libnghttp2-14-32bit-1.40.0-lp152.2.6.1 4>$  Ap`[:/=„zXŨf$dKC>D{q&f_= sBgZl8JO@W4]@,to%nB PR-G?oao:V !0lXh9tp ` S'YQ#k.F1g՞G6H!r#ML.)Zc= Wt+A-oJPkqPfx/z㵛~& q7P'jٚNwaolDn >msW81a9ef2ffd908d05677a5bdd62abd72755e4083b957abe8a0905a809147a8cc3407bdad5b03079563967add8f710068d6867f660ِ`[:/=„Cs_+Zxx\Y2:^CI^9wv/wW_)hS4'n{y_(iV_{u,vĨQ9Wj̠ŋM$YfɣU͜.}znf߻+}()NéS\ph0 ꜜxu#b`_8Teu\b.ڀyl?oZpWπІԍt#FAlAF|礉wSI/y=@r1~ך >p>߰?ߠd ) D  (0 4 8 @  ( P  (?8HF9`F: F>ܖGܠHܨIܰXܴY\]^b!cdpeufxlzuތvޔw(x0y8PTZߜClibnghttp2-14-32bit1.40.0lp152.2.6.1Shared library for nghttp2Shared C libraries for implementation of Hypertext Transfer Protocol version 2.`[:hci-cnode1-m0dopenSUSE Leap 15.2openSUSEMIThttp://bugs.opensuse.orgSystem/Librarieshttps://nghttp2.org/linuxx86_64/sbin/ldconfigd`[:`[:fb148cba11cb0967711a833ba2cb664aa6f32616c0e39bdf8067520eafedd9e5libnghttp2.so.14.19.0rootrootrootrootnghttp2-1.40.0-lp152.2.6.1.src.rpmlibnghttp2-14-32bitlibnghttp2-14-32bit(x86-32)libnghttp2.so.14@@@@@    /bin/shlibc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1`KW^@]i]Z@]Z@]R@\g\A\A\8@[F[t[CN@ZЛZUZUZZOhZ.s@Z'ZY@YdYYlYcl@YX@XӸX@Xk@XQ4@X6@W@WRW"W~WXW W4V@V>@V@VV_V@VzV]VI@V4@V@UU@UUȒ@UUUUUcU]USMartin Pluskal Martin Pluskal Adam Majer Martin Pluskal Tomáš Chvátal seanlew@opensuse.orgTomáš Chvátal Martin Pluskal adam.majer@suse.deadam.majer@suse.dempluskal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comfvogt@suse.commpluskal@suse.comdimstar@opensuse.orgmpluskal@suse.commpluskal@suse.commpluskal@suse.comschwab@suse.dempluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.comadam.majer@suse.dempluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.comidonmez@suse.commpluskal@suse.commpluskal@suse.comidonmez@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.comrguenther@suse.commpluskal@suse.compgajdos@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.comsor.alexei@meowr.rumpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.comjengelh@inai.dempluskal@suse.commpluskal@suse.commpluskal@suse.com- security update - added patches fix CVE-2020-11080 [bsc#1181358], HTTP/2 Large Settings Frame DoS + nghttp2-CVE-2020-11080.patch- Update to version 1.40.0 to fix CVE-2019-18802 in envoy-proxy and cilium-proxy (bsc#1166481) * lib: Add nghttp2_check_authority as public API * lib: Fix the bug that stream is closed with wrong error code * lib: Faster huffman encoding and decoding * build: Avoid filename collision of static and dynamic lib * build: Add new flag ENABLE_STATIC_CRT for Windows * build: cmake: Support building nghttpx with systemd * third-party: Update neverbleed to fix memory leak * nghttpx: Fix bug that mruby is incorrectly shared between backends * nghttpx: Reconnect h1 backend if it lost connection before sending headers * nghttpx: Returns 408 if backend timed out before sending headers * nghttpx: Fix request stal- Conditionally remove dependecy on jemalloc for SLE-12- Require correct library from devel package - boo#1125689- Update to version 1.39.2 (bsc#1146184, bsc#1146182): * This release fixes CVE-2019-9511 “Data Dribble” and CVE-2019-9513 “Resource Loop” vulnerability in nghttpx and nghttpd. Specially crafted HTTP/2 frames cause Denial of Service by consuming CPU time. Check out https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md for details. For nghttpx, additionally limiting inbound traffic by - -read-rate and --read-burst options is quite effective against this kind of attack. * Add nghttp2_option_set_max_outbound_ack API function * nghttpx: Fix request stall- Update to version 1.39.1: * This release fixes the bug that log-level is not set with cmd-line or configuration file. It also fixes FPE with default backend. - Changes for version 1.39.0: * libnghttp2 now ignores content-length in 200 response to CONNECT request as per RFC 7230. * mruby has been upgraded to 2.0.1. * libnghttp2-asio now supports boost-1.70. * http-parser has been replaced with llhttp. * nghttpx now ignores Content-Length and Transfer-Encoding in 1xx or 200 to CONNECT. - Drop no longer needed boost170.patch- Update to 1.38.0: * This release fixes the bug that authority and path altered by per-pattern mruby script can affect backend selection on retry. * It also fixes the bug that HTTP/1.1 chunked request stalls. * Now nghttpx does not log authorization request header field value with -LINFO. * This release fixes possible backend stall when header and request body are sent in their own packets. * The backend option gets weight parameter to influence backend selection. * This release fixes compile error with BoringSSL. - Add patch from upstream to build with new boost bsc#1134616: * boost170.patch- Update to 1.36.0 * build: disable shared library if ENABLE_SHARED_LIB is off * third-party: use http-parser to v2.9.0 (GH-1294) * third-party: Update mruby to 2.0.0 * nghttpx: Pool h1 backend connection per address (GH-1292) * nghttpx: Randomize backend address round robin order per thread (GH-1291) * nghttpx: Fix getting long SNs for openssl < 1.1 (GH-1287) * h2load: add an option to write per-request logs (GH-1256) * asio: added access to # of the current server port (GH-1257)- Use multibuild to not pull in python3 in first build, nghttp2 is low in the system- Update to version 1.35.1: * nghttpx: Fix broken trailing slash handling (GH-1276) - Changes for version 1.35: * build: cmake: Fix libevent version detection (Patch from Jan Kundrát) (GH-1238) * lib: Use __has_declspec_attribute for shared builds (Patch from Don) (GH-1222) * src: Require C++14 language feature * nghttpx: Write mruby send_info early * nghttpx: Fix assertion failure on mruby send_info with HTTP/1 frontend * h2load: Handle HTTP/1 non-final response (GH-1259) * h2load: Clarify that time for connect includes TLS handshake- Update to version 1.34.0: (bsc#1112438, FATE#326776) * lib: Implement RFC 8441 :protocol support * nghttpx: Add read/write-timeout parameters to backend option * nghttpx: Fix mruby parameter validation in backend option * nghttpx: Implement RFC 8441 Bootstrapping WebSocket with HTTP/2 * nghttpx: Update neverbleed to fix OpenSSL 1.1.1 issues * nghttpx: Update mruby 1.4.1 * nghttpx: Add mruby env.tls_handshake_finished * nghttpx: Add --tls13-ciphers and --tls-client-ciphers options * nghttpx: Add RFC 8470 Early-Data header field support * nghttpx: Add RFC 8446 TLSv1.3 0-RTT early data support- Update to version 1.33.0: * lib: Tweak nghttp2_session_set_stream_user_data * lib: Fix handling of SETTINGS_MAX_CONCURRENT_STREAMS. * lib: Implement ORIGIN frame * asio: support definition of local endpoint for cleartext client session * integration: Remove remaining SPDY code from the integration tests * nghttpx: Fix worker process crash with neverbleed write error * nghttpx: Support per-backend mruby script * nghttpx: Fix stream reset if data from client is arrived before dconn is attached- Update to version 1.32.0: * lib: Ignore all input after calling session_terminate_session * lib: Fix treatment of padding * lib: Don't allow 101 HTTP status code because HTTP/2 removes HTTP Upgrade * build: add ENABLE_STATIC_LIB option to build static lib * third-party: Upgrade neverbleed to the latest master * asio: Support client side SNI * src: Compile with libressl 2.7.2 * src: Allow building without NPN * h2load: -r and --duration are mutually exclusive- Version umpdate to 1.31.1: * Fix bsc#1088639 CVE-2018-1000168 * https://nghttp2.org/blog/2018/04/12/nghttp2-v1-31-1/- Version update to 1.31.0: * lib: Add nghttp2_session_set_user_data() public API function (GH-1137) * src: Define nghttp2_inet_pton wrapper to avoid inet_pton macro (GH-1128) * nghttpx: Close listening socket on graceful shutdown * nghttpx: Add an option to accept expired client certificate (GH-1126) * nghttpx: Add mruby tls_client_not_before, and tls_client_not_after (GH-1123) * nghttpx: Fix potential memory leak * lib: Allow PING frame to be sent after GOAWAY (GH-1103) * nghttpx: Fix bug that h1 backend idle timeout expires sooner * nghttpx: Stop overwrite of first header on mruby call to env.req.set_header(..) (Patch from Dylan Plecki) (GH-1119) * nghttpx: Add upgrade-scheme parameter to backend option (GH-1099) * nghttpx: Fix missing ALPN validation (--npn-list) (GH-1094) * nghttpx: Remember which resource is pushed for RFC 8297 (GH-1101)- Drop spdylay dependency as it is deprecated since version 1.28.0 and removed from cofnigure.ac since 1.29.0- Use %license (boo#1082318)- Update to version 1.29.0: * lib: Use NGHTTP2_REFUSED_STREAM for streams which are closed by GOAWAY * build: Remove SPDY * build: Fix CMAKE_MODULE_PATH * nghttpx: Revert "nghttpx: Use an existing h2 backend connection as much as possible" * nghttpx: Write API request body in temporary file * nghttpx: Increase api-max-request-body * nghttpx: Faster configuration loading with lots of backends * nghttpx: Fix crash with --backend-http-proxy-uri option- Export PYTHON=/usr/bin/python3 before running configure: allow to build without (comnplete) python2 in the buildroot. In any case we only ship python3-bindings already.