nghttp2-1.40.0-lp151.3.6.1<>,l^sR/=„!(KZ=CQ% ̳H%^?EI[ =?qϿù{S vfڙ颉3lwSrO+gW^0.[Q",Z,ݙTM lPa;y]B@#X'!Jҳ'`'}|.tfR>ŕ %2"Up$9_ޙ-hVMMgW[7P$5[r4Q휼t!uS*NAbuQ>>?d   Z *08X h x  ` h433 3( U8 \E9 pE:EFG$HDIdXlYt\]^ b4cdnesfvlxuvw@x`yz0@DJCnghttp21.40.0lp151.3.6.1Implementation of Hypertext Transfer Protocol version 2 in CThis is an implementation of Hypertext Transfer Protocol version 2. The framing layer of HTTP/2 is implemented as a form of reusable C library. On top of that, we have implemented HTTP/2 client, server and proxy. We have also developed load test and benchmarking tool for HTTP/2. HPACK encoder and decoder are available as public API.^sRsheep82openSUSE Leap 15.1openSUSEMIThttp://bugs.opensuse.orgDevelopment/Libraries/C and C++https://nghttp2.org/linuxx86_64[@pJP#A^sR^sR^sR^sR^sR^sR^sR^sR600636792e6dcfc3122f7f6033994568d2e15a0d20af9991f404db6673a13a42c9c552a9274cb26a611f4e655b29a0eeaa37e998e9e8512ef549fefed1e876fe9f3de9ed64ab24b2732aaed4ae872fb62a92959d6431a153bdac27da49bb4d5d0b8cc4038f3c0942c614d852e6c3c62b0ced9dbb26abce725353934a5edab47dfa32cd6f136e3a5ff4c7bf64675b064c1af3925a48e31bd40af0ee4f92d4eaa881fe6effa203b7318b38a89912648ee8d4ecb8780de15fadb04a5aba355774ad3a22362814ba191b10fa8a50106097ffae4ce30013526f522b7962d2a602f1e4rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootnghttp2-1.40.0-lp151.3.6.1.src.rpmnghttp2nghttp2(x86-64)@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@    /usr/bin/python3libc.so.6()(64bit)libc.so.6(GLIBC_2.10)(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libcares.so.2()(64bit)libcrypto.so.1.1()(64bit)libcrypto.so.1.1(OPENSSL_1_1_0)(64bit)libev.so.4()(64bit)libgcc_s.so.1()(64bit)libgcc_s.so.1(GCC_3.0)(64bit)libjansson.so.4()(64bit)libjemalloc.so.2()(64bit)libm.so.6()(64bit)libm.so.6(GLIBC_2.2.5)(64bit)libnghttp2.so.14()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)libssl.so.1.1()(64bit)libssl.so.1.1(OPENSSL_1_1_0)(64bit)libstdc++.so.6()(64bit)libstdc++.so.6(CXXABI_1.3)(64bit)libstdc++.so.6(CXXABI_1.3.11)(64bit)libstdc++.so.6(CXXABI_1.3.2)(64bit)libstdc++.so.6(CXXABI_1.3.3)(64bit)libstdc++.so.6(CXXABI_1.3.7)(64bit)libstdc++.so.6(CXXABI_1.3.8)(64bit)libstdc++.so.6(CXXABI_1.3.9)(64bit)libstdc++.so.6(GLIBCXX_3.4)(64bit)libstdc++.so.6(GLIBCXX_3.4.11)(64bit)libstdc++.so.6(GLIBCXX_3.4.14)(64bit)libstdc++.so.6(GLIBCXX_3.4.15)(64bit)libstdc++.so.6(GLIBCXX_3.4.17)(64bit)libstdc++.so.6(GLIBCXX_3.4.18)(64bit)libstdc++.so.6(GLIBCXX_3.4.19)(64bit)libstdc++.so.6(GLIBCXX_3.4.20)(64bit)libstdc++.so.6(GLIBCXX_3.4.21)(64bit)libstdc++.so.6(GLIBCXX_3.4.22)(64bit)libstdc++.so.6(GLIBCXX_3.4.9)(64bit)libsystemd.so.0()(64bit)libsystemd.so.0(LIBSYSTEMD_209)(64bit)libxml2.so.2()(64bit)libxml2.so.2(LIBXML2_2.4.30)(64bit)libz.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1^@]i]Z@]Z@]R@\g\A\A\8@[F[t[CN@ZЛZUZUZZOhZ.s@Z'ZY@YdYYlYcl@YX@XӸX@Xk@XQ4@X6@W@WRW"W~WXW W4V@V>@V@VV_V@VzV]VI@V4@V@UU@UUȒ@UUUUUcU]USMartin Pluskal Martin Pluskal Adam Majer Martin Pluskal Tomáš Chvátal seanlew@opensuse.orgTomáš Chvátal Martin Pluskal adam.majer@suse.deadam.majer@suse.dempluskal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comfvogt@suse.commpluskal@suse.comdimstar@opensuse.orgmpluskal@suse.commpluskal@suse.commpluskal@suse.comschwab@suse.dempluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.comadam.majer@suse.dempluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.comidonmez@suse.commpluskal@suse.commpluskal@suse.comidonmez@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.comrguenther@suse.commpluskal@suse.compgajdos@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.comsor.alexei@meowr.rumpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.commpluskal@suse.comjengelh@inai.dempluskal@suse.commpluskal@suse.commpluskal@suse.com- Update to version 1.40.0 to fix CVE-2019-18802 in envoy-proxy and cilium-proxy (bsc#1166481) * lib: Add nghttp2_check_authority as public API * lib: Fix the bug that stream is closed with wrong error code * lib: Faster huffman encoding and decoding * build: Avoid filename collision of static and dynamic lib * build: Add new flag ENABLE_STATIC_CRT for Windows * build: cmake: Support building nghttpx with systemd * third-party: Update neverbleed to fix memory leak * nghttpx: Fix bug that mruby is incorrectly shared between backends * nghttpx: Reconnect h1 backend if it lost connection before sending headers * nghttpx: Returns 408 if backend timed out before sending headers * nghttpx: Fix request stal- Conditionally remove dependecy on jemalloc for SLE-12- Require correct library from devel package - boo#1125689- Update to version 1.39.2 (bsc#1146184, bsc#1146182): * This release fixes CVE-2019-9511 “Data Dribble” and CVE-2019-9513 “Resource Loop” vulnerability in nghttpx and nghttpd. Specially crafted HTTP/2 frames cause Denial of Service by consuming CPU time. Check out https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md for details. For nghttpx, additionally limiting inbound traffic by - -read-rate and --read-burst options is quite effective against this kind of attack. * Add nghttp2_option_set_max_outbound_ack API function * nghttpx: Fix request stall- Update to version 1.39.1: * This release fixes the bug that log-level is not set with cmd-line or configuration file. It also fixes FPE with default backend. - Changes for version 1.39.0: * libnghttp2 now ignores content-length in 200 response to CONNECT request as per RFC 7230. * mruby has been upgraded to 2.0.1. * libnghttp2-asio now supports boost-1.70. * http-parser has been replaced with llhttp. * nghttpx now ignores Content-Length and Transfer-Encoding in 1xx or 200 to CONNECT. - Drop no longer needed boost170.patch- Update to 1.38.0: * This release fixes the bug that authority and path altered by per-pattern mruby script can affect backend selection on retry. * It also fixes the bug that HTTP/1.1 chunked request stalls. * Now nghttpx does not log authorization request header field value with -LINFO. * This release fixes possible backend stall when header and request body are sent in their own packets. * The backend option gets weight parameter to influence backend selection. * This release fixes compile error with BoringSSL. - Add patch from upstream to build with new boost bsc#1134616: * boost170.patch- Update to 1.36.0 * build: disable shared library if ENABLE_SHARED_LIB is off * third-party: use http-parser to v2.9.0 (GH-1294) * third-party: Update mruby to 2.0.0 * nghttpx: Pool h1 backend connection per address (GH-1292) * nghttpx: Randomize backend address round robin order per thread (GH-1291) * nghttpx: Fix getting long SNs for openssl < 1.1 (GH-1287) * h2load: add an option to write per-request logs (GH-1256) * asio: added access to # of the current server port (GH-1257)- Use multibuild to not pull in python3 in first build, nghttp2 is low in the system- Update to version 1.35.1: * nghttpx: Fix broken trailing slash handling (GH-1276) - Changes for version 1.35: * build: cmake: Fix libevent version detection (Patch from Jan Kundrát) (GH-1238) * lib: Use __has_declspec_attribute for shared builds (Patch from Don) (GH-1222) * src: Require C++14 language feature * nghttpx: Write mruby send_info early * nghttpx: Fix assertion failure on mruby send_info with HTTP/1 frontend * h2load: Handle HTTP/1 non-final response (GH-1259) * h2load: Clarify that time for connect includes TLS handshake- Update to version 1.34.0: (bsc#1112438, FATE#326776) * lib: Implement RFC 8441 :protocol support * nghttpx: Add read/write-timeout parameters to backend option * nghttpx: Fix mruby parameter validation in backend option * nghttpx: Implement RFC 8441 Bootstrapping WebSocket with HTTP/2 * nghttpx: Update neverbleed to fix OpenSSL 1.1.1 issues * nghttpx: Update mruby 1.4.1 * nghttpx: Add mruby env.tls_handshake_finished * nghttpx: Add --tls13-ciphers and --tls-client-ciphers options * nghttpx: Add RFC 8470 Early-Data header field support * nghttpx: Add RFC 8446 TLSv1.3 0-RTT early data support- Update to version 1.33.0: * lib: Tweak nghttp2_session_set_stream_user_data * lib: Fix handling of SETTINGS_MAX_CONCURRENT_STREAMS. * lib: Implement ORIGIN frame * asio: support definition of local endpoint for cleartext client session * integration: Remove remaining SPDY code from the integration tests * nghttpx: Fix worker process crash with neverbleed write error * nghttpx: Support per-backend mruby script * nghttpx: Fix stream reset if data from client is arrived before dconn is attached- Update to version 1.32.0: * lib: Ignore all input after calling session_terminate_session * lib: Fix treatment of padding * lib: Don't allow 101 HTTP status code because HTTP/2 removes HTTP Upgrade * build: add ENABLE_STATIC_LIB option to build static lib * third-party: Upgrade neverbleed to the latest master * asio: Support client side SNI * src: Compile with libressl 2.7.2 * src: Allow building without NPN * h2load: -r and --duration are mutually exclusive- Version umpdate to 1.31.1: * Fix bsc#1088639 CVE-2018-1000168 * https://nghttp2.org/blog/2018/04/12/nghttp2-v1-31-1/- Version update to 1.31.0: * lib: Add nghttp2_session_set_user_data() public API function (GH-1137) * src: Define nghttp2_inet_pton wrapper to avoid inet_pton macro (GH-1128) * nghttpx: Close listening socket on graceful shutdown * nghttpx: Add an option to accept expired client certificate (GH-1126) * nghttpx: Add mruby tls_client_not_before, and tls_client_not_after (GH-1123) * nghttpx: Fix potential memory leak * lib: Allow PING frame to be sent after GOAWAY (GH-1103) * nghttpx: Fix bug that h1 backend idle timeout expires sooner * nghttpx: Stop overwrite of first header on mruby call to env.req.set_header(..) (Patch from Dylan Plecki) (GH-1119) * nghttpx: Add upgrade-scheme parameter to backend option (GH-1099) * nghttpx: Fix missing ALPN validation (--npn-list) (GH-1094) * nghttpx: Remember which resource is pushed for RFC 8297 (GH-1101)- Drop spdylay dependency as it is deprecated since version 1.28.0 and removed from cofnigure.ac since 1.29.0- Use %license (boo#1082318)- Update to version 1.29.0: * lib: Use NGHTTP2_REFUSED_STREAM for streams which are closed by GOAWAY * build: Remove SPDY * build: Fix CMAKE_MODULE_PATH * nghttpx: Revert "nghttpx: Use an existing h2 backend connection as much as possible" * nghttpx: Write API request body in temporary file * nghttpx: Increase api-max-request-body * nghttpx: Faster configuration loading with lots of backends * nghttpx: Fix crash with --backend-http-proxy-uri option- Export PYTHON=/usr/bin/python3 before running configure: allow to build without (comnplete) python2 in the buildroot. In any case we only ship python3-bindings already.- Upodate to version 1.28.0: * lib: Add nghttp2_error_callback2 * build: Add deprecation warning when spdylay support is enabled * Switch to clang-format-5.0 * examples: Make client and server work with libevent-2.1.8 * third-party: Update neverbleed * integration: Fix issues reported by the go vet tool. * nghttpx: Fix affinity retry * nghttpx: Fix stalled backend connection on retry * nghttpx: Cookie based session affinity * nghttpx: Expose additional TLS related variables to mruby and accesslog- Drop forgotten python2 build dependency- Update to version 1.27.0: * h2load: Print out h2 header fields with --verbose option * nghttpx: Send non-final response to HTTP/1.1 or HTTP/2 client only - Changes for version 1.26.0: * docs: Fix some typos in the nghttpx how-to * h2load: Fix bug that timing script stalls with -m1 * h2load: Reservoir sampling (GH-984) * h2load: Add timing-based load-testing in h2load - Switch to python3 support- Don't use jemalloc on ppc or %arm, where it is broken.- Update to version 1.25.0: * lib: add nghttp2_rcbuf_is_static() (Patch from Anna Henningsen) (GH-983) * nghttpx: Fix bug that forwarded for is not affected by proxy protocol (GH-979) * nghttpx: Update mruby to 1.3.0 (GH-957)- Drop doc building - Rename python subpackage to python2- Update to version 1.24.0: * doc: README.rst: fix typo (Patch from Simone Basso) (GH-947) * doc: fix up grammar in submit_trailer docs (Patch from Benjamin Peterson) (GH-945) * doc: fix cleaning in out-of-tree builds (Patch from Benjamin Peterson) (GH-938) * nghttp: Fix bug that upgrade fails if reason-phrase is missing (GH-949) * nghttpx: Verify OCSP response using trusted CA certificates (GH-943) * nghttpx: Set default minimum TLS version to TLSv1.2 (GH-937) - Changes for version 1.23.1: * nghttpx: Fix crash in OCSP response verification - Changes for version 1.23.0: * lib: nghttp2_session: Allow for compiling library with -DNDEBUG set (Patch from Angus Gratton) (GH-919) * lib: Treat incoming invalid regular header field as stream error (GH-900) * lib: Call nghttp2_on_invalid_frame_callback if altsvc validation fails (GH-904) * doc: spelling mistake in arguments to build nghttp apps (Patch from Soham Sinha) (GH-925) * doc: Add notes for installation on linux systems (Patch from Tapanito) (GH-917) * doc: Clarify the effect of nghttp2_option_set_no_http_messaging * nghttpx: Verify OCSP response (GH-929) * nghttpx: Fix certificate selection based on pub key algorithm (GH-924) * nghttpx: Fix certificate indexing bug * nghttpx: Run OCSP at startup (GH-922) * nghttpx: Wildcard path matching (GH-914) * nghttpx: Forward multiple via, xff, and xfp header fields (GH-903) * nghttp: Add -y, --no-verify-peer option to suppress peer verify warn (GH-906)- Update to version 1.22.0: * lib: Add missing free call on error in inflight_settings_new() (Patch from lstefani) (GH-884) * asio: Support specifying stream priority via session::submit() (Patch from Matt Way) (GH-881) * nghttpx: Clarify --conf option behaviour * nghttpx: Add $tls_sni access log variable (GH-896) * nghttpx: Rename ssl_* log variables as tls_* (GH-895) * nghttpx: Fix path matching bug (GH-894) * nghttpx: SNI based backend server selection (GH-892) * nghttpx: Enable signed_certificate_timestamp extension for TLSv1.3 (GH-878) * nghttpx: Add options for X-Forwarded-Proto header field (GH-872) * nghttpx: Add --single-process option (GH-869) * nghttpx: Use 502 as server error code * nghttpx: Use SSL_CTX_set_early_data_enabled with boringssl * nghttp: Verify server certificate and show warning if it fails (GH-870) * integration: Use nip.io instead of xip.io- Update to version 1.21.1: * asio: Fix crash if connect takes longer time than ping interval (GH-866) * nghttpx: Fix bug that 204 from h1 backend is always treated as error (GH-871) - Changes for version 1.21.0: * lib: Fix nghttp2_session_want_write (GH-832) * doc: Document pkg-config path usage * build: Eliminate U macro; Instead use (void)VAR for better compiler compatibility. * src: BoringSSL supports SSL_CTX_set_{min,max}_proto_version. (Patch from Piotr Sikora) (GH-853) * src: Use Mozilla's "Modern compatibility" ciphers by default * src: nghttp2_gzip: fix this statement may fall through [-Werror=implicit-fallthrough=] found by gcc7 (Patch from Alexis La Goutte) (GH-823) * nghttpx: Print version number with -v option * nghttpx: Enable X25519 with boringssl * nghttpx: Retry getaddrinfo without AI_ADDRCONFIG (GH-858) * nghttpx: Failing to listen on server socket is fatal error * nghttpx: Escape certain characters in access log (GH-856) * nghttpx: Ignore further input if connection is going to close * nghttpx: Don't call functions which are not async-signal-safe after fork but before execv in multithreaded process. * nghttpx: Enable backend pattern matching with http2-proxy (GH-733) * asio: client: Send PING after 30 seconds idle (GH-847)- Update to version 1.20.0: * lib: nghttp2_session: fix The 'then' statement is equivalent to the subsequent code fragment found by PVS Studio (V523) (Patch from Alexis La Goutte) (GH-814) * lib: Add nghttp2_option_set_no_closed_streams (GH-810) * build: Disable spdylay detection by default * build: Add --with-systemd option to configure * fuzz: Add fuzzer for oss-fuzz (GH-799) * src: Enable TLSv1.3 if it is supported by OpenSSL (or BoringSSL) (GH-816) * src: h2 requires >= TLSv1.2 * asio: More graceful stop of nghttp2::asio_http2::server::http2 (Patch from Amir Pakdel) (GH-805) * asio: Holding more shared_ptrs instead of raw ptrs to make sure called objects don't get deleted. (Patch from clemahieu) * asio: Fix infinite loop in acceptor handler (Patch from clemahieu) (GH-794) * asio: close_stream erases from streams_ while it's being iterated over. (Patch from clemahieu) (GH-795) * nghttpx: Strip version number from server header field * nghttpx: Add --single-worker option * nghttpx: Fix bug that send_reply does not participate graceful shutdown * nghttpx: Add --frontend-max-requests option * nghttpx: Enable stream-write-timeout by default * nghttpx: Fix stream write timer handling * nghttpx: Add configrevision API endpoint (GH-820) * nghttpx: Redirect to HTTPS URI with redirect-if-not-tls parameter (GH-819) * nghttpx: Update log time stamp in millisecond interval * nghttpx: Better error message when private key and certificate are missing * nghttpx: Fix bug that old config is used during reloading configuration * nghttpx: Specify TLS protocol by version range (GH-809) * nghttpx: Send SIGQUIT to the original master process (GH-807) * nghttpx: Restrict HTTP major and minor in 0 or 1 * nghttpx: Drop privilege of neverbleed daemon first * nghttpx: add systemd support (Patch from Tomasz Torcz) (GH-802) * nghttpx: Fix crash on SIGHUP with multi thread configuration (GH-801) * nghttpx: Send 1xx non-final response using mruby script (GH-800) * nghttpx: Select certificate by client's supported signature algorithm (GH-792) * nghttpx: Recommend POST for backendconfig API request * nghttpx: Don't build PSK features with LibreSSL (Patch from Bernard Spil) (GH-789) * nghttp: add support for link rel="preload" for --get-assets (Patch from Benedikt Christoph Wolters) (GH-791) * h2load: Fix wrong req_stat updates * h2load: Explicitly count the number of requests left and inflight * integration: Fix deprecation warnings * integration: Redirect