix error case in encryptAIK (#648) * Move measured boot related code into functions to make check_pcrs readable (#642) * Move code related to tpm2_checkquote into its own function (#639) * scripts: Cleanup shell script formatting * installer.sh: Do not delete the local copy of the certificates. * Fix user_data_encrypt to UTF8 decode before print * tpm_abstract: Fix adding of entropy * codestyle: Ignore R1732 implemented by pylint >=2.8.0 * a fix for letting JSON encoding bytes correctly * Adding back reglist to the list of commands that don't need a -t argument * Invoke tpm2_evictcontrol for 4.0 and 4.2 tools if aik_handle exists (#624) * Addresses #436 (#611) * Fixes #620 * Include PCR16 in the quote only when needed * Close leaking file descriptors (#622) * installer.sh: Add missing spaces when efivar is added * More ima_emulator_adapter cleanups (#616) * installer: Add json-c-devel/json-c-dev to BUILD_TOOLS for tpm2-tss build * Remove more commented code in ca_util.py * installer: Only install efi library on x86_64 systems * Create allowlist table and basic API support * installer: Add libuuid-devel/uuid-dev to BUILD_TOOLS for tpm2_tools build * WIP: Some cleanups (#612) * Remove _cLime.c * config: Document the measured boot PCRs and what is using them * Very simple fix for the agent (re: measured boot) The agent code does not need to import "measured boot policies" * ima_emulator_adapater: Remove unnecessary global statement * webapp: Fix private key and certificate path (issue #604) * Add support for keylime_webapp service to read intervals from keylime.conf- Update to Keylime 6.1.1 + keylime_tenant add crash with TypeError: Object of type 'bytes' is not JSON serializable + Whenever Keylime agent starts and cannot contact the registrar, it fails and quits without flushing create EK handles + keylime_tenant -c reglist now requires a "-t" parameter for no reason + Duplicated API calls to verifier in webapp backend + Installer deletes tpm_cert_store files + agent_uuid set to dmidecode crashes Keylime + Copying of tpm_cert_store fails during installation + If the PCR belong to a measured boot list, it is not validated + keylime_tenant --c update fails with a race condition - Drop patches already present in the new version + webapp-fix-tls-certs-paths.patch + check_pcrs-match-PCR-if-no-mb_refstate-is-provided.patch + tenant-do_cvdelete-wait-until-404.patch- Add tenant-do_cvdelete-wait-until-404.patch to fix the update command- Adjust the default revocation notifier binding IP - Default to CFSSL in keylime.conf- Add config-libefivars.diff to adjust the path of the library- Add check_pcrs-match-PCR-if-no-mb_refstate-is-provided.patch (gh#keylime/keylime!695) - Recommends CFSSL in the registrar (actually should be the CA) - Change default value for require_ek_cert to False - Reorder the patches to separate upstream fixes from openSUSE ones- Add webapp-fix-tls-certs-paths.patch (gh#keylime/keylime!659) - Recommend dmidecode for the agent - Require libtss2-tcti-{device0,tabrmd0} to use abrmd service - Add keylime.conf.diff patch to change the default config file - Add keylime.xml for firewalld service definition- Update to version 6.1.0: * Update python cryptography lib to v3.3.2 * installer.sh improvments * run_local.sh: Run unit tests in keylime/tpm/tpm2_objects.py * Fourth and final PR to address #491 (#580) * scripts: Also use pylint-3 if pylint is not installed * agent: Fix the checking for a specific error returned by tpm2_quote * Allowlist verification - Enhancement #16 * Forgot to remove the original, more crude solution (which caused pylint errors) * New and improved code to fix issue #582 * Consistent formatting for logging strings/bin/sh/bin/shh04-ch1c 1768320317  ! #$%&&((**,,..0022456688::<<>>@@BBDDFFHHJJLLNNPPRRTTVVXXZZ\\^^``bbddffhhjjllnopqrstuvwxxzz||~~       !!##%%'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTTVVXXZZ\\^_`abcdefghijk6.3.2-150400.4.23.1   keylime_agentkeylime_cakeylime_ima_emulatorkeylime_migrations_applykeylime_registrarkeylime_tenantkeylime_userdata_encryptkeylime_verifierkeylime_webappkeylime_agentkeylime_agent-3.6keylime_cakeylime_ca-3.6keylime_ima_emulatorkeylime_ima_emulator-3.6keylime_migrations_applykeylime_migrations_apply-3.6keylime_registrarkeylime_registrar-3.6keylime_tenantkeylime_tenant-3.6keylime_userdata_encryptkeylime_userdata_encrypt-3.6keylime_verifierkeylime_verifier-3.6keylime_webappkeylime_webapp-3.6keylimekeylime-6.3.2-py3.6.egg-infoPKG-INFOSOURCES.txtdependency_links.txtentry_points.txtnot-zip-safetop_level.txt__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycagentstates.cpython-36.opt-1.pycagentstates.cpython-36.pycapi_version.cpython-36.opt-1.pycapi_version.cpython-36.pycca_impl_cfssl.cpython-36.opt-1.pycca_impl_cfssl.cpython-36.pycca_impl_openssl.cpython-36.opt-1.pycca_impl_openssl.cpython-36.pycca_util.cpython-36.opt-1.pycca_util.cpython-36.pyccloud_verifier_common.cpython-36.opt-1.pyccloud_verifier_common.cpython-36.pyccloud_verifier_tornado.cpython-36.opt-1.pyccloud_verifier_tornado.cpython-36.pyccmd_exec.cpython-36.opt-1.pyccmd_exec.cpython-36.pycconfig.cpython-36.opt-1.pycconfig.cpython-36.pyccrypto.cpython-36.opt-1.pyccrypto.cpython-36.pyccryptodome.cpython-36.opt-1.pyccryptodome.cpython-36.pycfailure.cpython-36.opt-1.pycfailure.cpython-36.pycfs_util.cpython-36.opt-1.pycfs_util.cpython-36.pycima.cpython-36.opt-1.pycima.cpython-36.pycima_ast.cpython-36.opt-1.pycima_ast.cpython-36.pycima_file_signatures.cpython-36.opt-1.pycima_file_signatures.cpython-36.pycima_test.cpython-36.opt-1.pycima_test.cpython-36.pycjson.cpython-36.opt-1.pycjson.cpython-36.pyckeylime_agent.cpython-36.opt-1.pyckeylime_agent.cpython-36.pyckeylime_logging.cpython-36.opt-1.pyckeylime_logging.cpython-36.pycmeasured_boot.cpython-36.opt-1.pycmeasured_boot.cpython-36.pycregistrar_client.cpython-36.opt-1.pycregistrar_client.cpython-36.pycregistrar_common.cpython-36.opt-1.pycregistrar_common.cpython-36.pycrequests_client.cpython-36.opt-1.pycrequests_client.cpython-36.pycrevocation_notifier.cpython-36.opt-1.pycrevocation_notifier.cpython-36.pycsecure_mount.cpython-36.opt-1.pycsecure_mount.cpython-36.pycsigning.cpython-36.opt-1.pycsigning.cpython-36.pyctenant.cpython-36.opt-1.pyctenant.cpython-36.pyctenant_webapp.cpython-36.opt-1.pyctenant_webapp.cpython-36.pyctornado_requests.cpython-36.opt-1.pyctornado_requests.cpython-36.pyctpm_bootlog_enrich.cpython-36.opt-1.pyctpm_bootlog_enrich.cpython-36.pyctpm_ek_ca.cpython-36.opt-1.pyctpm_ek_ca.cpython-36.pycuser_utils.cpython-36.opt-1.pycuser_utils.cpython-36.pycuser_utils_test.cpython-36.opt-1.pycuser_utils_test.cpython-36.pycweb_util.cpython-36.opt-1.pycweb_util.cpython-36.pycagentstates.pyapi_version.pyca_impl_cfssl.pyca_impl_openssl.pyca_util.pycloud_verifier_common.pycloud_verifier_tornado.pycmd__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycagent.cpython-36.opt-1.pycagent.cpython-36.pycca.cpython-36.opt-1.pycca.cpython-36.pycima_emulator_adapter.cpython-36.opt-1.pycima_emulator_adapter.cpython-36.pycmigrations_apply.cpython-36.opt-1.pycmigrations_apply.cpython-36.pycregistrar.cpython-36.opt-1.pycregistrar.cpython-36.pyctenant.cpython-36.opt-1.pyctenant.cpython-36.pycuser_data_encrypt.cpython-36.opt-1.pycuser_data_encrypt.cpython-36.pycverifier.cpython-36.opt-1.pycverifier.cpython-36.pycwebapp.cpython-36.opt-1.pycwebapp.cpython-36.pycagent.pyca.pyima_emulator_adapter.pymigrations_apply.pyregistrar.pytenant.pyuser_data_encrypt.pyverifier.pywebapp.pycmd_exec.pycommon__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycalgorithms.cpython-36.opt-1.pycalgorithms.cpython-36.pycexception.cpython-36.opt-1.pycexception.cpython-36.pycmetrics.cpython-36.opt-1.pycmetrics.cpython-36.pycretry.cpython-36.opt-1.pycretry.cpython-36.pycstates.cpython-36.opt-1.pycstates.cpython-36.pycvalidators.cpython-36.opt-1.pycvalidators.cpython-36.pycalgorithms.pyexception.pymetrics.pyretry.pystates.pyvalidators.pyconfig.pycrypto.pycryptodome.pydb__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pyckeylime_db.cpython-36.opt-1.pyckeylime_db.cpython-36.pycregistrar_db.cpython-36.opt-1.pycregistrar_db.cpython-36.pycverifier_db.cpython-36.opt-1.pycverifier_db.cpython-36.pyckeylime_db.pyregistrar_db.pyverifier_db.pyelchecking__init__.py__main__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pyc__main__.cpython-36.opt-1.pyc__main__.cpython-36.pycexample.cpython-36.opt-1.pycexample.cpython-36.pycpolicies.cpython-36.opt-1.pycpolicies.cpython-36.pyctests.cpython-36.opt-1.pyctests.cpython-36.pycexample.pypolicies.pytests.pyfailure.pyfs_util.pyima.pyima_ast.pyima_file_signatures.pyima_test.pyjson.pykeylime.confkeylime_agent.pykeylime_logging.pymeasured_boot.pymigrations__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycenv.cpython-36.opt-1.pycenv.cpython-36.pycalembic.inienv.pyversions1ac1513ef2a1_fix_mb_and_ima_column_types.py257fe0f0c039_add_fields_for_revocation_context_to_.py63c30820fdc1_add_mtls_cert_and_ak_to_verifier_db.py7d5db1a6ffb0_add_agentstates_columns.py8a44a4364f5a_initial_database_migration.py8da20383f6e1_extend_ip_field.py9169f80345ed_add_supported_version_to_verifiermain_.py__init__.py__pycache__1ac1513ef2a1_fix_mb_and_ima_column_types.cpython-36.opt-1.pyc1ac1513ef2a1_fix_mb_and_ima_column_types.cpython-36.pyc257fe0f0c039_add_fields_for_revocation_context_to_.cpython-36.opt-1.pyc257fe0f0c039_add_fields_for_revocation_context_to_.cpython-36.pyc63c30820fdc1_add_mtls_cert_and_ak_to_verifier_db.cpython-36.opt-1.pyc63c30820fdc1_add_mtls_cert_and_ak_to_verifier_db.cpython-36.pyc7d5db1a6ffb0_add_agentstates_columns.cpython