- Upodate to version 1.28.0: * lib: Add nghttp2_error_callback2 * build: Add deprecation warning when spdylay support is enabled * Switch to clang-format-5.0 * examples: Make client and server work with libevent-2.1.8 * third-party: Update neverbleed * integration: Fix issues reported by the go vet tool. * nghttpx: Fix affinity retry * nghttpx: Fix stalled backend connection on retry * nghttpx: Cookie based session affinity * nghttpx: Expose additional TLS related variables to mruby and accesslog- Drop forgotten python2 build dependency- Update to version 1.27.0: * h2load: Print out h2 header fields with --verbose option * nghttpx: Send non-final response to HTTP/1.1 or HTTP/2 client only - Changes for version 1.26.0: * docs: Fix some typos in the nghttpx how-to * h2load: Fix bug that timing script stalls with -m1 * h2load: Reservoir sampling (GH-984) * h2load: Add timing-based load-testing in h2load - Switch to python3 support- Don't use jemalloc on ppc or %arm, where it is broken.- Update to version 1.25.0: * lib: add nghttp2_rcbuf_is_static() (Patch from Anna Henningsen) (GH-983) * nghttpx: Fix bug that forwarded for is not affected by proxy protocol (GH-979) * nghttpx: Update mruby to 1.3.0 (GH-957)- Drop doc building - Rename python subpackage to python2- Update to version 1.24.0: * doc: README.rst: fix typo (Patch from Simone Basso) (GH-947) * doc: fix up grammar in submit_trailer docs (Patch from Benjamin Peterson) (GH-945) * doc: fix cleaning in out-of-tree builds (Patch from Benjamin Peterson) (GH-938) * nghttp: Fix bug that upgrade fails if reason-phrase is missing (GH-949) * nghttpx: Verify OCSP response using trusted CA certificates (GH-943) * nghttpx: Set default minimum TLS version to TLSv1.2 (GH-937) - Changes for version 1.23.1: * nghttpx: Fix crash in OCSP response verification - Changes for version 1.23.0: * lib: nghttp2_session: Allow for compiling library with -DNDEBUG set (Patch from Angus Gratton) (GH-919) * lib: Treat incoming invalid regular header field as stream error (GH-900) * lib: Call nghttp2_on_invalid_frame_callback if altsvc validation fails (GH-904) * doc: spelling mistake in arguments to build nghttp apps (Patch from Soham Sinha) (GH-925) * doc: Add notes for installation on linux systems (Patch from Tapanito) (GH-917) * doc: Clarify the effect of nghttp2_option_set_no_http_messaging * nghttpx: Verify OCSP response (GH-929) * nghttpx: Fix certificate selection based on pub key algorithm (GH-924) * nghttpx: Fix certificate indexing bug * nghttpx: Run OCSP at startup (GH-922) * nghttpx: Wildcard path matching (GH-914) * nghttpx: Forward multiple via, xff, and xfp header fields (GH-903) * nghttp: Add -y, --no-verify-peer option to suppress peer verify warn (GH-906)- Update to version 1.22.0: * lib: Add missing free call on error in inflight_settings_new() (Patch from lstefani) (GH-884) * asio: Support specifying stream priority via session::submit() (Patch from Matt Way) (GH-881) * nghttpx: Clarify --conf option behaviour * nghttpx: Add $tls_sni access log variable (GH-896) * nghttpx: Rename ssl_* log variables as tls_* (GH-895) * nghttpx: Fix path matching bug (GH-894) * nghttpx: SNI based backend server selection (GH-892) * nghttpx: Enable signed_certificate_timestamp extension for TLSv1.3 (GH-878) * nghttpx: Add options for X-Forwarded-Proto header field (GH-872) * nghttpx: Add --single-process option (GH-869) * nghttpx: Use 502 as server error code * nghttpx: Use SSL_CTX_set_early_data_enabled with boringssl * nghttp: Verify server certificate and show warning if it fails (GH-870) * integration: Use nip.io instead of xip.io- Update to version 1.21.1: * asio: Fix crash if connect takes longer time than ping interval (GH-866) * nghttpx: Fix bug that 204 from h1 backend is always treated as error (GH-871) - Changes for version 1.21.0: * lib: Fix nghttp2_session_want_write (GH-832) * doc: Document pkg-config path usage * build: Eliminate U macro; Instead use (void)VAR for better compiler compatibility. * src: BoringSSL supports SSL_CTX_set_{min,max}_proto_version. (Patch from Piotr Sikora) (GH-853) * src: Use Mozilla's "Modern compatibility" ciphers by default * src: nghttp2_gzip: fix this statement may fall through [-Werror=implicit-fallthrough=] found by gcc7 (Patch from Alexis La Goutte) (GH-823) * nghttpx: Print version number with -v option * nghttpx: Enable X25519 with boringssl * nghttpx: Retry getaddrinfo without AI_ADDRCONFIG (GH-858) * nghttpx: Failing to listen on server socket is fatal error * nghttpx: Escape certain characters in access log (GH-856) * nghttpx: Ignore further input if connection is going to close * nghttpx: Don't call functions which are not async-signal-safe after fork but before execv in multithreaded process. * nghttpx: Enable backend pattern matching with http2-proxy (GH-733) * asio: client: Send PING after 30 seconds idle (GH-847)- Update to version 1.20.0: * lib: nghttp2_session: fix The 'then' statement is equivalent to the subsequent code fragment found by PVS Studio (V523) (Patch from Alexis La Goutte) (GH-814) * lib: Add nghttp2_option_set_no_closed_streams (GH-810) * build: Disable spdylay detection by default * build: Add --with-systemd option to configure * fuzz: Add fuzzer for oss-fuzz (GH-799) * src: Enable TLSv1.3 if it is supported by OpenSSL (or BoringSSL) (GH-816) * src: h2 requires >= TLSv1.2 * asio: More graceful stop of nghttp2::asio_http2::server::http2 (Patch from Amir Pakdel) (GH-805) * asio: Holding more shared_ptrs instead of raw ptrs to make sure called objects don't get deleted. (Patch from clemahieu) * asio: Fix infinite loop in acceptor handler (Patch from clemahieu) (GH-794) * asio: close_stream erases from streams_ while it's being iterated over. (Patch from clemahieu) (GH-795) * nghttpx: Strip version number from server header field * nghttpx: Add --single-worker option * nghttpx: Fix bug that send_reply does not participate graceful shutdown * nghttpx: Add --frontend-max-requests option * nghttpx: Enable stream-write-timeout by default * nghttpx: Fix stream write timer handling * nghttpx: Add configrevision API endpoint (GH-820) * nghttpx: Redirect to HTTPS URI with redirect-if-not-tls parameter (GH-819) * nghttpx: Update log time stamp in millisecond interval * nghttpx: Better error message when private key and certificate are missing * nghttpx: Fix bug that old config is used during reloading configuration * nghttpx: Specify TLS protocol by version range (GH-809) * nghttpx: Send SIGQUIT to the original master process (GH-807) * nghttpx: Restrict HTTP major and minor in 0 or 1 * nghttpx: Drop privilege of neverbleed daemon first * nghttpx: add systemd support (Patch from Tomasz Torcz) (GH-802) * nghttpx: Fix crash on SIGHUP with multi thread configuration (GH-801) * nghttpx: Send 1xx non-final response using mruby script (GH-800) * nghttpx: Select certificate by client's supported signature algorithm (GH-792) * nghttpx: Recommend POST for backendconfig API request * nghttpx: Don't build PSK features with LibreSSL (Patch from Bernard Spil) (GH-789) * nghttp: add support for link rel="preload" for --get-assets (Patch from Benedikt Christoph Wolters) (GH-791) * h2load: Fix wrong req_stat updates * h2load: Explicitly count the number of requests left and inflight * integration: Fix deprecation warnings * integration: Redirect nghttpx stdout/stderr to test driver's stdout/stderr - Changes for version 1.19.0: * lib: Fix memory leak of nghttp2_stream object in server side nghttp2_session object * Fix issues found by PVS Studio (Patch from Alexis La Goutte) (GH-769) * doc: Update README file to write about the issue of Alpine Linux's inability to replace malloc (Patch from makovich) (GH-768) * build: Compile with Android NDK r13b using clang * src: Fix assertion error with boringssl * nghttp: Take into account scheme and port when parsing HTML links * nghttp: Fix authority for --get-assets if IP address is used in conjunction with user-defined :authority header (Patch from Benedikt Christoph Wolters) (GH-783) * nghttpx: Add --accesslog-write-early option (GH-777) * nghttpx: Fix access.log timestamp (GH-778) * nghttpx: Show default cipher list in -h * nghttpx: Add client-ciphers option * nghttpx: Add client-no-http2-cipher-black-list option * nghttpx: Fix the bug that no-http2-cipher-black-list does not work on backend HTTP/2 connections. * nghttpx: Add --client-psk-secret option to enable PSK in backend (GH-612) * nghttpx: Add --psk-secret option to enable PSK in frontend connection (GH-612) * nghttpx: Enable SCT with OpenSSL 1.1.0 * nghttpx: Add proxyproto to frontend option to accept PROXY protocol (GH-765) * h2load: Show default cipher list in -h * h2load: Show custom server temp key such as X25519 * h2load: Fix incorrect return value from spdylay_send_callback - Changes