nghttpx stdout/stderr to test driver's stdout/stderr - Changes for version 1.19.0: * lib: Fix memory leak of nghttp2_stream object in server side nghttp2_session object * Fix issues found by PVS Studio (Patch from Alexis La Goutte) (GH-769) * doc: Update README file to write about the issue of Alpine Linux's inability to replace malloc (Patch from makovich) (GH-768) * build: Compile with Android NDK r13b using clang * src: Fix assertion error with boringssl * nghttp: Take into account scheme and port when parsing HTML links * nghttp: Fix authority for --get-assets if IP address is used in conjunction with user-defined :authority header (Patch from Benedikt Christoph Wolters) (GH-783) * nghttpx: Add --accesslog-write-early option (GH-777) * nghttpx: Fix access.log timestamp (GH-778) * nghttpx: Show default cipher list in -h * nghttpx: Add client-ciphers option * nghttpx: Add client-no-http2-cipher-black-list option * nghttpx: Fix the bug that no-http2-cipher-black-list does not work on backend HTTP/2 connections. * nghttpx: Add --client-psk-secret option to enable PSK in backend (GH-612) * nghttpx: Add --psk-secret option to enable PSK in frontend connection (GH-612) * nghttpx: Enable SCT with OpenSSL 1.1.0 * nghttpx: Add proxyproto to frontend option to accept PROXY protocol (GH-765) * h2load: Show default cipher list in -h * h2load: Show custom server temp key such as X25519 * h2load: Fix incorrect return value from spdylay_send_callback - Changes for version 1.18.1: * nghttpx: Fix assertion error in libev ev_io_start (GH-759) * nghttpx: Handle c-ares success without result * nghttpx: Fix bug that DNS timeout was erroneously disabled (GH-763) * nghttpx: Fix bug that DNS timeout was ignored (GH-763)- use individual libboost-*-devel packages instead of boost-devel- Update to version 1.18.0: * lib: Accept and ignore content-length: 0 in 204 response for now * build: Use pkg-config to detect libxml2 * build: Require c-ares to compile applications under src * build: Add Windows CI via AppVeyor (Patch from Alexis La Goutte) * examples: Delete tiny-nghttpd * nghttpx: Retry h1 backend request if first write fails (GH-757) * nghttpx: Keep reading after backend write failed (GH-756) * nghttpx: Add frontend-keep-alive-timeout option (GH-755) * nghttpx: New error log format (GH-749) * nghttpx: Fix bug that fetch-ocsp-response does not work with OpenSSL 1.1.0 (GH-742) * nghttpx: Backend API call allows non-numeric host with dns parameter (GH-731) * nghttpx: Lookup backend host name dynamically (GH-721) * nghttpx: Accept and ignore content-length: 0 in 204 response for now (GH-735) * nghttpx: Wait for child process to exit- Update to version 1.17.0: * lib: Disallow content-length in 1xx, 204, or 200 to a CONNECT request (GH-722) * lib: Avoid memcpy against NULL src * build: MSVC version resource support (Patch from Remo E) (GH-718) * asio: server: Call on_close callback on connection close (GH-729) * nghttpx: Fix frequent crash with --backend-http-proxy-uri * nghttpx: Robust backend read timeout * nghttpx: Fix bug that mishandles response header from h1 backend * nghttpx: Fix bug that zero-length POST is not forwarded (GH-726) * nghttpx: Remove optional reason-phrase from SPDY :status * nghttpx: Header key and value must be string in mruby script * nghttpx: Strip content-length with 204 or 200 to CONNECT in mruby (GH-722) * nghttpx: Strict handling for Content-Length or Transfer-Encoding in h1 (GH-722) * nghttpx: Fix compilation with BoringSSL (Patch from dalf) (GH-717) * nghttpd, nghttpx, asio: Add missing mandatory SP after status code- Update to version 1.16.1: * lib: Prevent undefined behavior in decode_length * nghttpx: Fix bug which may crash nghttpx if non-final response is forwarded from origin server to HTTP/1.1 client - Changes for version 1.16.0: * lib: Add nghttp2_set_debug_vprintf_callback to take advantage of DEBUGF statements in when building DEBUGBUILD. * Update .clang-format for clang-format-3.9 * build: Make it possible to include nghttp2/CMakeLists.txt in another project using add_subdirectory. * third-party: Update http-parser to feae95a3a69f111bc1897b9048d9acbc290992f9 * asio: Fix crash when end() is called outside nghttp2 callback * nghttpx: Add --backend-connect-timeout option * nghttpx: Add TLS signed_certificate_timestamp extension support * nghttpx: Add --ecdh-curves option to specify list of named curves * h2load: Add --header-table-size and --encoder-header-table-size options- Update to version 1.15.0: * lib: Add nghttp2_option_set_max_deflate_dynamic_table_size() API function (GH-684) * lib: Allow NGHTTP2_ERR_PAUSE from nghttp2_data_source_read_callback (GH-671) * lib: Add nghttp2_session_get_hd_deflate_dynamic_table_size() and nghttp2_session_get_hd_inflate_dynamic_table_size() API functions to get current HPACK dynamic table size (GH-664) * lib: Add nghttp2_session_get_local_settings() API function * lib: Add nghttp2_session_get_local_window_size() and nghttp2_session_get_stream_local_window_size() API functions * build: Add -lsocket -lnsl to APPLDFLAGS for solaris build * neverbleed: Update neverbleed to support ECDSA certificate * doc: Mention --enable-lib-only configure option in README * integration: Fix test failure with go1.7.1 * src: Fix compile error with openssl 1.1.0 * nghttpx: Improve performance with HTTP/1.1 backend when request body is involved * nghttpx: Use std::atomic_* overloads for std::shared_ptr if available * nghttpx: Migrate backend stream to another h2 session on graceful shutdown * nghttpx: Add option to specify HPACK encoder/decoder dynamic table size * nghttpx: Log client address * nghttpx: Add tls_sni to mruby Nghttpx::Env class * nghttpx: Add --frontend-http2-window-size option, and its family functions * nghttpx: Add experimental TCP optimization for h2 frontend * nghttpx: Workaround for std::make_shared bug in Xcode7, 7.1, and 7.2 (GH-670) * nghttpx: Fix bug that bytes are doubly counted to rate limit for TLS connections * nghttpx: Add --no-server-rewrite option not to rewrite server header field (GH-667) * nghttpx: Retry if backend h1 connection cannot be established due to timeout * nghttpx: Reset stream if invalid header field is received in h2 * nghttpx: Add --server-name option to change server response header field (GH-667) * nghttpd: Add --encoder-header-table-size option * nghttp: Add --encoder-header-table-size option * python: Support ALPN, require Python 3.5- Update to version 1.14.0: * lib: Make emit_header() return void since it always succeed * lib: Add nghttp2_hd_deflate_hd_vec() deflate API to support multiple buffer input * lib: since hd_inflate_commit_indexed() always return 0, remove the return value check in nghttp2_hd_inflate_hd_nv() * lib: Use memeq() instead of lstreq() in lookup_token() * lib: More strict stream state handling * lib: Modify genlibtokenlookup.py to remove redundant header comparisons and remove inline qualifier of lookup_token() in genlibtokenlookup.py * lib: Fix wrong tree operation to avoid cycle * lib: Make get_max_index() return the max index in frame, so we don't need to do extra calculation * lib: Add nghttp2_on_invalid_header_callback * lib: Log frame's stream ID for header debug logging * doc: Remove old doc about differential encoding in HPACK * doc: Document about ALPN in nghttpx howto * nghttpx: Log error code from getsockopt(SO_ERROR) on first write event * nghttpx: Don't change pushed stream's priority * nghttpx: Log backend connection failure in WARN level * nghttpx: Fix bug that api and healthmon parameters do not work with http2 proxy * nghttpx: Add access log variable for backend host and port * nghttpx: Use copy instead of const reference of backend group * nghttpx: Reload configuration with SIGHUP * nghttp: Adjust weight according to Firefox stable * nghttp: Call error callback when invalid header field is received and ignored * nghttp: Allow multiple -p option * deflatehd: Call nghttp2_hd_deflate_change_table_size only if table size is changed from default- Update to version 1.13.0: * lib: Cancel non-DATA frame transmission from nghttp2_before_frame_send_callback * doc: Fix warning with Sphinx 1.4 * build: Work with Android NDK r12b * nghttpx: Use consistent hashing for client IP based session affinity * nghttpx: Fix FTBFS on armel by explicitly including the header * nghttpx: Cast to double to fix build with gcc 4.8 on Solaris 11 * nghttpx: Fix build error with libressl * examples: Fix compile error with OpenSSL v1.1.0-beta2- Update to version 1.12.0: * Add nghttp2_session_set_local_window_size API function * Add nghttp2_option_set_max_send_header_block_length API function (GH-613) * Fix warning: declaration of 'free' shadows a global declaration (Patch from Alexis La Goutte) * examples: Add ALPN support to tutorial client/server (GH-614) * nghttpx: Reduce TTFB with large number of incoming connections * nghttpx: Rewrite read timer handling * nghttpx: Clean up neverbleed AF_UNIX socket * nghttpx: Add --backend-max-backoff