From ba45b075e5709b752a11fa38f13ce9bd2c1cb6fc Mon Sep 17 00:00:00 2001
From: Leif Hedstrom <zwoop@apache.org>
Date: Tue, 31 Jan 2023 14:53:24 -0700
Subject: [PATCH 01/14] Update the roadmap / branch management doc page (#9340)

---
 doc/release-notes/images/branch_mgmt.png | Bin 0 -> 31845 bytes
 doc/release-notes/roadmap.en.rst         |  86 ++++++++++++++---------
 2 files changed, 54 insertions(+), 32 deletions(-)
 create mode 100644 doc/release-notes/images/branch_mgmt.png

diff --git a/doc/release-notes/images/branch_mgmt.png b/doc/release-notes/images/branch_mgmt.png
new file mode 100644
index 0000000000000000000000000000000000000000..d24817da7a97382ee8c3997820ba50000bdd5fbb
GIT binary patch
literal 31845
zcmZ^L1z1&E*Y0K$(%s$7CZ$0TknZm8?iA^k?h-)>>F(}M=|(!F1w_0H&pF@s-*fNJ
z^Wa{4I@ert%@}ix_k9PEN(z!Fh=hnB5C}zDN?Zj5f*}R2cj3XnzrO1Q<-iA&tBT}n
zP{joCA@C*MTua(QULM2<T*HIlpx{8z&s9J`eJISouc3fzLJ;hqau7%Zis(Pr22k|>
ztsia;g893S1@QU&BL(~dcmMqfod@;b7W2UW)P^C=gZ}3lwEKLUgr>3;@PXhYrR@p=
zAz?lLLV+@~@j)OklC_$ao0hyBzp0}=#MsQy#2n&f@AP~ZNYINPxU@HSGbZ=4w{vji
z_Y$J~Q-dG4elBLEB>z*z%~ps~OJ0dw%+bZ1oEyRhVWSjABqt{qbTPBwR}p{n_wB$p
zAxbMZHz$5pR!>h)h$kn+(Z!OLosW-?m5qaygM$UA!Q$%e;AZT_;^0d4S0n$lBW~_$
z>SFEWX6@)e{@kvyiKDxl5GCdFgZ}gLS3ljXE&lr?2iLz}3wS}+=l@}4hp@5!r)}U?
z!RJzb6?0cdJNM`2)g7$eggFHNRQ`AIf1mc(U5YN&=0Ja+Zxd$!`<DM%_V4;)j`mJ2
z=B}>K^<Vy7|9_VKyS|c@qnjfz)-Kkj(hhFsF2K!yKkc6m{_i#ZZcC8$dAR<^@clJ6
ze@cPL5k?eb{m(=TBhDcn(StxDAZc+?H7}@>9M4T`iObvX3b0s=Z^V_LprzRhA`s;A
zD82H75Cp0AvT<A|(s61@;n+YXxI*0#1Y;3F+M;ZE^gsM#TN>ZF3K3a&T6$RC{v0D~
zT@(8HRbBDNn47z%=kJ@1-%mdb-4LKC$YDYP(9yxKMd0C|zc7kzI;NOwI{dplr0X4e
zy!A(qe^n0=L53fyi+~cZ{%;e1w^tat{68E1Q_4<GK1&IQ-v9cqhyC}-8Mrpk|8(J>
z(!PKIxoCV5Y@~npWe*Pqs5?gkCVTgIvH#&+$95D`gTq=21SeSq1wBx4Uw@Rf^YN&(
zavk(FZREMxz-y{J?da<T<zKR1T~IIF4rk2A(%EyrZ213VIn?X?{nYBogm1svbg=<m
zNR)*%57TDpIrrndd%CxbFH1aca^5Km!87!$#uQHZCUiMOm0<iiMI)-`TjPfRicM*G
z!=g!aQLfJy&|7Iir1O%!a?VLXEMi=Jw`m*POmXeXj)x;?G{N(`oj9Vam-AZC?Qp2X
zQgu%4_`9#3F5;*^Ax2$%)ik7_SQyLTWGHPbB7byK%;L7+&+!}(v|6rXkiSmRG>EJi
zT5;@@PbC%d>AQ22WYtf8P3{UGLe@p*e`mb$_J_XvS9LrCuPucfetqB5de~grw+5V=
zJJ#r0wYb*Bp>QnFxc%}xYh0dZddQLF=-F8BMi`1>$X?}&pTRkLZ@qfDqw*?#ygr=$
z{qj2@x7}jxr0`0yGF4nhTQQEZR^lbE<YXu^JyGb>UY297p!a1E5~OJq(u!ReH&M&>
z!Dd~;qQWLMU0i!X&vl%oadoCbzcmtzu4g0J#Rp?ZbK#A49*<IFohZA(yI<~hpr-b#
z2>}v*H#Um<_fOa%9~{b(-RHIUvm86vDZF3vtb3W}E}(EPcBvr#cBmcajv<+9AoDr+
znB%cr!d88T7zh_DatHNzvtYPj`0kgY@O@vr_i=e6910<q`AG8B<f~V78V_xIArg_H
z81&tBO*^py!grg{raT*dS2;dMC692;hW_`v8}EL%e`X_gpHr5E{a(mDR=fq=8s~-V
z?$~}af0)dP^*R-CP1`c3pO^lNw-658OV+mY9=cpFlbKJ_)7~?Nd>4IK@9uZ;23|Tg
zZNd4lrPHM8xgbPNXUw7O3jJ6Oh6tQB?QBQ08t}+uP!5uKu6Dm5dtB&zs-L*t)=uZN
zL^Tbm|H=emzZ6>2G<^HgqaTdK?DX@rk<)p)(y$X)#F*QXq~6p~+cDTir{@7z%?Z{R
zu<X-Zaxj-d0b|PP`cR@P4fcuxr(7Mic=~P_LM;-w+SFvvuP*lHuo=V2R80bUt<@8)
zrfZrq-TY{-q&rT?fvCF`Cv1{;C#G|<)rq1wUY%D!2xm50<jz4xg@eMZL<^Wcmu_4M
z&0gLZ5&`aXh4jEw@R&1IV4>w?ZfuybQC3-==_zJ7DoM*$7!jmy>U9hjnR6e;K+;D-
z;tK8!KUcwsm>SRT>!0*Imdqhkfxxot7B}Gry+bzWF4w8gcQxhWHB2z?{B`Sl-u*&T
z*Z$=jb?M&^$Cbb)>B42vF$&yipRKoDkR*GX?Di&-eDC!*uyT_ts7aW!{qRG$9cnEn
zg||Ym_&rV{5CtXg28^m*kunlKdSC5Py@@e`Cn&$r_kK7mV$nQLyC?I-4@V<&I4o=3
zgwin%#Zh`!UO)dDNtSht^8@0yek)N}xHacdZJ)!>8CoxR4)mSXUTjkRUb6gvf{Jbk
zlzMp1muZKSc;JgrAm6r?dY&2hUG&ePrUy9fPvlI`)xf;NAa!W+P0+#~^NUKt%U0w+
zr0yjc{3V9U_id2uU0u-aqA6Nb)6>IoLbk?;``uRf@9SAbwF{0>=H8}Zht^ZLAyKH}
zhnsobIBUv|ZaGPOGXD?0XU+DFYpJxNZ&_MTYRvjvXmdXL<g3w-5GHCIH1Fq*>T9w#
zu6Yn)_M{g6oRMWE(9IHA^!?t>q61Q-+QcKE5A`r-h*8B{v#o4r_UVSjLk|rr#tN>0
zb2lE(<*xmC*4kPWa4&K$$yj+v$nz7HYt**0B6Y#Q*ItDUEe3gK10Ek6-U6@*I~WMb
z_>+`5)o{`N*VB^7{93qskRWYrT=45IiumtPCtpkP;?P(P3ciszC}MSVKpfffCT-DC
zLa8Xv-_@Q=aC#N?KmGhpHs<nGT~iyne#1*X`aSpZ&|)kxABUC|^OoH8GAFR+zINa3
z^6h7fk@YYxxC;yaJmH*aZrJemZB_qb9Z3D_=a0rV{C07YfYc$@H6Nd=y98atUpPbS
z?|#3H_Q}y%C~;Y0aoSDMOdRD8l4Y(A8Q(FM>dGMfI6Y-w9}2Z<j`GD+Vvv96wBzSl
zFb)=P+ja0^$f23(y%xjOWGk^~60Lmt2MW`3pOfmrn1EcKLu45iz^Fr_VT1G+vjvfg
zL5j@8cV3K}e*G-O-sQ6=GF(~*t*&XLW<PIF*I1C!DR|6=(4&LW<r~h`dqGs1=Y)b@
zY-aeJ)VOf90ozuRnqQ+_JGBJnyX!jysE*HY11-igVGG>4gTXM47z1y%&wzQds71f-
znO;5-ih*$m^ky49Ec!sog<n<?3=?8(l5<FI4kgIYumASvZ7B53Yv|tIZbE7fqf`-7
z<U`jcHjn6ineazcduoIc3;Bf<^FTkvA1bme5(aOi-y>_%oAwvreLG+G{jSX*SmfAt
z5%x7yTeXdhIeO`+TMrQlioyu~n=gpK)MmC2C0P5-08E~c{5|qbm9^+V*rT^Pbaar&
zeIcwNeBpO}0_0sC=z7BpT+|FLaD}BDId0gYagU0!E$2j?Q_Zw<qpo>6E^u_^?wae7
z;V~SqB@Q76_-2@BPI1<18}Yj)+nN@C@}g-`z-c#l5V`i%f`0KX7tC){K_wNQ9=LT}
z(R#L<X4o);&^yoa)B$`YW_obFe(%tB@upza^26J_HsIu7i7LK(&!%gyTn4K-lIwdG
zS&5fR?ZLF#oo{H{c(B`>L;#l`Q@?XJsMeGL5kEA*+te0;^~$ss4Ua>^$4U=_BhheR
zpLF=V;d5MG=IhLuZrzRi2`fx^8+f`5_Uge-Ce5%EpIjGNE}P(9x@iPlWp<&20vi(j
z#9TOn^!s4UB<T6q=y5e=rSCn^UOlo!$CUFR3)K&Yq!YYHUKBgD!K${#k145a-pf?t
zkiP&<6*AwG>X2$k$K5tk#JFU#;!7;r07c1+R<lnC(>sl?%YU34g?cA`2Nvju-;YI+
zgWIxnxyra*STdel6EfO*T3KVibkYr1F)k!)=w);BJWa?yx~lkGjq^nEo4e+pjv&Id
z6=e;MkC-4%4`s9e{+6T&$BAiC*b^~6VK!ku5JT{(wj|iy6MyouhMo~7L<Ak`I~4Ld
z<rpC&5!^OQAJb5)?KJR?Voz;*;?j|%;NP4s7T+%-I^CuZRH}+meT4nTe(sM-CGBGM
z6Z5YTzR|i@IKMF;W98+K-iH%2MBj85(Y4GB(oO(el?(}~0?D|6T<*PV(*slXmy^5@
z20v_P;%qi!Fx9NwQm<220MsqYzzN^OLBYq5x+0Eo#>zejUJmD3iV8E+5vY(2Wgmr@
zt?K$96t2W*Rx+47&MD>1EJ?IrRN^DNc?dmRE=$t}n~dZ;B$xvaa#tmMwF2_6g9Gm>
zV|wWKO(=`OB-91E(s<!e%4()X*bfHl@K*6n6Fq7?oSF&@erL{Y&eKL+D16Z5T{G;I
zp@Ej@v|Y&1YuK5@XUi*q;cfr1E?_f9Pl(XTM$u1{=AL~>&)FcKOtW`=>V=pd;pDkx
zI_h5Ri446A_j&53F$FE2{eCmTy0j?|z27`S-L0Vt$3*2oebx#g+wXFCkx#IWOFu24
zL!eN=hd_7q;0&`0_Ck)q=oLBiQIgk`=!>mniGc73%P7!zjA3h!V8&<WFJKh>1w!7b
z$bIL{t$u1YfhhInd3QK=;t($hEl~|F;g0K`W@I_Rgo7O&w8RoP!Du$lDi8**$qH()
zww80Q+c#tC^_HJaaK<+j(1#PaNAu+?r~)S-0_goQldY8jq(J&!f4{^vo|S8p<!(1)
ze)uhRO|N+4ep3Zae9dahTyMB1bSnJu;Drd^y3-VMzo1U8*UV(Jg=}3_C|22R$3ZY5
zNSg$DQC+6583bXqmInfhK<riA<u+c^&C;)_L<H&Zq3BpVd#!X+^E(e5xF8}c4cI44
ztODx67jZ;D!@63+^RMHx9bxWf{o9zM5TPj0F`!84!`SelwyI6+LU{s&D@E|0u;28l
znu)@U@UUzK)f*MUX1SkFQ}zpMc7yMHj3uUa5ou@c^R#E(tA1e}y6!Zb!5`Gu+QYY7
z`l;Pj!04Bk?S%4h7Q*f!61|*htc_WO79{nHijRt8Cu1BP+N6Bze5_wyGs0Mr>=e-E
zHzbeIq>LMeqK`<*7j_&&l*6r37Cc1PT<oEMES|4=>;vZ}PmkIF*d$1z5`DXwUu%w<
z5^x6nDuWV%yDF*DbyJEDLCuz^KB!_pplpq~A@TaL=2^~aZeyaoJG<~c%;eMB+aGK3
z%GwRJMWe67<JfMAPOo~=UYYqV<6b9iTeSta?tOH%Ys_Ag)m*oS?h5WoMj{nX$0dD%
z_nAN!AAy~v%+|b}23L8JB~`Zxfr-e=f|s~8s8!B}NWMvNU?E6%9<8@_Lk@m0DFBHm
zJX=s!y<2NK5k;MUJN0#Caup|w9TPmMG=!?k(8buqSaa&qdPXm1kh7`FbUOfX#@ASK
zr;E9aw*cRX&9qBP`J>yf;CA(WD06>9hcmDtbER8;g%GbK@1B`fd~Y2z>jx*2P`(h=
zuJ=E}KKGK%_Ppel)B`C>iUlxQd<*@-SQyG8mcKKBiDW=NRxA?0aKLBzqSkkdZJAWG
zgWiLq!yB0`qaKvuE20<d>}|~#PU=Jd0i+@_Bcvy;{9=~UPOY^K5eQ1-(V!mC+}iET
zqJH2c<#TJ6OxjK;8Vlp67=Qv@<dFQF#?|tY-a~bTNAbO2f~G@x^DB7Q7=+LM!Lseh
zx|^9O-*c!KhlF*Rr`NYEhz5zo3Ql-Dz~UtS<6Af|LE>Q5fKHXRFP!B4Kvzg@*ZHk!
za&nBH3x3F6t85&iZ@@6({zZ>Iht7JQ8eebO-KQU25ii$JuRsH4Cd^o~L(^C2Eo_1L
z%X}t}LI<4F+M=SzHzptQnz}=kjXhuuRbld|z+m(#93wa4PP4)AGuA@XU!WMWTBifw
zX);E;m(3^IXdnfrB~b4Q-^+Ym>+kZoYul1r4|3EqrXJdMkaQ@0{^%x~ss{Y4;IK?b
z+K`wEo}Gu0SUy#lSWcGISPtbkXY6Y6-8Tco@3ZhfzSgI#<nD>(GbUwcTrNC}Xwien
z@=n#5%VM$zdym8;KE<F2<hpr#yHGfx2+&Q^GirSx(h$XA+mr70+DnTrnt8aug@usX
zPZ=T9e_mu|z{k|WHtWmYo8BQXdlNy*rYIWEVYyhcNzG8kivleywcSJ@T*0m1g2X!k
zp}}`LzkFTmW*~DHaAD9RxXEA<2`k3vV6M#O*ul0#JC`Sqw}>BAzexTTN-)?gBqIz~
zdcNX(V2@$*>qr19iD!&W>+v*RMA$S$<YX=1c_z49a(c#jszzk7E)Uvl!V%p_mA%9Y
zYg+u2ooi>Q=2#O5?CIgpUmE+*Sg>Y{>{Yv%raiQ^@aSSwOQ^y_O^SXInPb^0WSK!=
zD~##md@}1b;(e2a)6LR2AB2j#W3T6@_r6(xJW}sdx+Pe9C>BY8A;yp+Wur)uY#^OQ
z){CH#$ls$h;qG>dH5_dcVaI8rBn?~m^m>zEcl*i_Ik?k7E&Yim$G^2d<`qHnK_9Sz
zrM8gXmqG{IUuQ(w;9&<VU{+vU<BWyFXxOEKT`|`J=s6Q<18QTd2!g;<#y#=mq3g9*
zI3LL@nrrTkiDiqa6rU33b)2rzYI*R{ymGX^<A$(nY*`Cg=ewmvf_eAYuOu9z>GbrP
zZ1GSgv4V@QI0l<O!x3cdvmgt}$1-wHdSxHzy?L--t*?JUy=+Is(3CEq0TV+yNaV2e
zBq&HbFt1@WJ4`zgifF)4!Ft@_>+)GZbwlq_n+*Ko;Y`kuyiFd5!+(sY5Hty9REjUJ
zCvU}(Y0aVAGi3XiLlaXnKuzSe%%W@C9RX6#WPfXZ$ssXJ^+w-FdDB3Ge-is}Xn5~f
zi6hoXqG==Bmc=DVTg3UwC;x$MdMgIS^p~3Mg^8(GLwaB<E$4OyGV(1|I)PmUx3@V3
zCybn`6P_;!E4E+?q4fv;SftC+wzcoDk=zXVFh29#5v+_aJ-&3e5{1mw6+P0X^-Rmg
zW=ISR&4yj=_!HH5TXaW<GF-nCX9$<k*&lxh5fQFOkp~L{J3?6|vhBz|F&s_=vdlti
zrFTnV#Jyrx>+`L2@)NF^!$fK-I<u@XfH4We^q}SG(srlgRT_F;XnA|H*oYAUku;2C
z<UKmQB>@i!ho=T;loWrV5e;O#|KhtG5>vXdSBs1vpVj<?ahDuY%g{u08fa(APh)8~
zA+{BZ-%iJ<RO@5<+V#MR%hSOa3(U`J-ZTM?tpH9UEt2E2OMA|zn1rMQs{>{2S6#}O
z^m+P9$SV>UJ`1zvd9n194JrNc)MYW8pU?FzHA12x(O3bwAsFYQvkn9o5ZA~Iq>zob
z3ZaQ|NWqkMqfhCZXgr`#zik?={O1+eM002evSUmr>an_D^@<Q_>x7Pv(Ffk65LN~&
zL^V%}b_EewWgiZGfgWVE{2hbZh*CUzV<{T@KDqWfXt0~<bAa_$SP1(LMwmCtY)&rZ
z={0VcuGS?vurA`O1FQqTo@Uq6N1wHN-vF+2k~tN|<BWDAn=8k8odVxY4?k0`ZL2xF
z>w^BYd^9+Uv(bnXv?+IJp~=?N1rG}g+qxiLkdA9LLLYFIR<J&7H9D;H!5CHr+1uZK
zM@RRYe6m0HtyYy%sjUOMUl-H#UQGnY>1L!RNRhsMG;;78LZcl5uU!VBN3tmUs*3;m
zm=;xNR>clFGJqp7L$dfj*|#!?3!{8<3HM+(me9V{@4_6=M`t48^N#WsTjoMi7RKtX
z`4hs5kw1c3oQ-qyHq9sV(sGKAb73P9corvZ@hLxtVBBRb=uy5|JL4MD;hhblnb<ms
ziQ(`Xjwkv>4R>25om~`yF)R7e((Z#tOTdXi&|wehy&$Lp>8u*XUmqW0o<0j%V0STK
zO05ofCmUaT%$jH=u#Vov!aMYSaQH21v#wez`Mdp=Q+|U3q(EJqfc-}Kws<K9W@@AD
zM5cqtt#px{3xw2^k4{RhekS|At-GI!$Oe#!is;$CIg$!s2Tsdw#Ksbi$MKuD;bx6D
zFLS~gbAEKQB;Z1+bq7z8^f^y_K@KZh3SC@tCpbi#R*T?B2r@sW%^b$3MJ*&3gfQ9d
z$0?g(;hnUHsiL&6lM`g?t2&3afZpmIkFOw8Op>56u!I|sbVwfzF`zX3Qh>^ZRm&qE
zJus&uDfUifNVA5jv+(AEUT@&-lY`CWpk+MVF%jha8Gbn78@vGT?R|bRy-m}fOfvaW
z@kNrXLl$|Fe$|xGB76`7EViXj-vkbnr7ry#HYJJY&oj7;uK9e(bhJ)0zJgyr0qrIP
z>t)-ll;up!7W5vy)%&t05DHbpZ7_rR+qVNq7pHEI`jKs%-U#P1edzf#JEAsM$f6@)
zFCFb}Ls}tb8^4zEEC^L-hL$9*87ghMdL0*IXc4W~=s_<-Y#c0L8Bmp(^Ls}^>7K&5
z)V{39+iOECU^9+BLb3gV4@1xT8dxGmwH4zuL{Dft$fTeQScf2ZFEnzj1^gq?AeG*S
zw$vys=+9`nME5G$V%V&nR;%BFp(KL~D$#T6ohDu(3v8iv9f5h0r8Ij}`aPo+@C#C6
zJ~U?rfGn-7dTMbU@Y74+vK!i?F)BCRM4iBWDF<MO*8v6vvS#1D_HEWi{fbY5+s<Ex
z?I*W;%<*Nnz+q_kf!)s+heXw@9=uDiSG5I0Zsd9YdEe~yrM*WaBDP2X9#f&j)~ynG
z>so%!4zmOFWN744Q%no@_q3kmt=2mNm78mZ-p2e-i&c&H?YusZHU~e!L9z^l^kT5M
z<F&2OZ%vp9?l{qmKJXNZ2KBSQ3TAU73yus4jCT8i0Mn*xE{R01;5>&h>FYff41MpG
zY>nSG5>#fzBFD^TI=p7of@G=&0(PO>Atb;~P7J5K-p`9)*!+bO6v66oshzOFo6Hxq
zxEdj823#XnNZ*AzBqbOm$bmrgE4mf$hlMYqnQK8K+5`4$+O&{Gg4v$OnQ;`<{Z=<i
zJGM28ou;xmH%|n%pneuGvfh%4MOfh?L1coUu(h9Ru<u+;E`RN9!y1e48gD09gLWxd
zYDze;*0Sk^ELs@Bz(DkJgm$}8qZ4`cv_`Z~8E`Ux`@lN3_-QRax_5v6v6kS+OEOZs
zhRr%@VOp8EAkYN&-gk^pUNV%^Rld}31=VgEj;=U`!=7ndehX}u)7Vmjb$LvaEyit<