for version 1.18.1: * nghttpx: Fix assertion error in libev ev_io_start (GH-759) * nghttpx: Handle c-ares success without result * nghttpx: Fix bug that DNS timeout was erroneously disabled (GH-763) * nghttpx: Fix bug that DNS timeout was ignored (GH-763)- use individual libboost-*-devel packages instead of boost-devel- Update to version 1.18.0: * lib: Accept and ignore content-length: 0 in 204 response for now * build: Use pkg-config to detect libxml2 * build: Require c-ares to compile applications under src * build: Add Windows CI via AppVeyor (Patch from Alexis La Goutte) * examples: Delete tiny-nghttpd * nghttpx: Retry h1 backend request if first write fails (GH-757) * nghttpx: Keep reading after backend write failed (GH-756) * nghttpx: Add frontend-keep-alive-timeout option (GH-755) * nghttpx: New error log format (GH-749) * nghttpx: Fix bug that fetch-ocsp-response does not work with OpenSSL 1.1.0 (GH-742) * nghttpx: Backend API call allows non-numeric host with dns parameter (GH-731) * nghttpx: Lookup backend host name dynamically (GH-721) * nghttpx: Accept and ignore content-length: 0 in 204 response for now (GH-735) * nghttpx: Wait for child process to exit- Update to version 1.17.0: * lib: Disallow content-length in 1xx, 204, or 200 to a CONNECT request (GH-722) * lib: Avoid memcpy against NULL src * build: MSVC version resource support (Patch from Remo E) (GH-718) * asio: server: Call on_close callback on connection close (GH-729) * nghttpx: Fix frequent crash with --backend-http-proxy-uri * nghttpx: Robust backend read timeout * nghttpx: Fix bug that mishandles response header from h1 backend * nghttpx: Fix bug that zero-length POST is not forwarded (GH-726) * nghttpx: Remove optional reason-phrase from SPDY :status * nghttpx: Header key and value must be string in mruby script * nghttpx: Strip content-length with 204 or 200 to CONNECT in mruby (GH-722) * nghttpx: Strict handling for Content-Length or Transfer-Encoding in h1 (GH-722) * nghttpx: Fix compilation with BoringSSL (Patch from dalf) (GH-717) * nghttpd, nghttpx, asio: Add missing mandatory SP after status code- Update to version 1.16.1: * lib: Prevent undefined behavior in decode_length * nghttpx: Fix bug which may crash nghttpx if non-final response is forwarded from origin server to HTTP/1.1 client - Changes for version 1.16.0: * lib: Add nghttp2_set_debug_vprintf_callback to take advantage of DEBUGF statements in when building DEBUGBUILD. * Update .clang-format for clang-format-3.9 * build: Make it possible to include nghttp2/CMakeLists.txt in another project using add_subdirectory. * third-party: Update http-parser to feae95a3a69f111bc1897b9048d9acbc290992f9 * asio: Fix crash when end() is called outside nghttp2 callback * nghttpx: Add --backend-connect-timeout option * nghttpx: Add TLS signed_certificate_timestamp extension support * nghttpx: Add --ecdh-curves option to specify list of named curves * h2load: Add --header-table-size and --encoder-header-table-size options- Update to version 1.15.0: * lib: Add nghttp2_option_set_max_deflate_dynamic_table_size() API function (GH-684) * lib: Allow NGHTTP2_ERR_PAUSE from nghttp2_data_source_read_callback (GH-671) * lib: Add nghttp2_session_get_hd_deflate_dynamic_table_size() and nghttp2_session_get_hd_inflate_dynamic_table_size() API functions to get current HPACK dynamic table size (GH-664) * lib: Add nghttp2_session_get_local_settings() API function * lib: Add nghttp2_session_get_local_window_size() and nghttp2_session_get_stream_local_window_size() API functions * build: Add -lsocket -lnsl to APPLDFLAGS for solaris build * neverbleed: Update neverbleed to support ECDSA certificate * doc: Mention --enable-lib-only configure option in README * integration: Fix test failure with go1.7.1 * src: Fix compile error with openssl 1.1.0 * nghttpx: Improve performance with HTTP/1.1 backend when request body is involved * nghttpx: Use std::atomic_* overloads for std::shared_ptr if available * nghttpx: Migrate backend stream to another h2 session on graceful shutdown * nghttpx: Add option to specify HPACK encoder/decoder dynamic table size * nghttpx: Log client address * nghttpx: Add tls_sni to mruby Nghttpx::Env class * nghttpx: Add --frontend-http2-window-size option, and its family functions * nghttpx: Add experimental TCP optimization for h2 frontend * nghttpx: Workaround for std::make_shared bug in Xcode7, 7.1, and 7.2 (GH-670) * nghttpx: Fix bug that bytes are doubly counted to rate limit for TLS connections * nghttpx: Add --no-server-rewrite option not to rewrite server header field (GH-667) * nghttpx: Retry if backend h1 connection cannot be established due to timeout * nghttpx: Reset stream if invalid header field is received in h2 * nghttpx: Add --server-name option to change server response header field (GH-667) * nghttpd: Add --encoder-header-table-size option * nghttp: Add --encoder-header-table-size option * python: Support ALPN, require Python 3.5- Update to version 1.14.0: * lib: Make emit_header() return void since it always succeed * lib: Add nghttp2_hd_deflate_hd_vec() deflate API to support multiple buffer input * lib: since hd_inflate_commit_indexed() always return 0, remove the return value check in nghttp2_hd_inflate_hd_nv() * lib: Use memeq() instead of lstreq() in lookup_token() * lib: More strict stream state handling * lib: Modify genlibtokenlookup.py to remove redundant header comparisons and remove inline qualifier of lookup_token() in genlibtokenlookup.py * lib: Fix wrong tree operation to avoid cycle * lib: Make get_max_index() return the max index in frame, so we don't need to do extra calculation * lib: Add nghttp2_on_invalid_header_callback * lib: Log frame's stream ID for header debug logging * doc: Remove old doc about differential encoding in HPACK * doc: Document about ALPN in nghttpx howto * nghttpx: Log error code from getsockopt(SO_ERROR) on first write event * nghttpx: Don't change pushed stream's priority * nghttpx: Log backend connection failure in WARN level * nghttpx: Fix bug that api and healthmon parameters do not work with http2 proxy * nghttpx: Add access log variable for backend host and port * nghttpx: Use copy instead of const reference of backend group * nghttpx: Reload configuration with SIGHUP * nghttp: Adjust weight according to Firefox stable * nghttp: Call error callback when invalid header field is received and ignored * nghttp: Allow multiple -p option * deflatehd: Call nghttp2_hd_deflate_change_table_size only if table size is changed from default- Update to version 1.13.0: * lib: Cancel non-DATA frame transmission from nghttp2_before_frame_send_callback * doc: Fix warning with Sphinx 1.4 * build: Work with Android NDK r12b * nghttpx: Use consistent hashing for client IP based session affinity * nghttpx: Fix FTBFS on armel by explicitly including the header * nghttpx: Cast to double to fix build with gcc 4.8 on Solaris 11 * nghttpx: Fix build error with libressl * examples: Fix compile error with OpenSSL v1.1.0-beta2- Update to version 1.12.0: * Add nghttp2_session_set_local_window_size API function * Add nghttp2_option_set_max_send_header_block_length API function (GH-613) * Fix warning: declaration of 'free' shadows a global declaration (Patch from Alexis La Goutte) * examples: Add ALPN support to tutorial client/server (GH-614) * nghttpx: Reduce TTFB with large number of incoming connections * nghttpx: Rewrite read timer handling * nghttpx: Clean up neverbleed AF_UNIX socket * nghttpx: Add --backend-max-backoff option * nghttpx: Use 16KiB buffer for reading to match TLS record size * nghttpx: Add healthmon parameter to -f option to enable health monitor mode * nghttpx: Receive reference of std::mt19937, not making a copy * nghttpx: Fix bug that backend never return to online (GH-615) * nghttpx: Implement client IP based session affinity * nghttpx: Add --api-max-request-body option to set maximum API request body size * nghttpx: Add api parameter to --frontend option to mark API endpoint * h2load: Add content-length header field for HTTP/2 and SPDY as well * h2load: Implement HTTP/1 upload (GH-611)- Update to 1.11.1 * lib: Add nghttp2_hd_inflate_hd2() and deprecate nghttp2_hd_inflate_hd() * lib: Avoid 0-length DATA if NGHTTP2_DATA_FLAG_NO_END_STREAM is set * lib: Fix bug that PING flags are ignored in nghttp2_submit_ping * integration: Workaround runtime error: cgo argument has Go pointer to Go pointer * nghttp: Eliminate zero length DATA frame at the end if possible * nghttpd: Set content-length in status response * nghttpx: Add sni keyword to --backend option * nghttpx: Allow mixed protocol and TLS settings among backends under same pattern * nghttpx: Don't add 0-length DATA when response HEADERS bears END_STREAM flag * nghttpx: Don't add chunked encoded response body for HEAD request * nghttpx: Don't use CN if we have dNSName or iPAddress field * nghttpx: Just call execv instead of