-36.opt-1.pyc7d5db1a6ffb0_add_agentstates_columns.cpython-36.pyc8a44a4364f5a_initial_database_migration.cpython-36.opt-1.pyc8a44a4364f5a_initial_database_migration.cpython-36.pyc8da20383f6e1_extend_ip_field.cpython-36.opt-1.pyc8da20383f6e1_extend_ip_field.cpython-36.pyc9169f80345ed_add_supported_version_to_verifiermain_.cpython-36.opt-1.pyc9169f80345ed_add_supported_version_to_verifiermain_.cpython-36.pyc__init__.cpython-36.opt-1.pyc__init__.cpython-36.pyca79c27ec1054_add_mtls_cert_field_to_registrar.cpython-36.opt-1.pyca79c27ec1054_add_mtls_cert_field_to_registrar.cpython-36.pyca7a64155ab3a_add_ima_filesigning_keys_column.cpython-36.opt-1.pyca7a64155ab3a_add_ima_filesigning_keys_column.cpython-36.pycae898986c6e9_add_mb_refstate_column.cpython-36.opt-1.pycae898986c6e9_add_mb_refstate_column.cpython-36.pycb4d024197413_add_verfier_id_to_verifiermain_table.cpython-36.opt-1.pycb4d024197413_add_verfier_id_to_verifiermain_table.cpython-36.pycc3842cc9ee69_store_keyrings_learned_from_ima_log.cpython-36.opt-1.pycc3842cc9ee69_store_keyrings_learned_from_ima_log.cpython-36.pyccc2630851a1f_receive_the_aik_tpm_from_the_agent.cpython-36.opt-1.pyccc2630851a1f_receive_the_aik_tpm_from_the_agent.cpython-36.pyceb869a77abd1_create_allowlist_table.cpython-36.opt-1.pyceb869a77abd1_create_allowlist_table.cpython-36.pyceeb702f77d7d_allowlist_rename.cpython-36.opt-1.pyceeb702f77d7d_allowlist_rename.cpython-36.pycf35cdd35eb83_move_v_tpm_policy_to_jsonpickletype.cpython-36.opt-1.pycf35cdd35eb83_move_v_tpm_policy_to_jsonpickletype.cpython-36.pycf82c4252bc4f_add_ip_and_port_to_registrar.cpython-36.opt-1.pycf82c4252bc4f_add_ip_and_port_to_registrar.cpython-36.pyca79c27ec1054_add_mtls_cert_field_to_registrar.pya7a64155ab3a_add_ima_filesigning_keys_column.pyae898986c6e9_add_mb_refstate_column.pyb4d024197413_add_verfier_id_to_verifiermain_table.pyc3842cc9ee69_store_keyrings_learned_from_ima_log.pycc2630851a1f_receive_the_aik_tpm_from_the_agent.pyeb869a77abd1_create_allowlist_table.pyeeb702f77d7d_allowlist_rename.pyf35cdd35eb83_move_v_tpm_policy_to_jsonpickletype.pyf82c4252bc4f_add_ip_and_port_to_registrar.pyregistrar_client.pyregistrar_common.pyrequests_client.pyrevocation_actions__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycprint_metadata.cpython-36.opt-1.pycprint_metadata.cpython-36.pycupdate_crl.cpython-36.opt-1.pycupdate_crl.cpython-36.pycprint_metadata.pyupdate_crl.pyrevocation_notifier.pysecure_mount.pysigning.pystaticcsswebapp.cssiconsICON-LICENSEREADME.mdpngban-2x.pngban-3x.pngban-4x.pngban-6x.pngban-8x.pngban.pngbug-2x.pngbug-3x.pngbug-4x.pngbug-6x.pngbug-8x.pngbug.pngkeylime.pngplus-2x.pngplus-3x.pngplus-4x.pngplus-6x.pngplus-8x.pngplus.pngtrash-2x.pngtrash-3x.pngtrash-4x.pngtrash-6x.pngtrash-8x.pngtrash.pngjswebapp.jstenant.pytenant_webapp.pytornado_requests.pytpm__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pyctpm2_objects.cpython-36.opt-1.pyctpm2_objects.cpython-36.pyctpm2_objects_test.cpython-36.opt-1.pyctpm2_objects_test.cpython-36.pyctpm_abstract.cpython-36.opt-1.pyctpm_abstract.cpython-36.pyctpm_main.cpython-36.opt-1.pyctpm_main.cpython-36.pyctpm2_objects.pytpm2_objects_test.pytpm_abstract.pytpm_main.pytpm_bootlog_enrich.pytpm_ek_ca.pyuser_utils.pyuser_utils_test.pyweb_util.pypython3-keylimeREADME.mdpython3-keylimeICON-LICENSELICENSE/etc/alternatives//usr/bin//usr/lib/python3.6/site-packages//usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info//usr/lib/python3.6/site-packages/keylime//usr/lib/python3.6/site-packages/keylime/__pycache__//usr/lib/python3.6/site-packages/keylime/cmd//usr/lib/python3.6/site-packages/keylime/cmd/__pycache__//usr/lib/python3.6/site-packages/keylime/common//usr/lib/python3.6/site-packages/keylime/common/__pycache__//usr/lib/python3.6/site-packages/keylime/db//usr/lib/python3.6/site-packages/keylime/db/__pycache__//usr/lib/python3.6/site-packages/keylime/elchecking//usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__//usr/lib/python3.6/site-packages/keylime/migrations//usr/lib/python3.6/site-packages/keylime/migrations/__pycache__//usr/lib/python3.6/site-packages/keylime/migrations/versions//usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__//usr/lib/python3.6/site-packages/keylime/revocation_actions//usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__//usr/lib/python3.6/site-packages/keylime/static//usr/lib/python3.6/site-packages/keylime/static/css//usr/lib/python3.6/site-packages/keylime/static/icons//usr/lib/python3.6/site-packages/keylime/static/icons/png//usr/lib/python3.6/site-packages/keylime/static/js//usr/lib/python3.6/site-packages/keylime/tpm//usr/lib/python3.6/site-packages/keylime/tpm/__pycache__//usr/share/doc/packages//usr/share/doc/packages/python3-keylime//usr/share/licenses//usr/share/licenses/python3-keylime/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:42222/SUSE_SLE-15-SP4_Update/d0ae6d4b4256d493e773b8b16a781d7e-keylime.SUSE_SLE-15-SP4_Updatedrpmxz5noarch-suse-linux    