ztJr#8pY5PfJxY;r7AbSQ5gtay+KpINv_rT|-#`WRC-mURRkN9*JHZ!eCaQ=yM_t{H
zGPaWM_4S|x&tqnzqHqpUMKfiesiebhyG;89`g!dY#O1~!D#JufOwrrd2CBGL3-;oY
zZ*gea7)%2&O*}CeW&bLZILy7b*>4ui6P9ParT0nDip`9r|6vgMa0x7fIZgr(zU`vm
zcUa}^xEKq#`sgm?rK`H-_sXfmk`&rB7$?<2hb<J$e)Y3yf7`wv8M*@1A)%2@Zi_xR
z+KYLLu6L*Zo<EB(nblPJ^wJ!;a7TBNR@2T8fn3Xq7qq#wJFl~)zCDMwr=kUqEdnB=
z)<D>a5pQ)Vlz@7`cQjTo%D7@PVdT^|8qYc$p>8Q+kJ2Y)8X&P-l6C^+3u=tuz(Or^
zMw?Z&1naVj57QF@dkbKEiZQ{{bb5l}^c?(}nyXFr1}pEkTg_L!WCi5Oul!t{<-5tc
z%7-l$<G$C`G99RAdGX5d(ZVctq#87NJ~dKR$)~P9!X1VdUFK9K>}-OWG1xotB(bg~
zUpM40?_vi-(r}DXmCw7=hnFr)ET#D^(Z6AfpeoM`US}!5oWJamQYf-Zl=+*L5_wD2
zmF~ZV>h$_3tu|%_CBHQT(PuGtJRrfS-7=MQd(F%^m9GXLqll_eK)@Cuy`U=r0Tub@
zmbmeXd5u*{#*4-j7T=z(z6@d~s<9d=S`oYEFBg^wv>JnfFG!`Zy<>6>6}hQAIu+Dt
z5m)n3&uV^Sa#A#8#TPh3jT)%6W}A4)8HKLkROm62qptVVnCO?>yEM7sIbAZ5!^}j2
zI^H<QtMSt$tNlZm9pON&N;<>lYo0XxER8Mv%_m!mNK+jWfV2SrFvXW<Mh<P7eWKsh
zqV98rkD!H@Ys4#1of+Tp5~4VvBjWE;y_ie@a%pyBb-boW)%1GPJ>F0snaCdHp?oJ2
z9NW-<LzlX_<b+WhE%$%3cB>vM_Gii5so<J4%xKcJO@Eg=wc$D`1t@0#9R8b53=s*I
z0CnO)uBJD6@ZrP8-{(8YOt+%oeq(0z2lyHv+c;+dlO!R`i)iTyq&I~UxVo~pW`%EE
z+Yqo+m$39PfhGTJBbwo--Y$7=yj`k-H2cdn=YN$Jj%6`1BYb!H<uLeO6fMQDHD8N4
z7LG#SAWe&01OxUg%rR0p0`$|siPUx?tXstZHPM8Ws;$~s;UN*zTqhYOEn-wOfJJGk
zC%Qajbhu3LuMWpM!|*nx7L@k*PY`I9-fo*}R@KrFtxSo2Qk3q(-D?3U<Hcgq%T2B=
zA2TDENCdc|@?L&jA?fJBG}BRo&#S=`4G;>N*R~|NZQf2Zzwi+BNDxeLbiErc0q8-X
zynl$BNf3&GDW8_2XigFQwd`E&)bev-d=dlFt=^W@AVj~#$xCfw){e6CQsV9vJa6kZ
zz!g~5j>`y#($v!<$7~v>O_&%@Dw=I-fhU>*!baCz0<$B}AW+oCvC&r%NNfl*lT7=+
z5h)SF0kSZM!dv6k$FrB<YPh#Y(?faCb11zj=KjDHw=d#ovD&oN<8&lhzb^)3m~y0-
z-wYS+w_?Hl27GTvdLaNaqc}ufcT$`8BcuL845UWiJgwbL)tzDEdl|C;qwC+Vi`Z*a
zT|17b7(W(OEIq_<lO*zzNl^W#b_qjL(oT_`F7}&wdx0CTS1>3^D><I)kpk!+764MQ
z_3~DUFT5#tWQ3+9Tg=C;q{@E7sTYNhC0JcUdpCx2B3;niCG_#i{I_fekqjO<h01A0
znr^zx`S5tPnG<S)zbxA_zPB*Tfly$j>>MV%EFv=`TjdpkT5XSN{fCrH7Z-&r?(x|6
zee7Fc#qit_YBnLm1bIj>#|4*`aD+H(tMpLQnDnWzqOM$mJ;>{8A-u2Nn{ETlY3OB>
z#3aouCBH^KGYZsRhx0G9?s<T??OFxD&)NXkxEe0VeTgy7pXa9h`?;6j%uGGsq}`!!
zV!d=&ZF;QqSYrqZu+;S8#T(8(_Shxf%*3Q+z@UPNxTtF)SQAr>V@dMF{K^YMAqp$i
zLdakuXW1VTv;;Ab!(39F57T|9VvI-~77YRD-H+odm!lfW_ch6x6Jg_j2EA(J--E6=
zL6fQ#^vlNQ$JzLyI`2p<;ma>`o*f6GUFDTsXi@4Y)q<!7@+sl2GU=bhW3-Mww?)D4
z=>RM@Yx}jz9<pRC@$m2*!08&DI|OYZj$xYPfSWP8I1Fsd>#geFK3oR|4V>z*)owLk
zCFf?s07EYauU<mtD<%(C`Rb2ZY!PZXZ~H+=<;RNSD^f1phIN-wmf`{?e(<_qsCil2
zp~eK1^j{+nD|OwFz&Mgfl8-8Mt%Mq7U|;_g-;4gsFu-g1j<nhCjb)(6k-b{aM-#p?
znr^!h@4`4Pyo<n~nzEh9=EL1ha}t&py1q>K%(fP5^)crWpw%neE=MS%nYVrHLZnOd
z_NW&vLg^07CFZEVB|k{#W#Z(1`BgTjX3S?#K)Ml%#M)MMIVlRg6+c@+ALEK`#<-8Z
zpsL+Wo#HAL2T?wP)N_5#z<nl3n)9k;Xrp8*6z>5#Q1rXP*=Bq!{Sv24Z_7`BIyHEE
zqpsSm`j}?u@2qd%b3b=IH7c3faD80aNqV~2`B>h#{<`7a;||%~J>Oe|L6x7<RpW@0
zAxbF^)jV_5<m#t%fi@am^Qxz41RQ-WSdzrf;!bq(ZgV(q07n^0dsn{E1+_W?11ZU8
zhGrFxBUvTWx_iBGUNVL^?$AB9ozx@Dh*5g(nM_maX&&eBiCU<(4t!}YTl&3e2X&T&
zev#F?x*xY-W1zD6Atl68Vf)Xp1epDMSg`q)V%wAp-YDIE-}rz9a_Klqfd}88L}`(R
z)4x=&!~JK!NU$q%c0bOE_aPP0-aZE62O9${Pi(rZ8F>I+hIg7yW2*ssw`6Qsw<zZe
zGC#JWuj!d(WZRTuk#PV&PaTM(q4m)PCebJhCpRw*M>#28_2|z4e7UVvQC0qCR^?Li
zIn~4%08BT=x4xXvG#%teYdpCZbE0m!uZY4HY!ZJ$3uoE~O(wHRN8&p}VOErteM)vB
z<T+h=h$dbeB=qAl!^AQTMk!xJh3^d}aRr13@>X`ieDGfKPW)6*#Q9pCz8C#?&qR#4
zb7b@VUKYZ)Hs0o|t#Gn|dz;&nrE=ZIy;HI9uNDgLb8C3ZoO?nL?1bj>C6GKuh0nX7
zb?a@+J^6md^I#hrXb~@kEmn3u@%#U7J!@eqTle12`6w0+@Rqeh16z4Ry`?B7^Mb^0
zucu)mIEp*~0=7y7T$zi)vl`zkzEWpxI(9FCM{Cck^-x;bVL}Z^5z;Jcks1&!?EC>?
z3P7IhHQ_plE)__kP0%a>kg;-~cz)lS$I5&42`BC_K(=xU&@97@*r-hUo@?%kyjw7u
zso}ZPz2PcT5o_G(q@pFUBm&Fj%TFdEwXI79al#`QxRXLZvfoR<N|;dTaP9_2ri3T`
z|K~zt_nYfL<0Y_+4FDO$T>zwZj3eb8-cgvCaVur9g>rUqA75{ZYk>V9L(&8q);26r
zh!Otm0uUJ)wAp3SkV4j_5ymni?k<3}H?xy<k1+Wj0gcK_KIRJWRYjf-f*;;Jd5<B)
zh2^#|&3ThetD^BM&dwb)?IdB1jc(-)Eb%c=bmkBp4K0Qcx%SHx&7L^3)u58_k7d5J
zJ>Tqxq#+rF^CsA31TrCIdYmrv$$%H>(uMe@gMTXsoMKbcBKI(8V>z|}hHa*yVn7Z4
ziPD~pP?Hy-L3;}!OdI1R0^jF97OTkS71K)`iHSJjhoONvd>Fa2kj*Axe)S#IE;L4F
zG3@N#<{$>(O?Cf%Qv?lF+8&zg+j+xxZ*8KF0bW~@hbWA$W$HE3bh%k^2Oy8QI{O{^
zUQ+&EMLrss*=1fM%<H4CNMRGf2kEA<fplxOmYV0Z`9)`+Oy~r3c}^ZKs!R~U!i#VN
zsfNfg&zy6P`@A!QTz?PW;@Ung7AwH%^9)K65v*in&=u#<$xzDi<_99YD5BDT1UQ;7
z9P2SttqMR`l0aWertqoC+Sr^O<6DT`N<(?dF0ZcTuk&6so`&%(9x^tgfFzjySHG@R
zq1!Y%<vtlDI#=6!3lpFVZ<Nc-{8<W{ssG-V7`tX)HabTAL;%?g;DaFEBs5aDQl<`4
zn8@RV@zBVrP`+WlQNcfVTW9&$7~Y9h-+u#$5k4Xh)=weqnY>V+eQ)0x1G2=Iz2F}-
zKwA+Dd8)go?GC|$IXwfmf|1|_GiB)20&~<pjs+Y8uX#0i4D)a#X<J5gbMn>iY;4pg
zF0lVn$FR$i^7$vH17rr#*`Rv@m8L?ujBRlfeU9)*j^TijG55_GOD=(vs$h1@N-bFi
zYXY8ijZ|AeqI1TDMH?!OoF6`#G2Uf#x+!L^?X+5xk0x-!CR;Mh8utF9coIE1C?B^;
z_qP0xb<F#J4h=UxXZN%9c7bcZ*0qzjOCQ4IESbMnMC>|87^uQl$s;5sM_|adV~YsX
zH|9fjET+M6LiPRqUl9Bc6I>I7owvnfZM}Z~`r(Y2?b$g-Rw%CRD6(gsrazA>gk|BC
zYmF#FfgDlUew*n`#$^>>{=)=!8xSj*?ghGeE?BjAoZ6@om!%nrkWhuVt$d5pBXVqG
zUzh*nbQ?6?y0H`YYQ0BJ!|4+js*$+%ayJKNGL78+6JS8i^}C~4JBCKk)2d^-BI$Ci
znya+5h%YDKJtfgwz;zUfI>^1nhi`MOY}!U_eQ7#?jKrpiPF-P<F0oP;@^M?sYO8^<
zvJk{5`<KUm1cG`DB+%H&8l6yHv8zS-a8rfmL{hA+7J6{Z6jg&6h+d2UR+f+c;Quf@
z#`>x55a}VgEYN}is?h|4WT)@WiS&amRdp8_2}WQko$O8TrGqB@HEu4y`<HUU#$s2?
zp7?-|8MtNs4XqPjM=q*CG;j+#Q#*}r1A7RYmm%}HD5fyxk185U7>xldC5K)nc3OAA
zXu?J=U7vL~0mayb$`@Soo)8pEZL!HRR9?+;Jsj%im=YcA9tMJ-{aAHH>y6I#>E_*h
zxuBQidT*X%O`<00ApxjVIHN?=X2GsO7_ffvQ&=CQ`1>SD+_B??lr7M-Cf7<-=?dX_
z87l0^Hyyo&bVG5lkrz#gHetTjS*sQxJg{b{ecBQI=3#Kz=hSY1cMh+YT%NDBc<Psw
zT@H3Fi#~1KSdX$`QV&x<k0TWJ<Be9-yG;Zq!}8G8GDY`Kk&>nLOq4T&FV1RK`(;ZM
zlHd27Ye6&Nt~Y%tQJ7|w_<QWpp!ARzp)ilP>t+>9ze~bRC<xumJ*aXPy{Tbx>B;XK
zqd@;!C&Etq!mciN7)lOlBAC<uP}i~kt40VD@#vrnTi7Bdv)%wfB>geZK_8Y;3TGug
zw~5Jmz(KKcftI%MwE`ypg9OWqQI$KqFy4E76az(Eqv{tDS^9yTI9ZcAE%zq7X83jQ
zTrlJBro_;0ju+wrPQTfjIeh8ceeH~7>YwfZaM)1KWXwHd&OKb^()SgiYG#5P#q{FW
zvTdb)&TI9kzx1VZLf~|)vi*U&uCBYwQP#ETHTSZnlPLa*)v&_ljeI8JYXM3;v7f06
zZO&Se-Ar97V>k5tmIY=!K%lsu$+mP+Wrl-S3)QB50;zbE)2mtzq(D*O#SNxe!>1_o
z;0I)x@5A1vGAnJd3R(CGU0fMk3@CUPDA8KxjEt2UaZeQuvd@*fR@I|ppSCqGzKRlk
zyFZ$&`UTKwg^br%jVPT0`zb6;8sy0qG1?P|zsN1FZ3soPTf=}gfb%4ELfqejCaIkR
zLQ+frxE+A1(O-3{?vAL=@K@wGC4z1ghqc#xPhL}wl#6j^v{1cW!*tZ-LX>ZF9Y<w=
zoJu4@OedMT`4M+K^JOh*r&v6cyH$`cF^0P@&k||bmdl~;%4^iYL2y}SReSDGk4MG2
zel$mt$iA>4!x;?Ez^gJnPdL~dUlqhjwkkX<F2~Ma4V*+u<5(##@dq+?u7WUeg%>EL
ztc@FYQp4A=6a~ANW7vKHBG}k=V+qZDyp=eXw+SKb;A#jZF5+A9k;I`tt{5og-!>m-
zWLR3G;dSCpIsOde;c-09Hpgu+VyOnjgtL%RN;F0^H4wz$>i4+kJSAgVu;B9+H8kb=
z95MK3<b6~At?0LYgtYpLo$oxZ4*OQMCg7Kkzl_10^0sBa^^)EGh&Bo&;U3X~&90IT
zleP7P12uWm?uBF*B?_%#!U(5h&}ZJHu3biSqmiB*4$<GaC<S(CdK2vycYOw~iwbRf
ziy=|o(5Aa;16EKOMu!#5vf>Izd9c}QG6>8sZU@}C<I<uzJC|<LTm^|OlY5+zoCK)`
z&E@Ewp6>Tu_4uQi?4%ezs`P36wY3O&!G31d5G}Kzv{;rM?IUf=0IQDt2}ZS}fG)%F
z;;10l<m>XKw<)>ouJH5CmdY@A9dcT*e1mfZPN=hNH`1apv98>f6SI}Wmw*tpHVM;_
znA^>z{gkaVf+41(b$4#ehz;Q<Ai8p%gJblyK=52DMA)YnOkO=Ya$+d%G6QpC>N`#D
zT|{KqiDDq*D0I78gh^t>n0y7HssuK#oHI(rTipRFumQ*SUyLQ91gP0%BIlH^2XI3_
zPE&USNP;N&zmWu!ge1<wMV?T5>ZSMSbY`w-4T>U#?@a5M7zdkOP@RQRQe;*5!mke!
z`*96)9OH0Mn_lJbhvFGT{8q%pnV_q+)Db`2-ZxbrJS4^*in5QrG15oDVy3Ys94#P)
zu>WzO2>%}kDlOZ?2UGP2uVmG-)0+DN$~)AW6wCsBjL{u*S^3W)(lUJ!pABlhevx0s
zB+eh|0-Fdh2kA@J7MGh<z(6&On6n6Yzyg@~mOKq|3c%_91^HmZr0Uo(tmXnLM_rHD
z?%hQXEdZ3t;ksDHIh<2gd8q~S<R~qM4bN+F1}L_x>v5ZQo7@MKFAKBbCO-#4zo4Xc
z(03U395Jt`@j6L+>Hp}(-D2Lk)&nt6$Cc~<OZYCbMkSKAlORcIOoXpsWsX5Bmfd>V
zpo?3ds-MuWlQcGsK|fBx$Zx1TPXNx2U+#SOE(U^nZN%VBu-wlfN&w;cUk0Q#yKG4S
zkc~lr$eQ<AXY4?ia=t*3!+@}ald_}tKhY0qOHK&0x;3hDsP~~mJ7rfhLAGI_NA{d@
zuD){RkQD3R=qN4tn(!jGs{Mp-{t%FMRahM2q^88{D}PiQfxv7_h!je+dCgNaYS&sg
z^OHU~W=lQG+~+=qsYw4do*bbdEIeNEtzo~j=6#p*WPuv)ahahCDc4h}27HWoYYeLN
zo8c%Ldb|6^y-ZsJAf~t}`B;bf2geI6qo@KRbC(`WB(^YAl4XD%Z}66@g{xtj(Gy5y
zF@Q1C>5H~(cQ#$maJ}G7j5D+!0*)W1w|`Dx?KgRnaik|qy?e^c-`4@He4*lpTm^eG
z%}=!k)atK+<N+!8MIWP4f?~RCCva@}n83m~hQy5$`;6#cJ>R34YIe2c#xp+d0c6C+
zN%Gto{O&f(0SWpE4TK4T(o{f30b@@#rq@whv}tX@9>P>L&JUZb3INF<kI!D;1a#H)
zfK2`IVvr0_<37d;oTVFx(q#N~BykzREH~H-0B{WuF4gQvr9t#*<uj8>*?|5PL8zs_
zqEGGBDt|O^o0iZXLB0Xhhx34z0t|TGd%BM85}SQkiZL!62RgRpH-IXh!~N&|{)eK~
zX87oQ-A0Eoo%5dnHZcik&XtWv6!AtaoQ!XuF#yG>p?`rlCDh-L-@!{|u$vA5BCRgu
z0boh<*~}FKPBI&v_Dif%YfZIS*InW+?ms@aUVvKd^ngmL1<OddGY~J9iENq#yh6mA
z&lbJ?^<!hl5IeLZjB8BINVBY}2a(tkBU)csOkb_;Kj$zYkp;RgI9;k)`3x`l{x}0d
z&WiGpuXRi|r6mC9MhfO&5fr(6(+S8G;Ut>uMkrbJpNM`v+|-Jd{W06Wh84AT1b%G1
zdsT$t%y<uksEsEzqw`vXIIMrUUa!f)U|<e5&$oJ)qHh6=q&u!LtiY>=iBc_1>IgUR
z-nN)v?HY)Ye1I^U%<sG#z>6Ahmu;U_{>%f2QP;pSzbx$fZUqG9UMda%l964}rIt2b
zHI&XX)Pux2_L1+zoXg{65eSCugHgD7cav4qG21T&h%#_;ILu{^=gWcKy=zD;rpC*%
zRK+Ep;6E<A*cs%c<nX>UGmXHF6S`eIYyCdq!;zii&~iw-XV&@jU~AyY1b|6^3Us6y
z9Ulh>oFx4lYDEnF0Y$v*Xzmxo+l)0}6`&&s@+?~ws14H^|C6l(FmTo$!rj;OcV@M&
z{H4Ut&4aI{R}=LUV7_c;(7@meR}S~*m!6-$qT01nwZGgvb9}3Z_D9%m&^lf9@ulZs
zeP!dik0^&i%rl%2%n$;c@wX$c-Qo4P!7tEm)3MqC02Vk-+5z!!sG~9Jc#c5YOm*l9
zgf23Zt>obsa8&TS9R!3t+pv?MZf=iUHn|{s4KJBz@C(!B%kAF?ExFQN%h8w8G5O6Q
zs<^uEj>Zp7XU|X6I0IlV61+)zKSsxv6jzane~^~XP@ke`6V?rsQ3#$qYq8`Qrmh?S
zp|E^lGy{AX!Dhfh{AV`!z#r7>;@K5O3}et*7#2EOl(a9daBv$8QxWX|8xFzy$=RQX
zG`pQ)naj5wL6vIg@68kushJPJs+Rx)<G=uHsFw~BF_~NrtBWcI-n%$5mj1o@WBKX8
ztHGM}*=}?QalZjxi|>Dbt!p4}MXTV=`(jl;M1LUY%D+y*nj5JQxg5!I*d;ar+!orK
zPqMq?H4ns?ho?B|(3V7uxwbc7H3wM`eMo)%!uLM^3Jp)97vRvw_LMe_&`oZql^T2>
zC2pznoFnoENJLrDs`#8{@X-3bg9;;!QMOyWyY$PYUOKKu>J=U#pUbDuRV586?f?=p
zp1~R32dt$;)z{5hSMt{%!$~=U#(6eYYd-DcDJPUmC((|zQ&ZrK)%I{BC?{<q<o+=Y
zB>;jg^IG9=MD<z`fdnLMb0D!n9!XJ~NBy#n$;6x3q~zD1nW>(Wt$J@xqnBmA3P2s0
zIFs%`HpNOAxIzg4H0WR0xNNQU*}$xW(W`{Jxiu);1_*7hPnND;E$wCC;#L_FInbT7
z{5;7V;jaADboK;bGS-6n1D7t%CtIMMU#VWF^$Q$DfvUI;`uo|gsG|~Nd)CwWp%{5a
zyuK)^T0$;BIsjGI)JL)EA2#%nQU7p0=ty8YoST!{$r>_*V+!r#p#W26yI#4v4$7EF
z6+&ikJv)mQlU+n>2d}b1`;z~<#KJ8APjP??Iac%SRW$V7)nz@2nMX2Nkc{%R0^S}l
zZ_@HJ6F#!AYQ_iS4M0a7!pnZc8R)2!E6SrHRrR2Sb7k<rD`I7JL@9W-1REW1Gb}`x
z&k0iq5exG}|IR>D3+e)PfA6w_UZu0_y4TKo00)_sY1$oQYNe!OmSM($qNUNo>*M7u
zn9+l=%TOxuvr#Z4n(d*bR~F`dFY@BYjW=Fkp?nr0R|7**@bGl2a7(K>lx28RfMh)9
zQG`A@o%XbN!)FtM0U$u{PFO)strAN%H@4^BKgRID4XyQyx|GWdXc)~uwVo|xZ%;}|
z>PZ?9fBdU^c@F4C>~!<6txDUh0qz&KD~^N3nI}>B-F8D|+4>g%0aP2v(Rp`Xd(40Y
z!^T--ZaOzmr{y~SvK*>frn~+V6f_)LOILre%};FS=o=ineH$*fAm_}QDk`TXTYRTm
zwCHAS^FYOE=RuP2Xu6^uKF12+P{cvVf#6fT#OBrFBD$FgT3U?4alD!|9377cR$*ZN
z$A&{-oK(6v5kJt!7Mskb0bT%PD8tq9)#G`ukxXCJNmPVLWEnl!LTB?;52Bd|SATRa
z79M`efb>3)meoJ7nL2KYZLaPbw49FnoWgM*2t@1mfbljvgeB3l<UXnDMP*K^GRMKU