execve to pass environ * nghttpx: Make SETTINGS timeout value configurable * nghttpx: Save PID file after it is ready to accept connections * nghttpx: Treat backend failure if SETTINGS is not received within timeout * nghttpx: Wait for SETTINGS ACK to make sure that backend h2 server is alive- Update to 1.10.0 * Pass unknown SETTINGS values to nghttp2_on_frame_recv_callback * Add ALTSVC frame support * Run error callback when peer does not send initial SETTINGS frame * Update http-parser * Update sphinx_rtd_theme * nghttp: add an --expect-continue option * nghttpx: Fix downstream connect callback called early * nghttpx: Truncate too long -b option signature * nghttpx: Fix bug that server push from mruby script did not work * nghttpx: Try next HTTP/1 backend address when connection cannot be made * nghttpx: Retry next HTTP/2 backend address when connection cannot be made * nghttpx: Enable link header field based push for non-final response * nghttpx: Detect online/offline state of backend servers * nghttpx: Better load balancing between backend HTTP/2 servers * nghttpx: Fix crash with backend failure- Update to 1.9.2 * nghttpx: Fix crash with backend failure * nghttpx: Better distribute load to backend h2 servers * nghttpx: Fix error messages on deprecated mode * nghttpx: Fix bug that logger wrote string which was not NULL-terminated * nghttpx: Fix bug that proxy with HTTP/1.1 CONNECT did not work- Update to 1.9.1 * nghttpx: Fix bug that backend tls keyword did not work with -s option * nghttpx: Fix handing stream after connection check was failed - Changes for 1.9.0 * lib: Add nghttp2_error_callback to tell application human readable error message * lib: Reference counted HPACK name/value pair, adding * nghttp2_on_header_callback2 * lib: Add nghttp2_option_set_no_auto_ping_ack() option * lib: Add nghttp2_http2_strerror() to return HTTP/2 error code string * build: Makefile.msvc enhancements (Patch from Jan-E) * build: Lower libev version requirement (Patch from Peter Wu) * build: cmake build support (Patch from Peter Wu) * asio: Fix bug that server event loop breaks with exception * integration: Disable tests that sometimes break randomly on travis * integration: do not use recursive target (Patch from Peter Wu) * h2load: Fix bug that it did not try to connect to server again * h2load: Fix bug that initial max concurrent streams was too large * nghttpx: Memcached connection encryption with tls keyword * nghttpx: Enable/disable TLS per frontend address * nghttpx: Configure TLS per backend routing pattern * nghttpx: Workaround for Ubuntu 15.04 which does not value-initialize on std::make_shared. * nghttpx: Add --error-page option to set custom error pages * nghttpx: Add wildcard host routing * nghttpx: Change read timeout reset timing * nghttpx: Don't push if Link header field includes nopush * nghttpx: Deprecate backend-http1-connections-per-host in favor of backend-connections-per-host * nghttpx: Restructure mode settings, removing --http2-bridge, - -client, and --client-proxy options * nghttpx: Deprecate backend-http1-connections-per-frontend in favor of backend-connections-per-frontend * nghttpx: Don't share session which is already in draining state * nghttpx: Effectively disable backend HTTP/2 connection flow control * nghttpx: Add --frontend-http2-max-concurrent-streams and - -backend-http2-max-concurrent-streams, and deprecate - -http2-max-concurrent-streams option * nghttpx: Deprecate --backend-http2-connections-per-worker option * nghttpx: Share TLS session cache between HTTP/2 and HTTP/1 backend * nghttpx: Rewrite backend HTTP/2 connection coalesce strategy- Update to 1.8.0 * Add Architecture documents (work in progress) * List all contributors in AUTHORS * doc: fix out-of-tree doc builds (Patch from Peter Wu) * Wrap AM_PATH_XML2 by m4_ifdef to handle the case when _PATH_XML2 is not found * Fix configure script for non-gcc, clang build * Document compiling apps and include h2load in configure (Patch from David Beitey) * Don't check for dlopen/libdl on *BSD (Patch from Bernard Spil) * Don't taint CXXFLAGS from AX_CXX_COMPILE_STDCXX_11 * Fixing Windows Makefile version detection (Patch from Reza Tavakoli) * lib: Tokenize extra HTTP header fields * lib: Fix typo in HAVE_CONFIG_H name (Patch from Peter Wu) * lib: Add HTTP/2 extension framework to send and receive non-critical frames * tests: remove unused macros (Patch from Peter Wu) * src: Update default cipher list * src: Fix compile error with gcc-6 which enables C++14 by default * asio: client: Fix connect timeout does not work, return from cb if session stopped, removing client::session::connect_timeout() functon * nghttpd: Start SETTINGS timer after it is written to output buffer * nghttpd: Add trailer header field to status responses * nghttpd: Add -w and -W options to change window size * nghttpx: Worker wide blocker which is used when socket(2) is failed * nghttpx: ConnectBlocker per backend address * nghttpx: Interleave text/html pushed resources with associated resource * nghttpx: Add headers given in add-response-headers for mruby response * nghttpx: Deprecate --backend-ipv4 and --backend-ipv6 in favor of --backend-address-family * nghttpx: Add options to specify address family of memcached connections * nghttpx: Add encryption support for TLS ticket key retrieval * nghttpx: Add TLS support for session cache memcached connection * nghttpx: Refactor blacklisted cipher suite check (Patch from Jay Satiro) * nghttpx: Add TLS support for HTTP/1 backend * nghttpx: Add request-header-field-buffer and max-request-header-fields options, deprecating header-field-buffer and max-header-fields options. * nghttpx: Add --no-http2-cipher-black-list to allow black listed cipher suite * nghttpx: Limit header fields from backend * nghttpx: Fix bug that IPv6 address in Forwarded "for" is not quoted-string * nghttpx: Support multiple frontend addresses * integration-tests: support out-of-tree tests (Patch from Peter Wu) * examples: fix compile warnings (Patch from Peter Wu) - Drop upstreamed nghttp2-c++14.patch- Update to 1.7.1 * Fix CVE-2016-1544 (boo#966514)- Add nghttp2-c++14.patch to properly guard make_unique templates. [bsc#964140]- Update to 1.7.0 * Reset (RST_STREAM) stream if flow control window gets overflow * Validate :authroity, host, and :scheme value more strictly * Check request/response submission error based side of session * Strict outgoing idle stream detection * Return error from nghttp2_submit_{headers,request} when self dependency is made * Add -ldl to APPLDFLAGS for static openssl linking * asio: Stop acceptor on server::http2::stop * asio: Rename http2::get_io_services() as http2::io_services() * h2load: Support UNIX domain socket * h2load: Improve readability of traffic numbers * h2load: Remove "auto" for -m option * h2load: Show progress in rate mode * h2load: Perform sampling for request and connection timings to reduce memory consumption * nghttpd: Add --no-content-length option to omit content-length in response * nghttpx: Interleave pushed streams with the associated stream if pushed streams are javascript and CSS resources * nghttpx: The initial value of request/response buffer is increased to 128K * nghttpx: Fix bug that --listener-disable-timeout option is not used * nghttpx: Don't emit :authority if request does not contain authority information * nghttpx: Add clarification of quotes in configuration file * nghttpx: Don't allow certain characters in host and :scheme header field * nghttpx: Add RFC 7239 Forwarded header field support * nghttpx: Fix crash when running on IPv6 only (Patch from Vernon Tang) * nghttpx: Take into account of trailers when applying max_header_fields * nghttpx: Don't apply max_header_fields and header_field_buffer limit to response * nghttpx: Strict validation for header fields given in configuration * nghttpx: header value should not be lower-cased (Patch from ayanamist)- fixed typo in libnghttp2_asio1 [bsc#962914]- Update to 1.6.0 * Fix heap-use-after-free bug when handling idle streams * Strict error handling for frames which are not allowed after closed (remote) * Set max number of outgoing concurrent streams to 100 by default * Keep incoming streams only at server side * Create stream object for pushed resource during nghttp2_submit_push_promise() * Add nghttp2_session_create_idle_stream() API * Handle response in nghttp2_on_begin_frame_callback * Add --lib-only configure option * Compile with OpenSSL 1.1.0-pre1 * Fix build when OpenSSL 1.0.2 is not available (patch from Sunpoet Po-Chuan Hsieh) * asio: Add connect and read timeout to client API * asio: Add TLS handshake and read timeout to server API * asio: Added access to a requests remote endpoint (patch from Andreas Pohl) * asio: libnghttp2_asio: Added io_service accessors (patch from Andreas Pohl) * h2load: Add req/s min, max, mean and sd for clients * h2load: Fix broken connection times- Update to 1.5.0 * Fix bug that nghttp2_session_find_stream(session, 0) returned NULL * Add nghttp2_session_change_stream_priority() to change stream priority without sending PRIORITY frame * Add nghttp2_session_check_server_session() API * Consider to use CANCEL error code when closing streams with GOAWAY * Don't send push response if GOAWAY has been received * Use error code CANCEL to reset pushed reserved stream from remote * Add nghttp2_session_upgrade2(), deprecate nghttp2_session_upgrade() * Workaround HTTP upgrade with HEAD request in nghttp2_session_upgrade() * Introduce NGHTTP2_NV_FLAG_NO_COPY_NAME and NGHTTP2_NV_FLAG_NO_COPY_VALUE * Add nghttp2_session_check_request_allowed() API function * Switch to clang-format-3.6 * Update mruby to 1.2.0 * tests: fix broken linkage with --disable-static (Patch from Kamil Dudka) * python: Send RST_STREAM if remote side is not closed and response finished * asio: client: call on_error when connection is dropped * asio: ALPN support * h2load: Add --h1 option to force http/1.1 for both http and https URI * h2load: Fix crash when dealing with "connection: close" form HTTP/1.1 server * h2load: h2load goes into infinite loop when timing script file starts with 0.0 in first line (Patch from Kit Chan) * h2load: Override user-agent with -H option * h2load: Print "space savings" to measure header compression efficiency * h2load: Stream error should be counted toward errored * h2load: Show application protocol with OpenSSL < 1.0.2 * nghttpx: Don't send RST_STREAM to h2 backend if backend is disconnected state * nghttpx: Support server push from HTTP/2 backend * nghttpx: Fix bug that causes connection failure with backend proxy URI * nghttpx: Use --backend-tls-sni-field to verify certificate hostname * nghttpx: Log :authority as $http_host if available * nghttpd: Fix crash with CONNECT request * nghttpd: Defered eviction of cached fd using timer * nghttpd: Read /etc/mime.types to set content-type header field * nghttp: Record request method to output it in har correctly * nghttp: Use method given in -H with ":method" in HTTP Upgrade - Drop nghttp2-1.4.0-fix-tests.patch (now in upstream)- Enable spdy and more example applications- Update to 1.4.0: * lib: Don't always expect dynamic table size update. * lib: Shrink to the minimum table size seen in local SETTINGS. * lib: Add new error code NGHTTP2_ERR_PAUSE to send_data_callback. * lib: Avoid excessive WINDOW_UPDATE queuing. * lib: Return fatal error if flooding is detected to close session immediately. * lib: Return type of nghttp2_submit_trailer is int. * lib: Don't send WINDOW_UPDATE with 0 increment. * lib: Fix bug that headers in CONTINUATION were ignored after HEADERS with padding. * package: Use -fvisibility=hidden for internal functions. * package: Show more information in configure summary. * package: Add PIDFile directive to systemd service. * package: Fix daemon upgrade when running under systemd. * app: Compile with BoringSSL. * nghttp: Allow multiple -c option occurrence, and take min and last value. * nghttpd: Fix leak when server failed to listen to given port. * nghttpx: Add TLS dynamic record size behaviour command line options. * nghttpx: Reduce default timeouts for read sockets to 1m. * nghttpx: Fix bug that PUT is replaced with POST. * nghttpx: Change mruby script handling. * nghttpx: Added support for RFC 7413 (TCP Fast Open) on nghttpx proxy listening connections. * nghttpx: Add neverbleed support. * h2load: Don't DOS our server! * h2load: Use duration syntax for timeouts. * h2load: Support subsecond rate period. * h2load: Simplify rate mode. * h2load: Add option for user-definable rate period. * h2load: Reuse SSL/TLS session. * h2load: Reconnect server on connection: close. * h2load: Don't exit in the case of no ALPN protocol overlap. * integration: Update go's http2 package URI. - Add missing baselibs.conf. - Add nghttp2-1.4.0-fix-tests.patch from commit 4825009. - Small spec cleanup.- Update to 1.3.4 * Make traditional init script fail if new config file is broken (Patch from Janusz Dziemidowicz) * nghttpx-logrotate: Don't use killall since we have multiple processes * nghttpx: Fix improper signal handling - Changes for 1.3.3 * Fix bug in padding handling of DATA frame * Use hash table for dynamic table lookup * More warning flags for --enable-werror * Update mruby * h2load: HTTP/1.1 support (Patch from Lucas Pardue) * nghttpx: Do not try to set TCP_NODELAY when frontend is an UNIX socket (Patch from Janusz Dziemidowicz) * nghttpx: Chown UNIX domain socket to user specified as --user * nghttpx: Split monolithic one process into control and worker processes * nghttpx: Handle SSL/TLS data following PROXY protocol line - Changes for 1.3.2 * Check header block limit after new stream is opened * nghttp: Show error if HEADERS frame cannot be sent for whatever reason * nghttpx: Fix assertion failure on TLS handshake * nghttpx: Add x-http2-push header field for pushed resource * nghttpx: Fix compile error with --disable-threads- Update to 1.3.1 * Avoid usage of typeof and replace __builtin_offsetof with offsetof * Honor stream->weight even if stream->last_writelen is 0 * Compile third-party libraries if hpack-tools is enabled * nghttpx-init: Start nghttpx with --daemon * Bundle sphinxcontrib.rubydomain https://bitbucket.org/birkenfeld/sphinx-contrib/src/default/rubydomain/ * Bundle mruby * h2load: Record TTFB on first byte of response body, rather than first socket read * h2load: Improve checking for timing script input, prevent false positive in certain situations * nghttpx: Implement PROXY protocol version 1 (--accept-proxy-protocol option) * nghttpx: Allow link header server push for HTTP/2 backend as well * nghttpx: Don't initiate push if client disabled push * nghttpx: Allow absolute URI in Link header field for push * nghttpx: Fix crash with multi workers and QUIT signal * nghttpx: Add mruby support which is disabled by default (use --with-mruby configure option to enable it) * nghttpx: Drop connection before TLS finish if h2 requirement is not fulfilled - Fix typo in previous changelog entry- Update to 1.3.1 * Limit the number of incoming reserved (remote) streams * Add stream public API * Rewrite priority tree handling * Fix parallel make distcheck * Define it and itprep recursive target if AM_EXTRA_RECURSIVE_TARGETS is defined * fetch-ocsp-response: Handle spurious openssl exist status 0 * nghttpx: Use nghttp2::ssl::DEFAULT_CIPHER_LIST for backend TLS connection * nghttpx: Don't allow blacked listed cipher suites for HTTP/2 connection * nghttpx: better handle /dev/stderr and /dev/stdout (Patch from Tomasz Buchert) * nghttpd: GOAWAY if SSL/TLS requirements for HTTP/2 are not met * nghttpd: Return date header field for 304 * nghttpd: Support HEAD request * h2load: Add Timing-script and base URI support (Patch from Lucas Pardue) * h2load: Add timeout options (Patch from Nora) - Fix typo in changelog- Update to 1.2.1 * doc: Reword the HPACK tutorial (Patch from Tom Harwood) * nghttpx: Fix stability issues * h2load: Fix crash if -r > -n- Update to 1.2.0 * Fix crash if response or data is submitted to closing stream * Header table size UINT32_MAX must be accepted * Use PROTOCOL_ERROR against DATA sent to idle stream * Allow multiple in-flight SETTINGS * Strictly check occurrence of dynamic table size update * Fix configure warning that 'missing' is missing or too old * Fix rm: cannot remove ‘*.rst’: No such file or directory when "make clean" (Patch from Alexis La Goutte) * doc: Reword some of the server and client tutorial (Patch from Tom Harwood) * src: Remove monotonic_clock replacement macro for gcc-4.6 * nghttpx: Add TLS ticket key sharing among nghttpx instances using memcached * nghttpx: Add shared session cache using memcached * nghttpx: Set SSL/TLS session timeout to 12 hours * nghttpx: Enable session resumption on HTTP/2 backend * nghttpx: Don't rewrite host header field by default * nghttpx: Generate new ticket key every 1hr and its life time is now 12hrs * nghttpx: Don't reuse backend connection if it is not clean * nghttpx: Add AES-256-CBC encryption for TLS session ticket * nghttpd: Fix the bug that 304 response has non-empty body * h2load: Add -r and -C options to h2load (Patch from Nora Shoemaker) - Changes for 1.1.2 * Fix linker error with libnghttp2_asio * Allow custom installation location for Python bindings - Drop no longer needed missing_nghttp2_timegm.patch- Update to 1.1.1 * nghttpx: Fix various stability issues and memory leak bug - Changes for 1.1.0 * Fix DATA is not consumed if nghttp2_http_on_data_chunk failed * nghttp2_submit_response and nghttp2_submit_headers may return * NGHTTP2_ERR_DATA_EXIST * msvc build fixes and enchantments (Patch from Gabi Davar) * Compile with IRIX gcc-4.7 (Patch from Klaus Ziegler) * nghttp: Add --max-concurrent-streams option * nghttp: Add comment on HAR on pushed objects (Patch from acesso) * nghttpx: Add --include option