option * nghttpx: Use 16KiB buffer for reading to match TLS record size * nghttpx: Add healthmon parameter to -f option to enable health monitor mode * nghttpx: Receive reference of std::mt19937, not making a copy * nghttpx: Fix bug that backend never return to online (GH-615) * nghttpx: Implement client IP based session affinity * nghttpx: Add --api-max-request-body option to set maximum API request body size * nghttpx: Add api parameter to --frontend option to mark API endpoint * h2load: Add content-length header field for HTTP/2 and SPDY as well * h2load: Implement HTTP/1 upload (GH-611)- Update to 1.11.1 * lib: Add nghttp2_hd_inflate_hd2() and deprecate nghttp2_hd_inflate_hd() * lib: Avoid 0-length DATA if NGHTTP2_DATA_FLAG_NO_END_STREAM is set * lib: Fix bug that PING flags are ignored in nghttp2_submit_ping * integration: Workaround runtime error: cgo argument has Go pointer to Go pointer * nghttp: Eliminate zero length DATA frame at the end if possible * nghttpd: Set content-length in status response * nghttpx: Add sni keyword to --backend option * nghttpx: Allow mixed protocol and TLS settings among backends under same pattern * nghttpx: Don't add 0-length DATA when response HEADERS bears END_STREAM flag * nghttpx: Don't add chunked encoded response body for HEAD request * nghttpx: Don't use CN if we have dNSName or iPAddress field * nghttpx: Just call execv instead of execve to pass environ * nghttpx: Make SETTINGS timeout value configurable * nghttpx: Save PID file after it is ready to accept connections * nghttpx: Treat backend failure if SETTINGS is not received within timeout * nghttpx: Wait for SETTINGS ACK to make sure that backend h2 server is alive- Update to 1.10.0 * Pass unknown SETTINGS values to nghttp2_on_frame_recv_callback * Add ALTSVC frame support * Run error callback when peer does not send initial SETTINGS frame * Update http-parser * Update sphinx_rtd_theme * nghttp: add an --expect-continue option * nghttpx: Fix downstream connect callback called early * nghttpx: Truncate too long -b option signature * nghttpx: Fix bug that server push from mruby script did not work * nghttpx: Try next HTTP/1 backend address when connection cannot be made * nghttpx: Retry next HTTP/2 backend address when connection cannot be made * nghttpx: Enable link header field based push for non-final response * nghttpx: Detect online/offline state of backend servers * nghttpx: Better load balancing between backend HTTP/2 servers * nghttpx: Fix crash with backend failure- Update to 1.9.2 * nghttpx: Fix crash with backend failure * nghttpx: Better distribute load to backend h2 servers * nghttpx: Fix error messages on deprecated mode * nghttpx: Fix bug that logger wrote string which was not NULL-terminated * nghttpx: Fix bug that proxy with HTTP/1.1 CONNECT did not work- Update to 1.9.1 * nghttpx: Fix bug that backend tls keyword did not work with -s option * nghttpx: Fix handing stream after connection check was failed - Changes for 1.9.0 * lib: Add nghttp2_error_callback to tell application human readable error message * lib: Reference counted HPACK name/value pair, adding * nghttp2_on_header_callback2 * lib: Add nghttp2_option_set_no_auto_ping_ack() option * lib: Add nghttp2_http2_strerror() to return HTTP/2 error code string * build: Makefile.msvc enhancements (Patch from Jan-E) * build: Lower libev version requirement (Patch from Peter Wu) * build: cmake build support (Patch from Peter Wu) * asio: Fix bug that server event loop breaks with exception * integration: Disable tests that sometimes break randomly on travis * integration: do not use recursive target (Patch from Peter Wu) * h2load: Fix bug that it did not try to connect to server again * h2load: Fix bug that initial max concurrent streams was too large * nghttpx: Memcached connection encryption with tls keyword * nghttpx: Enable/disable TLS per frontend address * nghttpx: Configure TLS per backend routing pattern * nghttpx: Workaround for Ubuntu 15.04 which does not value-initialize on std::make_shared. * nghttpx: Add --error-page option to set custom error pages * nghttpx: Add wildcard host routing * nghttpx: Change read timeout reset timing * nghttpx: Don't push if Link header field includes nopush * nghttpx: Deprecate backend-http1-connections-per-host in favor of backend-connections-per-host * nghttpx: Restructure mode settings, removing --http2-bridge, - -client, and --client-proxy options * nghttpx: Deprecate backend-http1-connections-per-frontend in favor of backend-connections-per-frontend * nghttpx: Don't share session which is already in draining state * nghttpx: Effectively disable backend HTTP/2 connection flow control * nghttpx: Add --frontend-http2-max-concurrent-streams and - -backend-http2-max-concurrent-streams, and deprecate - -http2-max-concurrent-streams option * nghttpx: Deprecate --backend-http2-connections-per-worker option * nghttpx: Share TLS session cache between HTTP/2 and HTTP/1 backend * nghttpx: Rewrite backend HTTP/2 connection coalesce strategy- Update to 1.8.0 * Add Architecture documents (work in progress) * List all contributors in AUTHORS * doc: fix out-of-tree doc builds (Patch from Peter Wu) * Wrap AM_PATH_XML2 by m4_ifdef to handle the case when _PATH_XML2 is not found * Fix configure script for non-gcc, clang build * Document compiling apps and include h2load in configure (Patch from David Beitey) * Don't check for dlopen/libdl on *BSD (Patch from Bernard Spil) * Don't taint CXXFLAGS from AX_CXX_COMPILE_STDCXX_11 * Fixing Windows Makefile version detection (Patch from Reza Tavakoli) * lib: Tokenize extra HTTP header fields * lib: Fix typo in HAVE_CONFIG_H name (Patch from Peter Wu) * lib: Add HTTP/2 extension framework to send and receive non-critical frames * tests: remove unused macros (Patch from Peter Wu) * src: Update default cipher list * src: Fix compile error with gcc-6 which enables C++14 by default * asio: client: Fix connect timeout does not work, return from cb if session stopped, removing client::session::connect_timeout() functon * nghttpd: Start SETTINGS timer after it is written to output buffer * nghttpd: Add trailer header field to status responses * nghttpd: Add -w and -W options to change window size * nghttpx: Worker wide blocker which is used when socket(2) is failed * nghttpx: ConnectBlocker per backend address * nghttpx: Interleave text/html pushed resources with associated resource * nghttpx: Add headers given in add-response-headers for mruby response * nghttpx: Deprecate --backend-ipv4 and --backend-ipv6 in favor of --backend-address-family * nghttpx: Add options to specify address family of memcached connections * nghttpx: Add encryption support for TLS ticket key retrieval * nghttpx: Add TLS support for session cache memcached connection * nghttpx: Refactor blacklisted cipher suite check (Patch from Jay Satiro) * nghttpx: Add TLS support for HTTP/1 backend * nghttpx: Add request-header-field-buffer and max-request-header-fields options, deprecating header-field-buffer and max-header-fields options. * nghttpx: Add --no-http2-cipher-black-list to allow black listed cipher suite * nghttpx: Limit header fields from backend * nghttpx: Fix bug that IPv6 address in Forwarded "for" is not quoted-string * nghttpx: Support multiple frontend addresses * integration-tests: support out-of-tree tests (Patch from Peter Wu) * examples: fix compile warnings (Patch from Peter Wu) - Drop upstreamed nghttp2-c++14.patch- Update to 1.7.1 * Fix CVE-2016-1544 (boo#966514)- Add nghttp2-c++14.patch to properly guard make_unique templates. [bsc#964140]- Update to 1.7.0 * Reset (RST_STREAM) stream if flow control window gets overflow * Validate :authroity, host, and :scheme value more strictly * Check request/response submission error based side of session * Strict outgoing idle stream detection * Return error from nghttp2_submit_{headers,request} when self dependency is made * Add -ldl to APPLDFLAGS for static openssl linking * asio: Stop acceptor on server::http2::stop * asio: Rename http2::get_io_services() as http2::io_services() * h2load: Support UNIX domain socket * h2load: Improve readability of traffic numbers * h2load: Remove "auto" for -m option * h2load: Show progress in rate mode * h2load: Perform sampling for request and connection timings to reduce memory consumption * nghttpd: Add --no-content-length option to omit content-length in response * nghttpx: Interleave pushed streams with the associated stream if pushed streams are javascript and CSS resources * nghttpx: The initial value of request/response buffer is increased to 128K * nghttpx: Fix bug that --listener-disable-timeout option is not used * nghttpx: Don't emit :authority if request does not contain authority information * nghttpx: Add clarification of quotes in configuration file * nghttpx: Don't allow certain characters in host and :scheme header field * nghttpx: Add RFC 7239 Forwarded header field support * nghttpx: Fix crash when running on IPv6 only (Patch from Vernon Tang) * nghttpx: Take into account of trailers when applying max_header_fields * nghttpx: Don't apply max_header_fields and header_field_buffer limit to response * nghttpx: Strict validation for header fields given in configuration * nghttpx: header value should not be lower-cased (Patch from ayanamist)- fixed typo in libnghttp2_asio1 [bsc#962914]- Update to 1.6.0 * Fix heap-use-after-free bug when handling idle streams * Strict error handling for frames which are not allowed after closed (remote) * Set max number of outgoing concurrent streams to 100 by default * Keep incoming streams only at server side * Create stream object for pushed resource during nghttp2_submit_push_promise() * Add nghttp2_session_create_idle_stream() API * Handle response in nghttp2_on_begin_frame_callback * Add --lib-only configure option * Compile with OpenSSL 1.1.0-pre1 * Fix build when OpenSSL 1.0.2 is not available (patch from Sunpoet Po-Chuan Hsieh) * asio: Add connect and read timeout to client API * asio: Add TLS handshake and read timeout to server API * asio: Added access to a requests remote endpoint (patch from Andreas Pohl) * asio: libnghttp2_asio: Added io_service accessors (patch from Andreas Pohl) * h2load: Add req/s min, max, mean and sd for clients * h2load: Fix broken connection times- Update to 1.5.0 * Fix bug that nghttp2_session_find_stream(session, 0) returned NULL * Add nghttp2_session_change_stream_priority() to change stream priority without sending PRIORITY frame * Add nghttp2_session_check_server_session() API * Consider to use CANCEL error code when closing streams with GOAWAY * Don't send push response if GOAWAY has been received * Use error code CANCEL to reset pushed reserved stream from remote * Add nghttp2_session_upgrade2(), deprecate nghttp2_session_upgrade() * Workaround HTTP upgrade with HEAD request in nghttp2_session_upgrade() * Introduce NGHTTP2_NV_FLAG_NO_COPY_NAME and NGHTTP2_NV_FLAG_NO_COPY_VALUE * Add nghttp2_session_check_request_allowed() API function * Switch to clang-format-3.6 * Update mruby to 1.2.0 * tests: fix broken linkage with --disable-static (Patch from Kamil Dudka) * python: Send RST_STREAM if remote side is not closed and response finished * asio: client: call on_error when connection is dropped * asio: ALPN support * h2load: Add --h1 option to force http/1.1 for both http and https URI * h2load: Fix crash when dealing with "connection: close" form HTTP/1.1 server * h2load: h2load goes into infinite loop when timing script file starts with 0.0 in first line (Patch from Kit Chan) * h2load: Override user-agent with -H option * h2load: Print "space savings" to measure header compression efficiency * h2load: Stream error should be counted toward errored * h2load: Show application protocol with OpenSSL < 1.0.2 * nghttpx: Don't send RST_STREAM to h2 backend if backend is disconnected state * nghttpx: Support server push from HTTP/2 backend * nghttpx: Fix bug that causes connection failure with backend proxy URI * nghttpx: Use --backend-tls-sni-field to verify certificate hostname * nghttpx: Log :authority as $http_host if available * nghttpd: Fix crash with CONNECT request * nghttpd: Defered eviction of cached fd using timer * nghttpd: Read /etc/mime.types to set content-type header field * nghttp: Record request method to output it in har correctly * nghttp: Use method given in -H with ":method" in HTTP Upgrade - Drop nghttp2-1.4.0-fix-tests.patch (now in upstream)- Enable spdy and more example applications- Update to 1.4.0: * lib: Don't always expect dynamic table size update. * lib: Shrink to the minimum table size seen in local SETTINGS. * lib: Add new error code NGHTTP2_ERR_PAUSE to send_data_callback. * lib: Avoid excessive WINDOW_UPDATE queuing. * lib: Return fatal error if flooding is detected to close session immediately. * lib: Return type of nghttp2_submit_trailer is int. * lib: Don't send WINDOW_UPDATE with 0 increment. * lib: Fix bug that headers in CONTINUATION were ignored after HEADERS with padding. * package: Use -fvisibility=hidden for internal functions. * package: Show more information in configure summary. * package: Add PIDFile directive to systemd service. * package: Fix daemon upgrade when running under systemd. * app: Compile with BoringSSL. * nghttp: Allow multiple -c option occurrence, and take min and last value. * nghttpd: Fix leak when server failed to listen to given port. * nghttpx: Add TLS dynamic record size behaviour command line options. * nghttpx: Reduce default timeouts for read sockets to 1m. * nghttpx: Fix bug that PUT is replaced with POST. * nghttpx: Change mruby script handling. * nghttpx: Added support for RFC 7413 (TCP Fast Open) on nghttpx proxy listening connections. * nghttpx: Add neverbleed support. * h2load: Don't DOS our server! * h2load: Use duration syntax for timeouts. * h2load: Support subsecond rate period. * h2load: Simplify rate mode. * h2load: Add option for user-definable rate period. * h2load: Reuse SSL/TLS session. * h2load: Reconnect server on connection: close. * h2load: Don't exit in the case of no ALPN protocol overlap. * integration: Update go's http2 package URI. - Add missing baselibs.conf. - Add nghttp2-1.4.0-fix-tests.patch from commit 4825009. - Small spec cleanup.- Update to 1.3.4 * Make traditional init script fail if new config file is broken (Patch from Janusz Dziemidowicz) * nghttpx-logrotate: Don't use killall since we have multiple processes * nghttpx: Fix improper signal handling - Changes for 1.3.3 * Fix bug in padding handling of DATA frame * Use hash table for dynamic table lookup * More warning flags for --enable-werror * Update mruby * h2load: HTTP/1.1 support (Patch from Lucas Pardue) * nghttpx: Do not try to set TCP_NODELAY when frontend is an UNIX socket (Patch from Janusz Dziemidowicz) * nghttpx: Chown UNIX domain socket to user specified as --user * nghttpx: Split monolithic one process into control and worker processes * nghttpx: Handle SSL/TLS data following PROXY protocol line - Changes for 1.3.2 * Check header block limit after new stream is opened * nghttp: Show error if HEADERS frame cannot be sent for whatever reason * nghttpx: Fix assertion failure on TLS handshake * nghttpx: Add x-http2-push header field for pushed resource * nghttpx: Fix compile error with --disable-threads- Update to 1.3.1 * Avoid usage of typeof and replace __builtin_offsetof with offsetof * Honor stream->weight even if stream->last_writelen is 0 * Compile third-party libraries if hpack-tools is enabled * nghttpx-init: Start nghttpx with --daemon * Bundle sphinxcontrib.rubydomain https://bitbucket.org/birkenfeld/sphinx-contrib/src/default/rubydomain/ * Bundle mruby * h2load: Record TTFB on first byte of response body, rather than first socket read * h2load: Improve checking for timing script input, prevent false positive in certain situations * nghttpx: Implement PROXY protocol version 1 (--accept-proxy-protocol option) * nghttpx: Allow link header server push for HTTP/2 backend as well * nghttpx: Don't initiate push if client disabled push * nghttpx: Allow absolute URI in Link header field for push * nghttpx: Fix crash with multi workers and QUIT signal * nghttpx: Add mruby support which is disabled by default (use --with-mruby configure option to enable it) * nghttpx: Drop connection before TLS finish if h2 requirement is not fulfilled - Fix typo in previous changelog entry- Update to 1.3.1 * Limit the number of incoming reserved (remote) streams * Add stream public API * Rewrite priority tree handling * Fix parallel make distcheck * Define it and itprep recursive target if AM_EXTRA_RECURSIVE_TARGETS is defined * fetch-ocsp-response: Handle spurious openssl exist status 0 * nghttpx: Use nghttp2::ssl::DEFAULT_CIPHER_LIST for backend TLS connection * nghttpx: Don't allow blacked listed cipher suites for HTTP/2 connection * nghttpx: better handle /dev/stderr and /dev/stdout (Patch from Tomasz Buchert) * nghttpd: GOAWAY if SSL/TLS requirements for HTTP/2 are not met * nghttpd: Return date header field for 304 * nghttpd: Support HEAD request * h2load: Add Timing-script and base URI support (Patch from Lucas Pardue) * h2load: Add timeout options (Patch from Nora) - Fix typo in changelog- Update to 1.2.1 * doc: Reword the HPACK tutorial (Patch from Tom Harwood) * nghttpx: Fix stability issues * h2load: Fix crash if -r > -n- Update to 1.2.0 * Fix crash if response or data is submitted to closing stream * Header table size UINT32_MAX must be accepted * Use PROTOCOL_ERROR against DATA sent to idle stream * Allow multiple in-flight SETTINGS * Strictly check occurrence of dynamic table size update * Fix configure warning that 'missing' is missing or too old * Fix rm: cannot remove ‘*.rst’: No such file or directory when "make clean" (Patch from Alexis La Goutte) * doc: Reword some of the server and client tutorial (Patch from Tom Harwood) * src: Remove monotonic_clock replacement macro for gcc-4.6 * nghttpx: Add TLS ticket key sharing