z@xq$^5gOL*o;6~&ptJ9(CI+*{{*^hP14u9ePUJp>`2~GX66JZFDVg(rmou%?<$5u-
z)PSrmQN=34FI{ekoH$z8i#QIwrGz5||Cx5`z%G+$mNz`m-wj(Fu2)F?&PAEb0eXSh
z*BzjgQgn(>qEs-j-a^3~aB&C(B6ORZU3&q*(<6{VH!aM!4&w2(L#AaP8wltCH4<*T
zZpzflj!jc_C3Q@CA?NCYGX2q0fTNitf3-rs%!94r1+i1W>?n?z@0<RVXcRLNOR$<C
z-Axm=UyE0QHa2vy*meA1s!Y;Qv#&y%4y@LciR}Sv$K5vLP{6!&a^f?i0yFt<Qc33Z
zgp4pv%uiH8F8GoIS-p3^Ztk+}8kQ`?o1H9TCz>06iiYlrKRKC512|<~(;u@y0~IvR
zW;@SJJH>lOaNmpfR+F17ANmo9ZfpF~3Xk{LWxgCRqAys?gNN{!Ek`K5x`;>VAf1mc
z536toGEC*y69V6_&(>DT$1L)LYtPd=HtP`4t}o}M)Y7AauhIn(IJ$*U9qDy#h2K87
z4ZH@(%W@2=H=7&Mi}F1jEXO5EyYvmLmLanu_wI0tDdtMf|B%67B0>90&Ry94w2S!2
zqBS7Xlf`P<F6*KkTxHC0O>r0*vuTXHLB*^-ovwkQ3?$cWAhE-^k!l|M)2i}OrG?tA
zS^<9~udx5+FdebuAcfCFKfM+g{f<r8+c2zzEGKx(IqtDJoZ8YmY<78LOD8ZxE&YK6
zcKd2rEf$?Z9Sx8qokXXIx=j65)A)P)kAaLhQy6WSZH=#VjBpRM(~E!N;W<qWarxH@
zB_CkEXm6D)Ps+&CP*^g5U>pb=Z>1P|U*Jg4ja(Sgd-!)mWt8&F=@n3m92}bnvTa5e
zwFtc9TYU^-h|#X?2%zxtGdl>K2`yY14t)@<ISRM!v`b53YC^P%<-wrS!6q+0Wtmv<
z$Xd*#R%0B1PNT!u_m<tdzF5`}tnGpi&KU?K`dZB-NRN&4#}S93P!fY#RHqSKc0Vd9
za_O*#Dw(m?#75U@tO){@Cya7`cu#+YbOpIZIRdh>BqwSoiwN*7Os6Kx)HOL10>4G%
zanW;RB9%^NjC6e;WpM#OyOUG-pQbgTn$))rU(NC&uNM0Z^f2ved$8DQDQz%aWPVXA
z0siV&e+?T(1U{zUv71=#LloiPzV-G<xf-Ev$k*yC^G&3<MjV%v=_QWvsTtz=m}gf8
z;Ejo)3902~@l!3^d5U*dsF!L?41f^#*n8gdO()x=r4@5nTTILlH+;h9bt2c5TG~F$
zlp6JKB94+o+AG(QZ_TG2`J(h!?1K(CqbDfti^k#Jk&uzTP^1^o)(uQSE{v;280j45
zh`#=X#*!uCaEU~A?S*>I77B|qKdJ{wR{%~~Tj^|mP*d_m>kURvKJA}~nd;vWb7DN_
zBLzJ}X!pxojc)ezB#4WJS*NdKY0CA=pIGfhm)tYPtBgsWGO6SBo}lQ54xh{}8_Qm^
z@2?+&SZdR9R89i~mf3G_m%Pljuy%3NH07z72^xeW+ME7B%0?FdCfqPx25v~UoE$v9
znC(&!&A#yVIGpLXCz5!0roIw7uA}b4Qk@?q;$2;~Mw~0Mp_l)Pp;6(>k!FL;S9!&s
zQ;-KqeeGi8KR?8({H~43QnrT(oW>b)vYMzVmf1vf0nUA(e&8sHqsj!>lP*G2^-~C<
z{If5p^7h~1drC-lwO=#7i2!gUDhghR^Sc60Xz2=x|7w%-UF$QBnB3!C(~yAu;wLGP
z<XQ5S2EhMuPyeuj;$?UbD<|mv8pZhd#MyYVR~~X>%7}&~N2m1Wx6qx7m=>JQO(Ccj
z9_so3$^|cmhG{GKF_vy@(47ID^5V(Yk4la`T`T(uaQo+>oK*gf{{Hc<;RCbb%K(xW
z2oie$-)od$<gRqkO8;@8&S(TY51dEP!km0GO8I|9IDbJ1e*oZMkpE>9>~?f0mB#KB
z&cIfuElY$^W!FM%bOq7Sr-*;o7lqNX1#ngY=lS(7r4>ho%!_(VQmO`bodV*<YMTzB
zV%U~3Xe9i}DIM!!2)oXjkbl<bKQ?YApbJQh9`ZRmZCHtQg~!#ktCrZ;r{=bqiwM5m
z=3-eTJj>v;RQMpAV>pJayV4!<hOkPi99d+r#W(w_U1cPI#qbK{o5a)*HRjCVCxbwI
zvd@1DAZai<kyOFCPaDCD(QEo)s`|mbdzHRCGlyVFE(ZEjs=mk4(I~oXq{NC?I(e!~
zKQ$fr&{1>icJs5>bhb?)H9PZ{v~3AhN)K<75ckML6$5SU;Tymk-Q1qwYX%b7mx1tD
zaf6*H(Nbc9-kw=5Nmam=B>&a0$nOvYtcv#A<!mz?+6Ma-k6C#h;Ow=XEtDV6x0?Bc
z0L5Ryh30XR1Dxw7>?}{m=&-D-<yD$hI`q&t5j9mSdX<c7g=e)NJeI8oiCxElY<&gW
zF7x*-(vc%TG>Me^cq)Oxk)4P+ToAogvMF&aHh5swCm~%6<bt}wp^?Un%WVSrexnB!
z&VODFg4|CRBl57K-X!G3V8B&o>Z8(=?*m*3C8kkGYo*aMm}4h@WEOOYL9ecd1d9Vn
z`xijO(F`zj=2B1B(S)Dhhgx4AN(^Sz&$+b`@i=716}Gu4aGGX<3-W>V;dFE^Xvl5k
zHl>L3L~%rag~-rvesN<qV~NFzma=^h-{Z_5>fR$<#d<)y{RY0L{UK<vwsar-T!Lrx
zN9LKpCrJK)p=t+`eaCcG0Sm;U+fb${|5@`ThEnSn+GWPlKq@x-<vJip{|$t`KtA?t
zJcXFbuGVx{DQ$6wd(Q<<{)>rwM!?Z>ICt<iwhIH&f*k?O<8ZN>3Kv!x83EiKEe?@G
zD#YE+tPxrME%1IN)j2CLa913JHPZI+q)~8<Pyym&^h`>#1d9d%>XoW3dWifnK9o-&
z5IOz;{xZU9nKox^tVv}HzlO#abrh)j(l4UrK_Oj0T>EA}1WJiNlUQg%tDa4o0?gg?
z3UDM)c?W)f#zX*|M)$T{I|hlV_$syr7*rWO3*~g>z#<hrRa~j3cZIMRWk?Wa#Gn27
z@yg07r$D}a@O5u-E|3Cm3ZzfdGgL-|ituCH0T7Ajy0>L)Q9m7ka3}+#AzhT6$fyfn
ztZ!c0L2X}%aR(S8?FIq&qq&J30W>mU;vWxkrK<0GW|s!)jK)ISli$RVj>EeX@beGS
z3D1j0_q63o4O=Vs*{Y>4{x;Ronh^}%?tEo_FyB?H2Ou|eIc}IZ_j9U><v@U6FR@cr
zJ7I!Sk<|UK9ku5!%37saX)rdkT{2vfX{V;?nm~!DR3{XIK<R?3y$k=TN<VZZ7}!Qk
zFDUp>jg{N6Su?Y#)i;UfX=G$@U}P0B0QcgVDvW;Z+)4(-f@RSorL;0cNVDIV(}a11
zS=%rz$I>r=n41`oAn*;l&~hMQc=%CHuYQ1cS|Sd0_2bx}i;2ocW>Wk=Wqo%%)qmJN
zr$a`BI7Z0M&PrBg9b1_hA$unyBPuH+$4bXm$=;jHvO_3)gb*@A!?)e<{-~a(o?n0T
zdR02-^LelPzOU=LuXn$dsli}Pu-7CY00=h0tY!h7=yXPAmEn#efr<g%C_mj{kTOdN
z5S}MGVR}p^@1d~Y@@0Svo`VE|OrT_^U;MdkS0nE<YdhLWzG<N+zRriv?XX1@y|$Nj
z81|!Hvtyb!AOA&U$6%+%841U`0Kke3q@5Fk+OePnN49Zl|H%btM?y+XM1@!ZmVr7=
z=9q~{3)j=*{iMR_+44nf4<<W)j(m*17tmqbBbEr(6e9J{hEoBk3%(rc5*9j<*TSn8
zrti${Jhklq>)>*AUmWN$6VhKdrtdemG_QDQ)%@-5`~_r~6R4Er$l2nHem|*DrqRHa
zU(Y%~RHhtMA*`#%&nKFF&Ca~j*h6>PIECi{0rVGqkUFzGg3ZI8vE|ozda+D1Ss2p2
z8EEYFIPZ|Ch288M*sOIrK{ny8(SRKje2^bPUwW9uh1jjY(mxm;!RXI8vF9enOQF`B
zejl5i4+}GcDhgo8N;3<l9Vj+vxO4YBClpa8^d1jc_s@|;i_x0aa=y#4=RaRfjVs-F
zKdbLQMN(lFzB?QE<NX7~L;~s{^A7IW{+q<LJ6SVi`RFxq>OF&<td9?EH26{H2Oi(}
z3N-*uV)G!YAAxx2!d-k%()sADEq1N=xWwTjiXao>pJ8o=rAEb5SwVqYhXdW1td#C9
zG8)d@mnoht*Vh35@6j1ay$vTNbQ(VaxN|=8lF~IX^Q(ACOkQtc)jgNs;9Za_oCPle
z1t#VPh(?U3Jwtn_$WY*%AgRS$<;y;pI=Yv2RqYLDiA)TSmzdzt9`>bO5Wm`lyAa@2
z9p_1dS1$>Z?;?4TBg%jO<`<{BhnB>lk1V<byW~l}VYf75<Vg%Df<f$aOZY@_W9{24
z=M;M3NR}+)fbi$fpv&<(cpoVB-`4x|#9ahC;Cr24@Y<&`Eu09CN1jO4Gu{)-+fRPp
zJU4>7TkA&}Jk2hDBECVYPT_T8M9dI`p6TAKgpGr6T74<hbV~3?+nVPTMTrRc5l%N?
zJ}`)Wb8VuPTfZ!v6)t-wkqobe)1wwhy}#ucC;L`vx)a2XE{|C*_YMn$QuTxqoKWz|
zv1>v}D%reM9LKU|;LVs&&PKTl+|KMegs8zrOUI1Yv^5R}M8+4=603`L!>t#sp>AYg
z0ON^nY!t=49r}T5qqEHv4~lAD>lZe1*A`wb^c)pEU8duz>XPlDpQlxrmj^JheTCGC
zzEXFM_%lbWe(%(3j*6tzN3#HTKKZgP!2A;doE4>UbrB*8WVMbu9AkCAkC_p(lfMob
zd-JG1406cm)_I?Q(dg|W`Q2rziW?{Fzqi@DlJ8ya8BM0*WMh?f9c78N6sph)c|B~R
zQMr_$S%vpVy*2?p09|B^H0csf?dBE<J_bZbnCenp&)l!om?*)XjCYVVWi_R|QvS}T
zW^Np9K|9dFHx|S>E+$9U?0939LBLW}+{QMnfqZ%op84qv7F46w!kJ<|NI=f4LM6(w
zqMgUe+PB&?ce8dK(+?%@ZyIftD1MLqO{3AC`<P+C9B+i(-?NuYyxt7fCeHY&h=wXK
zXr!kVOzZl7wiP&Oo`)@rOjLh9%pBW#9b{m|4J@U|0g`r0zt5oDXX@AU7|UMeOw>9N
z|6PSO@S8^o`M7z_l~-r<>WZl7E+4iEDeB2pjN;U}`{xWPQ`zF(&k$;S61sIfk@HTJ
z*6f5}$T(5{ny7@ui8Ss4)%{&^oa!L6jd@CNu(<-hSxdvcp#`E!@@d00&&VP@Z;`uQ
zg!CU;R)bjpsy5^|>>>$XqHd+Yk0@29PB}CH+|T?b;d(0n!yibb|0$CcUZ}vf%Gj0q
z#P3_aN=-ONBqNP6b-(WXHm%vEJEl+buX|^E3B6-K68MEiQ?TuRCr~c*>BCjuMeZ`}
zCQ~o2UM|?gvLDXB<(G51O}`B{9udn|e!$}T=B+*8bRUCw&GmBd*JDj9xymd1rv*(f
zw~F@k@4RSWj21Hn)8RCpTi|MCo|Qvu_tKqY<{CZ18V@!_8gK7U#WAlEa&ZyYs*p>X
zy{ZqUuSzQ$HaXX@T&|@yx;Cara5xDn{AfmT;wIGd0+3%B6x$~1KZiIy=C!5q2+zI)
zN#h6|$T;{pA8s;oKQF+KotNyqqhwIKv9=xf^D7a(SrGj!Yry6%(EUbDeu>A?G)h6F
zGoTK1hc5f?5OF5Oqp~fI2xvqfrGgDeQBalZTuSW-*m8hMt>e%lC_-(1nB3Q`EsNJm
zDmTGR8yr1Y_X_Yk!IoBOXYgPuilO2+B;g7oko6MxZBvw&9I$yCVm?H}t1Nhw8TrJr
zzFhY$suwfZt%~x9gp)41>88!VaMeva3naC;0Wj^#nix+t7v5)qSM1;;RZn2P_-mi?
zL|D*dm;_2%canrRJ^sFT@q+j3x^!he>T4KeokeC~FW8}rMt-k*L*j=yi@(+x*NPJ-
zB?JrZ%ceQ1tOMrCg*YUmJ`(0N?j+%&Tg|l8+66lA3Kk(rV%8Wz<7jhQ48g*+<w^g4
zL%MygaEPZ^cQaHYLlx2=A{uaD9mVPQ$aw*oZ=I7<20Dx+T(iF)z^*{2R&f8gFg@9p
zz{^{riN|ws6&}Bz*2HU;j?8wR$n!7t#U{A4vDW~K*}oj}oSDp22zBO(Aj6<Y*(`1P
zwfca@@$ENnhNP2}mLrLR5>8uUqh-B%9}>s6Sw52vO}43++LE&uOymFo%$OQ%#35qZ
zq^ts0cB)gT7^agTbNK`SW}Np>OMou~$^$d<p9{@TzKBYmu9cS`#|r5@zn&^4<ZKpp
z)U~1wRN=k&DbnK^t&eMVHN3#F=OClMu3MOX$cLd0s6sa&h`(7iQ5t>{_!E*J4{*8q
zzM36p)=0$Puu;je4h2I8+KO@k&oCys!rI|}`(v8oiTDdG9h9<@Ger3o1|}o>V^ws^
zVj1H$*FE!WQ6oBGg8I~wyyx$*%9M*~UKcid_FV3LKTo>raES>5@(a4g&<}2q9@*bS
z7JHFH47JrXr^BhcNRWx;c%RTC_nF+tWMN(S`XjDFes)SzdM#y_=e!5)k)y<8YC}5c
z#N)CwPWK@!{ZLQJW6O?$G;;j}0uaoyHeKSBJDz8vB6FwtHsS+z_8n;Swr3i=;;p!S
zL$A}2JuRkG3}@uwx|TMzcr4Cafz!mfFc)02K1$$B6I>Vigl3wpSO*t11k)yT`7KFu
zo|uOfH@OQ{zah*oM3`GpE_VZj*WWAB)+n5DO3mb+d-F8ASBjN4?d@WG#ka8H5_fO<
z$48U<hdzsF^u*RQcZ>Q5!r-qmVy6hGKWQEqmA=Pc%_4MI=;aV-d-B)tFVt&?RE{DJ
zWBrdZ{1$I#Ox-3877A8Mrp^E}Eu?+~YE=P$lS_5{`90Z*<<g}x8=5O@(%$jn(dV1n
z9m0;bv|6<Ij|F?{s=M&bu#%l+GAUf;f0o+rW2jF4@XB<P@0AYsrJg%D;YLTQ=MpvX
zOEpR(f{%sn9>{UGA(4zO3WFM7$%NieNp^$?noKl50>9z_!l1nEF10Z@qlP&ysKtWO
z8W}stbiKg|sOkp#KgQO1DgQjTm^$cY00ynDLb}yGr40Ld|M6_tbiK9C9e%(N_8e0T
zMqoF<pDSlquwg0T2#;1z(hkq%u+pxSC6~it$6^HA4Ovq4$I7go*yp=n9KzxKEJ7H@
zo5Q$@?m4AxuaPXq-*=}YP?*Yyd3b@%(i~x3o4Zf?>K60&C^v`+=^1D<yIZ}%Rk8>r
zsVpbl^XO(&;IY78T)?y47!*-`SSiM}I{vOa@H>unZ#e9}f^t7NO;t6=$-Ps9LYw7*
z##<R4i&lsNip=LoJ=M;!7->))OP&-tFt$w;?(zx_`ml}Mgz-hGH?Hus6v;+_mUK@3
zJ{j)IRo27<%jTJWxz1^-%Fdm*DH=nwzq0QOFF1NmH&l6^VR`EoERO_7A_kQPLn3)k
z$#C8(ZdJ~WcB`XEs%y3<LkU#9(egW?w&PLk!Qb~@mV5TjAF*A;Hqf0T9e#5Nv8*z0
z@}Zb(1UEh))m`{NGfE+MTszHHS1xaosfXIgb3$|%b)U?Fb`cUHCC~MGy^v4!oy12o
z=_8*VObi+L40<u{7^V6>sH{wl?`xRiUT0LFroAa)W<m6hoyw?*?9ss!T{!=D26KvU
zTmG}i`)Hir`R*0ldofcrV*~gXV%#&vbLV7@%m(v2W`(Gb&6-Ql!TTtInCp^FB*(=p
z35AUi!`a(OiS{e|0dRn+i#y#XGHXu%D$EV%_d1p>2wL$Ry+5At_8YmvM*4Yn??IqU
zB#5CO=SnyY-)aR!p=}$uGHKVz3J8yrLN^5(Hc~o|!mJ#3KxW1AKuOC&fO>HX{A<!h
zx7!W|;h6<FwNfX&>LS|X!k-n(pF!&lm+`x@D}^7jGHQWno~GTK3<yqUm6IcTuhSce
zfzMa#o1DnG$kc+nb-b7_nAjykagKRjP-*kD%3%~HQ_t%TmwY2t<TDlO2MpAfPtKV|
z*S`fHLygJd(U7SY-bd|x3STm;=J>8sgg!E6Zf_({Mhy9YDgq5PZtH65$Wz~>BTvsu
zFVm{bX7YV3vq?WO565XQOlFma0gFIS$8lr-Pzv$xev?@P3NL!tTF#zQw|*@)?!t;%
zhWC~Myx$yYF)F?tBnEST7Tcl3n)pKfd?5Zq;?Dk%>S*;5mC;uxCq)Vu-Sf%r61rO@
z_46atm`r(%KkF@#nN9kr678KL_17!Hh<%)?>q*=>b(8%m;%-0A-~IFI=_5kw{hErc
zmsP)lpI#DPRINX}k0@*A9Z3kN(HRag$UV6J?sn5xn5aPzT)gg%@!~^d^qC$P%qmvn
z?PhYsUF3d#doNz0P(Rufd--t?)PdYaQeBlArYvM+uU~6inJ1heH?zLYolq^@Ub_u-
z7AjHinhWV8m^BqbtE&RXP;_<0?g2YcJL^P~UF-puJjD}SexmtCzu#{tQ+UCBcv{z*
z`^qz<JZpDWIj>F|pAo~}=xUhlIzNs@qC=tS)@ViM6Fr|D^E`KdDk<nJfJOrUye{cY
zYdE*g#aUvxttu#dlYwWJIc~@8>m{ZoBkF}ZPN8P@ZR)cv<SaI^lp7(rKil-_U-M^u
zxlZ;dsr{Wn!XuG4#NMZtw~7)>%ebz1Ps@MdE}^6>!#5th^<FroHbwF>(-R=a7cDXQ
zO(+TsVJc>=)c;JppQzZ`!JV@sC{PUh`P(JhDrO3z9hU%|>)1WK5t8>7vxV={N(BQ@
z$ZYlWsZfSWK@B*Nszc>8MsPk*0nRsb)y>tuv^BtWB8bX2y&^8^7Ih`MD`s9rkCF?r
zh%fWT22C4!L@TqStrZ~)(2^e~J-S7exE^IYgc6SiL1X}MI)`OeGxh9FzwZ|hHEI5}
zg0*g)-Y-H@Zb$K6R6Dc+XH5Q;SC2Djdv6OPN7__LJL7)klyY0IDpLO1pIX`8_7^HR
z&`6sogrq`Qu2?GSU_&GGL>sRu@u+**OoR7z_tzIkPAbnx36{8M8#*f5aChup07m%(
zGTTcAi@*ck0Og=yj=gUlmfjrCdep>Ss*<<Z#j@*1U2G5@tO_T4r?9E{w=&sRQ)mi`
zIf-rh0iKpkk6ZW@;V?>k)Ky2l!Qws1qt81^cN$bPX|6M!n~U5ky3eF_dQGq9A;wVh
z+or>AfDvs3o=U`5;ZoS_o836j5!lX_H(44TP1C3P#tS>Sks=gV_JLF6`X_fmLenis
z(~JzJA&I1QD_=NxpZ=<DT_J}fiA)~Z4nK*~33uR1bJwiR4XQ+$vcl6<>jwg!tF5pG
z^N*_Cpry_=AJY#lJZ>IU*UH-${@}*xO>D4G`aB4#9p{>*uNal!8eiSPoIIVGmE&i!
zF1G$!FIi(eLJ!V8(bA-;@T?Z${=>4DNd1NPG~QH+JeiSMFUSTnsFrO0;W%TZ7oy*5
zshVz;(MJl*f7*ThY-RgooO}A=v$UxJ=sx0nLVLmKvh~8Y(YwOfm(IF&9nWuKp7>%t
z)aVpCDuq{duJx#@?^cc4jXup4PAoZ^ODQ!^z$E-~=-hp|h9Et_w=TM85W8?OaQCmf
zpRfaI5D`P(&IS0^unHpuF8|<7HBH&_&c>ZIc<G2^QT?Y;h6Ol({w(*VqI_cg^NqBZ
zgRzMeXTRpGTAd(s4MS6OHj+Frq2|t2bQQm2{;Ynj!*+#9%(h4JrE5p!xZvF{un^w&
z&VmoB<cB3LS&~oO%+bSFY$m%koq!%W<K~gO4P28)Wytx<-qA+M3|55)F4RoQZa3fE
zyG^L&;_x=>P;T=IwcGoj*SJv6NzlkB1m&_j@XeGt&skbu&mA?RFHh|%NPC*<xIY@+