to read additional configuration from given file * nghttpx: Add backend routing based on request host and path by extending -b option * nghttpx: Allow log variable to be enclosed by curly braces for disambiguation * nghttpx: Add log variables related to SSL/TLS connection * h2load: Add --ciphers option - Add patches * missing_nghttp2_timegm.patch to fix building of asio library * nghttp2-remove-python-build.patch to fix python bindings installation when autotools are used- Update to 1.0.5 * Add STREAM_DEP_DEBUG macro switch to enable runtime validation of depedency tree * Fix another bug in priority handling; sibling's item is not queued when ancestor's item is detached * nghttpx: Fix crash with --http2-bridge and both frontend and backend TLS- Update to 1.0.4 * Fix assertion failure in stream_update_dep_on_detach_item (GH-264) - Changes for 1.0.3 * Fix bug that idle self-depending PRIORITY is not handled gracefully * Optimize dependency based priority code to Firefox style tree * enable third-party for asio_lib too (Patch from Mike Frysinger) * fetch-ocsp-response: Support LibreSSL, and include port in ocsp_host * src: Support compile with LibreSSL * nghttpx: Fix bug that x-forwarded-proto header field does not reflect frontend scheme on HTTP/2 backend * nghttpx: Validate :path on SPDY frontend- Update to 1.0.2 * Fix bug that data are not consumed for connection in race condition (GH-253) * Define NGHTTP2_EXTERN to __declspec(dllimport) when using nghttp2 for Windows build * Translate fetch-ocsp-response into Python * libevent-client: Fix bug that path is broken if URI does not contain path part * python: Call on_close callback when connection is lost for server session * python: Expose client certificate, if available (Patch from Fabian Wiesel) * python: Catch and log failure to set TCP_NODELAY (Patch from Fabian Wiesel) * nghttpx: Add --add-request-header option * nghttpx: Make WebSocket upgrade work * nghttpx: Fix bug that END_STREAM is not set in backend for POST with Upgrade * nghttpx: Don't send "Expect" header field twice- Update to 1.0.1 * Include stdint.h instead of inttypes.h when compiled with MSVC < 2013 * Fix invalid memory free on out-of-memory handling * integration: Use our own copy of golang spdy package * android: Don't link zlib bundled with android NDK * Dockerfile.android: Update NDK ver, and ubuntu; build and link zlib * src, examples: Fix up OpenSSL initialization * nghttpx: Allow HTTP Upgrade from POST request if response header has not been sent to the client * nghttpx: Fix bug that PUSH_PROMISE is sent after associated response HEADERS * nghttpd: Close connection after settings timeout and GOAWAY was sent * h2load: Fix bug that NPN fails if ALPN is enabled- Update to 1.0.0 * v1.0.0 introduced backward incompatible changes from 0.7 series. Read https://nghttp2.org/documentation/package_README.html#migration-from-v0-7-15-or-earlier to migrate from older version to this latest version. - Changes for 0.7.15 * Hopefully, this is the last release for 0.7.x series. Development continues in 1.x series. * Access violation in buffers (GH-232) (Patch from Etienne Cimon) * Retry finding jemalloc lib by je_malloc_stats_print (GH-233) * inflatehd: Fix crash if 'wire' value is not string (GH-235) * nghttpx: Revert 585af93 to fix crash with TLS (GH-234) * nghttpd: Add --echo-upload option to send back request body- Update to 0.7.14 * Fix global-buffer-overflow in HPACK code * Fix doc for nghttp2_select_next_protocol * Fix bug that promised stream was not reset on decompression error * Add systemd and upstart configuration file for nghttpx (Patch from Zhuoyun Wei) * Improve nghttpx logrotate configuration file (Patch from Zhuoyun Wei) * Update sphinx_rtd_theme * h2load: Update h2load to give connect time and ttfb stats (Patch from ericcarlschwartz) * nghttpd: Add -m, --max-concurrent-streams option * nghttpx: Log absolute URI for HTTP/2 or client proxy request * nghttpx: Add --header-field-buffer and --max-header-fields options * nghttp: Fix assertion error if very large value is given to -t- Update to 0.7.13 * Fix bug that promised stream was not reset by returning NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE from nghttp2_on_header_callback. Instead, associated stream was reset. * Allow NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE from nghttp2_on_begin_headers_callback * h2load: Effectively disable flow control by setting large window size * asio: Graceful shutdown and joinable server (Patch from Xiaoguang Sun)- Update to 0.7.12 * Fix bug that nghttp2_session_set_next_stream_id accepts invalid stream_id * HPACK: Rewrite static header table handling * HPACK: Never index authorization and small cookie header field * Don't install libnghttp2_asio headers if they are disabled * doc: Specify program directive so that hyperlink to option is correctly pointed to the intended location * asio: client: Call error_cb on error occurred in do_read and do_write (Fixes GH-207) * nghttp: Add --no-push option to disable server push * nghttp: Show stream ID in statistics output * nghttp: Remove --dep-idle option * nghttp: Use same priority anchor nodes as Firefox does * nghttpx: Don't push resource if link header has non empty loadpolicy * nghttpx: Add logging for somewhat important events (logs, tickets, and ocsp) * nghttpx: Set Downstream to stream user data on HTTP Upgrade to h2- Update to 0.7.11 * nghttpx: Fix waitpid race condition in ocsp response update * nghttp: Consider user-provided :authority header field for SNI as well as host header field - Changes for 0.7.10 * Make sure that nghttp2 license is MIT license * Add nghttp2_session_consume_{connection,stream} to consume bytes independent * Add nghttp2_send_data_callback to send DATA payload without copying "static inline" fix for build with VS2013 (Patch from Remo E) * Update lib/Makefile.msvc (Patch from Remo E) * Remove dependency on libws2_32 on Windows build * Define NGHTTP2_EXTERN macro to export function for Windows build * doc: Generate API doc per function * python: Add async body generation support * python: Fix pseudo-header field ordering bug * nghttpx: Redirect stderr to errorlog file * nghttpx: Fix bug that data buffered in SSL object are not read * nghttpx: Remove --tls-ctx-per-worker option * nghttpx: Add OCSP stapling feature- Enable python bindings - Update to 0.7.9 * Implements h2-14 protocol (http://tools.ietf.org/html/draft-ietf-httpbis-http2-14) * Implements HPACK 09 (http://tools.ietf.org/html/draft-ietf-httpbis-header-compression-09) * h2load: Fix crash if -t > -c * h2load: Add -d option to upload data to server * nghttpx: Forward only "trailers" keyword in te when forwarding HTTP/2 backend * nghttpx: Fix PUSH_PROMISE header field corruption [GH-194] * nghttpx: Fix te header field is duplicated when forwarding HTTP/2 backend * nghttp, nghttpd: Add --hexdump option to hexdump incoming traffic. * examples: Place AM_CPPFLAGS first to use in-package header files first [GH-192] - Changes for 0.7.8 * Implements h2-14 protocol (http://tools.ietf.org/html/draft-ietf-httpbis-http2-14) * Implements HPACK 09 (http://tools.ietf.org/html/draft-ietf-httpbis-header-compression-09) * Validate :path header field for http or https URI scheme * NULL-terminate header field name and value presented by callback * README.rst: Cleaned up the grammar a bit (Patch from Ross Smith II) * h2load: fix for segfault by reserving correct worker count (Patch from Stefan Eissing)- Avoid shipping documentation redundantly. Set RPM groups.- Fix rpm group- Update to 0.7.5 * Implements h2-14 protocol (http://tools.ietf.org/html/draft-ietf-httpbis-http2-14) * Implements HPACK 09 (http://tools.ietf.org/html/draft-ietf-httpbis-header-compression-09) * Validate HTTP semantics by default * Add nghttp2_option_set_no_http_messaging() API function * Update http-parser * nghttp, nghttpd, nghttpx: Use "sensitive" to indicate "never indexed" header field * nghttp, nghttpd, nghttpx, h2load: Select/announce h2 in ALPN/NPN * nghttp: Fix unaligned field output in --stat * nghttp: Fix -H does not work with -u upgrade request * nghttp: Update resource timing terminology according to Resource Timing TR * nghttpd: Add -a option which takes an address parameter that allows nghttpd to bind to a non-default address. Patch from Brian Card * nghttpx: Use omit minor version in case of HTTP/2 in via header and access log * nghttpx: Support UNIX domain socket on both frontend and backend * nghttpx: Fix crash in http/1 backend when backend returns more bytes than CL * nghttpx: Cast configuration value to rlim_t to avoid compile error on 32bit * nghttpx: Fix 1 second delay in HTTP/2 backend connection * nghttpx: Fix request re-submission bug in HTTP/2 backend * asio-sv2: Fix compile error with OS X- Initial packaging of 0.7.4/bin/sh1.40.0-lp152.2.6.11.40.0-lp152.2.6.1libnghttp2.so.14libnghttp2.so.14.19.0/usr/lib/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:15975/openSUSE_Leap_15.2_Update/92881e26f3dd4fa74f37668bef02eec5-nghttp2.openSUSE_Leap_15.2_Updatecpioxz5x86_64-suse-linuxELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=bec8629e39704ad0dc20a392ce46dc71ca84971d, strippedPRRRRRutf-8d303143609c935918be1006b38f29caefa4de4a0a305b1249cb5116a54161492? 