emptyPython script, ASCII text executabledirectoryASCII text, with very long linesASCII textpython 3.6 byte-compiledassembler source, ASCII textUTF-8 Unicode textPNG image data, 16 x 16, 8-bit/color RGBA, non-interlacedPNG image data, 24 x 24, 8-bit/color RGBA, non-interlacedPNG image data, 32 x 32, 8-bit/color RGBA, non-interlacedPNG image data, 48 x 48, 8-bit/color RGBA, non-interlacedPNG image data, 64 x 64, 8-bit/color RGBA, non-interlacedPNG image data, 8 x 8, 8-bit/color RGBA, non-interlacedPNG image data, 721 x 720, 8-bit/color RGBA, non-interlacedPython script, ASCII text executable, with very long lines  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~     RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRu;Wlutf-834e0c085efbb06debba67b1f8b0e4c1222de20b971a80ed06b22b16ec07d5c88?7zXZ !t/]X]"k%pa Ìv,̋u@A vVTty?Lr " ˎ~D2.ųɆDV&PZ߫-aAtQf𶕠(oM9u7,µn`lf9MRkl|ںbbDd`ڑǙgTHޱ ̄͑/OoO<%/J@,Qw fɕ3* [&\0cAQ:y' V.P+P`yP'$..!A&fP㖴3 T<7j)#~p߼В>@.ı[^f. r@seMR^Q;ytMP#vApĮed|jMVf*I`'r%[(l>E?@L0 G"͑'؞u Έf-r-W@R=$d L=N s\̫r$I y5g*%dQN7[_.HDHa+:ghbڒ3vQf@n#EOi(zm5]!W >&:u*#򵯁M:2f-LکdCk_pVOX]9=*o7SRZ4x*JAR3oU b=X ЄTTV8Vz矣 TN$#xDLOd.SF?VzGE5Iң5g"kbupL= G1}\l>L(2ßS^jS7T<9u5DXp4eadKIZiO+YP#v_RsH.a=~|! |M Ӝ-i.ڣ?4lmX#l;_ذ:.u')?aؤ8]n䐆G/K;Uc]vU( oND3 .3yǟa{C hkm}_:yu~֟(: $2̚eJ92$/S}˛/r9 ]fZEIЭkRgZ!~P<߶В|'CNg·s&vIo&l뺐1EmÊ["l88p(Y.™{b]75坂_;W R"vA77Z\:~3j e5g~Y k2bӥcBI<[VS\.f2\?ޓQwrj~DX.N' ^"W9ql5"yMa't| ''5g:Trl*tۭ#Y5}Mb(GVd-@N5A#o1+r!t,Mz(Az=塞hd=r!5 ?,(B7;Z"Sufsk8pAŞYyDdI| k<}6'0ܼ 6@]ǖrYu{3`  RXN?cNHK=ttToo~f1k*v.J]w͙S?|rwlG fX2?J6 hڤ8aA.-ٜ?un$g7VhO%] %H_7D{_찗52JSP)x=y+`)*2ӵ+-$_WI'`Yf`MA)$4H򷪂rS3z=3u,@DF+t|z&y #\v /gÓ*-&$r)Es-G\x۟ĤRۑU5GL8ev"Ga?v* UW(6fv^/JÜrSHE׳(2fo:B*6Bf<֌lumgLAG $'+CncA?G?ѝ(ٲ?E{ZmmXpJPg"b扫H&>Ml_I+tiG/ZpxF(U8!޽OP D:qwj^A- YT>,Vϗj6gd껰oz!f<_~cw fn♝5ΝwJ_'b;?~?Dkϛ˸ʕojU {Tf98-D:J*G5 >7u kp#h%i0W1>u8OdDgZ&s_4kz[lh3ww|Isߝ.@$PR@J5`x1GdrP+YQh7Sr+~2VԈ`%C EW8- hXl9H]*v1*M[-wߓ6Ð7\[(34[L/jǠG Z]r}Hmy) ce EX,m'9u&E èYH[Q7lWuT `-n8sY|ꁟ#l 9y \jTYT G 0ͫDZ940a(o*b=u-d%_OjiT~ke=׾!p! Y*k=dqXz)%]#7-櫈pr݊-PrkUXd'b"*g=R7G;ڒuVcNE.7 ˬGI~IZSj{b~͢q +úbsR<]E+ǿdPdX,? ^j9<9}Rc-5t&3M ;W"|z؏h֢5I@ Qo)I155 w 3ߧ٢~Mg.h"ҴcEbY䞵kC>4w vTa5_3XNS/^D1rn?LТ.";a:aT\$~ %rT)x+Bȁg"LEmy-߉RQ*J{uJn/s nz+{1qI&'Blbl(_"ڐ,0HDI e `gwQ@3PZȆ>f+\/%c쫾ə|$RϸB޷v A^ۿK`䛿$;w\zID+|CXeG,q`)h yBrlhX(v+QFr(. FJ1V!`{m#NLSӛk*z3\N x/YfXZb!BTnsĖ }UOkΕ175J#{5nܷ{_)߃%5h*V _*hgsW>7EhM ޜ*mH/cT9Rq.C=\'31L,:*Ngǝ))3 }n#G0DN/Z3 .Fv"ڸxޑoҏZ"{wjT|H XN7s~Wz)CmFmA`<+D[G4sL0{9| ȋݚ.T/JJRD! ~yx rR_%G>&':ŚzwihYq~$1@M khUٳzwrj@RpȪi엕78#ɿx&rIyD3~Vܞfv 'n;,B B'`]7xZdU0bM^YsM) T"T gEu[h 0^ZP~ߗbo5ﯞYܷK X'4P6sF%>M mw0蠴-73P:#л ϰszI,Sqfpx@J gu=(oH0/6;+l6lLVQQlعe4vqDUH~}{|<+g!cQ4d-]nK&+x34Hhű/F?;ߨw5~Tvda>^gܵ lg5sC,>id9 /^y^68*?[C u%RS o_q݃Ɵ[=hy\!0 '>gE2"^ G|src+mXO9-:2w]Y߮eNrWAs;یꦾsvqiqؘ#i0<@Bf҇+N9.#YT]B[!W!`<,%IfI rpLGrҙO;%~4b?b!R9aTYDgҐD>x5f==ZWl xwxv*a˩8~oO7}[3+[@}Ngi 9d-#%`Ly <Ɂd>ֵuzS{5{=ΓħF,~;켧{Q@Ua3KZkc&+)qQҜo2>+B$2pӡ#A Z7#P_w$!칭 ŚgL>_St\z*~QAS?w'NS~ ZF"nL)mXWP]v0.Hjf-9 #Ji6kcZ\S"MNbK8;%`vkuS?[J :5ENdλ]26pW_wࡲ } ESOBL n m\mr.RСbkU޴-2-Y(~?>'dj]w=ߝ2Kf8ηVAsQFr3[y{fӎ]B9{ Oi4T/I'%b/nR֡U|;;U,q !PۘTJN5ad~O&!?Y䭹*vᛓ 00|_574 rB@ҵKt|T*!f큡KYU_F PI-Zlb)kE$o\S(+Saf>X̟óQQhֳ~hli4`]D5\4T8pQDXڍ"k۟rc(c.,Fm:; ٱ^!00b6( Uz7!OA8*v?-7pQ>?hʖ5ν1uPZ;)ѕAܤ˪8s赦{40Zw lНػM>Y^mA/r]Q] ]Ws M 2͏Hx)bN; feD6zYޮ[f1VzRr N;fHFpk2EgzF>. EQu+m_>y^7@PBa*Aq(ģ{ւv(?FW4%N[&fX,0MhyB.D_vz9H3"Q?V0ٵԊpOga;D:4l87T}>W]?س~ @-x9hmn<Lj &Qӣ@i(?45p03lnzQVFw8U [Xݓ0@gx9I}idp{7\JtJeMFcL v\(%_ioWŤTמfޑwL L+ZVRvD@6EIs>5j]h9-S*Iâ)G3MQ3 -2ecmsQUň2G-f'h3=Aq%^Q1?yR$:NYU_UA`(wqZ$*`dQKfiw wȵ >9LW6s_OޱXd{(g]\1w=F\<̪VUDvʂDY|;v uCڔv1l*P#0 fh?]hX)Js!ы>`ܦ0Gw(ִo"gmɠ`rAgV6c 빑FFIR70'tFOet PB70|MVAxlj!b{|d$@I ( DŽ^ÄgnP'Y =›Ft1e.n7վ$0Qٕ,Ӌʦ "鍺dY #!d.Rvz"ąM i% 'YFi@T_' 7 &gi$w ᴥ$XGS$#?K;j(|" h 4N>ljݧ2LRS*9,4cO f.T㳽%}6kK+u)GuW ]OxِWEg  盷zcygɂ2W//KUvzۗ(pi)aR l׬z+@.` z"ɽq'/.w|LS oJv݈4i2!J3?4KMƄ0#JZG*S&L<95-RG+41oJt$ _;$@/?oe7eٲf.'R{;u6-y7 mÖ^}Kt&.+T,D-*z䏄{l"vqZ,{fޤ==n3@;$n^*b8R`z(4˾[k"3DJ+R)lgۈX:Xs)k v(ꬦD>~oUSV,]'Ҍ~q~+AbiI'݃Cufk@[w.vmv hsߴ_8jrDؗxlr Z 4"Wlda{s=Iƒ,<#.sFLw'Ī2x0狰z EXsWS*,[t/iIʱ{"Nb@&+#kQE >QgWezR!<9nZ hhWh㈃fFn 4-SwvΦs9%7}h;ߩ=*PˆV'}9A.}Hb[L8fWp_ɯ8]@ytHGyVZ, %$"@6A-ۀM`(]B0:' N!17ؖn'ՂEX߀U;lxybq}Cj{E8yu(BH(8¼.BDhMkb|ԝ%a;yfbJKJx!TH2bWmB22 |\C2L; Ze/whVL+x{;@/NJi?RZE}q6'Jcnj.j[ ]Yۋ i&ũn&şN]NeXV0N "(-8?@@@^]?#p { &Q|+;iw5e]2&[#-q/ѣۘӑmBcwGz}.64=KbJ@\_DBx_ŷJ&hGΉGזoo}# q9TU%kD^ "w, JUzfAY.цܹ >fǚ,dz;@~E7LԽo&e: 2 @H#s`H!Hax(z,l4[5!{'QQRugk+F $HNA13$:w"΍i` GkkZ݆/D@!Q!>Hٛ.78Hb[ >CtF#u0S7)$OM *Gr񹎴)cOtXB_IB} [(M!`n:IO2Rh zmx 8,`(}dO'ѐWQzϛ$5N_GҒOK"ad9TS;x:AyyAOr8U qyJy1yFbA\O+v$[h/ɖ<W x8fm0UWA ҿklcN$#md* fvOc@lb͐BEFu.zѯHyTk\\~B%cG}OϑM\wɩ8Nے46928[Qk3׶w)t(huJ4J4pqP~h 5{Ne_`~fuzXoNq%r35żylaTn'qY6FރIAHx ֍~> (>0#ǜif_!se`2툣a^t[WNo@- [Tf\W<+ΰWs_`Fu 3Xu ԋ|:}Iz9ڿM1,wA%jymf /`TT$x2}/K%廏zJz!Tv l5˻P7 E0lŐx7z)Sq;! 