zta}v&!rZ#@W_-026-DVEp-!%>3jj}0hieX(m(>eCw1plF$jC<KMm&x5fSRHVx`G#s
zFx4(@&b55akoGcbq_<rD54zz{j89w}USruQ^Zl5u<2baM<&e#kCDUD|+1xWqc&a<)
z>wnva2UFVGs^_wc_Yt@(@e^@+19@^Y*8PT=zhMX)JlTcax|sc<KE{YX?qYM%wf@`T
zz#`DB=-1+N2n*9Vu;k8cUi4TG#~`%me|t=9A!A0@`tW?Ns?Rpoj{W?k8a#Zl&Xttn
ziOOrN`k{Q<`3s**x#sdA6_Ai-x%(p5^VUYRQU(1dPzK;1nh)(!@$hEjS4~D;vuqNX
z?Sg;T@-ezSlP^{F1ATV^?kT^|nA{KLjz(p5()WeuH0THlV>xs+u7T|5vZ3!Ix7qcZ
zhQ74&Oe8VPS$_TEKBe`GQIJrPP-a7T5Pvzea`y+U`EdIenF=cN$WtxZBu-!bjnQDf
z<q&m*E<+{bpgIkr%F7_BGN#W>GDcuZ4I#x3sY;phztfRClmC7J9@WBFJ8~rD;Jrv~
z5Zek`$MEyC<6R@?&mslMXsUz3r~W8jzQpV_LQ0CxTSaG2szx(d!IQk43g>35IeSyv
z_k@PE6t^y(ipS^2pTXhwabFKzK*Tv^y%{f%B(az)Hwr<E)W2zRU#RAzt6W<3`V*L<
z7rW*pf1Q0Q=5iM*i&u7!Ga=AX%6V_SA_6ri0W37!-=a1+{JZh`;l*Ma8hwdTSh=6g
zhuwz~>CnQE{@TP!hhLUpq?-i(LSNYD6K^V>+)TdNe>gWNjj!RP@7ozjBW6HNVoVQM
zvExLUxju(+p>@F&KFT=jL!q;g_l)GaaqYWlhYs{DZ~Ba@ZBG7vDjsR90Ur`0EQ&nC
zkZ&zAP*Y=&R^~>#o}6TbHaUPl*}krBLGO#J>ctoi!*Hqs8C3t^EL4DCW=#LI_rKMl
z*FYVVH<IvIP$C#hheo1?6Sh?@8<CR9WlxH)1J<ftoRc6xj3`nGtSL;)pkQ&6on{ob
zAJw6uyXT4CoAG)cN-47np;e<HLmEsm{Xlh?;yqODaNdMoTDQn^5t!3TKv!%&TD>!D
zSgnuJZ;B#U-=#)jsaqQ@Rj2){gr&OLM`SdjlDUUg!78xZgeXI>msI37W=TA*t5ieF
zIg;SzP+4U+)2P79p&tOcp2X+452+cauqpXg7m#n$2Ydq0-e>DSK?-C?;(mng=O?fm
zJSsG)cMbFqsdvxf2J#4cY`UW>F<m~?qvUR>^$c{G=eJ5FYKmoCj<z+H*^Gras~kS%
zE^q7`>`h4Gr!qFuh+Cz|Ov9g=y?R8)OQ^Dw#&x|z7d^&jUX39R2oIF5VR(+M%f11!
z0fwZ(3Lcskev;<@<^mASZMyiPnS|@42=jW8p6j77k#4!Gt2*Q66}Q>F=%HoM?2uMh
zmNk0yn22OJr#HA#ONsJ(4W>F9(VZd`r9$aalMI?yIN;^7vrtBiEEYnD{WHWp(1k@n
zF}DhQQ%UrtJ2PTJQ3UwgFR34858M)_sgfZPY3(l%KR9BIx9`!7vS14kKFlojqJ(@!
zxadH##_bRSl`bIFhZ?;%`lU4r&9Q}-hDd^qsoXb&84f3UQ<LWmrD|nJ?ZSF-8Op*|
z#p;cvGVAgg%D2{K$IP`W^MPNBZI3S5VN3}wbB8RSDtP~6ax3W6xqz}wP-0_O<r^^N
zGO`<6nQ8LfhFp9;++r)l@IF<6FiNuf`s%}oK~MsX37O=Mi35=I(X44$8~nzc*)zR_
zio$C8s8J`eLEnF<#4yoete~xQd!qapIfIPvTjs~bwBT763<Q0&{;=2FELc=I>Ox2m
zSG}{u^^2k=KpT$@hzXhfoQhZh`FZd7HG181l_Vnu)pNVY=Ado8gIg@R{bl;2tK}9g
zOsCwKc?v|ZHaF=|1)GX&cS&~ar(j=Pt9Iul%NMrSJ4kv@3~gHL+(q2BiNUhjWvMg6
zI}S&-0#Z1*;%Q7@_m;zJ9Lpps#H$Z}wV&T2F{|#pk;3%5D}6P*$7GjjQ6|bkC+V6^
zq*f3X)C7M?ET4jK+~C93%Vd=<TOy^aPDjqa16n=a9u3H8=qh-gx?flk&dRW+&MQ<m
zugJ>^{Q09f7ct}JCt-^y;14R{xFx?u-I~-Y8+HoE{J{AVqc=OD>dHN@LFpP^=`&;4
z8yckSI-2O6XlsWCq`H8O*dOn$tJ%YWAE=v$#d+e&+AZb>?{0&@`<NJLlK)Wbpb01-
zMpX$H1$!Fyy`a=J3^ob-U&bGPYDoc31u5q>=%Kg8o9C}BxA7h56%!KEQK!-U-Clrb
z13tzOXcC%?-J{!B1h(u$5hv{FT;Xhhd!IQc>izX?J*+5TPFVv~asy|vel}CQd{f17
z!`$N~*tHZp$)|(|nP22;CWCfciUKr(-85QzY%bv1e*PWEKNsDI4lwJ<`t4YTADJYx
zA2>PD4AR>WU-Ojg*HgnEfDF9KH+DEjA$;AXl;$+L&uu;Sd`f5&mW^USkU|VCTKLty
zUS0Wm;E%7bej+~ilPO{EwWgB(%M7Lb0{CgWd+tNU5jG_T##{*rbch$dYuuTDz0L4&
z`SFiqE7d0DZ3XXabZ4%PXandDMf(+@=io6v0S*=a-3i#6asZ?C*MZ+RE&&=B{PgO4
zYcMcL5!?WGzC;|a56)yj#?8ujNk{lZW#5oQkB(iUVMc^JxAv@Yn6w`@=V5BD0`cJ_
znb`1j<q!Y80Uht#aGNtABms-e*ojTp{F_@9so`YWp@+O@qH;{HqWc>yJMZ3GbyYRJ
z_k@<EB~9OXJZr@;zMjD0p7(_~*3)$_-DEeTEUkcS{%wa2XON|lh_9%_Aai7>#I3VH
zD+9ZYBM9}Gq-zQIkLNlRO^Dc+H8)E!vyQ}Ia+Lbav54vQ++mkU`NureyWgd+y;}l*
zWz6SCQ}#zU?;>r~JFp+U08Sj!;iD5m561<iH;HU;gn7{~hzn%p<Q)6Vz*VD5_I+Fw
z1<TT`;^7Q*T<2{9KA|l`sf%d=Y9)FTH0`8W9w3~)6Du%!{_J<<FHof0+ioT^b8)(=
zR<KBIbM#XSWqgtXnH;B$=@DN+`?Im9_l&=l?}0FV7^z?6N*G#PMhk`@SLmkU%_vuU
z8c47RgCA$Je(lM;LoFzF<zO_sqh5X8e)7a+qKtX8VpLDl>SW88^<tlAwo)HnD8)en
z4h^N4%F3|EAYf0{4VF>KY|o<<`z+;`Sy&hlH0mL7>2BmFXuY+Vvjp7&5%2C9TZssx
z)gjemTfuoM%Y<14R0P2wNUkhOSG5N;&-yv9RRSscM*=Ayw=Fk`NMm>J1!$gVPDKya
zWa^*mgIdV8KQ;RlYA=Zr6X77T=BM7E{1q*h@<vb4a;>}byIWN+Pg~OkUSE$Y&%M*f
zu3Wz^^bBGy*>`GHW(7Ryi}{7e+G!GPq`^%LT(M7x+^uiEjyY9tC*~)f4|eCc-pp5D
z_TNDY-l6{Qcj%<3)lQc@db#F~!Usex1-V>vEr1QE!xAU?4^v^og4o$MIJ|@u@~|sK
zC0fB#u5JDcV0U!VY6t=nld2$@rj_QJB_o)loL;LpXi#2ZRI7A4n5@=%CI-1RAph(;
zB1GUHy#R8_w{H{L9bZAxah^}0w1!4EcCJ&O{E{F>ipDO1&{|w5(lh)6)Hq*1Zm6bg
zz+l>yl1LISz(o|=_hh^wmfNdsLNQoI+fB4aCHHYuzqqWCAFt)+u4!~YA#*eD?ar<g
z*!t+``|3!<2TgEgJvkft>D#yW&rb*JEyZ+lg;Ru~w~KU%hIEWc(9|hX9$DbL9+V?j
zVmH(L=IG+`xOqK+&{z<(n4ArXWFWk$(Wczan%acp8-8@<Qda-j8Ibe?B=i-Qez!p$
z^^OlXoY1>|=U5YY<E7cBd7`Cr*xeD<^{J;(1YVrRY}ap_P$}ZO*a169Kk0(8`cy8m
z-M%~zAMZ9*mHVuI+|&iGSBT`bFh**@GBd3le;f}>C7h!{E(^l(<%P*np=thwkz*7s
zE}FtRHM&55Uj*52Adm`#gwLNtHNC8?6vGdKYu9;_8kY&mILC`)0}kIo8vpM45$BM@
zhu<M$P(c|DjrhkF9b!W3wf4Bxu!BRuSA+)+0iNWTBW~Yc5%gZWsvss;VNGgLSW9X$
z(f1JvaDa1J0ANUkqg}*}dsay*M9t_Qw78j2x0&TPZ4f1yd8(&RwPv@vSv^N+Xw2Km
z%4{NI;YB;!Hv*bYvyHVx?Rj^Su|xh?Hh=vSbc82A>QNUT{i1i2&ZQfS{HewtiiP&M
z=^h|H)N?S5$?%LVey$ZV!g-0)CFI}O^sLS2N4HWjx_V5Cr=24T!gZcCcuTwt(tfZh
z8S0GL(IUrr-l908No8p?AFkZWS>61tan^NhAibg8)7h8arLDc6>)ZG3z^7%F;e^M8
zW)2u9F7yb-dl|Qvj<>$)>)9!_o_h3>HCfrA1)c2d*H3p@ibUCUJr|XgXTfj%QTbSl
zZl&ZQU+qn@>k1HpKcakyJ{9PW>2ux@-sP|yC&GyjG^#D!*WF!DH+K^gs=DZ#s4)l{
z<U>a#qwi6DzF+x3aL9YYJb5Y{l)M#pCFsdT8hy9V$*8o$$rApE=KT$=@6|LO;NEcj
z^mU43XEN^Qs6Dl;XrQz>7~B8xqsKjoK)b=GmI_2Kl^VKOW2GEg2h=J~%b`<vk>nj_
zB>c`@i`$B9)-bfZ`$K#DOJq#c1XIA`!%xUX2m&}lrf&WEO>RbF<rseG6u1?nBtIS&
z$}s>il~dV0Tf5hxPdyzl>=lCPd?bes^~ru-y8C%q5U09g-hZg#Y4O1Eil?+^4C-W$
z1PCLB&eF?YAsSis#PXKB4=0GrgNsA>v>G6Qrlk^I6h606y&$thdgP$KCE_rj;0X#&
zOOl21E)EJUmY2Q!YK0Y4B4`fDk9rGw@W_?^S#gsE?qOASPMc?kpdIboy-gYD@AJ%h
zsFHXD!%apQA@5&8{^(imT_KGq&a&5VaSgOJ|I{7Ormr{P`5=8eT=+~iRdjCU)-bem
zy?_on)p-;%M;oQCvdP_nC}$qVGJpVmCy45?euy-g`g0fkrKQk5V(mlish94~)?Vr{
z4sYAT#T-4=4VXOniOv9L;HfxSio-9ds-!%tbEy$|vQpo#%K+SkrTQtC1~8I$s}5||
zGfS%Y@-_(?;pOYgvQK%3a`d-__N1kzH6GMtQSH#?u+Hu~#kkS37<4YCDE4KX0ggTx
zZ%mK08-0jMShOpAwt8vyF~+;_K0Yd>6_Bw(Gs0@Bg>rKd**R@cIapy&zIj13;uXGd
z`#;*wh4Y^AtoOkMfDb3?dZ}T)G|TGZa13L|smJboSd-hC!E98Og~_+V)BM%l$BtDp
z8Gautl;}gFq%c)Q>6{+Y>p$Rrl>P=O@gq^A58`3}m!HeM^Or<(otY4GxoTZ~96McP
zLaFOiOx??g{vU}b$fMDO7lb|Lhyqlg`N}5a(Z%J{*^^`4cTfDv?9yrr{!eCC5Qug@
z=^K2!?ol3_hQ{}ag91;PLK24m&Jq<fe^6C4kYg^7+rG{Eu~TBknTkoY;idd5Kcqs{
zDiCahR5#k0j}m{^DHIb@jOYDFz{(~|;x|qdV8A03fY%pnmr&PCB>o{LG^|6O@Xya>
zUPl+Xnk!3pacJo$`2S%*?Rry5C}izEf;~@1-yVcL#INL;;iocHGb@8UY#0H5(_e#x
zq}}f0T`8hAlj22WUi74E*OBh$*qzqk10Yk_it0&q^hM%A%&EDQj?*f!%njhQ^A<`1
zVfx^9-%xzzEj!arRCdZgIrS(5VF@{iW@fP~B{)DH4>5}6KuQVPIz0dY${W}D2U!q~
zk|k66$ktmRYej+nnFXfarL18ki0}Z9RtnWjOVN(`)3ar;JL=<UkNqv34QAp*Dn@?e
zUv<z@C~-tCH0vSvuV_il58a{*HW!7qz2`L~$C)}1sniwT67sCTuP<MLEayEWM@>~^
zue@zNh@kQh%lY*0qXY73OuxWAt*iG=;XT|k<0aS)U5SUme99}t9}<t0YsNsEhMIWt
zSYwf@SW2038FGN}8mE!&n4=eKc4pb$*F$T=qN3jQzg8O?S}$0ht^~*Mv9qRC(inWQ
zn4cpzs6ap2mEoM*n(Xo7fF1^B$ojhBFhbFu02pqRRL3F{$B7e#szybm>yPE&zB-zX
zjs#tb1KKF(n&G2VjKXLIN64IxkAOo~>M<m5lYslE-c(q1=!{qLU!S<s#jxMEYt8-l
z7Kq27GrV_!B=2@HSM~@b8(Hcg8fkxjqt6M823cH&A3y*Q^B=h$8UsEExt=Kh!A%+H
zoiuiA(|FtN`~Ehy=9f#MnmslPygdJ`aYZ(6l4iI#1{BRiEju9fi)IjQFI7^z?U#Z^
z=m2=t8IY45aRO9!ll?2?F;{AaRL-fL*hMbv*s2+^AIv~>xK>gijdt5{dReyxS0r_u
z(GA;{xvvh84OeiH9~t3at0IRe7=MvIvE!D&C|paG3=+tU60%nVskxiVsTez@{OEt4
zZ%Te1^aN|;r5Byw2v-qWqxovbIZ$dG)PEO_Jz^*pS)Zk5oL!O$Pm=eqbl;ZoNkNs%
zI0wI8){%dHSOVqtHVaIBGB|bD8_5UjUZa8`iD?0N2rZQr+j5CKU+~m+pM={`Sh5o}
zi-7JwPj7oPSfhlTvd%^|4?u!S>JhlxDM+_%agCRc!r>*Cw6fjT-S`jxyuuK*`+Z$t
zt>z#N(vaB>xnVB-D(yz<&F>$LZo)NF$&#0+X|<;ypUc7}duya(Ov)8{|Fqlg8!qag
zP<9vT5iBjer7?lz0Z{c=eYg~BscQ5F*j;*G>eAEss{&SRRn3%pUH~+P7Fg!_l>%+8
zpMNeUVKLeKiN}EH=#^Ow@xSJSBv_6Ff6BLw7L60I?A=y4$f69VCM&hI+Dd&3Lw)B{
z#cIs172mmk-YHda9(+&`S?n8gq!DzJv5RJ_eK8Oq6Y$%z4<l~UyaD77blS!x=%qMt
z`<j^CFFLshXLXL`|F{AC+8!MwB>=0PKmC#Rjd2{)$tc6wl3wAGLv@`1h8!Gd+$hsb
zk;miP<u=wpRp?)&y~gqP&d^~(8PjLv(a$y_Rnu<x;so6h?k?&HUp8|u-j6Z0HUG@L
z+HsVhiucC&7G&@O>x^CZtDzvC1d6C(r=2_<$UT~2nah;AVnQ@Uj+KAfbJ&pY>j5Xz
zQrri}M9C3FO5HW5qY27?4|%3N34Wc?P+URZtU?P%YZR;e&-WH^pcFP1K|K{PWH@U`
zTUwI^H$+LwH9@EH<Am6wCrYEuM&YK$hglN;ObqeupqJv#AfTA46^2Wj;)b$Sx2v8B
z1G6Rz_41`_%Zcj-d0M#j`4Y&i{t6aV!L4a7Wlplg_S20bB_L1s0E7aRImB=^8)Crr
z_}jZ@${S!WkhK%l@YnylCBH{iaD1cv#RDmiMSy}QvamR1mfRX8gT3iSu0Oq?`{Pl7
zLV*w#<KSJ*d6}-S$dekH&y|1v_<ryZLj~yMpBmTL3t6M}Oa6JT^@D`zO`rqQ{$7Bu
z;7O}hW3a6J2LYl&jbY~j0NDr2?0#%r34955q^TvVW5q^Lz;vML^7=1X-L(5Z|4ET;
z8L1Uman{hEZ4Ax~caIq6VLd0Ks{ejD0GPN@q@{&D`3YLM>pi^Ye@~!1i7ibq6opUV
zVCa=TvwQ&S0y@6ztAEc2A^br@US3u?kswL!PZR2&pwtrq0r3C-RFYsCxM5KjWz6x<
za-u>}27`B6Cdirr6ZYW4Ao?oxH(#KIpyeXwI~1)453|mIJ{CGhQbxqfptC!}mihjG
zPbJ(OXFJ$5rY@*XEcCkUTy6pF-;WsFs7QcY1RKpXSzqCBWt~b8?7hm*@a%(%R(;8B
zCy5*Y*&VP;s91$!`37_~+<+4Z8WYMmD+o&Jn>+bcH4_x7F@|L<bjSbRXYrTONUJ>r
z2xPn8Uq<>JK>XXR6hV1v#$Ab!;x~drj^a68AplBb?N5CI<=+4(CtvF86iUUU7Vwbr
z{qu<!bQu7Id4h6HsD(2>KG_J~0<eM(bM@2C!crIAI+!IO{ShXaKVe!_W0(@fUvExT
zBXlz2IS4R2fLL!pBNTlo-4??AV+co}3a*E{`e>BGJ_wZ6XThl_@}^=7E@1@a!%_}y
zBv=RhgnXpVWx@@#mL1d^&_v?Fjko}&yH>%MYbQZ8f^+Rh?SzHbBa-<xZ|H_T0VV-B
z!78-}XKo+@&3SYBBqe;PBC;6%THHF!!6502`SBfqxDz0gVDm1%P&z36hFNbX9ASQU
zE{J@CK78t~g3R=DnRd^T;As2_ng_wtYEH=QScBZwYFepc%b<<q1nA3xeFD;-D<dpk
zEB#jAkxsNWA=e-xjB(H!wKCj5i8U#O%xTHvb+>kk2;p&IuPW<yTaY^0<`H?JLYE>r
zV=MGP<aInc15%znSVXNFm7UPVOili@9Wmep#Q->z+7Hc_+Y5y_^8V=z{_XD@#U|qT
zBJ=J!8NTL5CeGliWnk6RNPt7!+nO|mYVp}tSwR)KP0IB1-<pv26F9|Q!uO~lDJeuJ
zQeXNeYv?mS1Ii3Qz5fFbfW!}=t4K&ZI!TivqdY(<>fav<$^3z5`InyD%mMKV`B%b0
zFw^B9`d^#{vHGay1vO2j**7tlHnRc!^QUV8Wu;*`?O)SGcgS&^BQm`GpQxnBW`gcl
zx;@xv)DOzFg<NCW|8hWzPxJW0ux4tl<pf`IA|erOdI`NU{h?tP(@5Smk*EA@%Yb6F
zx3cZR#h>CDU%Rk~2G#m?AuO;6TC?<&f!1!eLxD48^~Tn*Ui3)``=E)H4z*ntatoxr
z{c8ZoYZX~2pr}=lKrSHoW0Q=W$-NvwUyl&YpI?qjJ##~5!P01MmgB|a8v!`v(l7>^
zPuilK3;VdnG5W&nSec?$>%&R5mPYZ901@jZ3|N6pRwHu86f+69kI?*01mq<L9&{RI
zH4+KZUg=KS|8qy{ZO&G8YWyxZN>s{(5cqWcblIl#I6{&|a43SD?GA4{kq#GE{Ja1g
z;X(S=*LN5yNDiT}AqB1O1YBeTr17gitkOuYKEm_7G}w%D^l@--XuL$#+~54jRcVo}
z=6HUb^vJig!_qUkdVD^drX){GxUM#tFOpqgxKKQ{>&FGAKja5DuYMVBcbZA-8Z2=4
ze)8(>4e$&aX2?!fd>GHnUdLdnOm>)7N1l-A*KePW1aJ9#_4yj_J?r);HI&UtGQIMm
zlUQoJk#=w1h2lh+Q*^m%bt^Q4O2!+Ro%)-Mfg2Cb<!^k{kllWo8E;T)YF9S7)vI83
zhvf6(E#A<!ppv(<ZvQQnjcSHt3I!$kGlNiMy!*e!rxJ9f&0RTmftV>q#rQl!+|w>=
zk24R%waX`p4fqS+n+wyEb&YR$YdjqeX3@TP?)X%-nQ(+isMTj3XGuZdc-lLg*I%{I
zf4}(vQ=~cOd~(m_PL4u>QrF9`Zsp8JO`Ef9kNtip<n36|i=J&t8?Q;HhT|w6IHV7R
zC%^SjJSTa>*w$DO(|dnmZ^2zHb-H6g-U3aOX52~gHLZP2ipYt9wqw~FV~}|7T>j>L
zXUX(vb%TyqlS2K9OYUc9JsX%~RPgv*86mz|ThH=|4XU5lQ@Q67zkCV{47}#|?Wf%T
z4y+E_S=6T6A~&6_!Ta#0V-M1XYc}s^d97dh;wNi!|G7hgXrzSoYurKh+;oxfTkqaf
zUq6-ku*+AhPT+rsEVK0ldU(R|rf85k-Cv(9Pl$W|h2`(R2-ZTI)%M&PQuu3TdzykC
zV&|R^o_X?T2H=BJNf=CR+gI6s&k6EXOXjUFIJRFAJh=2{P3XwO=N%Ffv${(4*NDCo
pwsgGn-<6=}<^MCKnesfSV-9|O@r~;fj0EsY9eYl>Owlsr{{dsLiNOE>