7zXZ !t/∥] cr$x#DeE}:xk#$w5׾CÚ 1QfmhVST=w<~!Wt^ПoC+ :&17\zԛa0&oi(uPYBskwJ  EB2adw{B%H^Z(zUs&CרU̪'r{[CΑdl#R,/RC- kڸXRלOܲ@vd3>1rbz-pMs s\uKX &C| 7@\MD൷ZLE2{V"?û{{'܊v^r'0:nS:neD!]֟WR>lVy+$*VڢA Ϥ=Ven_O{_f}:=.~-_c{IëvmS׫X@@cY >4؀.Sc.D;^wk_X*<ճ=mQC}@f;;fB9|z0mvj"'`K , ^,T=31v[,EG;1yd>v3_\{aZ Du9%-LyQLG1%_" |eeWBYX#эlA3/:W$LJ 95fL?[z`ʥ~h\zD3Jbwϱ A]ZMnQtIqtfO3Nut~.L03 'k;vIm:p/B ,XJ3,/kr/g?Jًt/| fQ6ґ6?sSLDަ܋jԪvJP|J'/!i̟W=hd>+iSc̵&Gҙœ%ӽ*Y~kWR˱yXS q 5% Y"Gg6> H.vQV Z\ ‰ e?!~Lޅ;VAB+x+ rr@h=< $gteHsEy\ꐼaWk/& t.׍$D͐^w4S=Q16+?-OO"xtq/-x'k "vTOaͲ)g}D;reČGnGe&5(wY``YvHN<|J,u7gySO(8ǔ{=.~JҔMCuqg_ɽgteu/qO-'gP"~5"vw򔀑vyf@V6 ߙI*bc6j**'xU;/2!Ϭb}A$ku nb_Q KVub~3^!_zI~yTOc>mp(PFw|󌰚ʭ2 2̑D GN~Z dl:mlٛ:`se.DJjb'(*G1$ T ~:D{NZy\frfB_/K7+gO-䣀8ݭgu(i!v#{ E7M̀2sVpy\_xS§/ 2蕼Fͦ9*]+[}|qiQS*qYiNQ#hvKFP2z5 %ߞO2RE jGb7c V¾#GjIka"NwlJ6[[fb~l֊W֛Q\qB P&'ˮʋKV!=|_4FcXf6.P=\ :_L|sYO$,M$Gb౳y@{r,#%&M"uDꪬm\Ib-T\h5in Ó+ s~< y+3PE ->1U Ec!4ÖvKSBj_cїze C񫣓uS(_ _UYNL[P98\q:ݜ i"V ̽5HwR%~A"l!bf P" I0BW[6?7e"(?z/Ը:Úon$ X . Vԕɨn}ҭʘD+ȅnW4 p`"8.}.П.Ev^2'nz贜ґ$=U?Mpܒ&4O&<-"Aӓ'w;AM9 zo9`F,pe]~'?[i (bCa,TSpB*Qپ0#^PN>%b@Fl~cp?ͯ6:vdђ:GK&ցdWȾطE%KYk )/:~FFu9,ECcʋ,^GP?bSzf-kDO)) L/K6q߾/BRXΑz@7ْ Wdo~iRY`wY'8^ЄCL9N;ygFDya ? mMٿiHԆ5msGB(Hog5je .ǽ#\w4Ծ`nJ}z34K|:(MNRhˤOE4`:ӣ/cΗ_I1ؒL,d>j QVڿwN#{P:9+U2r˔RLT0,$(O=j̚STarlI \ھe@`JBh9N~2 <:rbGp` y͍J֣dD ,lӳ_֪ 'ޤ}U`z1 tC,噇N;O?.,@f Vy4k|eHTs-\ sx.u U7҉Y6Uh k{etqz'Mp!^8/D`㛮Yy>r'ΟhyqiuKMTɵ{ES GoT[4"7ٴI/fN,ϟLl3kǹ{Xgv{ Nz [6Z2̞QIE!0\ˎP *{|@>ά ࠹b97J~ ,3m7%s&M Vtϑҽ؇ܻ\ӂ=3FʋReřj0Kx Ϊro̡A L kt-cA}KȢYY1}4$e8i0y܊|yJ/]7FgGPNm`7P7S7xY<m;A+nUA_/,I2QߐA;b c#ԉ"@<'$*YTɜ+/2vf?wB.i04oSb`97 v. W`{}PSm/$M܃`eByRܿzGn} 8<`z7Q{ ?ԏp[uRh0\V WLFS8 lTtJ%+Bo~QVƪ2 5=ğuqRih%٬0PJiljz줵Gw83wGK|%|= cS-TU5"&s..5I_#N$L3ϻlw:`̧ w>cyÓqWHC+D(Ls^æLO>m.N,;"CylE% [( TtG<stZX"UN],qgsjTSi2 6jK/ȔczQww|`:)$W|Z_Bm \Lq/R3˦ΆmFa;ukE;|'ݩ٬TsÛ3A:us'{Cuϙ jb-գi%(-;=e?TmQ)7֬ \lF|l0\WEXgonI~92ͅAo= 8G܈f;܎Kj.wԿ`a&Z\q7'7|r6Td_R36Õ6qm"\Ŗ'pRy3Iv $ZUə2߾+6As@HU󧌄]1N* @%5a3)]LG*ՑSJXW:U2MDW!{QrۉF(n㲱cqՑO@]#\L;8:A$v*8`ax]L$$~<DA,8B?1lD*Zs$8 `8KOD1l/xMA &]-n 4'gla-&mp}fW̰W=P'*NҤBm%5n^|l.5R"{kT:2w񻔓.9Qq̃jdaԝbDj?ƎI U~ǥ)1k4qKԃnn3.NaY%,p^HuD|NT[>FOh%Ara ޒg¥(QL*t]@NjxSE[F̿L}9u+Mj S>m/sy~.?JA* ҹ! K4T|Ha]Pч4cAru!_\- 4*OcdEV&XQZ=1(KPR yn?Bv(7:P)夀 0dBd ]YX*[ l2;9*\O*op*4G(b&x/7ӾK$[a6F# BnΔ 亮hٵk[ﴵRyt8Ӕ a:S!#4sd ثw˙3ͯuB0j}>ј!%7E[3cp8ͿK!oqgs>st$ʱPv>];KT SKĸ:OŽlvv'pi'ٖ9Yqخ!Ո(E"~ۥ30ō(w4t ɅMwQjkڍzbpXP]ms’ Pr,GH(QDlױӲ%w޲/CRj)/G [+(y_B]}/rϟ8\,ɩ'ń #[?S)'eKoc #(]Gx\ƀpkvP~mצJk)4'3aō,\mij*i#$gYʊ}ߚaӲ8t}HdŊ h>6X(w|k ʏU8=]R{qLȪ/4RIPqH0T=W*#WӠ)t2&[(`QdnB0:WV25yjM)Iihtɗ]*J޺ua;۶X^Ĕaݞ=Pa: ZbR1sR[P``nƔE 7ttz5L𗲤|֏Ü,Q z)z;@ 7 # Eâ94s rnyp J:H RK'_"۹5Oh*C;} :*~-Ж[~o^QsOnh qGÏ)V]mA\fq1~'z?Dʥ%EΕem 3v.$\EU<55fwJ}cdS#0+6ͽ 7pi囃 cp*yj sk`7Q&\ 5J14̠gmw4䤭 ~.T"F0V*X'F3$bᢢ'ҝ8 ĩJ!co\+Cӈ 9W =@?pF=CQPDUTĹ;z#}ѯS@M$]X ?v#K>V>汼E0 <%皪~Ք m#Ix#x~45trJSLN4~15T@jCw t#OݓtoikT:HRQRD.SmE}D/6]YQ NlvFs Xt[SVhVV{P),$! ɘwb3V<$bI6 $1/K#tۛLڒH%(|h!9b , 0I\l/R\QdOFw'>UpSR-wf6PA1q?tJJ=$+RSO5fFF7`e̢% 4]{"Eگ:ϼp=O 3w8ΓjV|jO7i94Hu" gR{68v柩ŦoJ+kal7c(\lz,)&g\x`E0߉H wqrB9cN{R_2<0PNT7A+M.G$P 17p>[wѵa&ևP?ZPM#S1A.>͉S:ME?ga=\^$:&~`Rw9X~\?'ʳ_jK=[\4kh="qm."ol v$:yM@Rw4m{sS"s4j 1Q*vp郇w((O;ۗQ9ې&Zd"@{jiA4za@ɑwu6ZȩnkWx}vD"43Af6d.#X0B $ꥪ>ͤUѸflAv6L~Wc~b:$3mʹ|!hXQ)q"zN>E}PW9QaG|Txg"_:A>%f y }gҦTodfˬȬ&"3ȫ(i9m76,seyښAI ec!fdrHyp7'h D-˺/evܐ4Х0avyw p=:KhW?D+2֊8+9Oa//iڜ "öF)b J hR0xPRW w*t d暟 .iƜPe;~HTOtPi?؀@>{u$fG3kA2>oxӨpIH2=Aپ2Ńk\QF̹Y̊=WSMx%h$Lƨ*}W3g'x-W M$(wkGdWG0 >~mU<MZ"2< v2) ū73~TUn~aߕߠLɺ, e/IC1[>IJZ1&wYb!0d^fΫab}c݋b ?8p@ ~Khē^HoIJ#ʽj$FI# h<8dsO#`/`Ϸ@5ĸ]M݂(9K -+ U5(ɬ0O36+3gi|YY`w~T؈P8"܄Î*8LNB{¼m!+FX?(g\;fQHa6~<{Y_g0kwi}u800l6Rv@E|MOL`%MfQԠJBհ"I)dѷqذ?e: 58'.mwdkYohӻ*P|K >iD31ʔ]@==+]y#}l:a1~Oh|&Ln7'Fy pI9 ^< vEWV)~|W·C)袋.iStJיb )#Cޙ/XUʣtvf4t\MLˢec@Fph2$*)VoĒOa~S~0 /Fs}ܬ/=#O*ґu{sL-$)$4 s ( X am\༓7"d @ "c<:>u BA k] &aa\t7x;;R_$ʡ[FrU*GmPG+XI`0 6ytMQYQ}g'ѧ+#y&cs\G:^%r̜fiyŪPY3dziwE%aJ묢ԲKD\IKl06ZƇKEsfHKixzQjN3޶(3`[—~V$[$a ¤^IUvp& ̓$ E6 և wJ?aܜo9>\^4w$r+i!g}%^R %(5|%?l6Qʽx@f}=%eFVOh, XBu!#n{rX˖g:`X /\+JE9ŷXsw',1MjY{z+EYSn QB@oj l٩pܑ}Qڀq,f',:Z|#郟!xӨ|+ a$PbK3FT,FrA x)Ո 6$ d{ϼ[7Jd 8{`/J=ym?`G}w"k2\q`dԛ,DZƇzcH&犞y>Z4Z`>&/'dNg˹I0JjrvPzkxMPa2I$(Hv{lӼu ZJbԭ6u*]gqZCʝ5 HaHh²B,y:q7m g 줃0QCkpm¹:|wI֊ɩ?(׬3zo’Jؙ\$Ώ M@oOY~ndW$9r}X#0EKPI ug޸+z)Mо\jw+۲!ňe6^(1-yCW\k_ S0=7B`jZ P _hJkiU,g̈́t?i:דZ5`_A=M4_9uԫW&9?W0gm}om"E6N&GKHDXI0[.9QdǬ,M@=U{%qS+13V4O¿{i̔xPv9ĺgǼˉFy1rxk^l=Հkt;Uj#zOM"Tajiw j>AiP$7IH+h ԕ\I*B)޺L3|+pR'>l2l`L:_xb"UP[*.Qݗ><#{D)?a\I.nx!X%zBepC6K4bL(`|"LR]5.1m܈CoTJc4zJLI.ම/mYImqU>DѿD(OWu蘲j?veoϵ6p%CX]憭`ךPZs=k0/jMT*f b5oW}m%`gX0>?H'> V,Efzy Ţm1׋0UiWKqR 8+/e3pF8~IN|Aȷ}ICwHQAҡRF,b^J {\2(ʅYMT*I$@™$Fo}]yw'ۏ~݆Ih,aإVrOUvM[ӭFHʪ=ѮHsFp D"ߧ㦑|A;YT̨$l|n'0a46I܁/V"|%bdE\y)Gka7H N)T9 H~:nh5wPJOa:j a3==IHqahQZOl{ K5ܩ`˪S'+aF'4rnr}LYc=wd*IL_%'} 4=bRdզ+[X)4O(Z;YW#j E^$M4gXEك;̵*aq?nї(y׊T`*Xp1T'[;$Xay=Ts kD-SZXJ*) ,] &E6'Z$ojh(.!]K8z| p3v޵-I Cs92֞e@v쬾i&?U~Ph!tO OȂ;@TB ?9a .J;ֆvJDk^DsM1;wOE3;s%,=g?yQTӉWKV@ǭYC8׸i PG(XDB5~3rN}(i?/)aj&!Oψ9uD[T413`2 錾!DE4[ys,nMͭP{zvMjMy\{1;z+b6OQa,'O6iÒ_./] C\|P:a[[5]D@= @rX}B &jz>&3ϓ`6dXDvP!!E574:1]u/qFYF}sȟ=xY!}hّ?p'1q'y㺟U@Of8b&Mdm݁0Geygj9D(7i n2`pkY}2 QSixR'QdgS$iMPo?آ^zؐL\ê<%seܧ4X;ghg'|Eo)|qy*ĢJ7P\=ȝ u_]a \b9^F.0,g>shb-WlږVG7S~SxXTKXorXGZ1œb 8D=MsexoBmF#p~RnCŜc5ٖ[2U81ξiNPS-ί P?rsHYlaILό"8D=I8 ZUP @Sp,kƆ~(Q BW[f%ło& Ca5JnKDmdݻ< `qVDC2ѭ|w.d@&8n|=Z_!W*<\d[i/Jb#̪B`EOU.Jk><>ȃ4Am+n )R H:d1?e_Q_캬xaa˻`*5_ZPlpg6%!=9M%z]Hc. B<6SLy0VUDsDlxDCaPQsOᡌ4g"zXq4~jq`:A¥XLtm >ALxTt9?7p:2otLgWl ͊w2̙nRJa~~Z((g1>cٶ<ԅG>:7xjmVFފнQڭCSlEsdr}ֹLZsBbzՋǬ5#߈]и}.{pa!be}>}lcQנw踌E(dqD 턔WB4p8ZI(O-*gl]N_\GT܂*K Egpa|&#+bk[?'ĂC ? 98Wu h(4KTYExG]MC`1َ{m$yV|ũcJDC =0x3$ۢ9> !XZ7J7 ,MyS>-J&YF1mHiM•ad Ն9p/AyQnHƳ_[մ^(UP& H/F,I8b&uOgi?_XS9}w?V?w~QM {\)n"qQS=E;ĝumTЁ )o GiaC/iƐB@QNg|-@o$tZzuG%~T =H_m $x٧ 4; Äi{BSX\}x0 WH p yy "x/{ƐC*DZ_F(M~5jKC&0[X.TmT}`=#<&Ң4 Kحrz?ڧKw|턇=LJìКG -kh8`.{)tO}m$flho:B_;{%$m8I"s5(@/*-U0Y~a6b>َ?-'} QMRJOG:.#5+(+8Rnڭ8ʖHC#Ο$EY{5IVftQg6_k V˜gB4gZu2,Q6m.rX^Bn'%DB,x$ z5_-1hs_H^ՁPтK̋9K(GMԅ@L}]7+5GH+G$X;kjڼH]`/BUQgw۪8{%Dp@|we"qnn=aeS+ĉ ݗ+~Gyݜ%웗зoowdlI=EsW:Պ1>ZRUS`*`Gӂ-v|xRpغhxx;hCJ;mgr "h s%5 =RLm*So Bpe1iz՞-֢$#IJ'7ӺRPGKȼkXS?>FwFO?|zb <{{E41}@l|' '%(ZIDEt#N8יKiRI7l]6BSPǷBr/>ZEm( ˳yp_%[Rc@޽Lraʽfee0'4`4i֍XS5jޙi",S 'qs> pv%`?]m47oQ9G1-dN&J{g&`2 wfe¼ю86 O [b{:c=aK%oTB,wFN ok@6E_id\̪˸2֚t3, Ɩ qtJ4N !G B%՟u0UO=.c1F8wvuEQ0`0*2MUX\ t/۶_Н29Vi 8Oی}t;2DDcB?_4s,st5/kZRsb1gŬ48h64 6˒XX)1*= -, *JNtbFQ`7;GT7]PV#Pޱ_/7T/D 6wL'v^1ؤf(gnw"g+;2Q!d*ĀIVz|gYBL2w*[K)j_A[·а#1#!;M4̍j,B}8)vwb_W],94UGܯJV8:zp?!'Ӏ'L=]Ub5)%Hk0-87bκ|XʹD]~XCS079L(Z/*1\Q9VS'XﰎGmY ~>Nڡg3w )P6bCjʔwېs jaيaܸGh=N&uUd)Gt\!WMrk}l]K-~:Mi `Ly!Ak)ؕ%C~BG~ "A1^Cnĭr ˚N3SϪ(a-G}wp]m68'u:_fO}4Gn?{p?RGbvdr`" ّrbtVB! 0^`5ezc{JşWq{b]dڇǓO->%0E{xv;Kf,Q>e)VDW%JX W[2pN=mdHh~ȣ# slev1E{f>`d]}hɈt/T6] < P:ԢƵ0m}Ne L<0_?{1o%}t*G[ӗArXtЪ$1&Y|oqΛ Ԯ:dާ)s/_Kdo;ҝ=/k0 %Z$$2U/|xŢ:Xrrۊix*ӎ% 3ȋ$vQJnP/uKo~3/ƆS j~RTv )G`UGY oG) ֌3Vp:8^uI! ܒ偫&A!~yf@sqM¡|~Khx捫(&h4aw oAtɊt\rwU7xYR/ÜSsrh5l=m]R_=RV2ϯ#σ)e=q] urGqqg;`A[c)iVEXĚWDA?{d*?0 ΩV:/`-;Wx81@2>!+b&/m.C۰dp"zz /`SuULEa+S%rR}D%EsOZ*Wq:7|+/9#bVU>1cydu2 Ov. @Z.b({L~&[`G߫6©$4H,oXҭ+%|"mL&Zu4/t7iNyAo:<6hLmb h)5 7=Wj(>BlY$}YDXXÌuGB/b-Pe=LhDۨ\o#hqzPхMgYӚXJ$YG\gԲ/kЍ'RHԻYhO ~ ~)yVұ%iK_ &MA" 00 TQ{$UC:=F80p3ZS?$U-ͦbw8-$ v%-@a?D@B@~ KmƜMN(gИ8x"\==Bg"GTI&9q84 D@XR6bڬwiW%S/K d7n6&l9̯zafզ7NO9Z$4q5Lw6Ykq7kt2A+,뉔c/z1&+Bŷ\`]BVH]}9Ew䱺Lڬz2|\n$|rt*Ĺ瘕z ynböR$SO[!4iC9ZHVr~1;N4ŴL_!+&u?6_tdr ZRCRE&-8G` m:lJ V '̬EWV33ޒg޻$|~VӬ `;VsQDչV`aX+Na0xsWmxƗ҉኿doR>>E|Bu%p<Լz2Dh !8 .?9n3uyrfW{H6lZ T0ra;}BPH {Kt gk]qCLkic>RT!!( 4yk 8 ]|eiX`B-j0G <-Kz>j9踤#v|/M'TyiBej> EN߫'g9T(joA j@Ly%A4أB9esލZWʯ"ԋϣ(Gk#o܎F`hiù򇨆EuGxF~Կug"翇EŌT19 ڈ L*4;19}%xڍ ]1'h ]xbEО0†5>fkm:RG_IOtQ赛4Là}ZF2~`>T oH6ViܨcmUR Of2waL4 &V㗷ڃ};:i6ځ],/ٙiL28|/yu*O$l/9-Cw>U?7;4hlz[FT&kqXZ`OJA_"m!kk6k2G?kI'U "V~Ifl91j`55nP,W~}+^P>P)ZMa+~nBx@d7(<|Gm0VZ}++R}j8㦻4l:ސ5+/fnJ8, :!|]چHTiC|s |ٵwL _pFpY{ g7*ZHߟ,J~Eg!n:)C6|3-MA*x,pos#=_{j$17lSe'-Dv8ꍻ.|aH(Cоhjº93*s_I~>b.ʥtz-\ʭ9TaeZ <S_M6MHmݩ}8be4ƎîhYal_PBa rMO*n&|)U?1͜ӯS1iT#;oNbed~:}3fR\;M.|assr u\z'zBbx{"EGנh(;۞RZ+Qŋ7su")f.Wd3`B!ހ=+˄*8{V2d}/XSWֹUw3 Nd㧪w 20_d]/@ƵK̂zp(d%w(hN2JQ.I 9:iK5^HqV]n-4pO< "5u*Z^٪O#L do[I#יT Du9ƭ:fV C{Uzp1z]֚G݌4Iܡ%y6!yW~ gہ0X |ddpѶp/xZ[ȗ,ot {*l(aPcw \1n|-5Ů%-<|嬌'-`X %uNYu4IgL^P\qGGC-Hsxi9x]D7X(9J;L@uN:]sӸk\5ږ,0Y:KU}t Yu{s}tŐD"4#9՟s~\@At '\.8zIh֨pB:ojm#M\~=0V֘W~{=mgOO@<awl 6U)@<B~c vyQc!O&f?,, (>5Gc'zUp=cK 5 ÀϖVZ_7gbHq *znp#!woT`R0!x$ N<'PÅK_ !]|nzs<Br)S4ωEaW?V\n 8gU@hpkA.qBvc<:>9^RN%l:QnyϼI 6v)3D;>ݥ=g.!֖Aq/S+ϽNb3vZ>J(9 Io0x>O_RmSՂ0 |׃bBK#)f- r&{j9<q:gPlͱ'OA2<s^]nUmu1tne6&J=gJ0rY49z?v7@^oX(y?kX+f O S0};eaHBy9%£wRCP[fRqVC/Z2}K ܭ.V4/^NͰ,%hGĴ+uLۘ+QI$_ jwR˫,?/}.Lb QW}$12oyípD)B:u_'>.58HBF[vNl6K(֢Rį S'hjV.PN${)b?f Qm`<-"$_$s5FӧQytm0է{c mUP8'4MT~4L~!5qu6x/R$w@'}Gg*+}vߠ =G ;X O1=r1\N|vC4t:Zs0bX'j^AY@Z[=B5v9޲Pgbp/a\ 1m6 %zFu_%$/j*ɘ[,eRE/5Z LvLe/.t¼Ly}Vo\,YRo;j1 fI_Cdk+5dM4Qpܕ Xךဦci&j'a3hO6t $p"X2XÏ?0~f.