0l>չ_C#3Il""]fQؑ 3X0U.+1i'ohl8+FHN)-d5y:PSߪ{HwvAsg ,BDr@Iɸ^yibPg`oo/L۶ڢXJ o3Dr:6r.V3=x.erI4gU:$ߓĄ]U :L w!c' i N~Eɺ^94Tʑu:{ϔVm\ArذծCT*x. *)@[7˭]y=vcygLKٔޣ-&;s3ap.`j|qJFO&(t{=~o BAxP~0sQK;<%+ƫfWNz,fVu|@nԹZόƸұ+%q;&K<\Mz I _!`bʑ)~64JuZG|}v2U ޣQzLuFȊX,¥h?/~ۜn|5c6%.σn9ax%h˲*zv=i3'Yph*}|8lF%Ԝ9q5vuMjvinH=6疕,ǒ<"{)$ōGDzr3,;ruϊzMnU_ol-^.wHA$[:}J6inD{bOm4!~d4Iae4+Fe [v@Gm$QhE[I齚(KAaH}^wi{]Z)RKV\p_C Fo]I~+:WZ7@,BL%9q9+xb8Rp:Vȍǜ\ a #ۓxXm;ܘ=T@+X⟁W?OA]U *蔧Ƴ[/=S୷Hg4pԬv%݉M ,&)iH*W#ER}AMz?7|Q 9${%W 'ie-0 ׷bH}1D^630#D'ZUnt7 #1Lے'%o{LTY]O?(> @|+HD+bu]*QE\9pg1_.2ZcHn C]gl%94(@7,mVJ]ܾ,ZתQw^FLu1|E)3X2][MK É3=e?-lkhF ֧b'e`r@.D4y/ J![OV=:ò>& uМY9& \:(*}]#嚥NN{Wi!ć{IY%; l.&[#ez}#"fsWLxWǹq|qZD*[_ ^+,OM-W~ӄ:!c9څ"r)]gv!W fӓpIommYԎ,C $ptF Ub?;s| 9*9 _tNF)XL#TAQ??pT,U;T9*wfTg>PK_Sʓ-$ o,U5RxfI,)HWuvP.)| TZOR3<`gm1qZ wjB$iETY[3s`BÓ6߶Y4Q'ABv",tVeS&QQf%# IW(1s[D.>c4T>9E(w?,i2)Xp83N S^B'^l}+MHhτو觯;吻?$납S +yQ|/Hm'W*mPp,;>^͢-f. E,J;mpq3Uq &j ?Ny{O98#cyG(x#p>P(n5Ynв\]U 7f0yV/c2pI_JA.u~# s=qi ϱaGVʽ]֦?Ԃ4~7!H+I('X>MH{S]kIk5t8xWp!\`m=@ߠ94`-`F{"Z-cfg #8ROWTmnΉ^2-ؙ3 HƟ?-Ap֞"ETW`r>|;z>9.iwxWD QUt@b%hx?/ `35q \.pXx I,]cnr_Gv34l32H50u0õ?p".}5Ju:ð{91SM:N\-U? syV H_ vA /zXraSٮB#ٗ 1n3{pDÐݴ<0H-Z鉾W`R1D|xy=G‘1c>XL98Ղ @ ,E\LC>"93v |7)I/\!G ByRRnۢq}9CgcV.5LӗacƮwTYpt7%VVeƏv,Y&@ƽz+|,0-ִғu:.®wYl]Oj*Mֲoܯ:™)}R!̗_NRaX3Ͳf@mY :0S(9pCj> *VwUI^@ڣy C(,"$Y4;dz~qQbtvk8JӲL,N,wEhBDkݟcwaR\t&1^bؙ-\p WJmH%[L(5 뗼j0fUuVYƵ5uwsmX)a7ԡNRydߋ8#Jk/ѾT G 9wZoF46=bn/0g+8@ oq%Ґ"_}9#)wGQ]ۚgN(B9']v"cj䈥!Fma ^)fWqzZj[5v@i_DK|mq`$W3pJ=l^F*D7#MN EC%;s鼠᩷4Ւ]"lG]VUtȨVAU ɫVoO(gư拯D-k5q`Vo0yUPa^K4~h@qyyOۼ@HfdSc2T2ű1e;'m߽xs1ϓ#5AW8gv0٦ >T%x ` Q.c fUSd$|3 {/ؖo0m6Usb"![Ċ~h[ɅO/zz7:`ּFj#SƱgph| }s!suF45jҼYʼnR.+o2mO_m*Ñ)q~1d^ ,-KOLP[:JaVG;I.#Dv_+)fzp%~ 8/H(;vE- 5״C$O K*1jf:)n;aQmOA k~Qb͡b2S7/lؖë3 uWxŨ=]؄!?A+´rjU"If^I l 3mieB[r;x".O8r5QA( HiM5; )bev$ #KJxhv-HGҵ뱌d5=df*)m.g\IJ*:3Wa=4ȏ 'B>Ťc@I2J z =5)<݊og,"qקk}Z{7Snz WI]532F Sl% 7y3V.YwrnV=FEۖ+aUyk,{:v o(2hY N~?DW)yK:~";YIoԣe_B ,Q\fV>2C$#+@( Oj!7ΰLl`heX6W:pf [8^ JUڇl$r;$Q"Xp=4W4\vkgH(!qJjb~ֈ=pl];iQgDW𠈨#5(ܝRF4bW͆TMTAtð^ɋ_hNY;luU M(sJqqU i Ü; ,(,͏lGF#OB4]U|t.[PJ=f ^LD}n;c<`̪hv [ZӇC%Y i= -~Lx!5\ aBzSwVtS="TGAjKlܱ/I  ֑ QΡ 1u ܌cb(!砶rJ\/WrytVǍnJ c3l ;E@V 'pd=b _Z8M@X6'+l%6mS;TbF}M-r\ln&#RmHЗʙk?D4[Bs6r1pUhs.~%埥u 2aߓZB!@P 2;^*Î``ìm)|cTw%Q[)D`wur汵dVlvG"&2uv 7Q%VȆ5nDAZWq_X_&TnⶌŤ{`giHllɑ@h*Ó83@}&qnSAXue酩K?xoꚳkR~d7{JyԳRӫTP)Ǫʎ $?'ьy\`YyZu(0?$Bݽ>_\<ԋV_Ϗ:_v_F#̓_9 +k|Q=X 너TL_)ty)BJI6*ixV3pr=FéprR@}K#aTc#-䘁Gҭ\Y ꍞf&X)[#\qe}n,o d@&Ǣh &T\]µ~|PqK*'O_>%S1jkZJOx}X}3R>68gfq'T^71Q ykՠv|N͗AJT#c^ *, U:n6{n#rj\"lR J. $ljA/FЛ`(`}!ZI+(&'RK[M0ќ| SsAK|G&5B$CEN{08Jհ5SlO$'X5@"!Y;j$.tbjl7қ*h\ylC_4YKGS;!䭎'J3Dž2I]L Z4 9Bb^Nul'ʝa&\ nZ]< dǣ4,w^UBd~UB[A}g!{[:W[Iuӈ;A`o&^(߳T*j 1^xa:j`: N <0rCDiNFH2`C[@kY0˕`&AX$ qywsc""bM#7kzZA$ί_q2ϺY#`zӌ`h+2Y|7p*B\=eb@݊G2=9ȉuwUZlj@ϏF3\)OmD.#ݖ<:/.B6Pvݲ]}ryc(:&Z082$`(`98nR}͠G"8~Bzx6FP̟ĉ7_g} Daq,cpE`+Zm@؞Dwqs}<~/j/u%EutٽӋ|]V)odTsChD8'{"gYm؎QjvwCs.P/~q&/M-)`Ɏk|Q PCVL?;  d5pVM 3FΝop^ѯH@[a~9Łˣ.[N~t'n6X[_y(O2O 3hA9:GA6 +6a`r-Ls~~bN!d xz#oeAU$[@s0 1'EqEqKRᕎI708t2zGkMغ(Ϲ-*;HL*xSfOeiL{57[r)PR3 D*Ti _!8KתdySD'T6)aJ:1R#&ͦ&)lQA$'p3bY{0O3q$8\ROCd!$߅zZf'5̫f3VW"gzn>em8xBDCTœK n5p)oIm4zG~Oޤ`L& p}QDN=2Q੘nN7R=bZងGPt]-nJ6 餕dw[yHdnn,l4֟@:n<:@q˸:FeZ3HWYLÿP6NI^SP$^z"vKU偟=@ 3\>17r{%bjF>Yw"U0_޿2n3MXmӶwo1d4n1 O`|9LQ[fh2o>YB,3VF #ۓ-:vY~m._ݟ?-+p<_<1d&+k`u?[ڳm"&kX3]Y-!?h&3)G2}8(vVeb{{u/zBTm=UMi%瘷1 ԅR؀rOxP+s5;IW~EI  Jk)m?D>m,$5{.[zbՃLj|$/G`"! &3jI{.RH&DU vҞ m3־:nxğ>־ *̳!B"ܹ9麄Y|;Ɍ0XYJY]SiEVA:lcXw7RS`L^Sȳd@ҧh)J(|͂DH9äJAƞ\|o=!ƸWgZe3ޜegrE +9h6v_P؈8uR)#RTT0IA̲#uI/$)fURy^렎ŏ$A~ *N62aYᣍO_ DUɞ-tÌ8xqxn+Hn?k1*bi^>I*. EƶQxkVz?߳1]tv$"*RVn+1Ʉd0}E;=[܂x=N5 _o5 s.8L*Ps$O 16hO_A5SE; !Z/[\*}{)DJz\2ܑm U\Xº srDd>|<'sٶHʙv$<-^cY[KW&*YOnߣFyz pQ*ѫՀK=?ܙN,6O', 6.4~);R79@N{);?äO?Hc6̈́a~-Kf֦t&2'}NL| %A/ :!OyاS1A~` o  i-0Br6~jx'4>l Zm }ϩ 1@pGhQ7oبbw:KNرMRre3k4't3P$eTԸokPM yc0c*.+۫kvO/q;ގN${~Aj>oHl5 Ħ F6hU<%#6҇^dYPN~&EO,8ǯsŋm΄In'w*5tK,&%1;{:2vfCVW|&_~Kv|y DHs}\Cd‘6mlW# mMw[; DS @lWhJ.? yia 9va"Pu5XyMltiAh&35t໏AYU(0xQ FXJ(&Ul?/b`S:tCvBڠv㜸32#ncb#[$̲VG\;{ (Ƶ0_>ޟV` q'b(Jg{F?EiخAG!zDu< Yf^~V:F8*YP3#,]'%RuBIJ{V nǦ̾QJH9QJvx`O:$ww"ZDɦ $c`Eq.?vXP&&$WV+^FVZ@`,+S)*ѡYcN^uys݂Eq("Ftj$nW;x;dD /L-ٕ</>5?.6 ґmAPe7jT4"*avimҴmzLZQ5,^cwWfvBY]P( S43Uہ2;1r0bXNt@? !eọ 6˚T '؏n,MJ)σ@}ݴF0ZXȣik=Kkw\ ~s],=v7\,L4Jey¯}.Ld/1"Ui XS}j؇ٵa:F韎S'āXz Ngvz0#5PџY wYv؞2Og1旣['>Kfx闵 ~s<͝}'힪6O[- h*[bMMCTxJ `3ӾnbؼM%8@-2lC؊:Qh: y a@Nrg#SSSoa3Z#z}PKfTĸMcim{oA"kI>A|s s~%Mb2vw:GFS% |v~}JNl;л )~׵&S}4PRAIOE@ߺAXCrCmwS GuwFzy![C`F %ZJ۶T=@Qzlfucs.(W6k?)4}sαMvsO 6֦ۧ4Pjkowmһ +}f9IT ;8&0Z">+Cn䷪/P9l Q@sDs2?bވ.4-nhٓAo$BZb?ee&Fr! 462idW+U9=X_*cqWMHXjFKա+<ٷvw_uwfQyn2?R,XTR7bc:˔#Cطs={լp3PT$(ŵmD66sCFYZU88QT00T<8GPV͜b"RN_HBF'藂$'0hdfavַPJ;NQ0,l~@^Ըx`sqg^>]3pe;\^z#L/bo;Z@)0wF5},ȩs /V{"7"fR'|QE&.C =.V׶OqvUhLtzDm] AƜnw2D;oMF[bY=wvC$#/HdMj z$|=gwmSȋP(ˏIe;$WϯsgJ1ePqbWzAOiQ"Jΐ~fAHن !{!9/^ˍ̟a%v *VxhV"F9T//C'-OQ<{`puxonx Hq'# 5Ȓҫ5aNL 17 i.