literal 0
HcmV?d00001

diff --git a/doc/release-notes/roadmap.en.rst b/doc/release-notes/roadmap.en.rst
index 7afb416ad1f..4c122686c8f 100644
--- a/doc/release-notes/roadmap.en.rst
+++ b/doc/release-notes/roadmap.en.rst
@@ -31,53 +31,75 @@ our `download page <https://trafficserver.apache.org/downloads>`_ to see the
 current supported versions.
 
 
-For details on the actual developer release process, See
-
 Versions, compatibility and schedules
 -------------------------------------
 
-1. We promise to make 1 major release every two years, but the RM and
+1. We aim to make 1 major release every two years, but the RM and
    community can of course make more as necessary.
-2. We only make releases off the LTS branches, which are cut every 2 years
-   off the master branch.
-3. Master is always open, for any type of change (including incompatible
-   changes). But don't break compatibility just for fun!
+2. We cut LTS major and minor releases striaght off the master branch.
+   We will make release branches in a timely manner before making any
+   release candidates.
+3. Master is always open for compatible changes.
 4. Master is always stable, i.e. commits should be properly tested and
    reviewed before committed to master.
-5. All releases are stable releases, following strict Semantic Versioning.
-6. Minor and patch releases are made at the discretion of the community and
+5. Incompatible changes must be made on the current ``-dev`` branch.
+6. All releases are stable releases, following strict Semantic Versioning.
+7. Minor and patch releases are made at the discretion of the community and
    the RM.
-7. Minor releases can include new (small / safe) features, but must be
+8. Minor releases can include new (small / safe) features, but must be
    compatible within the LTS major version.
-8. The LTS cycle, 4 years, does not reset when we make a minor release.
-9. The goal is that within a major LTS version, only one minor version is
-   continuously supported. For example, if we have made a v9.1.2, and the
-   RM makes a v9.2.0 release, do not expect any more releases of v9.1.x.
-   The exception here would be serious issues, or security problems.
+9. The LTS cycle, approximately 4 years, does not reset when we make a minor
+   release.
+10. The goal is that within a major LTS version, only one minor version is
+    continuously supported. For example, if we have made a v9.1.2, and the
+    RM makes a v9.2.0 release, do not expect any more releases of v9.1.x.
+    The exception here would be serious issues, or security problems.
+
+Branch Management
+-----------------
+
+As of `v10.0.0`` and forward, we will cut all major and minor branches off
+the main branch (master). The ``-Dev`` branch will be used for incompatible
+changes, and will be merged into master when the next major release is
+in progress.
+
+.. figure:: images/branch_mgmt.png
+   :align: left
+
+The implication of this new process is that we will no longer cherry pick
+PRs from master to a release branch. Rather, each major and minor release
+is taken whole sale from the master branch. For managing your PRs, this means:
+
+1. You do not need to nominate your PR for a backport to a minor release, unless
+   the release branch has been cut. A goal here is that the release branches
+   are stable in preparation of the minor release, while master is still open.
+2. An exception for this are the older LTS releases and minor critical fixes.
+   For such changes, always nominate your PR for backport to those Projects.
+3. The default ``Milestone`` changes for every major and minor release. For
+   example, if the current LTS release is `10.0.1`, the milestone for all new
+   PRs will be `10.1.0` going forward.
+4. We will create tags on the master branch regularly, for coordinating testing
+   efforts. These are not releases!
+5. We will regularly (weekly) merge master to the current ``-Dev`` branch,
+   to keep them in sync.
+
+It is absolutely critical that everyone sets the ``Milestone`` and ``Project``
+fields appropriate in this process. This is how we will manage the releases!
 
 Current Release Schedule and support
 ------------------------------------
 
+Master is currently targeted for our first `v10.0.x` release. When this branch
+is created, the new process kicks in and ``Milestones`` must follow the
+next minor release number (e.g. `10.1.0`).
+
 .. figure:: images/roadmap.png
-   :align: center
+   :align: left
 
 **Note:** These are examples, only the first minor release number of each
 major LTS branch is guaranteed to be made. The dates for point releases
 are also for illustration.
 
-How?
-----
-
-As you can see, we no longer make any sort of development releases. Also,
-there's no longer a backport voting process! The latter means that all
-developers and users must make a higher commitment to reviewing changes as
-they go into master and the incompatible release branch. Other than that,
-it's pretty much business as usual, but easier for everyone involved.
-This git branch diagram shows an example how the git tree will be managed:
-
-.. figure:: images/git-versions.svg
-   :align: center
-
 Burning release numbers, or how our release process works
 ---------------------------------------------------------
 
@@ -109,9 +131,9 @@ Release Managers
 =======  =======  =========  ===========  =========
 Version  Primary  Secondary  1st Release  Supported
 =======  =======  =========  ===========  =========
-8.x      Evan     Leif       8/2018         1/2022
-9.x      Leif     Bryan      1/2020         1/2024
-10.x     TBD      TBD        1/2022         1/2026
+8.x      Evan     Leif       8/2018         3/2023
+9.x      Evan     Bryan      1/2020         3/2025
+10.x     Leif     Bryan      3/2023         3/2027
 =======  =======  =========  ===========  =========
 
 

From 8f772f0ef3ae5be7c196b7159991ad373b8d0653 Mon Sep 17 00:00:00 2001
From: Leif Hedstrom <zwoop@apache.org>
Date: Tue, 31 Jan 2023 18:22:44 -0700
Subject: [PATCH 02/14] Cleanup of legacy, makes newer clang-format crash right
 now (#9350)

---
 plugins/experimental/sslheaders/expand.cc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/plugins/experimental/sslheaders/expand.cc b/plugins/experimental/sslheaders/expand.cc
index 174d3709ef0..76ea91804e9 100644
--- a/plugins/experimental/sslheaders/expand.cc
+++ b/plugins/experimental/sslheaders/expand.cc
@@ -105,7 +105,7 @@ x509_expand_notafter(X509 *x509, BIO *bio)
   ASN1_TIME_print(bio, time);
 }
 
-static const std::array<x509_expansion, SSL_HEADERS_FIELD_MAX> expansions = {{
+static const std::array<x509_expansion, SSL_HEADERS_FIELD_MAX> expansions = {
   x509_expand_none,        // SSL_HEADERS_FIELD_NONE
   x509_expand_certificate, // SSL_HEADERS_FIELD_CERTIFICATE
   x509_expand_subject,     // SSL_HEADERS_FIELD_SUBJECT
@@ -114,7 +114,7 @@ static const std::array<x509_expansion, SSL_HEADERS_FIELD_MAX> expansions = {{
   x509_expand_signature,   // SSL_HEADERS_FIELD_SIGNATURE
   x509_expand_notbefore,   // SSL_HEADERS_FIELD_NOTBEFORE
   x509_expand_notafter,    // SSL_HEADERS_FIELD_NOTAFTER
-}};
+};
 
 bool
 SslHdrExpandX509Field(BIO *bio, X509 *x509, ExpansionField field)

From 0c2488c7d0432698272b1433817ee62d0c263ab4 Mon Sep 17 00:00:00 2001
From: Walt Karas <wkaras@yahooinc.com>
Date: Tue, 31 Jan 2023 21:43:11 -0600
Subject: [PATCH 03/14] Fix an error on SSL config reload (plus some cleanup).
 (#9334)

* Fix an error on SSL config reload (plus some cleanup).

This seems to have eliminated some ERROR diags we were seeing in Yahoo Prod when
doing config reloads.

The SSLSecret public functions no longer return pointers into the unorded_map of
secrets, they return a copy of the secret data. This seemed thread unsafe. A
periodic poll running in the background can update the secret data for an entry
for a secret name in the map.

To avoid exporting pointers, I had to change the prototype of TSSslSecretGet().
Hopefully there are no existing plugins that are already using this TS API function,
so breaking this rule will be moot. I added a new TS API type, TSAllocatedVarLenData,
in order to be able to cleanly return a copy of the secret data.

* YTSATS-4067: Fix deadlock with secret_map_mutex (#740)

1. getOrLoadSecret grabbed the secret_map_mutex and called loadSecret.
2. loadSecret dispatched to Continations that registered for the
   TS_EVENT_SSL_SECRET event. This would try to grab the Continuation's
   lock.
3. In the meantime, those Continuations could call setSecret which would
   try to grab the secret_map_mutex. If this Continuation did this while
   holding the lock that step 2 is waiting upon, then there will be a
   deadlock between the Continuation lock and the secret_map_mutex
   between the two threads.

This patch avoids the deadlock by releasing the secret_map_mutex lock
before calling loadSecret. It also updates the secret_map when loading
secrets from a file in loadSecret.

---------

Co-authored-by: Brian Neradt <brian.neradt@verizonmedia.com>
---
 .../api/functions/TSSslSecret.en.rst          |  11 +-
 include/ts/ts.h                               |   8 +-
 iocore/cache/test/stub.cc                     |   7 +
 iocore/net/P_SSLConfig.h                      |   7 +
 iocore/net/P_SSLSecret.h                      |  13 +-
 iocore/net/SSLConfig.cc                       |  24 ++-
 iocore/net/SSLSecret.cc                       | 146 ++++++++----------
 iocore/net/SSLUtils.cc                        |  13 +-
 iocore/net/libinknet_stub.cc                  |   7 +
 proxy/InkAPIInternal.h                        |   6 +
 src/traffic_quic/traffic_quic.cc              |   7 +
 src/traffic_server/InkAPI.cc                  |  61 +++++---
 12 files changed, 186 insertions(+), 124 deletions(-)

diff --git a/doc/developer-guide/api/functions/TSSslSecret.en.rst b/doc/developer-guide/api/functions/TSSslSecret.en.rst
index 87478e22542..9f81d4f5665 100644
--- a/doc/developer-guide/api/functions/TSSslSecret.en.rst
+++ b/doc/developer-guide/api/functions/TSSslSecret.en.rst
@@ -11,6 +11,7 @@
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
    implied.  See the License for the specific language governing
    permissions and limitations under the License.
+
 .. include:: /common.defs
 
 .. default-domain:: c
@@ -27,7 +28,7 @@ Synopsis
 
     #include <ts/ts.h>
 
-.. function:: TSReturnCode TSSslSecretSet(const char * secret_name, int secret_name_length, const char * secret_data, int secret_data_len)
+.. function:: TSReturnCode TSSslSecretSet(const char * secret_name, int secret_name_length, const char * secret_data, int secret_data_length)
 
 Description
 ===========
@@ -48,12 +49,16 @@ Synopsis
 
     #include <ts/ts.h>
 
-.. function:: TSReturnCode TSSslSecretGet(const char * secret_name, int secret_name_length, const char ** secret_data_return, int * secret_data_len)
+.. function:: char * TSSslSecretGet(const char * secret_name, int secret_name_length, int * secret_data_length)
 
 Description
 ===========
 
-:func:`TSSslSecretGet` fetches the named secret from the current secret map. TS_ERROR is returned if there is no entry for the secret.
+:func:`TSSslSecretGet` fetches the named secret from the current secret map.  If there is no secret with the
+given name, the returned pointer will be null, and the :arg:`secret_data_length` output paramter will be set to zero.  If
+the returned pointer is not null, it points to a buffer containing the secret data.  The :arg:`secret_data_length` output
+parameter will be set to the length of the secret data.  The buffer containing the data must be freed by
+calling :func:`TSfree`.
 
 TSSslSecretUpdate
 *****************
diff --git a/include/ts/ts.h b/include/ts/ts.h
index 80c61b30fec..ad1009f7d3a 100644
--- a/include/ts/ts.h
+++ b/include/ts/ts.h
@@ -1303,9 +1303,11 @@ tsapi TSReturnCode TSSslClientCertUpdate(const char *cert_path, const char *key_
 tsapi TSReturnCode TSSslServerCertUpdate(const char *cert_path, const char *key_path);
 
 /* Update the transient secret table for SSL_CTX loading */
-tsapi TSReturnCode TSSslSecretSet(const char *secret_name, int secret_name_length, const char *secret_data, int secret_data_len);
-tsapi TSReturnCode TSSslSecretGet(const char *secret_name, int secret_name_length, const char **secret_data_return,
-                                  int *secret_data_len);
+tsapi TSReturnCode TSSslSecretSet(const char *secret_name, int secret_name_length, const char *secret_data, int secret_data_length);
+
+/* Returns secret with given name (not null terminted).  If there is no secret with the given name, return value will
+** be null and secret_data_lenght will be zero.  Calling code must free data buffer by calling TSfree(). */
+tsapi char *TSSslSecretGet(const char *secret_name, int secret_name_length, int *secret_data_length);
 
 tsapi TSReturnCode TSSslSecretUpdate(const char *secret_name, int secret_name_length);
 
diff --git a/iocore/cache/test/stub.cc b/iocore/cache/test/stub.cc
index b247da1bb39..8c28cf028ef 100644
--- a/iocore/cache/test/stub.cc
+++ b/iocore/cache/test/stub.cc
@@ -51,6 +51,13 @@ APIHook::invoke(int, void *) const
   return 0;
 }
 
+int
+APIHook::blocking_invoke(int, void *) const
+{
+  ink_assert(false);
+  return 0;
+}
+
 APIHook *
 APIHook::next() const
 {
diff --git a/iocore/net/P_SSLConfig.h b/iocore/net/P_SSLConfig.h
index d383e0ec30d..2eb1e10f73e 100644
--- a/iocore/net/P_SSLConfig.h
+++ b/iocore/net/P_SSLConfig.h
@@ -30,6 +30,8 @@
  ****************************************************************************/
 #pragma once
 
+#include <atomic>
+
 #include <openssl/rand.h>
 
 #include "tscore/ink_inet.h"
@@ -167,6 +169,11 @@ struct SSLConfigParams : public ConfigInfo {
   void cleanup();
   void reset();
   void SSLConfigInit(IpMap *global);
+
+private:
+  // c_str() of string passed to in-progess call to updateCTX().
+  //
+  mutable std::atomic<char const *> secret_for_updateCTX{nullptr};
 };
 
 /////////////////////////////////////////////////////////////
diff --git a/iocore/net/P_SSLSecret.h b/iocore/net/P_SSLSecret.h
index f6b2a279421..212ab156c6e 100644
--- a/iocore/net/P_SSLSecret.h
+++ b/iocore/net/P_SSLSecret.h
@@ -19,6 +19,8 @@
   limitations under the License.
  */
 