~`]1XH3'N\5zxK&<6֊ ]aa0M(\#|Sǵu p}aT䠆'Nh+OtʱlZ[)qp9˟VXDe΄4+'֞PT%$1m",qwؗ?6T1^)ӓswһ||AF,͘[A7M,i6VsDhM HӆaԱ~yY=tK}e+SsH4 ج0_#N ra,dp|1W& }tkp7[5Q$$XIFXm͇fpiU{MH)֕":ާ:-kz h=8sf+˾&8{LW&gKsTq6B0>D:*y:!:I`^`bJ6| N`6߽~d=(}jbsmM%g f\Gwoz頏5}iM5lgTѶwzȿ@#*?zuSZ; "VlN*9Bʹ 8uD+l"3^PTBL>Q'c]CLS{{?G\!9Ma-<$0i9yĕ:R^`hvx\ʇwiڳ%B,g`w=o"Ʒi}z&q96*A2u$+ڭ@][O\s&0t52,/l;[G;|c^E1y4TX~\:m*l o8o꘱m{do"MVqϋO ;*TÞ}MP$ r"Ltmx/bxNԚR_w h;e dNŶy.;3n -O +ت߬fQ;4`Ǿ1;y Pۋa'z$]U;>;| ϙŚ^ Bѝp@t sYg1h%m99w`H҈|a\WC@kLC3*Pm(K;J&j洃,]}$4"cr&Cpw$3-R(f-ȟčCg,Ak Wc7[=;E:n9¥'fLerCr3H{`alz(ڇ.FCK\*CAx-?H! LE^lV8])k,D?Y{Ni(>푯LrE>ه >]~z 0" ;DJ?.8*ՎvUeI=̮ZzZubYY<<\U,kes57J\ ӓj/\u4U#|MZ#-퉶eLHtHةo]BfV|һ+};;9%i}LLTKz4X@:<$<5Ok|RCF=h|B/3 w;O.#d_? .D^Kעf10zm߯p8^k'@Jt&D q!Њ"rV=W:nx!8),!D;rl6Z% `[@4ș9uLHS8Uꪒюu~lqs$8U%}Qt'iE=7]Dtş b|Lap٥Sc0r쀞l Jdt4Y>*vW=bLH~켡Q&EX+܍tTE Z%Jmioa!t<PhW/.oNB,scgc-`ǟAʤ ]'p%w@ i0fS]q[Viaxu {kQOFw럊 c1Gxeߟh'5–aIsmܑbx`4Y!;m "WG}{gc[ KbXb祧{Z~]^Y!H"_9rbBN>l uiuk Ķ!c4|xDav˅6LsU\89>}92>8ƺXo9)RPB[]lktg>1j)/sVsһSVFh,bw> ߸7%,؜ ğYUcoM&kRK^S@/evr Rd1³aQv⓴DP3RjoXY(ʜ?{})0UРݳ+>ĥx_#_7EJ5GyمFnΒ̚L0;(bE :/g}2{X-Ƨ֭sUdˤLxhܓ|VxX7xw Z}2S-@ge53xd] qt^ih.YUWL ] ȁ{Klђ )#6Fx:hō mxw:d*ѠkspɅ| 9Z [5+!iwp96 st! wsTҵHpUܬAqHucq֜R]/E sK87s3Z fZפ2j]L .uBTl| Y]$4:}7π;fj)d/^Z4r1L3D}f8Q\!7 ηlH:69&qZHDj A ѥ%:g3G^8ۍh }XJa Rj˘5Ѕ}4kC GDd98'"p҄<5z%`#? lX(" Z2谠 :HN+B7їR؃PJ99RCx~6:OAT8z!xZ}"$!Ȅ %LBh,0աI]h mU tj^Xr45ۂʟDf(VܞEGP]qy[pIk:TD8d7X.M" B_ ~kOQh;jP#\ ZO~8Z ^uIDyo РZ>>bv|\#ZČ8 b_lp$)( \ LA.4 -UOu܂݉&Йz}}R-DƓű ,\<kpsuN5Oz+Af(@MEI}2AEPYoYd9]Kԉ«;D91`U9$I\x>NfϱZPg=&FJih?5`ܥ,TL,=0cb\޽YH]JOfUHZ7OL>x{i:zьq>0k\4Lj簑_֪RL NhR!PUllA  @lP!j 8Wۥty'yù6=5ZX1Yx\( 4+nbEoc vlm(Qy> X&!G_˹c>,BpDCO_S)7,ݘ(Qa\[#{r]wtP3=i8d #ex ,^nXh~2Mxp+YY8 !06,YYS'jgJjW:B Nm#D6$V&0:OFY$,?B*ڸ^ y; }?ޕ_VzO0 NCx/eXEF` Psq(6g:!bz{YOueUInfG-znag-ttlޫ'G`l5U\ ^n_Nw8KKOT*`բEtN"UAhbG7'il^L3hXF^ N@FQ|i 9ڽ&ޅpxL3NL[oBL?ƣtJy/&9xZ~BǛ;s=`AӫuH_{H ͙VT.u!VS%,U՞۩統1|)@dOJV[m@Eh_ ߩ}>ow"-msc! BU9㿯̓z-rr@ S$:n!G'Cpt2ڷU&eT7d[^~L%/"D[qw>aX)/eU9ʖFT#+/Ό}0]"BAi A`39sp@, Px(k#Ck/4^X/gL{3 1#5Z[3) 5(8eӷEs|&Qz-60B eLn @-'z(t%8+"&eLwb^g..?#i ohNn9Bm? Efc_KɛMzɷ/\k20nkoC}͏5*ti5\$%e!YH94)c>Jsoɡ&uL":WŘ߶ڰL>xoi,N #H2R$"pAk2`ÐSZlyܿN} (>7s oQ`[r?篆G}m&]3==kF(^YRهu;Dͩ%\ ,[ nB Є_B2ɭ3%PyV$՟eCZ4lv`GAB.Q,?*Banz<{ќcǂz +ظfl{ؓ`rd}KXa];B'PuʢznC'鴠soH)?ITV^gr 4(EYț_,T-<,ŎWjd -qt_(M['8Vu.(NWgһ[KRWDh( {|!d[\ W#S9Vço#.\1jaCBE{QɜXq ]8W;*Qd3 RG hY廾M0mariJfn2R^K1Euژ6I)109E'7&# ՃӧeSh݅OBM(8kr0Њ-s%$q2[khtwv$bYM3ڒ{u 7Of$R3d!3L p*w<pVd_EL/ݜ,z b")a |?C 2Ưo+qEUE$>dsD!9ѝhkFt,`iAרTKI|cDv>ǦKZws2?󴌁fCC[b(u(lQ[>+=^硽nǔ 4# KlNS%` s]l؆4H7Qxdv %z.a+I|Klzr'mN(RAw9-1'l6w*;wAv$^ln?K!En|C\Q %RthS+]%iVUdmƂg8LK`]5w~]ҮraPyT޽*DTЧ?ch1QׅS7S+cB$fz7~v]#rvAܕjk5e `ޟdt bR+/Fb}T^2̅5!rAA!UUy .np:=rΠ$d^S =)6*j *2BAnx}Cz/WI4#u "7AM^'N k Iy'4Xrl\m5$> v,ϰp- n ^/zm݆M<.g9q γ@O'3 L6˧ hUA;zr!m?-q<6FRi I1H%_7t28Ԃ0aBF՜wlE9hЗDw.6C G a}"JIY9՚egESK}y넷=m{[?C.Ƒ ]kmVT}T {PT.9܌t i6A,`9JXv.!wڋ2Qrb,. Fג]K8Ԝ>wa_ T~ i }{u9` "4~ Ԡ!۷J}TrKWf-6u&풱v;NECtO0Hbu.7KP^4aF?&L=ƃuY KI䊰h%JX:"!y"?HdFV/"ɅTP@ǒ9cb^1"Xؒwux6׼'tH MX?Ī2bN4e)}v( >*Jj QЙp`N8\5'rY60bgV' |42+`k&o ]7p6o 2uYG`ỳg>' zJrsvnc5*Sqs;B/OM\T˴:I8 ӼONrUl{eԝM>#|=t8Bb}|m'#~[tO&e|Z‰a-.oۈ*zRm'f$y84XhE8(h6 3C,g!ly"$k{x\줙P'nMQiR Y2q92%mN&> 3~ph "'A564 >ge݉wYnv $HON ?3)tA0n%ȹ;B=H\mK5cE aV<ͬ{@4LH1JO\[!%tjQ.l{pn8r`p]RǕaYNW)&S_(*7W-q Jxİ fcEQ (yktcDm̼$eAM#+}ϑ$!ԧ.G<'=TV{9 { UN &@9ʽazCW{oHc9,5_V^z9vfxNqw6Ʉ#7Lɶg dDNe*D MYg-;xkm:ܦzpV R..A߂.dt%ڍ>d4SibmAl^\CuW6A.*aVZϘ`4F =Kr \0Ldl1JY)LUҖifFu_gG!B İI7] &ֵpޓn .2n#۲ dcR\1 ic)Y0Iڅl8"!5`֖f"&,<݇eE͠4t.؍<>1{w%9*I%)xRo6?-X(FSVpN S7pVwo嚤yq'tImpqC}˚,k8=؋ 5C"/q6ZMj£ZJQA am`Qr e}H_* i7GXsrQO{QM}Vv=QCcƛK.Agji'}~a,T 49B$!;I5,JS(L;.8gжCҦkχ)!2e"BU ,g\eye5Sȉ7fqR>\4_w.ɔTyl#p1ɬl*4BXߝ9~h:w={x̩ZӔd*XV73K՟"~1Okfw'(ƴmY<|TĭuL{ $xWۍh̆`S5|~!pN\7jk*厱{,܀ME~(Jѧd EU.)-L#s,>~+}PU4Ճ֠D @iU;JXZwsm^#_H28`sv@^oч+^Dh讚ݠ-B Ff'^M@\=Ŗk4k)ԾRZ8)]˜g .욐.̂s]@8e~/ZMb )2|[5'"Y!apx͐**vyiC.ƒݤk|Q+^̧YEK),SS#75_Ihg!1U\rgTDU&9`5x_$G:&}n2tomY^L=MxWBԭrGKw1~Íy5|ڊJ[a 쑛oYC& CagRz.RǼy^D, ř坄|x^:ǣQМli@s9;@@yR/אCcȃd \7TT3EpAeEKfn?q@mρL+<hހU r8:fx,%proxKoi EgP8F/2=$AlB<Z>kdԎ?kvu0c YL^$u ϱ<$isNM-V|H&+\uL6j }rhk_3Vi$- ,qy[ħ>l ov{wrBIKC7FL1B-RZrio5 ߲ŜH筡JGB?fLTANLL/F.<:o%>JٺFohG튧 0qDV )d LT aA [wȽJPXU4`&4*=HhM32 R$#?@H%d+ouMҨ!Fi'C!'| Fg$06C[(Ο8}!i7ӝ'8]k^WK'| qId@nm] f -9hU(

Δ[V#HZ5,:G*C@ەʉ_SE}/倮Q%N4l͊gVBԪx"hN0׏(72`z!60Ř?[|''T`7ŒH ;YrXt8sTX[IֻmT2-T9GcfnHJ#[:8OG!C5.Qsg5$F v5>ZR'*?ky*3݅7E?͹>a"̞lPձj^PJc Nl RAI{ ƒ^<pb؋Yc.uɋexA@kWf^/њXMo KېK4$ ^pWTsx< L28Qݜ-ՋÕ}&!?=zzho^7VIexy5'ޙ=>sr~fL80$ x[YCc+F93hfGy:,6-+gE(>$ |Qߙ (QVvpSH<} 2[*{ó* 7$k)/n $?._<1۝gH*G3#߇j GwZ45F:p}PJ ]:c; bHie +1]Q'!(gm3k;$6xNnl}%/f3gL6"^D=0L D ̍Ub+ *h<GIrUv%1N8ND4뤎DzsZ kݧWSys#cPӕڜ1!lH[--'* rBX2sNj${v}eJ~V1Nw+5j˯Avx~:%DM*2x 17 -7nR#Z7E&In'*l |} @׃Ut!ýI4&'NH <'//cQ'R7{ǖkr^ j%A#>?_;2wArEx14sAC%.ӦuHI{IKI+U D3e>/M-]cW>NW,X3ŶYì-u?0@K^V[V@-zLthjpAaaz7 ̟w- AC>ۀmRGUyy  \#ccf֞M˗ĝ A y<pqN0,14ƘtCp+7RbS(Et[Ȟe4yc}rTżH IidٸFs­3 b{:He݋ )i~~)@U4}y!|cш`L bWh|,9,+Q'hJzh_؞+=::0wC!]%QX[dFvZGqO8$JKvʱq$˗#UT!Gl:suӢNw*fG牯۳t{l |ClK`'4bz bF:"!cFI͵DEeôOI {vY,B@Eq9#RӊZ;Y*Fuc%6FMKn Yboޏe|OK;%~%\ekWvv{ EQ\Z2amɧ9] nʪ10UȚ. ,ںx3ta73@wO1)F@q`7Za-<{zY*~+ _YY(܆e 7ʅr]tzbyM^|\"}I-uM^'B*`ԛ]PN}˞5q1{+p/_E8ݕ74qkO1@f#ϕjnkrpٱS˼MN\(-p臝 6LɵrlZWK{T/LyK_B),C[@h]#P$. 'I]ێMBmȣ{֜o*c13C8%$4ZKZشR^st7öt};%`PƏD}c K;V_JR O'BՋ@ULheɷr~euѺ(h=iI >EnV8@HhHL5 Bds~ (Ÿ&0K&ȟ& ;kyT%gORctϓDϥ&#i^tgaܬP`Z#O`@VyWChQ/vvhU n/@Bd5ø/\`9m]#32R̆zh/b~ f^Bzv [RQE&ۉzu?_U9UXJ}${l&@.F{"~PO fG$ H'%;J^D^<*fzdB*[ۧNF\ p:uc3ڑ^=P"WWnn(ﺱwDBܾM%IF3/j.7|}=>]RͭȭbW^5TbI^-];SUGo!eXX/ hyաXgㅴ_ s)4EΈw w=n@vH2lTa(!OPGAoo' >5{33]bxJ併a{;pb=G~5o}u %8_PFܞ/r/s.JkSE8xRs{WVjD_P><j _a3AX^;6^ِ2Ӥi>|?l7b2Q^O(Y/'I @8좬GR9͂~$ hb^A1kC-1P7#Z΁&;ŎC!8/D_Aia漃k"RZL>ʅl-u8i7y;xt$Nguhuր@k b*?IpFq!mLa(h[܆f *h]Ey4\ɛB#EhHB4/Ahv.T tu- ݎ۱ɮkV@"Çc^v%l+|;hPr|WiNZp-$73OsrO_!C55kHb]d%ı+qMyP#Qy{WW<#'uJ?e59l7CF.*1:ѓෙ(YVD>_VXۃY*_^acՂ@bb9d! r\}zڪFH c0کS"?2䭯SB8#_չ%RoKn`k OkH ʀ`^$M^=w.b~Nt)C'NG5Fh%WHfa4 J޴ZF ҂(/] :@@-q`qAWDҜ+JA2Ij5rǐ^OK$SY۟nvq2~C|&vqm|AY6J,)iIGߙ SXV7Bߖ~n<49ZESݲR47sLuS7lTRg'awpÆe &S.sPj0N7mO<Ҝc_L&݂on ;OMeʧ0x $)TdDإDˆh s*{Hltp4/.Dmu@Q>z_ $FdAsz9 n ->ER('wҐ H88 Хt)3'32By*s nS*(g8N[U!G<_bFʄzZSO@l($>Mg><\ve?#܎o쨪}(歛@&0~CukE!저eUSXi)|zÂ*]*4]J<#pm;Kd}A(z7nǘ8ZWRغC*s~|9l!',:`Q""j{IGV EN&>pu;p]Nm2B Oȭˆϭ"ھ)kxx m67u4-]k6nx:pWpC;VM=eZ?">+q0Jw >D:[l}̻F$礒=%d@td+퍆:4R:P_H!d߂\tAvfYPKwjE?XʕPQצ=r,rnhǒ{7""jފu Ƶ ذz0zx8HkWcumnt,x(ҫVL޼@e-RZ7`+߹;[ҝ0k~s^N=_ӹ.~U(+ja{zBOv)j$$*i`~T w.m\h&]h̎(J!tT5Z7Zљmm19_ Y<1Q Yd9@^Pރ|@Nsz'X B, p4~ j2|?-Ånx+(.nd'gFJlRY1"] Ȅ nsB ywhs>C#o 1f!uAf_;Y P(IٿUy?{2}QQ/>ifnZ]0/tv%OX\D}?xB ct&}I=W?uNOW]Y$G3U% a$[I^!V۲?'8)܊Bm).eьd`6quq6T1 GAi+Qأ9q`*0XRE lTޝI(i}kJD@b7GxP0jqswH_ /~F9ҕ7U #<5[*ʢվ@⫝)!jv<:P0z͸_PN{x$.fet=kbifcC Y3ęS\cpV|=Z[iFmnOsM_Nl;*Wyuf%z@RkѺ<笪7϶jb] eEmD#G>tt[38w=.ӥˋ ǩ. 7D= [Z 3Wqɂlf DK)0;ձ)V7}Fį;&Xϕ{ȘطR\o'՜EV.J!t;zmwHB;2f>K8wMBrŪBv+6k#As1[Xw[g an8"craUB+rFCI<B L Rݐ3nCy|sU"EvkX1>)˳(6DNX<,rG9'ZCp!oc+ FĽ6G@R'xӻORq˵;N{AK7wERvyy x6i\2 kȏ/x~S}g} 1cq6OIr&S&$rh5"=}l`Ŵ#ce]5"$/UΌe(p8 HY@1j̮sZ#ZP'ꊨvm Pd@Л.C/BٮFyl_E4ؗWMsdXkPjAv=/.m' vkz,>$N;qL,. %u~kI!)됭slq9$LYI 8 3\}ODCF;7<.\Xa0]'F_r-C3;Rc8~|Bvyƴxm38T&TB{b_S1ӿxQ>s!'D#!m)IVuaN3ܿ`I<Λ0V(Y0k3PPրwb5V^[:O"0RpPƋTZZul]) XMRzNfnr5["CRD՜}E DS=?L Mx[vX;iҘ#z !wP|AB=ġAT73cgשR>[&R1#pM~R8 u~.2c]ScOzDP> Bs;S=BУŪd[d3dW0Lp>?6(7ng B ((:5h*c]MOѾSs^,Uv4u{]ἱ$9 FL (%u SVbu7VM3v8GǞ^u_bgi>9y&t):Um d!NfmH op~k#ZоhrjTiX٤IX+f_ j>~3Lւsv)" eYxH?5l5@Z%Xi1瓸6A^}dYSJJO@yNB^)r_eB8ldU a/5{&t f1 3}R'x4!]ʶjCΞL.c368.&,346$tLofZ_9HމU_7W)"ҙpR穴1vds&o6S@ ڠr}m-8={/?]G0VzEK24"8R®ՓZPE7!ja#ϛG6|~ezO{ 'nKX{iaU`4&C}GBfb]|4t A3(%!UWz_BcL(П#.% Xo>HwmQPz(+)I7]ҏ>D+&]"Sm#ST>[B(e)m׈OE(z tVԥOёp-kojXj$DKݰ1AczMt kc#cYb5)h~7Z ʋ̏tJʬ2efk[U;c{HwuK|˨-> dfLBhu[c_<kA('tZ$XFS@-(oYLlK]C{sMdUqJ٣1 r^r^H i[vTW΃ m,v4v0ύp`1W_,IqR>kLWOQ!P ! I1)C3 27;yoJ=B`5^5gY޶vn #e~xlТϠ ׀7-Ok[y`;D9Ufrv=m/1& !p ckXHgWFlwP֚Q!N=/G~a /Liw7[C(xzyeT&y=`qro?·ox*;z9Ri5v-/ . *iɌCXZIgc|Ya/y0Qkn~q=ޯn2[2ڍF| $o ihWg4E WA8 VK9)ZPp5 >s_L?'X6*_hx[*ފMz`M8L[oFNiJtIzgRP[Mo*v?IUDvsq$ ȴ#@vt+,QŻѯCR iW]%{4eb_rwA"ˬ|ԯpůZn 5HO-"}$[ž((2=#n0up9=f/O$l{}aSu"t*)]I6h>6ݑ6j4:QHZ͙72kX:MזM/s8!gEpcA[JQ7Ң|yz),7!ak- AKƘnyIJUL=JpRf> [XϜ{GjY[e2R~-v1bxbqGro^aG瀟ysN65R U{G-Q5bZ8n% Ez̺pCٿ wtEΕ6ӺKEV?8)~">ZPӌ< \%<¢E}en0j3 @0*PZ >|)wi Trz+|t)'DCC+6C >|zN2fvFN՜nZ8"/PYxxz-mťϧH[ yIxrcCVɈK֖2S-&2mGIOW]+g33 oY/!ƒ\^2 :9D5bazaW'/*PD+T<,EdxG~׀5"֋VP4f0C gٗeEǔ8`x3/]̛݋Ԯ:m|ew3 w MN`x)o%BöG+8;"zlEIMZ;% \L.| vP{Cמs*D掳PMk;ElƁCщ~$.B}[e󠮥.|4?]f>;-"ruI`tw$Y*\0zZHHV!./"o|gRY%(7z(>;*[44Lf,.}W,5 ]"miܸ݉wo)#AB{]}m7wWտrtWm0[5H61bRL6 !vzΟ3 Q%ubdM%n |h5~ ݮ%||,ݿ(I.giUaQymoBu3@4Z ػ3DOE +ٙ F3b6ht>h)8}`iԶӏ_d\h}+pO,8*ѓݶ =/%J`pdKc8sŶU6UplsjRA+՜ifJ 6:ÅcD ]fgʃz-TB~jM J렵^;Q<1((+g7U 6RͿ*LѯkVBC[9S6b϶%S҂'m%ܱѤ(6(iiUB7sɎ0~LR:¾;fY3 6I7z dj*~N#3ƼkM 33 9r =$MȰh pw4L/!nA0OF4ۗ\fUj`cԾ? FMˏjsMY(W$ N`P=yBC&=6Os([i{6TE 0x/q,O]clR w;&[ &k1NouYDjI U؞LUAGW7Ly)oL7hگx9ojHZ'_w389dt Ï4!C#+U@ JT7C9φ^ $ߎJbtݡTr'/~a,rw Of/C@"g"gWpy0yW۪x'n/[?i(7L[ ۡwS1[5SZ9m 2WUɌ"]jeU~fwf%m/oBLG% &G& …&_jطmRr{ecT% 6zҗRZS7s%x ~Dfq~t-釵24 ?@7{И^0o]DڊnyޝyNkW!nL//DcEV/Fy[-ZZ橭뫅4#XhdrbQ{ )SX-)t8vcZ'(صT48uM\AMpP^i_O Qq'̓[>BsO3"/ C_aTnZ՘YciuT *vEHk iDM#>H g 9+G R8|quI0J/:3hnZeX"筳u !lWR3 +)M('n988(?d+KlPϰC*21M$l޽rB{3/k2~ľs*M@*FJaG}FdL)($1_$%>0Do}o19GsccE_FtqyTYb81L\O'0O||{N叻lbS/i>tf:ҘNs+$. uPAd:BǮ*ȵiDl lҠD>4}̠ڄ %OEafK0M}މ$▣t{,7gŝ Nu~`L&3֞ i%ił?Dn E'>H;{Q