among nghttpx instances using memcached * nghttpx: Add shared session cache using memcached * nghttpx: Set SSL/TLS session timeout to 12 hours * nghttpx: Enable session resumption on HTTP/2 backend * nghttpx: Don't rewrite host header field by default * nghttpx: Generate new ticket key every 1hr and its life time is now 12hrs * nghttpx: Don't reuse backend connection if it is not clean * nghttpx: Add AES-256-CBC encryption for TLS session ticket * nghttpd: Fix the bug that 304 response has non-empty body * h2load: Add -r and -C options to h2load (Patch from Nora Shoemaker) - Changes for 1.1.2 * Fix linker error with libnghttp2_asio * Allow custom installation location for Python bindings - Drop no longer needed missing_nghttp2_timegm.patch- Update to 1.1.1 * nghttpx: Fix various stability issues and memory leak bug - Changes for 1.1.0 * Fix DATA is not consumed if nghttp2_http_on_data_chunk failed * nghttp2_submit_response and nghttp2_submit_headers may return * NGHTTP2_ERR_DATA_EXIST * msvc build fixes and enchantments (Patch from Gabi Davar) * Compile with IRIX gcc-4.7 (Patch from Klaus Ziegler) * nghttp: Add --max-concurrent-streams option * nghttp: Add comment on HAR on pushed objects (Patch from acesso) * nghttpx: Add --include option to read additional configuration from given file * nghttpx: Add backend routing based on request host and path by extending -b option * nghttpx: Allow log variable to be enclosed by curly braces for disambiguation * nghttpx: Add log variables related to SSL/TLS connection * h2load: Add --ciphers option - Add patches * missing_nghttp2_timegm.patch to fix building of asio library * nghttp2-remove-python-build.patch to fix python bindings installation when autotools are used- Update to 1.0.5 * Add STREAM_DEP_DEBUG macro switch to enable runtime validation of depedency tree * Fix another bug in priority handling; sibling's item is not queued when ancestor's item is detached * nghttpx: Fix crash with --http2-bridge and both frontend and backend TLS- Update to 1.0.4 * Fix assertion failure in stream_update_dep_on_detach_item (GH-264) - Changes for 1.0.3 * Fix bug that idle self-depending PRIORITY is not handled gracefully * Optimize dependency based priority code to Firefox style tree * enable third-party for asio_lib too (Patch from Mike Frysinger) * fetch-ocsp-response: Support LibreSSL, and include port in ocsp_host * src: Support compile with LibreSSL * nghttpx: Fix bug that x-forwarded-proto header field does not reflect frontend scheme on HTTP/2 backend * nghttpx: Validate :path on SPDY frontend- Update to 1.0.2 * Fix bug that data are not consumed for connection in race condition (GH-253) * Define NGHTTP2_EXTERN to __declspec(dllimport) when using nghttp2 for Windows build * Translate fetch-ocsp-response into Python * libevent-client: Fix bug that path is broken if URI does not contain path part * python: Call on_close callback when connection is lost for server session * python: Expose client certificate, if available (Patch from Fabian Wiesel) * python: Catch and log failure to set TCP_NODELAY (Patch from Fabian Wiesel) * nghttpx: Add --add-request-header option * nghttpx: Make WebSocket upgrade work * nghttpx: Fix bug that END_STREAM is not set in backend for POST with Upgrade * nghttpx: Don't send "Expect" header field twice- Update to 1.0.1 * Include stdint.h instead of inttypes.h when compiled with MSVC < 2013 * Fix invalid memory free on out-of-memory handling * integration: Use our own copy of golang spdy package * android: Don't link zlib bundled with android NDK * Dockerfile.android: Update NDK ver, and ubuntu; build and link zlib * src, examples: Fix up OpenSSL initialization * nghttpx: Allow HTTP Upgrade from POST request if response header has not been sent to the client * nghttpx: Fix bug that PUSH_PROMISE is sent after associated response HEADERS * nghttpd: Close connection after settings timeout and GOAWAY was sent * h2load: Fix bug that NPN fails if ALPN is enabled- Update to 1.0.0 * v1.0.0 introduced backward incompatible changes from 0.7 series. Read https://nghttp2.org/documentation/package_README.html#migration-from-v0-7-15-or-earlier to migrate from older version to this latest version. - Changes for 0.7.15 * Hopefully, this is the last release for 0.7.x series. Development continues in 1.x series. * Access violation in buffers (GH-232) (Patch from Etienne Cimon) * Retry finding jemalloc lib by je_malloc_stats_print (GH-233) * inflatehd: Fix crash if 'wire' value is not string (GH-235) * nghttpx: Revert 585af93 to fix crash with TLS (GH-234) * nghttpd: Add --echo-upload option to send back request body- Update to 0.7.14 * Fix global-buffer-overflow in HPACK code * Fix doc for nghttp2_select_next_protocol * Fix bug that promised stream was not reset on decompression error * Add systemd and upstart configuration file for nghttpx (Patch from Zhuoyun Wei) * Improve nghttpx logrotate configuration file (Patch from Zhuoyun Wei) * Update sphinx_rtd_theme * h2load: Update h2load to give connect time and ttfb stats (Patch from ericcarlschwartz) * nghttpd: Add -m, --max-concurrent-streams option * nghttpx: Log absolute URI for HTTP/2 or client proxy request * nghttpx: Add --header-field-buffer and --max-header-fields options * nghttp: Fix assertion error if very large value is given to -t- Update to 0.7.13 * Fix bug that promised stream was not reset by returning NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE from nghttp2_on_header_callback. Instead, associated stream was reset. * Allow NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE from nghttp2_on_begin_headers_callback * h2load: Effectively disable flow control by setting large window size * asio: Graceful shutdown and joinable server (Patch from Xiaoguang Sun)- Update to 0.7.12 * Fix bug that nghttp2_session_set_next_stream_id accepts invalid stream_id * HPACK: Rewrite static header table handling * HPACK: Never index authorization and small cookie header field * Don't install libnghttp2_asio headers if they are disabled * doc: Specify program directive so that hyperlink to option is correctly pointed to the intended location * asio: client: Call error_cb on error occurred in do_read and do_write (Fixes GH-207) * nghttp: Add --no-push option to disable server push * nghttp: Show stream ID in statistics output * nghttp: Remove --dep-idle option * nghttp: Use same priority anchor nodes as Firefox does * nghttpx: Don't push resource if link header has non empty loadpolicy * nghttpx: Add logging for somewhat important events (logs, tickets, and ocsp) * nghttpx: Set Downstream to stream user data on HTTP Upgrade to h2- Update to 0.7.11 * nghttpx: Fix waitpid race condition in ocsp response update * nghttp: Consider user-provided :authority header field for SNI as well as host header field - Changes for 0.7.10 * Make sure that nghttp2 license is MIT license * Add nghttp2_session_consume_{connection,stream} to consume bytes independent * Add nghttp2_send_data_callback to send DATA payload without copying "static inline" fix for build with VS2013 (Patch from Remo E) * Update lib/Makefile.msvc (Patch from Remo E) * Remove dependency on libws2_32 on Windows build * Define NGHTTP2_EXTERN macro to export function for Windows build * doc: Generate API doc per function * python: Add async body generation support * python: Fix pseudo-header field ordering bug * nghttpx: Redirect stderr to errorlog file * nghttpx: Fix bug that data buffered in SSL object are not read * nghttpx: Remove --tls-ctx-per-worker option * nghttpx: Add OCSP stapling feature- Enable python bindings - Update to 0.7.9 * Implements h2-14 protocol (http://tools.ietf.org/html/draft-ietf-httpbis-http2-14) * Implements HPACK 09 (http://tools.ietf.org/html/draft-ietf-httpbis-header-compression-09) * h2load: Fix crash if -t > -c * h2load: Add -d option to upload data to server * nghttpx: Forward only "trailers" keyword in te when forwarding HTTP/2 backend * nghttpx: Fix PUSH_PROMISE header field corruption [GH-194] * nghttpx: Fix te header field is duplicated when forwarding HTTP/2 backend * nghttp, nghttpd: Add --hexdump option to hexdump incoming traffic. * examples: Place AM_CPPFLAGS first to use in-package header files first [GH-192] - Changes for 0.7.8 * Implements h2-14 protocol (http://tools.ietf.org/html/draft-ietf-httpbis-http2-14) * Implements HPACK 09 (http://tools.ietf.org/html/draft-ietf-httpbis-header-compression-09) * Validate :path header field for http or https URI scheme * NULL-terminate header field name and value presented by callback * README.rst: Cleaned up the grammar a bit (Patch from Ross Smith II) * h2load: fix for segfault by reserving correct worker count (Patch from Stefan Eissing)- Avoid shipping documentation redundantly. Set RPM groups.