+#pragma once
+
 #include <string>
 #include <string_view>
 #include <mutex>
@@ -28,14 +30,13 @@ class SSLSecret
 {
 public:
   SSLSecret() {}
-  bool getSecret(const std::string &name, std::string_view &data) const;
-  bool setSecret(const std::string &name, const char *data, int data_len);
-  bool getOrLoadSecret(const std::string &name, const std::string &name2, std::string_view &data, std::string_view &data2);
+  std::string getSecret(const std::string &name) const;
+  void setSecret(const std::string &name, std::string_view data);
+  void getOrLoadSecret(const std::string &name1, const std::string &name2, std::string &data, std::string &data2);
 
 private:
-  const std::string *getSecretItem(const std::string &name) const;
-  bool loadSecret(const std::string &name, const std::string &name2, std::string &data_item, std::string &data_item2);
-  bool loadFile(const std::string &name, std::string &data_item);
+  void loadSecret(const std::string &name1, const std::string &name2, std::string &data_item, std::string &data_item2);
+  std::string loadFile(const std::string &name);
 
   std::unordered_map<std::string, std::string> secret_map;
   mutable std::recursive_mutex secret_map_mutex;
diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc
index 67615eef603..56c9670b647 100644
--- a/iocore/net/SSLConfig.cc
+++ b/iocore/net/SSLConfig.cc
@@ -745,6 +745,24 @@ cleanup_bio(BIO *&biop)
 void
 SSLConfigParams::updateCTX(const std::string &cert_secret_name) const
 {
+  Debug("ssl_config_updateCTX", "Update cert %s, %p", cert_secret_name.c_str(), this);
+
+  // Instances of SSLConfigParams should access by one thread at a time only.  secret_for_updateCTX is accessed
+  // atomically as a fail-safe.
+  //
+  char const *expected = nullptr;
+  if (!secret_for_updateCTX.compare_exchange_strong(expected, cert_secret_name.c_str())) {
+    if (is_debug_tag_set("ssl_config_updateCTX")) {
+      // As a fail-safe, handle it if secret_for_updateCTX doesn't or no longer points to a null-terminated string.
+      //
+      char const *s{expected};
+      for (; *s && (std::size_t(s - expected) < cert_secret_name.size()); ++s) {
+      }
+      Debug("ssl_config_updateCTX", "Update cert, indirect recusive call caused by call for %.*s", int(s - expected), expected);
+    }
+    return;
+  }
+
   // Clear the corresponding client CTXs.  They will be lazy loaded later
   Debug("ssl_load", "Update cert %s", cert_secret_name.c_str());
   this->clearCTX(cert_secret_name);
@@ -752,6 +770,8 @@ SSLConfigParams::updateCTX(const std::string &cert_secret_name) const
   // Update the server cert
   SSLMultiCertConfigLoader loader(this);
   loader.update_ssl_ctx(cert_secret_name);
+
+  secret_for_updateCTX = nullptr;
 }
 
 void
@@ -806,8 +826,8 @@ SSLConfigParams::getCTX(const std::string &client_cert, const std::string &key_f
 
     // Set public and private keys
     if (!client_cert.empty()) {
-      std::string_view secret_data;
-      std::string_view secret_key_data;
+      std::string secret_data;
+      std::string secret_key_data;
 
       // Fetch the client_cert data
       std::string completeSecretPath{Layout::get()->relative_to(this->clientCertPathOnly, client_cert)};
diff --git a/iocore/net/SSLSecret.cc b/iocore/net/SSLSecret.cc
index b8b01895be1..c3c293a0ea3 100644
--- a/iocore/net/SSLSecret.cc
+++ b/iocore/net/SSLSecret.cc
@@ -18,14 +18,20 @@
   See the License for the specific language governing permissions and
   limitations under the License.
  */
-#include <string>
-#include <map>
+
 #include "InkAPIInternal.h" // Added to include the ssl_hook and lifestyle_hook definitions
 #include "tscore/ts_file.h"
 #include "P_SSLConfig.h"
 
-bool
-SSLSecret::loadSecret(const std::string &name1, const std::string &name2, std::string &data_item1, std::string &data_item2)
+#include <utility>
+
+// NOTE: The secret_map_mutex should not be held by the caller of this
+// function. The implementation of this function may call a plugin's
+// TS_EVENT_SSL_SECRET handler which in turn may grab a lock for
+// secret_map_mutex via a TSSslSecretSet call. These events will result in a
+// deadlock.
+void
+SSLSecret::loadSecret(const std::string &name1, const std::string &name2, std::string &data1, std::string &data2)
 {
   // Call the load secret hooks
   //
@@ -36,113 +42,93 @@ SSLSecret::loadSecret(const std::string &name1, const std::string &name2, std::s
   secret_name.key_name      = name2.data();
   secret_name.key_name_len  = name2.size();
   while (curHook) {
-    curHook->invoke(TS_EVENT_SSL_SECRET, &secret_name);
+    curHook->blocking_invoke(TS_EVENT_SSL_SECRET, &secret_name);
     curHook = curHook->next();
   }
 
-  const std::string *data1 = this->getSecretItem(name1);
-  const std::string *data2 = this->getSecretItem(name2);
-  if ((nullptr == data1 || data1->length() == 0) || (!name2.empty() && (nullptr == data2 || data2->length() == 0))) {
+  data1 = this->getSecret(name1);
+  data2 = name2.empty() ? std::string{} : this->getSecret(name2);
+  if (data1.empty() || (!name2.empty() && data2.empty())) {
     // If none of them loaded it, assume it is a file
-    return loadFile(name1, data_item1) && (name2.empty() || loadFile(name2, data_item2));
+    data1 = loadFile(name1);
+    setSecret(name1, data1);
+    if (!name2.empty()) {
+      data2 = loadFile(name2);
+      setSecret(name2, data2);
+    }
   }
-  return true;
 }
 
-bool
-SSLSecret::loadFile(const std::string &name, std::string &data_item)
+std::string
+SSLSecret::loadFile(const std::string &name)
 {
-  struct stat statdata;
-  // Load the secret and add it to the map
-  if (stat(name.c_str(), &statdata) < 0) {
-    Debug("ssl_secret", "File: %s received error: %s", name.c_str(), strerror(errno));
-    return false;
-  }
+  Debug("ssl_secret", "SSLSecret::loadFile(%s)", name.c_str());
   std::error_code error;
-  data_item = ts::file::load(ts::file::path(name), error);
+  std::string const data = ts::file::load(ts::file::path(name), error);
   if (error) {
+    Debug("ssl_secret_err", "SSLSecret::loadFile(%s) failed error code=%d message=%s", name.c_str(), error.value(),
+          error.message().c_str());
     // Loading file failed
     Debug("ssl_secret", "Loading file: %s failed ", name.c_str());
-    return false;
+    return std::string{};
   }
+  Debug("ssl_secret", "Secret data: %.50s", data.c_str());
   if (SSLConfigParams::load_ssl_file_cb) {
     SSLConfigParams::load_ssl_file_cb(name.c_str());
   }
-  return true;
+  return data;
 }
 
-bool
-SSLSecret::setSecret(const std::string &name, const char *data, int data_len)
+void
+SSLSecret::setSecret(const std::string &name, std::string_view data)
 {
   std::scoped_lock lock(secret_map_mutex);
-  auto iter = secret_map.find(name);
-  if (iter == secret_map.end()) {
-    secret_map[name] = "";
-    iter             = secret_map.find(name);
-  }
-  if (iter == secret_map.end()) {
-    return false;
-  }
-  iter->second.assign(data, data_len);
+  secret_map[name] = std::string{data};
   // The full secret data can be sensitive. Print only the first 50 bytes.
-  Debug("ssl_secret", "Set secret for %s to %.50s", name.c_str(), iter->second.c_str());
-  return true;
+  Debug("ssl_secret", "Set secret for %s to %.*s", name.c_str(), int(data.size() > 50 ? 50 : data.size()), data.data());
 }
 
-const std::string *
-SSLSecret::getSecretItem(const std::string &name) const
+std::string
+SSLSecret::getSecret(const std::string &name) const
 {
   std::scoped_lock lock(secret_map_mutex);
   auto iter = secret_map.find(name);
-  if (iter == secret_map.end()) {
-    return nullptr;
-  }
-  return &iter->second;
-}
-
-bool
-SSLSecret::getSecret(const std::string &name, std::string_view &data) const
-{
-  const std::string *data_item = this->getSecretItem(name);
-  if (data_item) {
-    // The full secret data can be sensitive. Print only the first 50 bytes.
-    Debug("ssl_secret", "Get secret for %s: %.50s", name.c_str(), data_item->c_str());
-    data = *data_item;
-  } else {
+  if (secret_map.end() == iter) {
     Debug("ssl_secret", "Get secret for %s: not found", name.c_str());
-    data = std::string_view{};
+    return std::string{};
   }
-  return data_item != nullptr;
+  if (iter->second.empty()) {
+    Debug("ssl_secret", "Get secret for %s: empty", name.c_str());
+    return std::string{};
+  }
+  // The full secret data can be sensitive. Print only the first 50 bytes.
+  Debug("ssl_secret", "Get secret for %s: %.50s", name.c_str(), iter->second.c_str());
+  return iter->second;
 }
 
-bool
-SSLSecret::getOrLoadSecret(const std::string &name1, const std::string &name2, std::string_view &data1, std::string_view &data2)
+void
+SSLSecret::getOrLoadSecret(const std::string &name1, const std::string &name2, std::string &data1, std::string &data2)
 {
-  Debug("ssl_secret", "lookup up secrets for %s and %s", name1.c_str(), name2.empty() ? "[empty]" : name2.c_str());
-  std::scoped_lock lock(secret_map_mutex);
-  bool found_secret1 = this->getSecret(name1, data1);
-  bool found_secret2 = name2.empty() || this->getSecret(name2, data2);
-
-  // If we can't find either secret, load them both again
-  if (!found_secret1 || !found_secret2) {
-    // Make sure each name has an entry
-    if (!found_secret1) {
-      secret_map[name1] = "";
-    }
-    if (!found_secret2) {
-      secret_map[name2] = "";
-    }
-    auto iter1 = secret_map.find(name1);
-    auto iter2 = name2.empty() ? iter1 : secret_map.find(name2);
-    if (this->loadSecret(name1, name2, iter1->second, iter2->second)) {
-      data1 = iter1->second;
-      if (!name2.empty()) {
-        data2 = iter2->second;
+  Debug("ssl_secret", "lookup up secrets for %s and %s", name1.c_str(), name2.c_str());
+  {
+    std::scoped_lock lock(secret_map_mutex);
+    std::string *const data1ptr = &(secret_map[name1]);
+    std::string *const data2ptr = [&]() -> std::string *const {
+      if (name2.empty()) {
+        data2.clear();
+        return &data2;
       }
-      return true;
-    }
-  } else {
-    return true;
+      return &(secret_map[name2]);
+    }();
+    data1 = *data1ptr;
+    data2 = *data2ptr;
+  }
+  // If we can't find either secret, load them both again
+  if (data1.empty() || (!name2.empty() && data2.empty())) {
+    std::string data1tmp;
+    std::string data2tmp;
+    this->loadSecret(name1, name2, data1tmp, data2tmp);
+    data1 = std::move(data1tmp);
+    data2 = std::move(data2tmp);
   }
-  return false;
 }
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index f05ca5eb993..2cfa03805f8 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -1053,8 +1053,8 @@ SSLPrivateKeyHandler(SSL_CTX *ctx, const SSLConfigParams *params, const char *ke
     scoped_BIO bio(BIO_new_mem_buf(secret_data, secret_data_len));
     pkey = PEM_read_bio_PrivateKey(bio.get(), nullptr, nullptr, nullptr);
     if (nullptr == pkey) {
-      Debug("ssl_load", "failed to load server private key from %s",
-            (!keyPath || keyPath[0] == '\0') ? "[empty key path]" : keyPath);
+      Debug("ssl_load", "failed to load server private key (%.*s) from %s", secret_data_len < 50 ? secret_data_len : 50,
+            secret_data, (!keyPath || keyPath[0] == '\0') ? "[empty key path]" : keyPath);
       return false;
     }
     if (!SSL_CTX_use_PrivateKey(ctx, pkey)) {
@@ -2285,8 +2285,8 @@ SSLMultiCertConfigLoader::load_certs_and_cross_reference_names(
   }
 
   for (size_t i = 0; i < data.cert_names_list.size(); i++) {
-    std::string_view secret_data;
-    std::string_view secret_key_data;
+    std::string secret_data;
+    std::string secret_key_data;
     params->secrets.getOrLoadSecret(data.cert_names_list[i], data.key_list.size() > i ? data.key_list[i] : "", secret_data,
                                     secret_key_data);
     if (secret_data.empty()) {
@@ -2445,8 +2445,8 @@ SSLMultiCertConfigLoader::load_certs(SSL_CTX *ctx, const std::vector<std::string
 
   for (size_t i = 0; i < cert_names_list.size(); i++) {
     std::string keyPath = (i < key_list.size()) ? key_list[i] : "";
-    std::string_view secret_data;
-    std::string_view secret_key_data;
+    std::string secret_data;
+    std::string secret_key_data;
     params->secrets.getOrLoadSecret(cert_names_list[i], keyPath, secret_data, secret_key_data);
     if (secret_data.empty()) {
       SSLError("failed to load certificate secret for %s with key path %s", cert_names_list[i].c_str(),
@@ -2482,6 +2482,7 @@ SSLMultiCertConfigLoader::load_certs(SSL_CTX *ctx, const std::vector<std::string
     }
 
     if (secret_key_data.empty()) {
+      Note("Empty private key for public key %.*s", int(secret_data.size()), secret_data.data());
       secret_key_data = secret_data;
     }
     if (!SSLPrivateKeyHandler(ctx, params, keyPath.c_str(), secret_key_data.data(), secret_key_data.size())) {
diff --git a/iocore/net/libinknet_stub.cc b/iocore/net/libinknet_stub.cc
index d9771d902a4..80d3df5ff78 100644
--- a/iocore/net/libinknet_stub.cc
+++ b/iocore/net/libinknet_stub.cc
@@ -79,6 +79,13 @@ APIHook::invoke(int, void *) const
   return 0;
 }
 
+int
+APIHook::blocking_invoke(int, void *) const
+{
+  ink_assert(false);
+  return 0;
+}
+
 APIHook *
 APIHook::next() const
 {
diff --git a/proxy/InkAPIInternal.h b/proxy/InkAPIInternal.h
index 5368c0784f1..0500add37dd 100644
--- a/proxy/InkAPIInternal.h
+++ b/proxy/InkAPIInternal.h
@@ -117,6 +117,12 @@ class APIHook
   APIHook *next() const;
   APIHook *prev() const;
   LINK(APIHook, m_link);
+
+  // This is like invoke(), but allows for blocking on continuation mutexes.  It is a hack, calling it can block
+  // the calling thread.  Hooks that require this should be reimplemented, modeled on the hook handling in HttpSM.cc .
+  // That is, try to lock the mutex, and reschedule the contination if the mutex cannot be locked.
+  //
+  int blocking_invoke(int event, void *edata) const;
 };
 
 /// A collection of API hooks.
diff --git a/src/traffic_quic/traffic_quic.cc b/src/traffic_quic/traffic_quic.cc
index d4dcecb196c..65feed53533 100644
--- a/src/traffic_quic/traffic_quic.cc
+++ b/src/traffic_quic/traffic_quic.cc
@@ -200,6 +200,13 @@ APIHook::invoke(int, void *) const
   return 0;
 }
 
+int
+APIHook::blocking_invoke(int, void *) const
+{
+  ink_assert(false);
+  return 0;
+}
+
 APIHook *
 APIHooks::head() const
 {
diff --git a/src/traffic_server/InkAPI.cc b/src/traffic_server/InkAPI.cc
index e69b16e53c5..0166e8f7876 100644
--- a/src/traffic_server/InkAPI.cc
+++ b/src/traffic_server/InkAPI.cc
@@ -21,9 +21,9 @@
   limitations under the License.
  */
 
-#include <cstdio>
 #include <atomic>
 #include <string_view>
+#include <string>
 
 #include "tscore/ink_platform.h"
 #include "tscore/ink_base64.h"
@@ -1361,7 +1361,7 @@ APIHook::prev() const
 int
 APIHook::invoke(int event, void *edata) const
 {
-  if ((event == EVENT_IMMEDIATE) || (event == EVENT_INTERVAL) || event == TS_EVENT_HTTP_TXN_CLOSE) {
+  if (event == EVENT_IMMEDIATE || event == EVENT_INTERVAL || event == TS_EVENT_HTTP_TXN_CLOSE) {
     if (ink_atomic_increment((int *)&m_cont->m_event_count, 1) < 0) {
       ink_assert(!"not reached");
     }
@@ -1374,6 +1374,20 @@ APIHook::invoke(int event, void *edata) const
   return m_cont->handleEvent(event, edata);
 }
 
+int
+APIHook::blocking_invoke(int event, void *edata) const
+{
+  if (event == EVENT_IMMEDIATE || event == EVENT_INTERVAL || event == TS_EVENT_HTTP_TXN_CLOSE) {
+    if (ink_atomic_increment((int *)&m_cont->m_event_count, 1) < 0) {
+      ink_assert(!"not reached");
+    }
+  }
+
+  WEAK_SCOPED_MUTEX_LOCK(lock, m_cont->mutex, this_ethread());
+
+  return m_cont->handleEvent(event, edata);
+}
+
 APIHook *
 APIHooks::head() const
 {
@@ -9666,23 +9680,20 @@ TSSslContextFindByAddr(struct sockaddr const *addr)
 tsapi TSReturnCode
 TSSslSecretSet(const char *secret_name, int secret_name_length, const char *secret_data, int secret_data_len)
 {
-  TSReturnCode retval          = TS_SUCCESS;
+  TSReturnCode retval = TS_SUCCESS;
+  std::string const secret_name_str{secret_name, unsigned(secret_name_length)};
   SSLConfigParams *load_params = SSLConfig::load_acquire();
   SSLConfigParams *params      = SSLConfig::acquire();
   if (load_params != nullptr) { // Update the current data structure
     Debug("ssl.cert_update", "Setting secrets in SSLConfig load for: %.*s", secret_name_length, secret_name);
-    if (!load_params->secrets.setSecret(std::string(secret_name, secret_name_length), secret_data, secret_data_len)) {
-      retval = TS_ERROR;
-    }
-    load_params->updateCTX(std::string(secret_name, secret_name_length));
+    load_params->secrets.setSecret(secret_name_str, std::string_view(secret_data, secret_data_len));
+    load_params->updateCTX(secret_name_str);
     SSLConfig::load_release(load_params);
   }
   if (params != nullptr) {
     Debug("ssl.cert_update", "Setting secrets in SSLConfig for: %.*s", secret_name_length, secret_name);
-    if (!params->secrets.setSecret(std::string(secret_name, secret_name_length), secret_data, secret_data_len)) {
-      retval = TS_ERROR;
-    }
-    params->updateCTX(std::string(secret_name, secret_name_length));
+    params->secrets.setSecret(secret_name_str, std::string_view(secret_data, secret_data_len));
+    params->updateCTX(secret_name_str);
     SSLConfig::release(params);
   }
   return retval;
@@ -9700,32 +9711,34 @@ TSSslSecretUpdate(const char *secret_name, int secret_name_length)
   return retval;
 }
 
-tsapi TSReturnCode
-TSSslSecretGet(const char *secret_name, int secret_name_length, const char **secret_data_return, int *secret_data_len)
+tsapi char *
+TSSslSecretGet(const char *secret_name, int secret_name_length, int *secret_data_length)
 {
+  sdk_assert(secret_name != nullptr);
+  sdk_assert(secret_data_length != nullptr);
+
   bool loading            = true;
-  TSReturnCode retval     = TS_SUCCESS;
   SSLConfigParams *params = SSLConfig::load_acquire();
   if (params == nullptr) {
     params  = SSLConfig::acquire();
     loading = false;
   }
-  std::string_view secret_data;
-  if (!params->secrets.getSecret(std::string(secret_name, secret_name_length), secret_data)) {
-    retval = TS_ERROR;
-  }
-  if (secret_data_return) {
-    *secret_data_return = secret_data.data();
-  }
-  if (secret_data_len) {
-    *secret_data_len = secret_data.size();
+  std::string const secret_data = params->secrets.getSecret(std::string(secret_name, secret_name_length));
+  char *data{nullptr};
+  if (secret_data.empty()) {
+    *secret_data_length = 0;
+
+  } else {
+    data = static_cast<char *>(ats_malloc(secret_data.size()));
+    memcpy(data, secret_data.data(), secret_data.size());
+    *secret_data_length = secret_data.size();
   }
   if (loading) {
     SSLConfig::load_release(params);
   } else {
     SSLConfig::release(params);
   }
-  return retval;
+  return data;
 }
 
 /**

From 06020a1cf1a769785d70a1dff313f72b03cc4e84 Mon Sep 17 00:00:00 2001
From: Bryan Call <bcall@apache.org>
Date: Wed, 1 Feb 2023 11:03:40 -0800
Subject: [PATCH 04/14] Enable merging for 10-Dev merge (#9353)

---
 .asf.yaml | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/.asf.yaml b/.asf.yaml
index 9018f895a9c..478551c4189 100644
--- a/.asf.yaml
+++ b/.asf.yaml
@@ -11,6 +11,11 @@ github:
     - cdn
     - cache
     - apache
+    - http/2
+    - http/3
+    - quic
+    - forwardproxy
+    - reverseproxy
     - hacktoberfest
   features:
     # Enable wiki for documentation
@@ -24,14 +29,11 @@ github:
     squash: true
     # Disable rebase button:
     rebase: false
-    # Disable merge button:
-    merge: false
+    # Enable merge button:
+    merge: true
   collaborators:
     - mtorluemke
     - c-taylor
-    - moonchen
-    - cmcfarlen
-    - serrislew
     - etapia
   protected_branches:
     master:

From aad64ce5a11fb0441fe8f02467635fdb970e83e9 Mon Sep 17 00:00:00 2001
From: Leif Hedstrom <zwoop@apache.org>
Date: Wed, 1 Feb 2023 14:05:15 -0700
Subject: [PATCH 05/14] Clang-format 15.0.7 is finicky, and does not like these
 old school array inits (#9356)

---
 .../experimental/slice/unit-tests/test_config.cc  | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

diff --git a/plugins/experimental/slice/unit-tests/test_config.cc b/plugins/experimental/slice/unit-tests/test_config.cc
index 8f015bec45e..a085fb73700 100644
--- a/plugins/experimental/slice/unit-tests/test_config.cc
+++ b/plugins/experimental/slice/unit-tests/test_config.cc
@@ -37,14 +37,9 @@ TEST_CASE("config default", "[AWS][slice][utility]")
 