>埤R鬢+ĖPx$yi,NY{gp']bBG|PdVu; 鬻|Lha O2-;y?{DT_i-M5:ܸsc|#? {a6gFhdTqSMa: ܍hI@XFKQx1P"FWjUw\C<ɵⰈCp@ǣۻ gVXB,}cWPpsN/(!59_uJcΰ$:U2BDzGl %$TøF5P.( jruVEWYu!]% ˱tZ9N(PDYTՑշ: 0AO0 !LLÌ^6Q"ݏ\3YwaY6Pl2QuZ@~D&r"h\`Df9fZ`qn}M&V tD2ѫWBmvTh$#HJu^8þ\oJ'b36E g|/GKTA=:/ |g{ 8rI峳cuE8N>xU7@B1v?qJfPKMtg7cdxJ@YRv؃nYURQ @G=U^=DX;1D-e<̩++fQ,Am)fe'Ĩk,A"bR= pЩ] S&R3^JCc,IiA zR:I:EgiƭGJg6Ji} Y)zמtoNxqǘ`$WMM!RHO8} Rr OU"tі k4;ɇIs@:fv*/hAQdAe7͂K'חS-4-x9L? XD8˭ң;PLUȪE~V^)c̿.Y2_ԁj@ќa' r|)w]"3amRb(fsC HVXE(l NXi /5hi9["zdfJ(hc7-ڴbnYaf o/~iaR;'/Yjdc $e ʷ #Bh 'DVL2;TY U?N噦VX \>AԘn dg3RO0JaSgE 9$C d58yb:!鹓f4l$rzT7*dD]"\ǜN8.`K#Py^JN Es?Ovyfoa%;1yfYljsTx1@Y5^sWulH5])!$u u=`bpԆOePvZ 4#%[Mq'#ᨻ<ɲ,Di t|"˹\hHRCp Nkp/=oDQwR5V879gMI #@gOŽ/;#RL>tz+=X<ޱFK5S1(6}s '݈ISSlB7a6ҭ?Y]'D*n],hwWU|zr:/k M :ak;rhpSk1M0Eb|ðy֡!!ZC*3֞Jg!I?P%g! h9fiusGKuhCq#&քqLfӌ;S=:LC[mxןݕv9!,>d!RlL3= 4ЈbYRy`˨ְ:'#W2 |rzI4-@?eZU4/@c\Lvܡ&wKν!9=?k zުnqs?2e`'WM-ޟ#6#h  V)cB(M;6l:H~ g}JWIa[-i3221yJRc}!K*So!8uX{`O(T9l ]_hqd%"(kC=(fMT$d%+p sҖjpS"}[sjЋ~G]-J\,Q=8%Ƅ^-HN\Soj|X3Gí񱞋 XMr;ø~t/i7X]n0ݵiRrM{hTNX_|a?J(PWd f>8pF%ܓB\HM9Hr$~xOY }Ay$qWswN̉IuSK6hbʿКW~3t+v33&@H9. spaZ#2K(eRu~@Ş-}|+m ޞͤL4N,hƇ@8AWOlդƐ1O"7K *J?}Cu}L*U+Zr-x16!ֶ=Y3NN5AKZWKǪՋ4i^7=bix̿)zJ,"+刴ȥ-諰E~ ZSX_ 4^knqχAG: DM =|S/OU#adNm=&yu|-q(=3 PuP.K٢h ҡl$f۽#U)Xg[T_tb5T^\ u_"HzӷL bbs8ՀN軂AULt$EK.̓L[E5:4 (n6Y~ڿ|ފx/~t汀{ѣ'cH+*f)ߴ3{tG%BaATt<֪XNAXF2ѣL_ͷvXJ<ŕN 9$yL\PSt~0(&2oRԗ۔mugUXlؒӓ q,w^PspYX}3RLCIqFBk${⒩l՛AbWa_Tھ;ҤL0S.Ô>&)~pK4\ZQџ(4H# i GFGc* (WZF:/,}2txиE $DwprWy*SUO|d Gp]pЋ_ WY_zWt$fz,[̿w*<'. `/09aH/S'Kfj@ӕt \6PD/~BϦC0|Q 9*uxXR2r7eWlŸ6OΤ Dc>A9 xvTTI ܧ ʈLPZ,b]3j3ڧ?vQ̲A8g|eJkGqBmQ2jpˠXPyӂ=ɹIB\^jۈ4Ze}Eu@Wnè;$8=Fxܶ^G1-uxDB|И:Jj0QMuiV-]x9D(nMQTFؼ(2eB P94C_4c s)M 487lGD` p?&c1k|W Ga<>AZp `{61q5sz@[G+`%ҁ]ܳ2fP+gsO-m%gU;4@ZXG7^<-qC2QfP0^tT>YHey&p\Qf윔F"GpS{rEBݩn/QWjH ]MKM2/l‚SJb}%E*' WMAv?'*k.37N?yDXbE 0r 0Uya86(:ŊwD|U Xvh lf Ͻv_ϪCS.DsO^Y;?†hJrtӇx܅l0Q7R%}t:G ʦaY5(B~$8JX;|x}3OyI]uJBhDES;77KloAKqj${-m! E q͂[Dvz'Wivr_m&oon\#SdJG-^yavb~Q\ldZg3>+7io8ZbIw- kW:I ƛ Qwl;m(=J+h xQI7:(pJ}w:lRPTfX>4=أ[=Nrm\x:ދ_2 N+A-˃$h1M@i[j |%da A;ZH˛#𹣵B^L ^dRI^MOMj! XSͩ:!?O 9S4zO#[k@XFsPd7ϧݒ\3x) mK;l>I5)eoxP"4am3|i+sK|J SX=+˃s$g-y\ŜөqXj[ ]#YMYU=%Ac%S+ز3q8I@LP@9u]<>Ҫ#A3mm)UwC`)6O8Kk~jQ|ʦf, $ ̬ i ~\7=b23XBt#D6 qAL(5Բ~BB C/)jp,(]GRBLN^ԍXv-HV6 G=AHz^C0.QΙIUvuSO3#ˤ$,.OMjSIO7U[5,$+ r== ̣XS Aٰo`:-.SgiQjƁ]{t6mY YBHr"Y  .FɠYy_L1+9JGԈ)zsxpօ ŏڸM蝜["N63lWsDPq-)Q8v9!6Q[@/K2㿠םgl3*: wimzٹda#9{ڎ"RJqLQ5AIKˠ]UYz:Bf}ef u<#Yo[n*t@Ax. G׭%<5\}SF+H:=XP XS+q`F~M_3I" )nWKmi},{V;zr8emcxlqm)*ѥ2֛.rb;5* |X݅m(@Gn罡+6"ެ{],1FL! M`K %7:w.~׸HitO}^nlݞQwwk4rVUswsG k[ ]\ǒ=_VLׯdC\^S1tw_dVl%F!epxb?A.@Ѩe(Z@m (;ɡclwƟ۱^a"[A,Đ IlDz(Ř}R Su΂$}@n4In6BR*X1eetR:s|gQd:Tu4WmZ:Ayl`J<Ÿ@m:\%u ֢Zf ٶ!U䱸z:Ҳ7}*SXn]QF0O&lu 1Fn^:Bf'wͪ Jl~g88m(nYK,7ds<[ߟTJ5%S-%نbWQ V.~o?a[m z]ly?M,ѠÙe|Y2cf!} a=K M Ѓr(ZE YM ZEs"zD{'jzA;3eRT;SD]NR -S\;L fkRRxșlIS'H+T0rɫFIAU=S2`O%`4  `EZJW]\^H2ֵt! ѲcBfR2vH)EƗ=澌X±3x:FkjM0 FiTf͵%'wLJV&Q*\Gv>a 6*S, ܸ˂v.UghKwhO;?M'ˍ=յ'OsQs46֭;0ӈzpNRoJpg\T-{e,y]MqC>nBZnrngLi܊iMH NC8<=JR( j=ϏrCہ;z+uOL(TJеd/[ˁL}<92AB e3_$J7)5wx_Bv681p=zm˜ !~~0#P TMhAE?b?-9:%41`(P}3a&`Yē^UsE@Fֺcj 'M<#E} B$;ʆUj>w  u5G (1N2C`[ D'bCvC0 Wz @PZYɹ(0.*Dѡb8 2s͵پѻM6F.j*vF/RctLQ)\)\S\D_+36V!͇\yAe۲Z-@5۫OmXvAE1ЙDL"ٻDTJlH;m>;WT—G"'fiINL >]o;hI#|\Jh7NC>}#mrgBmTh􌽔"He5evp:ijb\D+K*&qlꑷ5dߦ$pJpdpzO^WT%Έkҗ RYby -`]"lU/%Ll!eCF k򔩩R$ruSaV|]TGM`T.#t@e9rx)Ҿj;;0%7(z1M]U/w%X Y۾| ~G4kE!fzV,hJ)!mK lJSSo !W,)C#1ȸޓF/<  MGAcط '(XW#0 O fd{Ch=@wg.C5pr$LQ76}zF~yK ׂL+’GBs.y7] }=aHiI|SSEe 7 )߿Y9K=J#T{%[ѹ L ,@+2MšEil5P3͚p ^> |Ϡ@i6!ks\ֵR0^Uuج=Xf<33pF?Ȥ .GqW@=SDi];h1B3$0+~0꘢v'b\WBY  $G2JѮہcZ;dkR0<{F7#,VV0x䣔a֥8:4.1 7m4frO_Vou.{XυJ1_GպI,݉4 zZ|Q7pyeE*v9ѿ- XGjjy{V"/^<~w`AG>"x*A4izqoW]v6vD{fMTKc#*&!$"9~9g>6r"cPfn}('$a^.qy4N#f7˖g'V\b)m{ 3뙳黍 XˈɠK0sPtܨ)361h,G\1Ԙ(͆꾴,3TKw8B<;W(iM&:' ULmkE"$#+Y@˾84*WnK!ӑʭ 4g4Sr[kL'LLcrvQ]/ NpHk`^>[/[++9O(@jGt=Y*clJ8`hAΗ0Qy*UZ oWm?QuL DߤvJ*o*ۜJ 87.|m/E+)>_RAcQWxޡt})g;fB@ XEQHea!B4\"H@viyLɿU#svEP#mb9ÒP,k[]LIha9HkC6vǷ (o7¤{Ws@zbW}e%#=2ltSŃqK=jB2}x;pޒқ%=I-7>S%>czۈx^x!,:άMEU{l]$#]@lOţD""'#E1S*8`nمtVl7o:.30.#4y|tx-JQ:w9gEaSk{Û밢G kD@B1={vP蘼L]\2Krˢ}ȼpYႶd@;9U* OB3]" /֯ XADZXmbaqX5 WJk%ަ;|KYi :mv*|IVֲ`^1#UۊP.5wxg~ml듏b7Q,thcBqѧF"%*˗iO9Ci{rrT:)G49pz-(jZ V [oC"U'520p= ^bФy(T ݵ_HֻkWѤrIK=ڷ{9ͫ(& Si)6*z~ؘ&| G7z&#/ADXhY{ ՍMs7v%aj'W:cF& GN@ZGucGr->@nj~&+H bkT]h/r^=v&r(깥'v#i5]^tӤBP<WA#ډ,>M.߄)ů{ 8kEI" $ Zb,q{5)ɧ )xdg)po%`G<%J/QL%i5(J%v+K33݅ibRp xsh$+pYc#v'R;iq#WH&?Z9ƘUcz巶Ò3F!Z$׵MT )U:O'@CpjЌ|FzZCyG=:@d7[ʵ% T7KSS3}C!3b}>w/Z! RIS39Ms}]e*\YP DGIz n+:7j*[dL]ڈ70]=LY6*%E0(qf;Ҵ%QűщPbBT'b+9&;ҀWq*9SL0Icv G 5qd;1m!ᕀ1~ƯX8񈷟_R ,a8oRvG-w"^C @{l~`2.j|-="}= fe7>08-.PMI"L/;sP{#Bt灇qřݍ<VvC#s> 3D~ODg8 TЫf47 )mK+6R%nZD |Ͳ_Ro#j\O 0Ū&3T&gdWKwhtM# v#d HLћVǖl4/ Gir]X@^xQK-ӫWGL)ZPYtOSBr?NsqE(z_44X90}HZ굶G`8 vBB򥏒.<].Rm08V5ĿRfs8xvQ& /#]|w!f$ 6X- r(lߍ b=x}htBrt6cx 8ùz;N,w;}?3W | Yp|Nd&y;H wrdT Q'&J\φx*w\ YE?CMLk&~7Zڎʹ~zoр _6W^) 8Х- G!k\*Vy+J0u: .M +Єڨmp3. - 6zδeO4qmөTqo FJUTpzZ,OQĝ4?fagu끼9@]wt]a̦=Ū1F#BY~In۽,`V"d4;CaɊwirOuVE捕j%#QF|\y}ٳaJIF|0HmlCUgmEE9hڽc`k XT~_V k{rY\|ʉG $%aoeoa~˧ q(.4 TH(\J8֥|-g[ W͎1-'$q itrac.