- Fix rpm group- Update to 0.7.5 * Implements h2-14 protocol (http://tools.ietf.org/html/draft-ietf-httpbis-http2-14) * Implements HPACK 09 (http://tools.ietf.org/html/draft-ietf-httpbis-header-compression-09) * Validate HTTP semantics by default * Add nghttp2_option_set_no_http_messaging() API function * Update http-parser * nghttp, nghttpd, nghttpx: Use "sensitive" to indicate "never indexed" header field * nghttp, nghttpd, nghttpx, h2load: Select/announce h2 in ALPN/NPN * nghttp: Fix unaligned field output in --stat * nghttp: Fix -H does not work with -u upgrade request * nghttp: Update resource timing terminology according to Resource Timing TR * nghttpd: Add -a option which takes an address parameter that allows nghttpd to bind to a non-default address. Patch from Brian Card * nghttpx: Use omit minor version in case of HTTP/2 in via header and access log * nghttpx: Support UNIX domain socket on both frontend and backend * nghttpx: Fix crash in http/1 backend when backend returns more bytes than CL * nghttpx: Cast configuration value to rlim_t to avoid compile error on 32bit * nghttpx: Fix 1 second delay in HTTP/2 backend connection * nghttpx: Fix request re-submission bug in HTTP/2 backend * asio-sv2: Fix compile error with OS X- Initial packaging of 0.7.4sheep82 15846161101.40.0-lp151.3.6.11.40.0-lp151.3.6.1deflatehdh2loadinflatehdnghttpnghttpdnghttpxnghttp2fetch-ocsp-response/usr/bin//usr/share//usr/share/nghttp2/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:12131/openSUSE_Leap_15.1_Update/1c2ae97637d10cd8ca55c394da78587c-nghttp2.openSUSE_Leap_15.1_Updatedrpmxz5x86_64-suse-linuxELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, BuildID[sha1]=1a5bde7e70da6f01cbe94074be02ee9c5f94ce5b, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/l, BuildID[sha1]=5e4b4fb2480c4e5d1e61df298ebdb59cbd3bb02e, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, BuildID[sha1]=ac316185166f02fa238a8e761108b43aee1ac75f, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/l, BuildID[sha1]=4df02adc17e75983eb9a6a64e2335949092a1b40, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/l, BuildID[sha1]=3965af298d0c3bd72b30e2d1ee45a5ede12be761, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/l, BuildID[sha1]=b88d091c7ed3cc51f28d5fd95bde47d1525c9f6c, for GNU/Linux 3.2.0, strippeddirectoryPython script, ASCII text executable4Cc# )R R)RR!RRRRRRRRRRR RRR RRR RRRRRR&R#RR$RRR)R"RRR R'R!R(R%RRRR RR RRR RRR R)RRR!RRRRRRRRR RR RR RRRRRR-RR RR$R)RR!R'R%RRRR,R RR RR.RRR RRR RR RRR%RR$R)R RR!R'R(RRRRRRRRR RR R.RRR RRR RR R+RRRRRRRRRRRR$RRR)R"RRR R'R!R(R%RRRR RR RR*R.RRR RRR'dqK.!tP~utf-881476ccacdfe9f059e69464e244ea37da6f890e1a758a16b1c06c871c6a915c3? 7zXZ !t/)]ƒ]"k%w69$ XNME09t ٝ@e4)Mn>fhӲv= jxW4$g+ Y}J&4ޛP&O}LHbЈ.9V`^3Q `khۏ3,$"g;k8NY?3_A\V8PYӥHrâ;ЮC7u6 ^!Lk|2?eFX*bxtLJi\džjj ov1|Cc! edc,v}0[9K9RTJmBM"t^b8I"3ryJ%D1d4:? kW]cP_(8S?P[3bAxFaS҇(v:\ 2?mt&>Gy4!Nx,a qk, E}@UIVܯ3\C"!%1)er8l nkE*?G:|քXɴ8_ 0,,^$4D:5kF|U"<_kx\7!nkįdyt1߶&i&$t_L'SuMsf<i190dk)c`Y%EQ\پ2MFX$(s5XRnb- dM#{" JKVxg^"eAU⽡Pts_P ƌ$N;ℊw9 RA˘H.e{c93ٺf 5@HJ@XH !>t`9BtNs~n`-haj *Ur񙵁yC1DXy҉ꠏά 7W٩̫:H}lтF/>?gV}!zQ_TEdsւ#`E47nη3pzXK}rh-ܐ>4!Voj8_ZQ h|ٽZuzE–)'* v> sf Iޒ!+(8f_Aޱ!%> t.hGgMU fe3t0p Fn;^ƯČZbH`lu 殺a=z (iӶ(H& pLڈDplՏ *Vˆ͖AK߇ci?FoP夆.voӡQ/oԪPDLr~s+emr.x7 Y' 8؀oXv^_80 a-t3)1EX-(W,|tYXz Lkð̲A\Zncelz}&Fz zߖeHP[UohvSۀA)6fjK^!7{V;(j6WSAh"#G8!T]+u>R"n[0z#{y]7V~Nѷʤ ;:T*erc􊥠|bBt7֭z"EҌO34Oܧ9N̜gI@U+N?2bӁ,FTD#)\b  ~=<a߃a`WİJ~p[U5d;^H/.dx'LS'X&J^KSrW!:D3 @o'vԻ#-GULޘ )SOn.Nضy04Ӽv,>IB*0J9cj2qwjQ os i jx{{GM YҴ2d âЀ^+虿 ]]"5F_LI2WqQ/@0yR&SV1ZÜ3_ % ;u,Zʱ>9 ،2i}QJIWwZ>Bq-@^pZlOА1%իy7cnU>+nBxRh{y%|NkP.)Csk/L&il|h'QM1"wf#F:F#~|6 \R,ióٔгx&-7e{ EE9xc;3ŕm2 AĂyZNlYzUrca4A{ѱC+S>U]K (Bͯ'B1׍X[ͩ.,ג~+.M':G3vRo^1Q ug9y/1IԉJˢ\Vj-6v&©qI6XH"KCWh@wW?,&gNSʮ)mnpOҍ O["zLim&nXiMdZV3mOhѢuKdF4]^94Pٓ1iE`lwVHvI)2ab"ܚ"oΕӨϭ,?ƓUѬST{Qߑ@Fgƶxlk^VOW(j,;lG`>xOD%,[2*ҮVJ6>̞) ϳW~k"s9\{ΚoF/ٵ,v_N)wbƉ*vɝpfu@;!Op zXϛjzd 1tEJP>4ցݾ}knr*ТaRgmC莤VVԍӅ>FsăõjQɎO?%R:MUw8aڃ1DBtSY/%g1kAmbO6C.m*XeWN T A4%F~xfrtk Jy'@ hp=>̀}^e|ѾKOg5 !M{F m .1nNҋ25ex!w/lf#*Rke\ :uk-7W$+y=ڬ4 HoD2XYKl.WoXf6-ts玶Et_з`0 Z柔uQ-ފ63lm*й%Ls%&/($-RfBy$&R qtC]>@ej*5676.3j/prߗ3hj$z=彿H칭epJ^sMxxIü#iِ\R;hv܌d!;D/1hm/-Q̓xAC)tBn߻?0Mt] nBҕ^]!\ȉhk:em)DQTSp'*_W W{0Z`^~RWӅ";_'[t8 Xԛ[- jﬖ3RlAMjz= Fq#"H23qh/5bilX٥T0b24zS^#t 8k 7} bx7|5='5dp5 XgomX*̅*eI\&r~JNچ:9cy"rѳ6F`SgHƓqH_dyVK 6Kf'ї@i)NUȉo鉮@a\?ۂF XҷٿnlR #CUآ5Ŭ,QQdOF+͑sluOdTP)߷۷AZq-J^Țr[.C4!c?rrO nn8!r`wI d%x_^OXZbq߉hƇ:+&{Sf`(_i׃E; nlu\b^SScQ1pKWiPwB`AR%G̰d+1{˔E@ewL="8ˈ8i_N7 $14}_`xa{GzvXH}$':alK4yFq7vK^no1x;>ۋ^t)cRϦ|YkاR2> &U;˜H t]OyB0n/zųbZLG:I3姍S(Uo=dƄ4 lA\fW4TDGH8 ;kQ ^#Q&І]Ϟ37pͭ[稕 sLR|H}ݼB}q5 R3OSo~*j;; x0 lvu[b%Vv(]Za@5I:ĴH^qb! )(7ۘP^}_XD.i77W['Oz5oڃ}4;aq |FETu>.H(y _al\m0˜p*䗹w % "5hQz}\UZ|]~{,:F!uuWTI\ ?(31S''L܋2<ZfV>W 5?*VU|Ad0>IK8gDsE݇ zyRd6s9z3aȗ[5gh}nU%h<)c~+9[fs˫cMtcB 9zԂ+!7LR髠2Y]!zN\t:ſ<ekXݳNE9~E#K3bO[pI7ՀZPbVPT 1B^,}SbmddN{:ƃ>Tc.,[Cwm;=hƞf ajSmC&{!Ҩ1"u<38Sy(HW&7[ Fa5`Ll3gȖ.ޕAbg|?A^$ԗ|Q )mb*ڤwO_ `dE;Kx?^T7W|.1 ;Nmt=`jWQVIhU8\ po#g" )2 TQmhБ^Ə9D+AS@ɶ+2162MpL]C,&& %Pԣ;&߁ٟW\G{㥊SXC,%Tk0[_V>2Λ%Iɚ.gwZqaqO5GOI .,L~+&^i)=n:z(Is8wbCR0:=g2(J+mw J}d7sB(,9A$@2Y\eCmaV# iiUPk^渘dԶٻ+G[9C aЖvbU؏ҮK~JRYnһ ]wogbVvuP.sVaK 9]NLMIA3SSՈj\-;BA reD̤X!S>ASfk vԬKBoFsE$V톄 dÙ#%uR\=E"IM7#=I=.FD+{^!j %Vz7r%C\8%zU++ yqµYB]z-GX<1l{Xdn W* +7b"39^jd!C+O!zĝάۣ: kSkAy30mS9]'j?6)Hc I֠+5Ry$(YkcaY.Mg 9-|5sF 2kSsV*0i7 O*c- }!3H##frR7P(K5|끒 ɒy  !rcB23QitU-G%}0P8|vjn)>+a\e0*v7@[m?]v~2-x-5? ]oҦHXh τB{xaf—1U#4ZMұTAH|D&L |9zUڲ[ͣ2 לP>lt-WFX? (_`7!i?ˑ*U~/7<>y%ff.%SI3-"N]yxug>{ֳ gT;usbPCo~8Zye6-b*2TWwX7ܠ*t ̑hr_BO/%h]Ef3ؓT `sg|OiH(ioV= uՋ69F[P+maGTv@*-耪 nͧ9tJDd7 A5>&L7C >^3`yl1 _BQ m-}r2(n;YĿ<~ {qG"1.Vܮʐf8P(pO )R Y$~UT5w"I͍m:"5nNSQ9GR85A,6ŰQ\S._ӄ5#.`Di拓Cs!dϗČZ+Mw[yT䥄zapۧ;҉;Ul'I*-4rn3u$WL<9&YV.~טMP,h,ل$&\y%JC~To9 'K V-^ٟ SDrҨAX΂""ؚXpcʌ-֤xLǡ[ҟRӁX;"uqm[4d{嬪=Yqdi[> qЫ Ulx H*kv`K!t$㗢L&ٌ<#D:CpHȂ, "n.@]#nKRX)F'69^-+#02&. 5"ZˠS2o䴤_a}:MT;)v^.7)| m@t\@cџaB+ :25 `#WZ0hJMXr~D"uzG-alHmt?ࡔ5NRFZBHw&4`v_ܼz'u@ba Y&#BDy疤$ 4q 8m$p÷-j,OE-9ñW"< @mj}/bI`WYa+"VsAa{N7+Gǔq˜QJ=i.Zjަq7 :g$)7 |ek+" ]@DA +:2"[<Y\/hU+F O4BWB AY:SWAP9$lޓE&1U?*aDHϱbFPZ.>23O 8k5_cՏ f;z9sMx}\ƛ3>-n(Ć1KK&O嗑?<)C7@i D}òIi*iX D؄,N䎦6h߼*?Xd9۞NR~|޼b=SVC_G&oⷝ"@ (FMprċ)Kn\YdN` .u1YɬYl n!Ždv&KˆJ vj H|G*'_("_%M?v3gz&2멡-:gov~Ԯ<"&x{ɑi1Ȱro0]03ri:$@j;}*mD * AJGwఞck"d:xP˴ ¿@2Vvֆha2%m!~yR_iTpiY2bbڕ~AZe<%Rys@f|/ ڙ4L8ؗW ۈi{[]w JF`j3@@}mܡ`ŴdvMϲWkGa>dWu{(C0;Q'+ꝶ70lFmN +g{!k.AoP!1_.i\ oV8a3*Dſ_-qVHR6d:xœ _H|*цuxXyMvl=Y,KP< ]?kl25'/!so/6mѝ07D =p)S?֨Tnb$Vc7c>7xV)Z5i$.9ڭa@66h9r řm VuUdj= 1צf٤Sa%Kۚ,s+ ,59Y3YAsNo5b|iX7o`y!\<$VF cv| MkU+ɜL&hش]n V|sf&X@11ն1M."U,6h_LS"Te촪#G!5b !,JրܝA`dp1aG[؛ps̈́7*^=%LӃ:iBDAY#wk>Cp*b>0!(!iPABKoӖ~&2'w̶!iLp9 1`flbb0}S; I|YD*{tJF*h +6=]ȧuzR^jcnhLלl;7Z"S؃n>eE;3Kfci\qG|2=ҘؙrQ%yiB]_SI^+ `d+az0@Iju9 @FD[N<-(XèJj({]ccސOwћsJbdQHA蓭JrAkO4e`_LQgdHk2h)Q`t̡-++_?YތS*8 &TɩD K⳰(@CLSq&[ Ɏ)hj"DmӇg1JxlkH = ւ"m]ӗvɗ4ɐ/kZ6c(ɉV`MOE%JGyVEvUC~F-jSXRTeGxu'R>.ǵx`)Z]7~ EǹcFuɕx)nVRb7X97\dGw"Y7m` پ'}N9V3&E@m/z`EvպFЀ>5(;ژJ#ξf|w|Pt!5 XX_ J.{f=)U,9R.cr|K𲯅5)% %;:kLd2٫O'O?4y伝jގyHuSjF4Pj&,]E uHu : ŧfŠ(%z~m7%*! ߪT\,A6-!G4BEFeom%@≼04JDgPHSKQ߷tR/]¡ڡ%/r3 ޏkƄ{{ ։`Aݪ Ke$;|Ki6Oo4!F.m{9s&:q5yzؼѣ\$4e ;. 5qx=l%7ΧGL&$_1t\^zvCVZUEu[F/Q5g/(eHX65 ,-yD67"5\WOFzRƯ-zПXw ߇O+7t}Z} Gamܸ@&xrf'v)?h$~oD[nbg/@^$a(_yj&$Axgtv9RczR;셿,?pj:ǣ?*i=PL; | wG_*l֣( ㋘‰4 ô{#´H-X*)d==X6ؒE_C/ >E+dppf!s{7y^ R*`G LŭqO>ñ12!h% P c3FYq s-"GnO`I)l0IKh%k`GReV .h"9yWm#c`EI\L6* 4||N~\e$^(-lU@u2Gh\;r!=,7j(TU45P Ifh4&-j VDtaE( Qbu.QgBx Iʙ<47-IÄMG\rKw^Y1|W4ŎP7?I|ʷ,V ` Tg9M|+r avD :daܘ7QwIbY:ϟh{- n߁td:+JJ6plIA6m9ah Vy?RkZ߁Uqbm8kF+lV! ?}AO|Z< iE(a|Ũ۠nrM1( @CV2 <(fz{r'Tn*< eL q'Q\:nτ,Mv(0yj+@&|8_JKOR`2T)4w-fͨt2ok1MyO{'aY5F%oi-LKԶޗř(03OΒ}(kZ?}="jZzKGH8l@h͂qNھd]H@'᷾[KWS#}Ýw>|Sڒ"ãZ&k;cڀէM 3S~ZGE*fJ $\k2Sϱ:o^I^@ IPڋA١ ++"^p8,ï:VGcgvT~^_CԽD)=8zU_WҌA"DO _kȈRr!_ ?-'z_tG7i]kz1aӲ<Z (R~6R$~MgLa)l2M2+uHO['tRڴ$'Me(UN\E'3 Bqk ].mVby7D,OqYRttd\f6>z嘾%߰{Dĺvv}fn\8C}'!f|pQquxrJylV*fj@B@=0UK,4&ny^=,ں+}ndP/ٟ1Z<[6Β\X:aҰ-H>|O(&h~_x]:cqQ7Ao7D7&&垲,.>Ӵ{*a;iM}63\sil}I &-le߻=9%۞BA(crZ47lzDjt'G`eX]\1vf^VZZs,gYF .8Fŏzl*s` M޵0NN'׵a]? ;kԕPU !;%j(g-H/á.޻Pq/+:l ٗ15@c93H~2dpշo;"H'|bioT|o'9ˣDg=۵=?ѡo1ҡmVow"b) $%(DF8{ZʴI'4(wo6*ߒŞ`E\SG V? #&~.|wרS#;-$? bLU&f =}-k)QJ_!#N֮\K24t t\k0̚Ig7~N-+sX+['o ]ɷ/_^(_R1:>։͛xhe ` D,x7z4RQ35c3J.1tMy"~CM\0hMb|<ģA ʋ/7l1~镖lJEuh[tgFB =q"Q)O+4Ӭ dv'G*:!G@O̘unp.o_9?MMWR7'wF&-k+rO F)+ `'1YP4ϨQUnQʫju׷Z\>%l &RJ,{6iM3`G`OR!IBlQord^zoѕk<H/.S=2fت#jPz  *OC=yCE6܏(JLuñNTs_[ݩǶJ`n̠=Ҍ7Js+t 0Ԏ[H}d!IDU]3ir ` ܎ jy|5g ((C}U瘂!n,*$|9AR@18cvҋg>N6[sp) H"ki z ^d<% !O-)5PP1[&Ttt*5IM;aSܮ I'*MS O6jFGΕ3E ,/M77) [|J)X쇧ZSU>1t|HܯLFALYK=je |.5jQ<˒4zMߺYa@ V.ѓtδ$PMŠLKLQ{hzkfLřSp,$t {9}ssC[Z.Q=feCtBL~tB*k(@c7z5Cfמ[<]7SH Ѹw!Tv:NGE[&o= ʩIsz)CAxL,;ArXܛIwn&U<|HRZeѨ5ׅB 0VXyB dძ,i&\NjN/"D|Aj#_P"v=UaD 5]B8 Rc_< pIQكG_-H0>גV1|$[`+i)PDSg@5iɰMY>Ξ=d}*x\G!~uoJPۗص긭PvL47`hEpZqo6:cSd<)2.V0]SnGZ{pu0UݦYn ;[ eXHHBK-T/sD=գJۈ1FΝMLY$>|Džlx /&|jk6J)R.L'A[Jxj4/ 9zjB'Fm+Uėk0ǖ4iʽFD5- .rusgeQ7{Év\Vmp$vU_'gv v9ҭE5Glوء1{ ewlG2nMnԞSt̴PU[|Q3vĿ;{YWEM5q=!tO"u"U|NNfaEׯ`!+}ih*Z *3hq/ƚOۋ4T= VcS]/I`*5~T@ x~E?bl] >B7ge::yUDvh᧳G;_ZOm}/C '!N2y_B# =qCXq5x7-DPPH)/2{ʱՋs#tvbvipya>R56|$bm@z79M̍ cZYWqiE!RHzn*|FrEc֡jD*hu;S (dhA\aKG2: ~|ygj³Z$z8-O&_V-j˥ftHy}+*U'#nij]›p.^JJ"K8? D"DF2y1 Kȯ}ЍD !K{׾dRw}pJτha|ګqBQ0s>-w ټ&ލg'J3DW;֨6*MErs ej4s]oJ_|b)!4m\(6[7zᷡңdgGVQH&u0rɆkYU(9@Fԏ]uB 7]}z0g!43mL9U".Td1gsI#xJ&;n+jW,bјh&f 1zޟu1ݘ@ŷe ;\6ԚVXF;h+*#d -[ Jx~Uƽ&F0vF,%F^uڈW~G / <R\+-zAW |L߹R(La`2e'yuywn/gQ>'5lb$}ynW5d~׫<BqsfKo+F:Z|*'T}JI`7Lx)1 s~fY8Rn# $q6_JIpAa:erG¾cE;}ً̊*}ߣ)?wt۸!