 TEST_CASE("config bytesfrom valid parsing", "[AWS][slice][utility]")
 {
-  static std::array<std::string, 6> const teststrings = {{
-    "1000",
-    "1m",
-    "5g",
-    "2k",
-    "3kb",
-    "1z",
-  }};
+  static std::array<std::string, 6> const teststrings = {
+    "1000", "1m", "5g", "2k", "3kb", "1z",
+  };
 
   constexpr std::array<int64_t, 6> const expvals = {{
     1000,
@@ -69,13 +64,13 @@ TEST_CASE("config bytesfrom valid parsing", "[AWS][slice][utility]")
 
 TEST_CASE("config bytesfrom invalid parsing", "[AWS][slice][utility]")
 {
-  static std::array<std::string, 5> const badstrings = {{
+  static std::array<std::string, 5> const badstrings = {
     "abc",  // alpha
     "g00",  // giga
     "M00",  // mega
     "k00",  // kilo
     "-500", // negative
-  }};
+  };
 
   for (std::string const &badstr : badstrings) {
     int64_t const val = Config::bytesFrom(badstr.c_str());

From fee02d6dae0a74b2844225f17938e138e0c0695d Mon Sep 17 00:00:00 2001
From: Bryan Call <bcall@apache.org>
Date: Wed, 1 Feb 2023 14:05:34 -0800
Subject: [PATCH 06/14] Disable merging on GitHub (#9354)

---
 .asf.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.asf.yaml b/.asf.yaml
index 478551c4189..31ee0d40aa4 100644
--- a/.asf.yaml
+++ b/.asf.yaml
@@ -29,8 +29,8 @@ github:
     squash: true
     # Disable rebase button:
     rebase: false
-    # Enable merge button:
-    merge: true
+    # Disable merge button:
+    merge: false
   collaborators:
     - mtorluemke
     - c-taylor

From 43dddfc37b6b958f4342da68a3f8d4a5f1a62001 Mon Sep 17 00:00:00 2001
From: Leif Hedstrom <zwoop@apache.org>
Date: Wed, 1 Feb 2023 17:01:34 -0700
Subject: [PATCH 07/14] Upgrades master branch to use clang-format v15.0.7
 (#9355)

---
 .clang-format                                 | 170 ++++--
 example/plugins/c-api/basic_auth/basic_auth.c |   6 +-
 .../c-api/bnull_transform/bnull_transform.c   |   2 +-
 .../plugins/c-api/cache_scan/cache_scan.cc    |  28 +-
 example/plugins/c-api/intercept/intercept.cc  |  11 +-
 example/plugins/c-api/passthru/passthru.cc    |   4 +-
 example/plugins/c-api/protocol/Protocol.h     |   2 +-
 example/plugins/c-api/protocol/TxnSM.c        |   2 +-
 example/plugins/c-api/protocol/TxnSM.h        |   4 +-
 .../remap_header_add/remap_header_add.cc      |   2 +-
 .../c-api/request_buffer/request_buffer.c     |   2 +-
 .../c-api/server_transform/server_transform.c |  10 +-
 .../c-api/ssl_preaccept/ssl_preaccept.cc      |   2 +-
 example/plugins/c-api/ssl_sni/ssl_sni.cc      |   2 +-
 .../ssl_sni_allowlist/ssl_sni_allowlist.cc    |   2 +-
 example/plugins/c-api/thread_pool/psi.c       |   8 +-
 example/plugins/c-api/thread_pool/thread.h    |   2 +-
 .../plugins/c-api/verify_cert/verify_cert.cc  |   2 +-
 example/plugins/cpp-api/websocket/WSBuffer.cc |  10 +-
 example/plugins/cpp-api/websocket/WSBuffer.h  |  14 +-
 include/records/I_RecProcess.h                |  12 +-
 include/records/P_RecDefs.h                   |  12 +-
 include/records/P_RecUtils.h                  |   2 +-
 include/shared/rpc/RPCRequests.h              |   2 +-
 include/ts/apidefs.h.in                       |  12 +-
 include/ts/experimental.h                     |  40 +-
 include/ts/remap.h                            |   4 +-
 include/ts/sdt.h                              |   4 +-
 include/ts/ts.h                               |  10 +-
 include/tscore/AcidPtr.h                      |   6 +-
 include/tscore/Allocator.h                    |   2 +-
 include/tscore/Arena.h                        |   4 +-
 include/tscore/BaseLogFile.h                  |   6 +-
 include/tscore/BufferWriter.h                 |  26 +-
 include/tscore/Diags.h                        |  54 +-
 include/tscore/Errata.h                       |  12 +-
 include/tscore/Extendible.h                   |  41 +-
 include/tscore/HTTPVersion.h                  |   2 +-
 include/tscore/History.h                      |   4 +-
 include/tscore/InkErrno.h                     |  34 +-
 include/tscore/IntrusiveHashMap.h             |  11 +-
 include/tscore/IpMap.h                        |   2 +-
 include/tscore/List.h                         |  24 +-
 include/tscore/MT_hashtable.h                 |   6 +-
 include/tscore/MemArena.h                     |   6 +-
 include/tscore/ParseRules.h                   |  62 +--
 include/tscore/PluginUserArgs.h               |  14 +-
 include/tscore/Regression.h                   |  12 +-
 include/tscore/Tokenizer.h                    |   6 +-
 include/tscore/TsBuffer.h                     |   4 +-
 include/tscore/bwf_std_format.h               |   8 +-
 include/tscore/ink_aiocb.h                    |   2 +-
 include/tscore/ink_config.h.in                |   2 +-
 include/tscore/ink_defs.h                     |   4 +-
 include/tscore/ink_hrtime.h                   |  28 +-
 include/tscore/ink_inet.h                     |   7 +-
 include/tscore/ink_lockfile.h                 |   4 +-
 include/tscore/ink_memory.h                   |   6 +-
 include/tscore/ink_queue.h                    |   8 +-
 include/tscore/ink_resolver.h                 | 102 ++--
 include/tscore/ink_resource.h                 |   4 +-
 include/tscore/ink_string++.h                 |   6 +-
 include/tscore/ink_string.h                   |  22 +-
 include/tscore/ink_thread.h                   |   2 +-
 include/tscpp/api/Continuation.h              |   2 +-
 include/tscpp/api/Logger.h                    |   4 +-
 include/tscpp/api/noncopyable.h               |   2 +-
 include/tscpp/util/Histogram.h                |   2 +-
 include/tscpp/util/PostScript.h               |   2 +-
 include/tscpp/util/TextView.h                 |   9 +-
 include/tscpp/util/TsSharedMutex.h            |   4 +-
 include/tscpp/util/ts_errata.h                |   3 +-
 iocore/aio/AIO.cc                             |   2 +-
 iocore/aio/I_AIO.h                            |   8 +-
 iocore/aio/test_AIO.cc                        |  18 +-
 iocore/cache/Cache.cc                         |  68 +--
 iocore/cache/CacheDir.cc                      |  16 +-
 iocore/cache/CacheDisk.cc                     |  14 +-
 iocore/cache/CacheHosting.cc                  |  18 +-
 iocore/cache/CacheHttp.cc                     |  14 +-
 iocore/cache/CachePages.cc                    |  18 +-
 iocore/cache/CachePagesInternal.cc            |   2 +-
 iocore/cache/CacheRead.cc                     |   9 +-
 iocore/cache/CacheTest.cc                     |   8 +-
 iocore/cache/CacheVol.cc                      |  10 +-
 iocore/cache/CacheWrite.cc                    |  34 +-
 iocore/cache/I_Cache.h                        |  12 +-
 iocore/cache/I_CacheDefs.h                    |  32 +-
 iocore/cache/I_Store.h                        |   4 +-
 iocore/cache/P_CacheDir.h                     |  82 +--
 iocore/cache/P_CacheDisk.h                    |  16 +-
 iocore/cache/P_CacheHosting.h                 |   6 +-
 iocore/cache/P_CacheInternal.h                |  44 +-
 iocore/cache/P_CacheTest.h                    |  38 +-
 iocore/cache/P_CacheVol.h                     |  66 +--
 iocore/cache/RamCacheCLFUS.cc                 |  37 +-
 iocore/cache/Store.cc                         |   4 +-
 iocore/cache/test/CacheTestHandler.h          |   4 +-
 iocore/cache/test/main.cc                     |   8 +-
 iocore/dns/DNS.cc                             |  52 +-
 iocore/dns/DNSConnection.cc                   |   2 +-
 iocore/dns/P_DNSProcessor.h                   |  32 +-
 iocore/dns/SplitDNS.cc                        |   2 +-
 iocore/eventsystem/IOBuffer.cc                |  40 +-
 iocore/eventsystem/I_Action.h                 |   2 +-
 iocore/eventsystem/I_Continuation.h           |   3 +-
 iocore/eventsystem/I_EThread.h                |   2 +-
 iocore/eventsystem/I_Event.h                  |  94 ++--
 iocore/eventsystem/I_EventProcessor.h         |   2 +-
 iocore/eventsystem/I_IOBuffer.h               |  68 +--
 iocore/eventsystem/I_Lock.h                   |   6 +-
 iocore/eventsystem/I_MIOBufferWriter.h        |  12 +-
 iocore/eventsystem/I_PriorityEventQueue.h     |   2 +-
 iocore/eventsystem/I_Processor.h              |   8 +-
 iocore/eventsystem/I_ProxyAllocator.h         |   6 +-
 iocore/eventsystem/I_Thread.h                 |   2 +-
 iocore/eventsystem/I_VConnection.h            |   9 +-
 iocore/eventsystem/MIOBufferWriter.cc         |   2 +-
 iocore/eventsystem/PQ-List.cc                 |   2 +-
 iocore/eventsystem/P_IOBuffer.h               |  14 +-
 iocore/eventsystem/UnixEThread.cc             |  12 +-
 .../unit_tests/test_EventSystem.cc            |   2 +-
 .../unit_tests/test_MIOBufferWriter.cc        |   2 +-
 iocore/hostdb/HostDB.cc                       |   6 +-
 iocore/hostdb/I_HostDBProcessor.h             |  17 +-
 iocore/hostdb/P_HostDBProcessor.h             |  12 +-
 iocore/hostdb/test_HostFile.cc                |   2 +-
 iocore/hostdb/test_RefCountCache.cc           |  10 +-
 iocore/net/BIO_fastopen.cc                    |  26 +-
 iocore/net/Connection.cc                      |   2 +-
 iocore/net/I_Net.h                            |  28 +-
 iocore/net/I_NetProcessor.h                   |   2 +-
 iocore/net/I_NetVConnection.h                 |   2 +-
 iocore/net/I_Socks.h                          |  20 +-
 iocore/net/Net.cc                             |  40 +-
 iocore/net/NetEvent.h                         |   2 +-
 iocore/net/NetVCTest.cc                       |  45 +-
 iocore/net/P_Connection.h                     |  26 +-
 iocore/net/P_Net.h                            |   8 +-
 iocore/net/P_QUICNextProtocolAccept_native.h  |   2 +-
 iocore/net/P_QUICNextProtocolAccept_quiche.h  |   2 +-
 iocore/net/P_SNIActionPerformer.h             |   2 +-
 iocore/net/P_SSLNetProcessor.h                |   2 +-
 iocore/net/P_SSLNetVConnection.h              |   6 +-
 iocore/net/P_SSLNextProtocolAccept.h          |   2 +-
 iocore/net/P_SSLNextProtocolSet.h             |   2 +-
 iocore/net/P_TLSKeyLogger.h                   |   2 +-
 iocore/net/P_UDPNet.h                         |   4 +-
 iocore/net/P_UDPPacket.h                      |   2 +-
 iocore/net/P_UnixNet.h                        |  32 +-
 iocore/net/P_UnixNetVConnection.h             |   2 +-
 iocore/net/P_UnixPollDescriptor.h             |  16 +-
 iocore/net/QUICMultiCertConfigLoader.cc       |   2 +-
 iocore/net/QUICNetVConnection.cc              |   8 +-
 iocore/net/QUICNetVConnection_quiche.cc       |   2 +-
 iocore/net/QUICPacketHandler.cc               |   2 +-
 iocore/net/QUICPacketHandler_quiche.cc        |   6 +-
 iocore/net/SSLConfig.cc                       |  10 +-
 iocore/net/SSLDiags.h                         |   4 +-
 iocore/net/SSLNetVConnection.cc               |  34 +-
 iocore/net/SSLSessionCache.cc                 |   4 +-
 iocore/net/SSLSessionCache.h                  |   6 +-
 iocore/net/SSLStats.cc                        |   4 +-
 iocore/net/SSLStats.h                         |   6 +-
 iocore/net/SSLUtils.cc                        |  12 +-
 iocore/net/Socks.cc                           |   2 +-
 iocore/net/UnixConnection.cc                  |   2 +-
 iocore/net/UnixNetVConnection.cc              |   8 +-
 iocore/net/UnixUDPNet.cc                      |   8 +-
 iocore/net/YamlSNIConfig.cc                   |  16 +-
 iocore/net/quic/Mock.h                        |  14 +-
 iocore/net/quic/QUICAckFrameCreator.cc        |   2 +-
 iocore/net/quic/QUICCryptoStream.cc           |   2 +-
 iocore/net/quic/QUICFrame.cc                  |  58 +--
 iocore/net/quic/QUICFrameDispatcher.cc        |   2 +-
 iocore/net/quic/QUICHKDF.cc                   |   4 +-
 .../quic/QUICNewRenoCongestionController.cc   |   6 +-
 iocore/net/quic/QUICPacket.cc                 |  60 +--
 iocore/net/quic/QUICPacket.h                  |   2 +-
 .../QUICPacketPayloadProtector_boringssl.cc   |   2 +-
 .../QUICPacketPayloadProtector_openssl.cc     |   2 +-
 iocore/net/quic/QUICPacketReceiveQueue.cc     |   2 +-
 iocore/net/quic/QUICRetryIntegrityTag.h       |   4 +-
 iocore/net/quic/QUICStats.h                   |   6 +-
 iocore/net/quic/QUICStreamManager_native.cc   |   4 +-
 iocore/net/quic/QUICStreamVCAdapter.cc        |   2 +-
 iocore/net/quic/QUICTransportParameters.cc    |   6 +-
 iocore/net/quic/QUICTypes.cc                  |  22 +-
 iocore/net/quic/qlog/QLogEvent.h              |  15 +-
 iocore/utils/I_OneWayTunnel.h                 |   2 +-
 mgmt/DerivativeMetrics.cc                     |  78 ++-
 mgmt/DerivativeMetrics.h                      |   2 +-
 mgmt/WebMgmtUtils.cc                          |   2 +-
 mgmt/YamlCfg.cc                               |   2 +-
 mgmt/YamlCfg.h                                |   2 +-
 mgmt/api/CoreAPIShared.h                      |   8 +-
 mgmt/api/INKMgmtAPI.cc                        |   6 +-
 mgmt/api/include/mgmtapi.h                    |  12 +-
 mgmt/config/FileManager.h                     |   4 +-
 mgmt/rpc/handlers/common/ErrorUtils.h         |   2 +-
 mgmt/rpc/jsonrpc/JsonRPCManager.h             |   8 +-
 .../jsonrpc/unit_tests/test_basic_protocol.cc |   2 +-
 mgmt/rpc/server/unit_tests/test_rpcserver.cc  |  12 +-
 mgmt/utils/ExpandingArray.cc                  |   2 +-
 mgmt/utils/MgmtUtils.cc                       |  10 +-
 plugins/authproxy/authproxy.cc                |  67 +--
 plugins/authproxy/utils.h                     |   4 +-
 plugins/background_fetch/background_fetch.cc  |   7 +-
 plugins/background_fetch/configs.cc           |  10 +-
 plugins/cache_promote/chance_policy.h         |   7 +-
 plugins/cache_promote/configs.cc              |  24 +-
 plugins/cache_promote/lru_policy.cc           |  12 +-
 plugins/cache_promote/policy_manager.h        |   2 +-
 .../cache_range_requests.cc                   |  16 +-
 plugins/cachekey/cachekey.h                   |   2 +-
 plugins/cachekey/configs.cc                   |  46 +-
 plugins/cachekey/pattern.h                    |   6 +-
 plugins/certifier/certifier.cc                |  12 +-
 plugins/esi/combo_handler.cc                  |   8 +-
 plugins/esi/esi.cc                            |  32 +-
 plugins/esi/fetcher/HttpDataFetcherImpl.cc    |   2 +-
 plugins/esi/lib/DocNode.cc                    |   8 +-
 plugins/esi/lib/EsiGzip.cc                    |   6 +-
 plugins/esi/lib/EsiParser.cc                  |   4 +-
 plugins/esi/lib/Expression.cc                 |   2 +-
 plugins/esi/lib/Utils.h                       |   2 +-
 plugins/esi/lib/Variables.h                   |   2 +-
 plugins/esi/lib/gzip.cc                       |  10 +-
 plugins/esi/serverIntercept.cc                |   2 +-
 plugins/esi/test/gzip_test.cc                 |   4 +-
 .../access_control/access_control.cc          |   2 +-
 .../access_control/access_control.h           |   2 +-
 plugins/experimental/access_control/config.cc |  36 +-
 plugins/experimental/access_control/pattern.h |   6 +-
 .../unit_tests/test_access_control.cc         |   4 +-
 plugins/experimental/access_control/utils.cc  |   4 +-
 plugins/experimental/acme/acme.c              |   6 +-
 .../cache_fill/background_fetch.h             |   4 +-
 .../experimental/cookie_remap/cookie_remap.cc |   6 +-
 plugins/experimental/cookie_remap/cookiejar.h |   2 +-
 plugins/experimental/cookie_remap/strip.cc    |   2 +-
 plugins/experimental/cookie_remap/strip.h     |  18 +-
 .../experimental/fastcgi/src/ats_fastcgi.h    |   4 +-
 .../fastcgi/src/ats_fcgi_client.cc            |  18 +-
 .../fastcgi/src/ats_fcgi_client.h             |   4 +-
 .../experimental/fastcgi/src/fcgi_config.h    |   4 +-
 .../experimental/fastcgi/src/fcgi_protocol.h  |  36 +-
 plugins/experimental/fastcgi/src/server.h     |   4 +-
 .../fastcgi/src/server_intercept.cc           |   2 +-
 plugins/experimental/fq_pacing/fq_pacing.c    |   5 +-
 plugins/experimental/http_stats/http_stats.cc |  12 +-
 plugins/experimental/icap/icap_plugin.cc      |  10 +-
 plugins/experimental/inliner/cache-handler.h  |  16 +-
 plugins/experimental/inliner/cache.h          |   6 +-
 plugins/experimental/inliner/chunk-decoder.cc |   4 +-
 plugins/experimental/inliner/html-parser.cc   |   8 +-
 .../experimental/inliner/inliner-handler.h    |   2 +-
 plugins/experimental/inliner/ts.cc            |   4 +-
 plugins/experimental/inliner/ts.h             |  18 +-
 .../ja3_fingerprint/ja3_fingerprint.cc        |  22 +-
 plugins/experimental/maxmind_acl/mmdb.h       |   2 +-
 plugins/experimental/memcache/tsmemcache.cc   |   8 +-
 plugins/experimental/memcache/tsmemcache.h    |  48 +-
 .../experimental/money_trace/money_trace.cc   |  10 +-
 plugins/experimental/mp4/mp4.cc               |   2 +-
 plugins/experimental/mp4/mp4_meta.cc          | 119 +++--
 plugins/experimental/mp4/mp4_meta.h           |   2 +-
 .../experimental/otel_tracer/otel_tracer.cc   |   6 +-
 .../experimental/otel_tracer/tracer_common.h  |   7 +-
 plugins/experimental/parent_select/strategy.h |   4 +-
 .../experimental/rate_limit/ip_reputation.cc  |   4 +-
 plugins/experimental/rate_limit/iprep_simu.cc |  13 +-
 .../experimental/rate_limit/sni_limiter.cc    |  28 +-
 .../experimental/rate_limit/txn_limiter.cc    |  20 +-
 .../redo_cache_lookup/redo_cache_lookup.cc    |   4 +-
 .../experimental/remap_stats/remap_stats.cc   |   6 +-
 plugins/experimental/slice/Config.cc          |  26 +-
 plugins/experimental/slice/Data.h             |   2 +-
 plugins/experimental/slice/HttpHeader.cc      |   2 +-
 plugins/experimental/slice/HttpHeader.h       |   4 +-
 plugins/experimental/slice/Stage.h            |   2 +-
 plugins/experimental/slice/client.cc          |   2 +-
 plugins/experimental/slice/slice.h            |   2 +-
 plugins/experimental/slice/slice_test.cc      |  21 +-
 plugins/experimental/slice/transfer.cc        |   6 +-
 .../slice/unit-tests/slice_test.cc            |  21 +-
 .../slice/unit-tests/test_config.cc           |  44 +-
 .../slice/unit-tests/test_range.cc            |  22 +-
 .../ssl_session_reuse/src/session_process.cc  |   2 +-
 .../ssl_session_reuse/src/ssl_key_utils.cc    |   2 +-
 .../experimental/ssl_session_reuse/src/stek.h |   4 +-
 plugins/experimental/sslheaders/expand.cc     |   2 +-
 plugins/experimental/sslheaders/sslheaders.cc |   2 +-
 plugins/experimental/sslheaders/sslheaders.h  |   6 +-
 .../sslheaders/unit_tests/test_sslheaders.cc  |   2 +-
 plugins/experimental/sslheaders/util.cc       |  20 +-
 plugins/experimental/statichit/statichit.cc   |  16 +-
 plugins/experimental/stek_share/log_store.cc  |   2 +-
 plugins/experimental/stek_share/stek_share.cc |   8 +-
 plugins/experimental/stek_share/stek_utils.h  |   4 +-
 .../stream_editor/stream_editor.cc            |  18 +-
 .../experimental/system_stats/system_stats.c  |   8 +-
 .../experimental/traffic_dump/session_data.cc |  38 +-
 .../experimental/traffic_dump/traffic_dump.cc |  22 +-
 .../traffic_dump/transaction_data.cc          |  18 +-
 plugins/experimental/uri_signing/common.h     |   6 +-
 plugins/experimental/uri_signing/config.c     |   2 +-
 .../unit_tests/uri_signing_test.cc            | 145 ++++--
 plugins/experimental/url_sig/url_sig.c        |  10 +-
 plugins/experimental/url_sig/url_sig.h        |  20 +-
 .../wasm/examples/cpp/myproject.cc            |   3 +-
 plugins/header_rewrite/condition.h            |   2 +-
 plugins/header_rewrite/conditions.h           |  40 +-
 plugins/header_rewrite/header_rewrite.cc      |   5 +-
 plugins/header_rewrite/matcher.h              |   2 +-
 plugins/header_rewrite/operator.h             |   6 +-
 plugins/header_rewrite/operators.h            |  42 +-
 plugins/header_rewrite/parser.h               |   4 +-
 plugins/header_rewrite/resources.h            |   2 +-
 plugins/header_rewrite/ruleset.cc             |   2 +-
 plugins/header_rewrite/ruleset.h              |   2 +-
 plugins/header_rewrite/statement.h            |   2 +-
 plugins/header_rewrite/value.h                |   2 +-
 plugins/healthchecks/healthchecks.c           |  14 +-
 plugins/lua/ts_lua.c                          |  24 +-
 plugins/lua/ts_lua_common.h                   |  72 +--
 plugins/lua/ts_lua_crypto.c                   |   4 +-
 plugins/lua/ts_lua_fetch.c                    |   6 +-
 plugins/lua/ts_lua_fetch.h                    |   2 +-
 plugins/lua/ts_lua_io.c                       |   2 +-
 plugins/lua/ts_lua_package.c                  |   2 +-
 plugins/lua/ts_lua_transform.c                |   2 +-
 plugins/multiplexer/chunk-decoder.cc          |   4 +-
 plugins/multiplexer/dispatch.cc               |   4 +-
 plugins/prefetch/configs.cc                   |  30 +-
 plugins/prefetch/fetch.h                      |  24 +-
 plugins/regex_remap/regex_remap.cc            |  10 +-
 plugins/regex_revalidate/regex_revalidate.c   |  20 +-
 plugins/remap_purge/remap_purge.c             |   9 +-
 plugins/s3_auth/s3_auth.cc                    |  20 +-
 .../s3_auth/unit_tests/test_aws_auth_v4.cc    |   2 +-
 .../server_push_preload.cc                    |   2 +-
 plugins/stats_over_http/stats_over_http.cc    |  18 +-
 plugins/tcpinfo/tcpinfo.cc                    |  42 +-
 plugins/xdebug/xdebug.cc                      |  78 +--
 plugins/xdebug/xdebug_transforms.cc           |   4 +-
 proxy/CacheControl.h                          |   2 +-
 proxy/ControlMatcher.h                        |  10 +-
 proxy/HostStatus.h                            |   2 +-
 proxy/IPAllow.h                               |   2 +-
 proxy/ParentSelection.cc                      |   8 +-
 proxy/ParentSelection.h                       |   2 +-
 proxy/PluginVC.cc                             |   4 +-
 proxy/ProtocolProbeSessionAccept.h            |   2 +-
 proxy/ProxySession.h                          |   2 +-
 proxy/ReverseProxy.cc                         |  10 +-
 proxy/Transform.cc                            |   4 +-
 proxy/hdrs/HTTP.cc                            |  50 +-
 proxy/hdrs/HTTP.h                             |   2 +-
 proxy/hdrs/HdrHeap.cc                         |  30 +-
 proxy/hdrs/HdrHeap.h                          |   6 +-
 proxy/hdrs/HdrToken.cc                        | 258 ++++-----
 proxy/hdrs/HdrToken.h                         | 172 +++---
 proxy/hdrs/HuffmanCodec.cc                    | 305 +++++++++--
 proxy/hdrs/MIME.cc                            |  94 ++--
 proxy/hdrs/MIME.h                             |  36 +-
 proxy/hdrs/URL.cc                             |  30 +-
 proxy/hdrs/URL.h                              |   4 +-
 proxy/hdrs/VersionConverter.h                 |  23 +-
 proxy/hdrs/XPACK.cc                           |   4 +-
 proxy/hdrs/load_http_hdr.cc                   |   4 +-
 proxy/hdrs/test_Huffmancode.cc                |  21 +-
 proxy/hdrs/unit_tests/test_Hdrs.cc            | 493 +++++++++---------
 proxy/hdrs/unit_tests/test_URL.cc             | 147 +++---
 proxy/hdrs/unit_tests/test_XPACK.cc           |  29 +-
 proxy/hdrs/unit_tests/test_mime.cc            |  24 +-
 proxy/http/Http1ServerSession.h               |   2 +-
 proxy/http/HttpBodyFactory.h                  |   4 +-
 proxy/http/HttpConfig.cc                      |  34 +-
 proxy/http/HttpConfig.h                       |  20 +-
 proxy/http/HttpConnectionCount.cc             |   3 +-
 proxy/http/HttpConnectionCount.h              |   2 +-
 proxy/http/HttpPages.cc                       |   8 +-
 proxy/http/HttpSM.cc                          |  37 +-
 proxy/http/HttpSM.h                           |   2 +-
 proxy/http/HttpSessionAccept.h                |   2 +-
 proxy/http/HttpTransact.cc                    |  12 +-
 proxy/http/HttpTransact.h                     |  10 +-
 proxy/http/HttpTransactCache.cc               |  16 +-
 proxy/http/HttpTransactHeaders.cc             |   6 +-
 proxy/http/HttpTunnel.cc                      |   4 +-
 proxy/http/HttpTunnel.h                       |  10 +-
 proxy/http/PreWarmConfig.h                    |   2 +-
 proxy/http/PreWarmManager.cc                  |   2 +-
 proxy/http/RegressionHttpTransact.cc          |  48 +-
 proxy/http/remap/AclFiltering.h               |   8 +-
 proxy/http/remap/NextHopSelectionStrategy.h   |   8 +-
 proxy/http/remap/RemapConfig.cc               |  34 +-
 proxy/http/remap/RemapConfig.h                |  26 +-
 proxy/http/remap/RemapPlugins.cc              |   5 +-
 proxy/http/remap/RemapProcessor.h             |   4 +-
 proxy/http/remap/UrlMapping.h                 |   2 +-
 proxy/http/remap/UrlRewrite.cc                |  15 +-
 proxy/http/remap/UrlRewrite.h                 |   4 +-
 .../remap/unit-tests/nexthop_test_stubs.h     |   8 +-
 .../remap/unit-tests/plugin_testing_common.cc |   2 +-
 .../http/remap/unit-tests/test_RemapPlugin.cc |   5 +-
 proxy/http/unit_tests/test_ForwardedConfig.cc |   4 +-
 .../unit_tests/test_error_page_selection.cc   |  80 +--
 proxy/http2/HPACK.cc                          | 134 ++---
 proxy/http2/HPACK.h                           |   4 +-
 proxy/http2/HTTP2.cc                          |   8 +-
 proxy/http2/HTTP2.h                           |   2 +-
 proxy/http2/Http2ClientSession.h              |   2 +-
 proxy/http2/Http2CommonSession.cc             |   4 +-
 proxy/http2/Http2CommonSession.h              |  10 +-
 proxy/http2/Http2ConnectionState.cc           |   8 +-
 proxy/http2/Http2ConnectionState.h            |   2 +-
 proxy/http2/Http2DependencyTree.h             |   2 +-
 proxy/http2/Http2Frame.cc                     |   2 +-
 proxy/http2/Http2FrequencyCounter.cc          |   2 +-
 proxy/http2/Http2SessionAccept.h              |   2 +-
 proxy/http2/Http2Stream.cc                    |   2 +-
 proxy/http2/Http2Stream.h                     |   7 +-
 proxy/http2/test_HPACK.cc                     |  13 +-
 .../unit_tests/test_HpackIndexingTable.cc     | 177 +++----
 proxy/http2/unit_tests/test_Http2Frame.cc     | 182 +++----
 .../unit_tests/test_Http2FrequencyCounter.cc  |  14 +-
 proxy/http3/Http3DataFramer.cc                |   2 +-
 proxy/http3/Http3Frame.cc                     |   4 +-
 proxy/http3/Http3FrameCollector.cc            |   4 +-
 proxy/http3/Http3HeaderVIOAdaptor.cc          |   2 +-
 proxy/http3/Http3Session.cc                   |   2 +-
 proxy/http3/Http3Transaction.cc               |   4 +-
 proxy/http3/QPACK.cc                          | 219 ++++----
 proxy/logging/LogAccess.cc                    |  40 +-
 proxy/logging/LogAccess.h                     |   4 +-
 proxy/logging/LogAccessTest.h                 |   2 +-
 proxy/logging/LogBuffer.cc                    |  14 +-
 proxy/logging/LogBuffer.h                     |   8 +-
 proxy/logging/LogConfig.cc                    |   9 +-
 proxy/logging/LogConfig.h                     |   4 +-
 proxy/logging/LogField.cc                     |  50 +-
 proxy/logging/LogField.h                      |   2 +-
 proxy/logging/LogFile.cc                      |   4 +-
 proxy/logging/LogFilter.cc                    |   2 +-
 proxy/logging/LogFilter.h                     |   8 +-
 proxy/logging/LogFormat.cc                    |  10 +-
 proxy/logging/LogFormat.h                     |   2 +-
 proxy/logging/LogObject.h                     |   6 +-
 proxy/logging/YamlLogConfig.cc                |  13 +-
 proxy/logging/YamlLogConfig.h                 |   2 +-
 proxy/logging/unit-tests/test_LogUtils.cc     |   8 +-
 proxy/shared/DiagsConfig.cc                   |  15 +-
 src/records/RecFile.cc                        |   4 +-
 src/records/RecHttp.cc                        |  12 +-
 src/records/RecMessage.cc                     |  16 +-
 src/records/RecRawStats.cc                    |  16 +-
 src/shared/overridable_txn_vars.cc            | 294 +++++------
 src/traffic_cache_tool/CacheDefs.cc           |  20 +-
 src/traffic_cache_tool/CacheDefs.h            |  26 +-
 src/traffic_cache_tool/CacheScan.cc           |   2 +-
 src/traffic_cache_tool/CacheTool.cc           |  28 +-
 src/traffic_crashlog/procinfo.cc              |   4 +-
 src/traffic_crashlog/traffic_crashlog.cc      |  15 +-
 src/traffic_crashlog/traffic_crashlog.h       |   4 +-
 src/traffic_ctl/CtrlCommands.cc               |  33 +-
 src/traffic_ctl/CtrlPrinters.cc               |   6 +-
 src/traffic_logcat/logcat.cc                  |  23 +-
 src/traffic_logstats/logstats.cc              |  73 +--
 src/traffic_quic/quic_client.cc               |   2 +-
 src/traffic_quic/traffic_quic.cc              |  20 +-
 src/traffic_server/FetchSM.cc                 |  12 +-
 src/traffic_server/HostStatus.cc              |   8 +-
 src/traffic_server/InkAPI.cc                  |   4 +-
 src/traffic_server/InkAPITest.cc              | 196 +++----
 src/traffic_server/traffic_server.cc          | 128 +++--
 src/traffic_top/stats.h                       |   2 +-
 src/traffic_top/traffic_top.cc                |   2 +-
 src/traffic_wccp/wccp_client.cc               |  10 +-
 src/tscore/ArgParser.cc                       |   2 +-
 src/tscore/BaseLogFile.cc                     |   4 +-
 src/tscore/BufferWriterFormat.cc              | 218 +++-----
 src/tscore/CryptoHash.cc                      |   2 +-
 src/tscore/Extendible.cc                      |   2 +-
 src/tscore/HashSip.cc                         |   2 +-
 src/tscore/IpMap.cc                           |   5 +-
 src/tscore/Layout.cc                          |  14 +-
 src/tscore/MMH.cc                             |  68 +--
 src/tscore/MatcherUtils.cc                    |   6 +-
 src/tscore/MemArena.cc                        |   2 +-
 src/tscore/ParseRules.cc                      |   4 +-
 src/tscore/Regression.cc                      |   6 +-
 src/tscore/SourceLocation.cc                  |   5 +-
 src/tscore/TextBuffer.cc                      |  12 +-
 src/tscore/hugepages.cc                       |   6 +-
 src/tscore/ink_base64.cc                      |  10 +-
 src/tscore/ink_file.cc                        |   2 +-
 src/tscore/ink_hrtime.cc                      |   2 +-
 src/tscore/ink_inet.cc                        |   4 +-
 src/tscore/ink_queue.cc                       |   4 +-
 src/tscore/ink_rand.cc                        |   8 +-
 src/tscore/ink_res_init.cc                    |   5 +-
 src/tscore/ink_string++.cc                    |   2 +-
 src/tscore/ink_syslog.cc                      |  28 +-
 src/tscore/lockfile.cc                        |   2 +-
 src/tscore/runroot.cc                         |   2 +-
 src/tscore/test_atomic.cc                     |   6 +-
 src/tscore/unit_tests/freelist_benchmark.cc   |   5 +-
 src/tscore/unit_tests/test_AcidPtr.cc         |   8 +-
 src/tscore/unit_tests/test_BufferWriter.cc    |  12 +-
 src/tscore/unit_tests/test_History.cc         |   2 +-
 src/tscore/unit_tests/test_List.cc            |   2 +-
 src/tscore/unit_tests/test_MMH.cc             |   6 +-
 src/tscore/unit_tests/test_Regex.cc           |   6 +-
 src/tscore/unit_tests/test_Version.cc         |  14 +-
 src/tscore/unit_tests/test_ink_inet.cc        |  22 +-
 src/tscpp/api/GzipDeflateTransformation.cc    |   4 +-
 src/tscpp/api/Headers.cc                      |   8 +-
 src/tscpp/api/InterceptPlugin.cc              |   4 +-
 src/tscpp/api/TransformationPlugin.cc         |   2 +-
 src/tscpp/api/utils_internal.cc               |   2 +-
 .../util/unit_tests/test_IntrusiveDList.cc    |   4 +-
 src/wccp/WccpConfig.cc                        |  22 +-
 src/wccp/WccpEndPoint.cc                      |  12 +-
 src/wccp/WccpLocal.h                          |   2 +-
 src/wccp/WccpMsg.cc                           |   4 +-
 src/wccp/wccp-test-router.cc                  |   5 +-
 tools/clang-format.sh                         |  25 +-
 tools/git/pre-commit                          |  43 +-
 tools/http_load/http_load.c                   |  26 +-
 tools/http_load/timers.c                      |  12 +-
 tools/jtest/jtest.cc                          | 307 +++++------
 533 files changed, 5162 insertions(+), 4640 deletions(-)