$KhlTIx3ƎCF_^|By+Iag  fP. Hq/á7b4/"!+j>5mbgɠx# {kRzZyoI?:h&قtÁudy]7p0r{κ%i9B-x'1l+! |nj͏a۽46ZL[dp =7oUu]Xr+&T_+܋ IZ[gFj#vީ g6"婡/c#⋏~&2,QYھͮ##S5|cq)PrGҜl"(S EQn;(Z6` }f #ΩI6S5Eg|9)T 2 VQ 3l82ATRN"ŞhbdT7`:a'pSBi˳ G+Fp5ߟkzvz7VQI25^ 0?Uο!)u*#Ws b@·~G%"[0 IjLx0ZbxKCFI͛)ڿVΗW2(5Y3jhĻFy@@`R ; ^/ d$ۅ.W]Uπkb[9Bs-nay i5:Q _lp%`i!{1\%0bJ]Ө, SD>~]N8 2i馯TW?j\/°ϕ^=-zt|xV7xE_ߥT1[DL"[ݾ ;7(cj ՞~AS~4qi L\b7~"m~pGs_]"@beS'~-Z)ͥ|h$tmF p)Să\@G զJ ?jo_;aD \dՆ{OH=hXI76%&f7kO6yM Jԩܣ4iso0,)iDvʂrff7(1Yǫ{񏵾dq8;PN4}M f i݂:=}snZ_ s'"tT\a?e1P[p}W.$Qf>Boe\n_M* As{R?I[&ʄ!2Syf-"#`@ʓи潓Gk^' }ݽTB'WT_lH4hi*|%R"^O=m(m$/ugRjI6+ssu9l,yr<́_5w(n8ZLɲ0>cal<֒5j<^C*xϰ[/r8H7iҚ9׷ÑzxcjU3 ȼs1^#jn)RBabC;.I" 2ugӼyh,YifM(,*˖JJTKs#_l$e_y0IU'6էR}:#+DN4M%"*sp\&9 MH!9U7oK=%,8z_s_I$,օ~W ⓜz6m;[c#L[̜hjuue+|qAL%@PW9~C Èl%*+nV7`l;%UŭQg5V7÷;{3&.Kjt\C6z%ǣ^o;A4+@ HW WՍQbr؍\m am+TW> }<1t#ECȵA,#']`=]o*9sz\r4&RfV b>ĩt{X~ZzRPcY yݞ$"=sH]z9(H|n\UL9rQ] EEghR]oDn8azWR*xU }<]r.\m_d.)цK2etd8vAWy RFŠL:`yr" Hκ^cv͗'č_6Ə$L )&^w(LghЖ~>U/H?ts u 2N e^ m~Nx(#U!NJD-)@{Fѻ5a~u3s.QQWHq[6`T0-Con͐ގ=P:a'׎uۅnхK%BݍJ?s egr=_-ϒgWtX,Am~ ?følU}ô2Q*O{,٪Ggaz?F`dRb]=}dRʘF#p'CI_!b~8D %^~D}Fm Â7yDId9' s$96% ..k !sJG/+2B5ytFsN9m gZ*tPwror$ZUð u@5dq Zٯw7̿l)c\8^]><ЫX|+ ?:*c3z4߶؇"߀L faĭ$VW=Z^cMDsQ*7Jndpf}$sZp]U{|~Ð$ ݽ]BK;t3.㵮pH)/c9c~V2إcZMhbcs8n,H]0H,5ω=rov!Tݜٷ0u64X2a|;X4zM8@=bMע*[CXE+'тMIӲVS*xVWQR뚼ށw ,,xӢزLd0nSym5Tnmm\OXW,5~޽wuܔ";rvp6)lz{_[F ^2T2b,*T%@@0+_S$M=@8N۔ QyV9هb]\!4(0c~]" c(k WPR 7)St|/?V3-\JSo} oiPA4 [d K/Y ,:rvng,F/Ep 6_J}=\GDZ@3"&,S6ĄSkJI]Pʓ&+Cn. DPtDs޾ ~kOg@.˼]Ʀ$ʳ|0{zY c]Y{o_Nk2F ?7 oNVOPr?uf1 02)S[!D1;Z16Oξe嶾DDK΄_A-e!CV'GCCej帘_NV\{kף h=/;Rz0NI@,܌8>"wRgAH 75K 9iݥZ9kq"PSt˻-Vf~ VQF7"#-s:[슢MC 77n`eW?Ja/mz)K4BʰBT>|>2F=?|jcbR k/b ;6y1}?]0;9EB)iС@xYa֛bQزCI &k56Lvɘ0sZ`A.QcopXoz4R~>0!!8kpit0$(\ N:0m IV9&q%+>/F yf`x?p( Cl.њn 4EXj0oOt]K/,hv]U.;X `B噜{p M-5꓌NoIKD'>mjX4M@Qfƀ%ƕ|8s[x W,QܔjfFGx(ԯ#繻_c2g=3ӻ1_M@`XG׉[3'D!IwB,%'ƽ#TpS(;ȥ֋˄c'c/bXQEմ7PUx$A--Y&e30^\C(JJGKjyXT~dLQ#ku"y;AY+>6G)ΗH`EVe]`7i_%׎N?n)R_?asr͊,'Wŀr_Hp@8E+zvnVxب.Λ^utAشU4+@%ik'2`jn aK`0PCJS/#|BǶahOV2* iJj BQn}.v{UVqa2d*$c]XX z~6^;.*…Fu.w~#Úcjց0H^yzͰT,Y͗u lzPٸ$}*xsVkg]Ky~LyJd?l.AI=(WԱE93X|gǠCmA&Zs!Lg3#`V%KD$ضQBYNV|0BtجL<m`ȭ̸ƲN oIWoћ.r_y*jS+,Mg{3.fì{ɶX*.n֣S,hà ՓQܸp$Q =KǺ_YòabxvX" ι z&! k7 ۰HV(_.xJ1z *^-t }[]5vyv&:mM-72W zAZ sjjW Ĕe§/D= >y{;uE*>Έ`Nl #̮[E}Qn6 [q\mAƭVV+>m3Y*X,ui]oryݺsß":fI!Ur5h^#~+12IR9=$Om-wnO/hժcUGԤ3{ČwiR/ q$"܇V_P OCW9>Jg%H$2\O[K;hFcl i = AV6dMq3!o8!P[k{? hxs)ӿ]* 1yob[P ݦ>(,nafM?vEi! \(aw0N&`@koɺo[ա3xj#9k%*#xvdfVœmK{T:qt?R }f+ߞ[ՙt)y=ɻ[Oc:<`0"5icR+A\-&I?R/-j%L/Щ[@Rlr~U#wL~|A#=Mj$[&x"0f)DRQ7Hٌ\Na`qr}79J^A):Y`ыiq/Օn|6hj3)݋%i,q;3 oPӦK2 CR6kn0OjR |#DX4B{:T, !8kuR̨ʼZ„BnBA~5+1 7Z/+G`Xj"M lb"]]n|s9"Pԝc4 Yt脷:QM t|OѠÂJONpWD[?ٹơqu]D-,P 4yrlb{/pU!C!X:B)ɭ=mQ}B(FZz.\Frs|ˊ܆9chg\K@X;8·xaiZV )Y9RB%>kW0AOoFX8:% 'ө-+:1`Χ$T>SnHષ|sqa [L9'zZ v-|@d dJq<@Z@vA&F[\$S ܚŞ#pGZ: :TLطU>g^Bu:i.g^&ws kٺf}=yh"uXwd*c /]j~c  P dhg?@{y42$]g 2 / <%ot @f+y^LpX ,.ޮ^9s'V`Z#If{+Dg_LcG 38k.x beTJхϪş)NU'TzmHIg=v@{*hM ݙ}7@>)Uƅ9:(1Źf9| I/ -?2s{t]q aXhe̴?L8' kye EG?B$:Y36 %+׵ {E_ _L*Ųzk>&( Cػ .8+jB_|~WN> ϻ%ԲK= ̋ws:TaPG&\\ȕښz+-ȮG\5M2-ۏۓ# DC/m6Po*٢r H/lUV Ј=пkנ1T K@C=QT7 O4 j]s3 @2N ޓzLa"mvӻ\?i(q}X#s5$ɚJ9JS yʯ-C+EExV{V !\։WZ%$(D?'羢p_Ӈv #k3}ШpIq-j>lgZIGWGI>1d6J$ۍ'ΞTOy_rVa+RWׂM{:*`P<]hpCǀzmT1i%BY? umW%ruHuU<b,"MPc)/r3I+ m ,7~YYnU:{P2(-$S ŇwBh49s?uv"z_ޔ+XO<- ϤbMKAȷnsk_v%{P]8)'>gqg9?gt8Q1Ł)bqwLTNpޮ8dN,}L۹^F!_S"϶(\uCVΎ'f/:fW"̋0L(t}l!.4V=RzlAAͰU^STPyMö|kWcmj:oyqcdq*RیBt*]c7$!63]N~>Xҩhi_UZGolrq,X`y޺Gw̷F~D-Q-g`Axk0U8J>bg'd:$#d_,x]0ՋHLICFoOG3-k3HAn; أ~B^jbUo'BAChR$ &8Yi2੩bQ3^Q OLDYӬ{ C(e}as0X^#(}@8)Oh4] ^! Wx7N|}q"4#7ՕS%p)$4H Qì&Kz?xVE3Qo;ک.0RydFkOO b85qlQN&Luͭ%\ԸPyxrw]^xwh—FC*;NY҈CrUWbfغ53& wD2)~L1`j^>N8j|CIRZ xlx`9{-AW@[U0o2D̙ ! ,5[R딯Ǩ hr94S9k9ءU)RCc569&S@i)MHZ︺1MMAFyҸ8fi=uVʡ%@;4q`e]o7XO5c!]uo\m:I )e9WWq || %K+C">bD r{-'?(#?'|XX&̐E.WVh*0 jj#N 0Ki?rx.߂aQ lIcz϶6TT37q֧$8ìAիi1IGMT<8d#(hRxK>mp:;&Y/ˆf(:V",iAh\Gd=XFrMΛ<**8)C@NRR7jMl$D+:7HQzpNn[؇99^nW]DXl8;W&-7tLNh럙,M,kvǸ/Jd3pL 6GzR8ŁcƹBu DHq6&kb){2w,]R:lpे<_0#. go+ǔ*MQŖI`j;=?Xew+*⥆m`\tu? 9x 0d4ɋ 5a + pj #V;I0aH}b[ _@.ܦmjw_>ߦݢι[-ez{2BBZTPަEwXQ84DE)Y6o"mR/DorKcG.ܸƯicO\EX\XS盾9ݠ b+Y}pax _9m'M! G8gtf.:g^ mĥml@Eɏ{3K*Ls jZY1n4?3C=[TRY#$e/V~`H Л4X!I4mSu+10!P:Jiz6 Y7 I_FMvH4B.Ff*'ɺEJyv&N}!5 cI3.p=hG- CBHq2%vۣ !υƋ/k֭۔sP@@}Bit_<S Rp>s`TV@ҧ`حknk^ !X( '(X*$>dY156K|X)f{9H~s],p31 QLA'!Ue;;{;9AEjFї7tKl6HgJ(ۃЎx M>͗v';G[a*P 3eC-F[r5ӛAP )nG#Pʭ i=j͍3@]pLlA1oQns;g@dm-3 ]t]‘L9S2E4ܘ Ap!Mi26C/[̆B[PRCd\%xA6¿SiAC,pQ`KE9LPBJ-?R%\d&vM{1z. }$UdNiv_E{biB$vBmW70#yI0SPo9T38`SmeRzPT6=ىyh^8sn^r%`90 8nξ^L&>C`''*[+t]X^7N|rLJ&uJkoMU:9Q"s ?E(Ude7LvNpmH;gV'.9+d.yI{dz" u2mxKy]biߓ& 2Gʳ.|NIss7n `%"g D[5}xbvc-HYiwIp;Vkg呫n(;&%7o  5#`NН?