ȧ1h׭TΦCӀT^F6,J(G$ʷ,Zo)~={H6%%Y7s FvJ>Bnd3˖|B$XN㜄SP~,.䷸q ,dO#/rJxwp bƁG9u]r89)! aX%S׈m8~cA/'Ϯ -6E߱݉xc e516:XA]g7] }ôΣ`SPU@E3 \i#Ep\qp܌hi %-I}T+@OlZ)$qUP`fQvnw^]mVW}iKe% m<+xҼh[_kyv.>QptD;`Z$# Yj"qHWTx:W<$DW S[:yv?^jYi"O$U;~kPBVE_OmfYyYuv0ޒEzsZ8-|buؐYD&0U=޾@_)/hYg9/ T7-"Fq/ s߂@2Tu*nj]~Ș8>R&=39u?Xqn]WT[}ܔy+9ohn崅u 5JNMC]b0353xWOv@&Z>;ȭPEؖۥ ld*RtUIWx.u?BTyM[!$~yBsH+kʈ`7uinDSވ#{肣)vl]]5za;42~~޻~9I胕׵^62I?[q?XbᝨF/ɨU%O,|WA0#}WgRN5U"%NFuMjҸ=U 63p+X_<]@ƓdSFx# &_ +2}}ym}XST(}_f~̩xl.EĺMadžS2hl:r!k=~_~GpfRҏࢥ-7FTxRp*/ԩv ي̒Y)G<,C$ʏү ci~P5v EHNhβ2lsK"3\겐 O86gk-4h|R&/ ҞK?6k{Hpx@q֬F¸L_nvRү$\Clf6[VpJdh( MyP8 eޮfKaM20?@"ׯ1lN}5ctXo3% v r~z7;#&8 fik`R ‹)IZ1Ii\0SJRޜ(*K8| #Ɗ nf) KU!7įb[EBٙNSPpFx(Ktj %CM۲(Lkf"Fl*ikVg .Uʩm \Tռ@rSi/8%F/R}reKDαjDoP [ f]Ū|:H!hI0 [*bN/k  D> f |!ߝy6ۮhk9ErrpUHtm%,Lϸ0@(5P&:Z];l TCUZb!"ئ3wmPVn(M‰ʨ,;(9QkM;E(/aٯ+r-/b38|z3 b:ĤVkղn_7 FQ9a ۭy;K3>\_bڿs:p3lzIBo':2'谔Ɣ¨\S/,-,y6X1$ pB] 앰{5h73I[<})sO#uCbҌS]+kw#J7SPYgbڧ>RrSCd8/)'g^ b'/_~FPQG#rDkC[]ss|S"z-9Mm̍p IA|gTުNkn"c@iFQٖ+NZtR0E-EiAUHC`Np E-b^ѼrD|Q;nN4qdJƊVu?"ޑw'#Pƌ9z-iE =z3{7䞭/* idTϥ3k)^[68 I0yѕ(em-5ERMX(:~@E젣)L-?ޮKڳggr"u}1XȰ!40t5Lf Qn":'erIF{Ba(F |կ׽5*fѰ" t:t0?o3v{S&HL)o!NH^)wX@ gp- ؅aN;Y$) &aSѶf`2۟ڭOW_>w~hD; _Ho̵3?;^y&L'#ȱ'Z(cKϱiwQg[7 4b?D$̠2˶pȭ6Ax! j/Z !0|VQr M?2UP\u"[_Gm- }Ju8ڋ-K͖G$jMM}[1ڧ.`HG{8#NVUG9ϋJGv<hUg#/TSicXu$Y2Q[L!\~l/f!2"F/.hqدOow'ZP[;fsaBۉ 7;6HXaDl"eaqEw'حH^$]F5PQְn}˭ P ƅG"|%!\ӡԨb4A\gQ)};vE#oEԞݛHEZ@m2 \_/kӶAA%\6_ E#6ɐ+Bw,vAnӲ %Њo3ZLV1H y=Rmv:kP<^3UhV#s|AğCgU%;CΏ|g N.DXq?+/Ln=h$$Yo'^SOH! 5NnĀAgǔZa铳* 7 <`רG |8P$[, D::>68ͼ~oH庐ωVBź|T CʭYTέ{e){,`\Jvm ?N;k֐E\mnkkYrkОDrB(X ug9{Qlej2_Et%{?LJ/YL,gc=&r)#U뼄7x9[ N @ލvXNo]o[*zJ%ң%(+T!m.qwHP~L&Lwac`\<|D l>|-Й&ׂ~c*Zُb,H1:Qv sUY#lʍF/Z62IVv.$E5DR@×CorpL]?qz_)X!ĝݮQSgVs\+C.B_8Z|@ t Aȭf!@aU6A2 M)ˁu_&<otUa}#]]o?ZhlF9&;31{J]i|"5rmhGڴ8ӌIS Ն1_=Pl iU,\y(&9Z#nȝhaĄYdf.$ YRǓ# @z[xs*GrEh Rak1 _wҤI{nNkؘDؐΤݝ1@$x%X?g({ȎMugFe53ΐJשF˹K\2XMDF o< o+Zdpw|?ҽYG}kI}sӰ?^Iw;S^1DE[)9#>|Ӗ]:OiaD/w.Q-qחX,?ML'+wmlwh79R*!B/VrHIݳ;m1SΥj>ÖŢlBXRW]häU1 >] =N "(gf3⋡2}oi O/"O*It'5Jʫ}4LܨBejd߶ } ^L9KЂT*aFvw+*-ضBi|䤍gK* x HY | gL9;-_0A5q,uNYxnEz)^k\eLh0VX =>t1}A tyJt~*&Y[J:  2^W<,i] QZ]\@6<ȶ/e)GM:yxg>Ǵ\#Ԑ /n%KfT&_j;{ _Wٜg*%!b *h(dcnGx:A<TN>GmBC3 JcZa1\S]?T"bO8a>:3P;L|Hx1Fa&{1% *xRmBk'a%JaO8"Z.T1:ZP*j)c+aU9<8F;,@E-xxPp Wbm*SO|QcP1DSР؃QW=8k!pjK:FHrٯ.ΕgQ6gx}5oo;JŅXR~}d_b*wwklS+S=DZX:e!2L-kA[ >.MG3BN^}gR̹}'c]i;X*(k%c0-ެ6y~D`<)?: P\% O'[4KHH`_E5s~p6vJ'x1aAL܃>4-A/+ 9[rU F.tOEN23H]$1\H1@H%d)#Q#lnvF a1b54IԉL4(6̀ڏS_94dxʔJBS)X<5xGpgSM?-bJP=ľk]H"V0e{r8Pu'2w[8!D`.K2:Z]ХQNl6~hAKtL!.jn377w+Gk>1ɢ w1%%e3RoUD+2 1 % kR8S<NjhP|{h'|)PwGV<`ھMPロh_"PtH\?:^7O&YX>mvE~#be>|wpݏbnZkt^$/h5ɦ3I~k N*@-\:*H묃ғ: . ~ Qaq1{8`tG`ߤ|F)تΜO MXy8|@F>j;oWB7VˌɨΟ=tG~]M0veddJ%H ڇv䟂}P▵9oE“wvܞnKx&zAk~?<FH9@ĖuM~+ٯVWhuctUi-(ő A)嗕G)e Le* 6~-!\+-m(M".2 TU:z+Wem-[ԩf=oی5CbY dBͤ5*[(vh$a]'rMNs-cXTKJH6OG- $$ N] gBôr+v+~;Lm9/Ϙpr9\A"su2i)U_Pjq<(+LCH@gDZu450w#bc@%qRoȓ0T>!VJq)lkU1ؾv/.\,t9G5ȃn 75Cc58RQk{%vQ⩎q8Q U`i:,W5E%o aw$ \nȾzx5jso-:7xp⏝*][b K q06kABp kf{Jn6[si#`fY6Du!'/WUr.,'42w,Z zm:c EXI]j(3zD6c9] +S#mo*~DLGǎ3<v. q }OǨ&y3G085=GՅ:rVVüqkKi<-l(j]86SGگ>i"y[ʤnK D>37F+,[gt47N3ԮX+Ϟf1G0 T@=^DmП?asN@w+x̒gawV᥾ivVvD91]"NsסL!zG,H9T7d-Z \_=;tq7f Wt?W%#ɅITrdl~8f&x~,ZCrT{JOv,C݆~'?Z1-٧1:ʧFlVF* U sIw؍l tݎ`jw}LIZP+oO@ `#jPYR6j!։q֙[O%Q.ZN-[!{iИt 촡Kǎ-1q<>ң2|g/5@9X..K]_Cd/jb\$\.b8>1Β Yf,bʦ D'K>ty]p'eR,쮵z|whڎXۣ !i^2i^R-1c cP~P) Lkw|UTVc%* |)@4R mMI8GݬHȄ~`OAe5eB.R [F^Clr؁i<1ڔ*$.҈B ~$&nUy*ݬA_ UA(PhBe oK0HP͂QW}Z1U#yrr3Nh %G-hIEJ[Bq,򼀆vI<6 OwϷOsP )ܿ3w58ctY; V;bfz7ds݄/gQ vFZE@@ׇULS\r9ֵc9BA:{QG0X3SIY,%p/' 툤VrE0'XrjYNg;w޹-ǽEwXh"X}˜Lg4c 1A 3Ds sQ ? m&y5LG'6yH2O`F'DE>8`i~L !ʂr6(-&D!2#s8py/N!]CYӇ0ֿb1KP04jH4 y¼iTR6 B;~ trcf-xdh;LwS!&Xla!ȌX@:z56@6znPzz @=$y))lO1̵C]>&Ah|뎁~=IN\THx^>c&gaG\apS[@wB npI1 %$E+cllaIã@\$uTo"}j߬׾+M( IqovUh(%zFfʇmC./dvC\nWm7U)FUY3d̏x^dE٩ȷFVU6]o5'䲝(<4\DDtnC9TjM{t_Pq1 / ={%ޟ-yxA0[BT~IN&ƊdS|"+$``J/d!9Vv b# ! ڤ+#$m,{>Uu;:li$ĺ{`|R'8^5`Jw> ){cSNqZ3iߔRk'^lOɻ~2M J?"#VY0&jp,u.v?2u!:Ik팡7LY_C౷M0)0,\PL9kc¼m| Z`~!1_ Hа]^çle. k&wF*׆zCn|X5 %`WJ]cy ]x|/"[1>oRCFс#)̞FiwY)xP~z{7Y]7.h%}ft~J@lFO`P-mVrֹH,w!4lf}cDCGZisxhhUOpj ^mNEqAz;9@_[a֏{G=O~bMi?h:^u]v4 D!~LVdqӓV#@aA\|иlc !3{xSwiTPɋ̝׹ ^;UB3vl;H&_m|3^NYwAm" LmT%}f#66v!xL, 韜ʣw3M4gj뤞A$iUKoasLb}#Je k2oW*REIk.?5׹mE ΄%@"L; SV/Mp 7mҡԺ;´[wHZmb[{~r Ov5S%sr tW(5dGo؋X R`k%wR%_3sՓTїV9aVIchT =t$3 ` ɝ-,E&}MHRE p{KMŰ,.MUyx#)yzrDM8q5(Yցq]BA-HsB159ZJvVQr۳:_KlTzja|3xa*<[F5s_2^-q ?;`(ZFHܢI9RKQ}8cuv7^Em4[wWn›CU J"1c_ӄRf#7mxlrsDž I8nes\U'$eh πRLVi4iD⪙P 'hSٙ!8.J=30,,tR.*Z\'x+*)V ʢ7.~g;y57g*es `Z^ VΊy5fjo'Nh ]%v:pw,@[tFH֕"?w"dNhE]L[$:RV#m\"yC{9 ,1fP"X~ !T|] V|-VNfikv;1ؓfbȃM鹋Q:a~?#Z7iQQ؋n#[$0.9+u+p*&w{%Ys/n%Yz/1RʜSn@wy8 Xxl-=fЩYe3KJ;41pءuL|jV.A.+@'JY&XLLE\ziy@G8[ `h|2e\'hj!yx3%}*!]7[Bי`LXZW\ 1tL {R"_bhpQІj#) P}bT F23CÎC`fW'j& h/fL~BE#|ig,@o/駵r^q`sc3~l7_I)K-kۋCҎLVR4Dn$2~y q8S.PC̒'P{C2gu8m%yDAH'h]k Nh@i>&{jGq]&8 {䑶X4tysM_Nocn*y= xtqg0ZlPh7 cs>;l nZTbmÄm L48na.:羳N71BU!e\vBW" F-2F@FcWPÕGC/=+:L' B1 tmNQx+gro5k*[ KfՉѥ2LϲHKO8 ZrHj1!jCGˎūmb(%.ٷlvI|tdFeI@j}Q8㳷R _ }TqsMLi!B ֠ܧkcLշS )6'.EϳL k[c-+jded@m@&Pdߵ6&:yZ@aF5qe-TQ^yfGd;AB)PV{(ӵDxB00Y*ZqHM/A6| ?i^H37 vv} >6{c4\RFn2KȭԋSBpB7# N5QZ!?OwN Nn<¡n _d3HĶ+9HiqGFiipUS9(53)f}/+ ǴvI *tez0>»aF>vaLgƐ1H爒A-B^/bVB3,o,c ZCCpobzv,7˭-BPMbKMd]:ˉG'! i4 -Ԓg]6TvJe@1Y kyp4Ygh;ޗw0Ub"Kr?7Ś'ʬ JyŽ~שK^z_8HZN3R Y;psOKY9tHy$YaFl L rD?x-3E@XXQ2o@N vEr UGC}4*QMr޸iqЁ X 0v\l䆩$FjJon|dvR  wƹE_kyCCeSGBV0o -mgD  K@y"RZkZGg58mTq uiy:ғX|a[MM89@+QÌ}[;j~-"%P}bέXvoxDJBHXҶ- 0 ^.^GGڧߨ dэ(IÄGW9s08H"Bb{jZC47|@~R{\0e}tZ$|AQV~p HCj% -+t ^T]Q85oF}KS4mAѯ忖ܝ<ķ-^ZQZx5F3,Qdǯ{S[9?-dAړ ^/Dm7/rVC#LoͥrمQ̷`|ryI{dp㸆W˔M"^ƎݚMTV0>Q-qrnIS8eh7[܊)[w -[z:;ftl{7lt~*\o|:  >U@6 Z;"P(U,jBy7ziPl.yn^r/Y-}qr_&bxb6j^YCiDi..wD:Zn4&͡E6%kZqK*7;v|} \k fLh6²sÛK$ .:{Q *`ή /Ϥ`c˕NJ/I.HUCB+0A`=V#J/cS3NlH*ׯ(GVp߆e]g_g:`H'Kî3H!TF4X/EUx4 e@CO$dR #cq-h(jʐG4ڌR;> /ʰ' GbDrKPJ,rq 1Z/)pJ֟Y\4陀? >yK^"[WK]ݩIߨZ# +LQ72ǟ>FJ8/M u%6%cx\)21[v'L)#҈Ea? ~JvLƎ DJ\WeOѣ`WP巠-_zھO;0 miP]KL0.m1MTIYKR673N=2o-&=ҫF<-NY ~+O#OGخ)^΢"j`8T}R @˝+ı-[w+p/ Nw7a7Ҙ(ˆe%S8I&MSl:<)?;zHכ5I^ï."Vh1 `4T>"+BT޾D0kPi~]Fv è#j:iC_+VX1kK# ̒\*!ۊ+UY @֕Qh})]G.[˽6xI%}f*(HHe$c _j<ɴwrXu'c7>4Yd{RdXp18/55d$`8l-}jЭlߖkQTاct?pbh  =W8R!&Ҝ}|4UY)M-~J$hyHj=\JBJe|\ m@>B7 LwsSxܹZ哌ߟzzتT˨ӑ.J^doL^|KLYm|_0XWiqWM+ K2DvT3f;S'&:w=%Z Lf ^qF#ԓÈNR'O/ q>lN,3j\#zMNԐ%>灄z;`\W  <ȂR3.H )t]/H%X PNuoqqKQF S:`Y -- 1c8'󚿲C vV)Z( r͔8%LN42lO8 6ʟ1'" dYeY`RJ*p^4"oE1ڋym?&ͻ!5D(ZcĶ p;GUz 0ӋbnaPo q1v89>a:hS hؾa|OVblmGxmh &`Na@aV#߯t{5x\A4G0S[.MBN|)%-RF+cF[d?k4@-ɋ2PJ<.M/9GV5! m:֦kJ/xW #%keECƕ&k|$qDM1Fgv)}f{`ȡv!kv֠y</"%3)8PE p=HfRhb;ClOknH%,h$Zܽ` w5>A)nqXnCپDh+q!HHM]Rӫܱ _Lk~2 8-|42``%qn`O:w.[O=b% (fppU@n㫀ə#(񧥩C{$u4W?ʟ:gce >;):/&PnL`XޙI^L V_]UKۆZf;2\80w/+}go w3 B0+ Y*,fڻ_˵)=­u/ phOm)^VAs6}4Lfj/4zA=HĦ[4i;wLJdj{L3> қ? =>9UwrirvV2W} : /Y=-a}Y ^Bе0fr0[ 1Ѣ9l봺I^$-nD&fU3݉ ZԏRk`{=߁}b$S/$@*7J{~P LM8)Ò Uk7zoOnDpDx4Tia02ZU{%ksta2w%i4&1Ibvt sSc!k*vF9Ȗih2,^rpa;̓u69H JԢ'[om?CX?8dgxQM/i\`Xl呐T9xdHT$2dw:geyjX;>h*B.Ja"RH HVC Il/`phN³ޅ0N 2/֟,G%-ϫD7'k{1e\vgDlyJh kEN5ޑ0*xߋ^,| aSȓ7Tm~yQ%\ ` ¢y= Q{$mԁ'xnbi&ɏ}qi$R5+6ҽ:yb jfrfl+ {򫛯`ugW,ڟ6=l>^u<8y ժ9ny'sTb ΫZkSȢ5|@zo~W ffM TQ-y\#HCLeG7FR6EY,KenðX7r xl?sm(yqvY7hu: (x=B^ea[BDtCb9ͷP!@?S/c}R(iZuoܺH @$vGIDuF+]e2 n\5<:r-i:AZnW IKy揦Ot:W2܍!*d*&*j,׭nFkWke}\T N[w'x5,XJu wH~%nW+̸ Ix2{ 9_t4ڽ|kð.r6!F7H3 tFOb@EX@h71'ox&kzz*1Ǧw/grg$6^;iMB)c:aɡUV }+M]E9[c&ވ"HA"o09^!_Q@*춘q+1L2sd wEOJgl!`X,[Ds%` ƻ|e7AsVȥNz@U_z߃ASo>oFO ;`$e> E-"^^\vo_DCwEmJ{% g>Uj >p@fiEr_P[i r:FGZuR_ZPM`Vp-se,g6p !“fIqA Jט`k7lOcja!fL\S:kKrgkWTg[:5nġ3@ 5Fh>tScl`x˒|L|UD.?91'pdaw-E#H>lg`un ;!*R)Ȑ)nzۼ\:Jh^Nx ԸOz6w&uSb.pk=9xX(Eo)u:?H:Ayy_Rģ& R2|^R/o.q̓8vLT4I2w@z 2iBQd7ro[@J ' _~;+R_9M$[ҎsflȺ*= }$bU+uS""C >Ǜ'C[[Ak" ~] 5jKK6͉]oGmhӼ,:gCF9cR' /뵗 [6tO' Wυ85 )Wfv_5vK r;( CR\~I63 `b&T[UM{ͅN@,\XE4r(~JSm%H\VRDݣ30c3`, t뽨 wڕV叁 z]H"gWO}Ԝ EHa'qWKMK m_f1 -K<$ɿWEtȉ X:b!lAQj~)T~OL(,*ر̈{ &тy wc!<4a_JY1IfSљ@\v}?JeРfIJ `@tR lH9ۆK\޺Cz:5|6AP,ڏSG~%yujVgJ,mK J/` !@]=;m/w)-ѧo&v?#-Zc;dnli|2UϕOv&6 K'M%;Cz{*rCcح.oe~ߓqQmW'Բ3=+z7 ,B^irr 2Os< ~wUyyYH}=ۍ03" BmlQR<¡jjwX;yO 9jeըiP BW2b,O:?NN#֠K % Pj&lZlF8*R~~k9OqSb|1<K9ByTPs^vd=j1L_KhsJ(C񞱃G(=jᥡ<{ց V)f*lACg#{0\$޾>lX[Le 9 %ero# ^|dhjɐ¨=&QbE>6oc& A/R%ȅAK!Z $`fBF.URԻnxzP]:ta }";C>'oa(rXe} ;mat[U-/D&DmFTY瓔5is/S)x,z|_y}P]>o PLM ] LzŴZ8zrn¦GF,3VqP4!n]2Tںvj͐wގe|8A 7$qp4'1KȇGDfXW۱I< %Y(3xh; |b95͘k/59EKh񀖃߇UߝO&gp3ɝL 4LtÞ~'Jp?EvcIe5BHx(hkxfK~VjM7n{&ci×A$l8A$l>2ٟ!ۏZR/TɅmL "nYs͚0^oPaA1V+ 'e=:Z\Bf)mj0 XƓK`r_~nHÊ~Xš"yԊn9[\ACŊfs2~~}%.Fs-x{:JJaP9)b^YPGrs\I}u7W3=Ձ~ M .Ax96c~'"`mi< o*| U=&8ՔJ^Gb Ұ]RKq=%UQBBUM,)*@Ju\fB`sjtJRكS~^ŷ١-R(p]m9u| Bpl`tc+5ș/ W3Sv 溟g݄ԛ]xm_J?)'fefE8?A\;І׵4A-qqe%Oq^ 8_9Đ:4׫LV3y/fewqMY5m+,1 $<;\33j[fĤj¾&٦2;Y,3'_S$^K.MSd*h6`Fך `28ysϻ,VB>?ij[.})#Ιr IJDgȚP $\b[+T{)Ohtv_DʌBH2?¯cZ b+AV< Y:)ˀ R~5&T;zYs_i[g|ifx}TTAL]tP*WTIq\˓$Ӯ%7Jn)^DZk@{Q$I@]q!擥vNJ #k p ,su{5_~ɺ>x0NIV.qilyT4͊Ɇ3k\*6ݷ~E˪q:2ot+QӱڔBIK] A!Gy}[= I8=A!+U)pD֪<b`RS_Kt, ,jmlX)O -Pz6ÌRܤviʯ<`A^>}s$Q[5q[@8|9f JB@W+=\5KEF* 2YXt3_זƒ4_E {b$aैߖZ[Źqu_!WNeA5*7Ca*,vh8wwO3"/qsr/'%q4 dFf1aZ8Gˍ|'ܕ^JQXݿ}#^EXw '=7r֪x=TLu*"`jZ]:ָj,Eɪ-xN_S>:hȶiz|@!+mi[᱅ͤ9[SSdFBacc0)r\Qf3a0 UOHX aL4X#u޼;λI9(\3u3یgcҾgKP<3 pnUD0:vd.8 LйX6hB6V3!] w 3T?w$ Ʀ>$f$9 +`UqBoij~K*m=̙Z "L~aƮ;))@3gk5`"efH(:}I[!6Fʥ9`){@>Z{l]ajT (ypC(kt"}*vN"qRڑ:CsE显 !]å3W3tߣ* @ރV?, `,eIX-] A"J˱mpq}]/cEM]R#ZxLP]Mm&&@ 2NÊBYlF}(](1aYb9]JDЀ^dI EM,A~3)͵bZWf] YZ