@sDnjB 4Np~$^}laK%m4E, ~s43#n pgd/^:V#%4Vuz9P3=p7IlRvNuTFctS$R#(3kPUffcqo| 'QbA@5Akt)!mEm6<a8yt tIeeeg 'үoZT􅈗&vx`$t<'U1+N]9pt}M{sOE4e\ܩF=4-`:A\i Hqi4}f` xBd$4#t퐡፟k5p~ {0C_lśs-SeBdtE^cB1M-kP?x[|Doۼq$XC CYE,pDH] ՐgK'eWXЙ6HMГ{5.iD2X4AX^ s 43 Ve4ݫ\PT$bUN {&47yS"v]Om•HnN1\y RS_&]uS3ˊlچX y.5*4")Jebt4z ^dM P:5,I;ZT!52 ʳn)=薳"kdћ5JM<_~v;p.nr`lb`,Ѐϔb,/kQ5ʍ{`,SPٱ_u/ vSv8Aŋp(Y'jֽMk=@:/ٶ!׷Vd)ջz٧;@<~;ײjC󔮜`_뒋_LI[NW,dCMa϶_ ei=S[UAéS[Ae#֌|0`7UM+O~| vSoId!Ȕ? ̙Sx]s[gKn ۜmE(]<)BCuSp h}H8:$t)|l|6{ZxF{nd 6.|QnAJ?|ƹ 3@<@Vsq(N`67gy͇59+ ȠQv<\d4ĺѕD)ax*!# ђ% |,z yorS1Mj&f6rbܬ ,pI +Z)!K^8\@E`JX.mnl&ia_0ܾS|/KD4I_j͗;HfscKSߍ cfN< TeTAP,flƑ =(C#зhd0A-Tb's[YzMl ضL8a5~HEz rD%=I+MSev=Ҝo%0-V쁼B"Odk 6dTFPy1K)B15JGAc0o!wvFp!*6OpXzb7˳ $tc| n= cMhכ7t\/p'gRg1yMEޤNDHLUi;q4OA@W B%Y!烟dF؛`ꎑ7)&sI5kZ 5mT3I"nHeN0^Xsg$\=!Mo!i;fv};ѤLFyc6jg!i4ᡃUcdRjaE੒rl\Ӊ(/9)/zVbؽ %DY~䝲վ\#ni=Oyg[BpƨC|E`ׄgUlp|gĘ>9lʮB Me!Qɯqy5Eb(礱 GzE@z2pdcc }(aw]O<^j3\LXC"|ǘNL+_ѻ(F/y~}Mq nh*{dmNorNVc4 !IcQ@pkW;RwK tWRrD^; gJk;#lR*Eb\#~F0\^L mD:W䮋U}qPJ>j7.$z0P3A-e{ֲc #!,jCn6fF_rNL>WQ)š4N\K<65C¬:(*Z7]Uqɇm>[S#6x\(Ss,T@r-ȩ'?a x tCIV|y03{2S?)e&XP.L@{JWoIʸp y\q6ha C)ZZIjT)&|\yC-84@##.3ס(vuztI%&?o'D\Tp8 W)PMePn匨ΌE{umR9c歏0( #jaxr [\hnI# a 2Vi~;MҴ$PMYczfCpUwV)}.GUgJfgo Aki7e%iHΥj!e\2vlE_2J)}6HT['2 ŸO@=F=xa8ab5午mnHgndFp%25KgIa7fF_'x /YfB/6׈Oӓ <$$ r"#P# Bpo]ܪj9b[6UjĞ?UBU|KsOrJn:huBkFA,D]dEQsPc4&?jԯu2b-? JM({PoKTE-#,sk( ׉Z&>b"L*81e$)$kp!9aJ.<ŝٵȈK3oWJ+/.gJs*+f&tY ʹ[WarPvjb@ƻ\5be$UU6 B!$+t`cBJF3h {tڦua"T8Zp4tFBZx:a&*>Mm[t&9)ۮɔdnERJ3,!32QRA|!u"(*-z>O"i@ Eɏb~G_%{ N4*%n>O#RS$goߧs ;,3iFer`(a;K9 g(u)91NoK~H/ձaDk_ d¶;}۝UC5fqrv(?vd*#I|S9r4T.=>ٳ`~ҭ{O6K;JR" ?fz!`ѹ7G"iqTX h-j0yVI0Ͱp+/|R2x):ZyLmH~K"W 3iύyDwX 7("ߨlT_7 )( #i>]=H5EB?z<!W9^rO1cx81"ZPD "m:pr1I1 6uU5.,[[ٟNd;K섨s*|aðFۜ|;;|p%˗0tF :$~{7S_x i$ V 14OEA#v:#8̑s4Вob2'hGObR9;.z9.Gyw!Ԣ:퀨Z$q#LU$>j&\9EV,?ϓ=;9J ghs٦BZaQ3z*v}TlG :!=%!8;mӈ[}BqApJNac$렧3.9;g3Pr_!BNR>>>apM*JsQ1iI a.,@1!Gߪِ /C(>m8P}pA􌂒 2R99vM1Ol rAz#.RJVɒl=fp"m+8q$_uޘF*"5U[q]Y$V b07\ U.ۂD,Mݫ})1?-V<"#!*s84Gz +7lM yzm{K:~9?`o?\JF2bD/=ԕ I֑FV3s0AK$}sتNvA2/׌Pt.a,8bH]*w--&,D 8xN+n8Nc{{6Fi^r/YVNY"I0 Rބ2c{67%^ϒT\-/P?1g-z&Vz0r00uO QH ƥWJ _y5 !#kvg1R-LDEV M2y? 3(^$ً( iQ'9' %\U$%fb}g)=43<:Gӆ9Din0]-hyb'}&_3AQZ:jd!hIM`Q~o4ɒCuZ[k$;}r"U5S (N)]wl~rEehj(OڜBhU0$lW"*+-@|7!Zs~AB25 P|?,|g\t먥qWRɷsvQX76ꮂݏǀC/-cD $O(I + >Ო]wo:`;#ghWotH_ҔhÁ/Tez\mNL H5;R'++^P>WA0e2 hlb}%s\;j׭1IR gcr|]3Upd5pGJP13{Oh5t4 䏽vkp̛޲Ep-6DRZl6)w\4wƕY#1d<7?XԾ, ^ڜ>h2^9׶sأViQ -c Iz|m$4NiAY┳:l]tJ0+o@BܭwM.??0&(2 !=JA`P(Fsae%_zUKTS#짼}X3v])G꯽gM3Diid1&2OfB%fU84x;[)m:],)V[I, +./s-5Oc^MV!Im}Vyf9"a("Hz=GW04_XhWoY3Sܔ(g_܎d7nuΩ=}eReۂKSӠ5dPX&fZJR4>2w,\1y*/֕;ĪٮV_Lq*.Cs`ml2 qm6uց|IF<4}*%,_@XKN VlИxLEr|hsʮΉvt@ۤc%{/;*uƏ?`S~m^0C% O+Oc~<09:1I㪶 v&8.5dD$O#! i[Jӵ`u<^Gv!c (˄]ņ#+ڣ+8B*636k]~;O S;|ktsg=J؎ zCa$^TVڈΚGyg~uGW^ӕ\Np,o?!;"leE^X˝҉KOi(,Mj09쐜 ??R7,l43":ԹYDJa7]R;ހ1 xuZPْO[NAK)cAO2'\ZXYT!ҸYF p񀣍f*긲cqe< ;^5*ksaeҔ5Xmzfw~LtbQ_kݷfHYN/F_ :?h|Cƅ%bЧ2'?{_ة k;}z} }h(3rp0eCgՍ`d@\4)qL6j2D]1[*fhHvtjE.̔lN!@oV XRYF/BנNm/Y{(\MS=Dchz/ uW6jJャBBnf߂PTl Pϊ"|Y2Xj*Ș#@6J/fleϰ|imDxUwTE2Hf%61^|ڏk^V2 Fa 3E}1w'5u4vM:-HJt,}q~u#8bۀ'!EѐlODqޟ1"Z݇h>T &$>0ڃ42xr%=vIsF&wI$Bc G^HG_*x\ܱ 7Q"`'c.bup% #-  Ag V LI֌{l)z SfɈl-i>@o߬wr(=9<tN7GxiC+!_r(:jr2y{q:1yȇ9*.q[zT$ ٽ~Ի{rq\S(Ʉ:[Q&}oQHXv"" tP`3{*ڝ``iAA.1:4!P!5Q5}|^Z펗3̭?A%iۀ˥'_nq?`*[;'2S 8zKUUc-7$|#o'&{cT*,;^,F n~٥E!B)0b;T?|d |: diZGn_(L4Kr4ܔ?W j<}vr{m zu"vP:o{]gkyIbo, $19WZ1H wkB}UV>y'ICcrFt⭁2d<`HҽK c~Oj8L`l%-S>Wfi fgUMBˎiU'h.*>)hfGop[}CjqKOreOMB)b,Qc4pr(p0RaKybd Wt,ք@J']3o"]tv8ͧ.~,|a::2x#-ˁ7QAWwOh֛ -^I&<^4/tȈkNG\7٩b)pɲ>(t]$3wl!1Pw\(])7׾aPɠI"Ĥ H%mdk^/xG8vFdOi7LҏFtw,D^&$^_!Ԃ&EJcNHO!/Pw=n]CtMBbB>6l9,^4@M?|C3ߨ|˜`I6:.GICgTV'!}1Wz<2i)7Ĉw'Shw.꽼Гb_J`Ocs .imNbd29JoڦA+Qlvޖ+t57U@6Wej&riUɽ<Р~rf(~kd Ip8T-qj[09ٖ49E.O Kޟx2"KSya2}Q?In( Ǩ^uSW"V=aB{{c5'JMp!X?g,į{B}[FUVwV1*i$߲ؿ~p$F +*0I aHWz=\S>HMPWxdI ^!GEgQ:'y<ԩDNumĈȦae4Vlu4Iis3q}Y:.l]tPf;\-8aC?('>+Oǔvߢ+>趐zm `{ic|Ј`sOH[;) aSvgCb\"x^3Dg)1ln:)'oM=qLG%pF WBRdC_FPcq~CNh4W;iR)h8Nl5lfXؖȀ Pld_ 11W0DSOol(m>fh'|)D;HjJ"KZ(ڽhSB\hV~ĩ 4zZ噬ųaE ARDٕDD5IƤsp@Gѯ0iA$&3 ?vSQ&xչH}uRXz/9%ҕűF8;Rmwc@ L80.O}ԄX3tSvz*7emk#WZs>}:aX MH%a*acW=љԁ{:kvS?%b :%D[$  GxXշ<#D)fJ b̼DAc5`3x88w; ync5tce"+:@GCV0Q: xQ<^ Mos_p)MN'a ?%-p0ҹ:Vvj̜lZXIի[ϳ:aگ~/qn510s]":$ hqUAUTEW/Y0Ugt m8J k;/vD3aFD'~ؼ:b?f=a0=8n@MI(pC :>/14xZH]'n(;5S(n}) Z $EE@2S&^z!ii+gXqdc P6B }Kuo#kb.IFTqu >A"8|M* Gr n`gV`kK@RܞKU[OP/ ( *.=Z{av*c(~ꤌdӃ3P0Dj8M"2H8+vbk&L'!z>i>E,9] 5#L=rk.`Ge\6&p-,s4 ~9TQrPL|ѣbb:F0b୸e$MP=M\78n(0(k ;欝ܦb N |V$r58UCn?  [ pfIsţacPu9o:toswǕ$=7[5;Po\Fg}rLƑȷ?Peb{O=?8 3̿x8>oP ǽRb'D ۟XJ 9(2p3ͪp\ H;M;r kw MDx翭Ǎ%铰\ͫ-VlRW;Ag8{rB$b#x< '@Q6"pt3\7ES: _S0MI<}agyp/v9uyE0;}R_ !|Xe R=n4|RGt70sLչ2Oel@djDoRiTcȴkf9&8omA]OBd^zOg|UU՝2z\S`:M?:΢0y>[i̛ҁ_@5vޚi`*4.mC<%#&$ҎF]m kE/k `jl,}QFRh2z%*VZ9y v> DJE/_{_oX"Ғ5T3,PGi;x|x]/H[6SB$ز|R.sԀ6 ;HnNgi1VEЮm-D|SP owr{Š{]n)۹s۷ feA݀b /Y?uL&Wb=72AHL /pG`lS R:>|^:jN]wQA[y/t20P'B0 m۶J2G̍6;5IϮmAITdWb~J䧀MboޗΔ2``}v$/u˟:OQcCS-8>Q Zz FPqxN?)/?SLFlcn:p@Eg"h#h^_k|atuk0tG{\fDxn%lxS:~i!wSz@x@*_D9b)8_`^&V?s8bxF93x*G+K7vPg dŰ 4\M%]U* 54H5B9zO-5nмuyhάOLoC4xO`|"am 7ɒ5%9L 2|TjI c^/\㒽{6WUrp޳h!c[`֖vɴI@Eހg+j|(o2f'nT|9WYٓmNщS kjaS `yPu'.X }ҥ!H /bJg Li YZ