diff --git a/.clang-format b/.clang-format
index cd564fb109c..3bd0b0b3387 100644
--- a/.clang-format
+++ b/.clang-format
@@ -1,16 +1,38 @@
 ---
-Language:        Cpp
+Language: Cpp
 AccessModifierOffset: -2
 AlignAfterOpenBracket: Align
-AlignConsecutiveMacros: false
-AlignConsecutiveAssignments: true
-AlignConsecutiveDeclarations: false
+AlignArrayOfStructures: Left
+AlignConsecutiveAssignments:
+  Enabled: true
+  AcrossEmptyLines: false
+  AcrossComments: false
+  AlignCompound: true
+  PadOperators: true
+AlignConsecutiveBitFields:
+  Enabled: true
+  AcrossEmptyLines: false
+  AcrossComments: false
+  AlignCompound: false
+  PadOperators: false
+AlignConsecutiveDeclarations:
+  Enabled: false
+  AcrossEmptyLines: false
+  AcrossComments: false
+  AlignCompound: false
+  PadOperators: true
+AlignConsecutiveMacros:
+  Enabled: true
+  AcrossEmptyLines: false
+  AcrossComments: false
+  AlignCompound: false
+  PadOperators: true
 AlignEscapedNewlines: Left
-AlignOperands:   true
+AlignOperands: Align
 AlignTrailingComments: true
-AllowAllArgumentsOnNextLine: true
-AllowAllConstructorInitializersOnNextLine: true
+AllowAllArgumentsOnNextLine: false
 AllowAllParametersOfDeclarationOnNextLine: false
+AllowShortEnumsOnASingleLine: true
 AllowShortBlocksOnASingleLine: Never
 AllowShortCaseLabelsOnASingleLine: false
 AllowShortFunctionsOnASingleLine: Inline
@@ -21,26 +43,31 @@ AlwaysBreakAfterDefinitionReturnType: All
 AlwaysBreakAfterReturnType: AllDefinitions
 AlwaysBreakBeforeMultilineStrings: false
 AlwaysBreakTemplateDeclarations: MultiLine
+AttributeMacros:
+  - __capability
 BinPackArguments: true
 BinPackParameters: true
 BraceWrapping:
-  AfterCaseLabel:  false
-  AfterClass:      true
-  AfterControlStatement: false
-  AfterEnum:       false
-  AfterFunction:   true
-  AfterNamespace:  true
+  AfterCaseLabel: false
+  AfterClass: true
+  AfterControlStatement: Never
+  AfterEnum: false
+  AfterFunction: true
+  AfterNamespace: true
   AfterObjCDeclaration: false
-  AfterStruct:     false
-  AfterUnion:      false
+  AfterStruct: false
+  AfterUnion: false
   AfterExternBlock: false
-  BeforeCatch:     false
-  BeforeElse:      false
-  IndentBraces:    false
+  BeforeCatch: false
+  BeforeElse: false
+  BeforeLambdaBody: false
+  BeforeWhile: false
+  IndentBraces: false
   SplitEmptyFunction: true
   SplitEmptyRecord: true
   SplitEmptyNamespace: true
 BreakBeforeBinaryOperators: None
+BreakBeforeConceptDeclarations: Always
 BreakBeforeBraces: Linux
 BreakBeforeInheritanceComma: false
 BreakInheritanceList: BeforeColon
@@ -49,17 +76,23 @@ BreakConstructorInitializersBeforeComma: false
 BreakConstructorInitializers: BeforeColon
 BreakAfterJavaFieldAnnotations: false
 BreakStringLiterals: true
-ColumnLimit:     132
-CommentPragmas:  '^ IWYU pragma:'
+ColumnLimit: 132
+CommentPragmas: "^ IWYU pragma:"
+QualifierAlignment: Leave
 CompactNamespaces: false
-ConstructorInitializerAllOnOneLineOrOnePerLine: true
 ConstructorInitializerIndentWidth: 2
 ContinuationIndentWidth: 2
 Cpp11BracedListStyle: true
 DeriveLineEnding: true
 DerivePointerAlignment: false
-DisableFormat:   false
+DisableFormat: false
+EmptyLineAfterAccessModifier: Never
+EmptyLineBeforeAccessModifier: LogicalBlock
 ExperimentalAutoDetectBinPacking: false
+PackConstructorInitializers: NextLine
+BasedOnStyle: ""
+ConstructorInitializerAllOnOneLineOrOnePerLine: false
+AllowAllConstructorInitializersOnNextLine: true
 FixNamespaceComments: true
 ForEachMacros:
   - forv_Vec
@@ -68,72 +101,117 @@ ForEachMacros:
   - foreach
   - Q_FOREACH
   - BOOST_FOREACH
-IncludeBlocks:   Preserve
+IfMacros:
+  - KJ_IF_MAYBE
+IncludeBlocks: Preserve
 IncludeCategories:
-  - Regex:           '^"(llvm|llvm-c|clang|clang-c)/'
-    Priority:        2
-    SortPriority:    0
-  - Regex:           '^(<|"(gtest|isl|json)/)'
-    Priority:        3
-    SortPriority:    0
-  - Regex:           '.*'
-    Priority:        1
-    SortPriority:    0
-IncludeIsMainRegex: '$'
-IncludeIsMainSourceRegex: ''
+  - Regex: '^"(llvm|llvm-c|clang|clang-c)/'
+    Priority: 2
+    SortPriority: 0
+    CaseSensitive: false
+  - Regex: '^(<|"(gtest|isl|json)/)'
+    Priority: 3
+    SortPriority: 0
+    CaseSensitive: false
+  - Regex: ".*"
+    Priority: 1
+    SortPriority: 0
+    CaseSensitive: false
+IncludeIsMainRegex: "$"
+IncludeIsMainSourceRegex: ""
+IndentAccessModifiers: false
 IndentCaseLabels: false
+IndentCaseBlocks: false
 IndentGotoLabels: true
 IndentPPDirectives: None
-IndentWidth:     2
+IndentExternBlock: AfterExternBlock
+IndentRequiresClause: true
+IndentWidth: 2
 IndentWrappedFunctionNames: false
+InsertBraces: false
+InsertTrailingCommas: None
 JavaScriptQuotes: Leave
 JavaScriptWrapImports: true
 KeepEmptyLinesAtTheStartOfBlocks: false
-MacroBlockBegin: ''
-MacroBlockEnd:   ''
+LambdaBodyIndentation: Signature
+MacroBlockBegin: ""
+MacroBlockEnd: ""
 MaxEmptyLinesToKeep: 1
 NamespaceIndentation: Inner
 ObjCBinPackProtocolList: Auto
 ObjCBlockIndentWidth: 2
+ObjCBreakBeforeNestedBlockParam: true
 ObjCSpaceAfterProperty: true
 ObjCSpaceBeforeProtocolList: false
 PenaltyBreakAssignment: 2
 PenaltyBreakBeforeFirstCallParameter: 19
 PenaltyBreakComment: 30000
 PenaltyBreakFirstLessLess: 120
+PenaltyBreakOpenParenthesis: 0
 PenaltyBreakString: 1000
 PenaltyBreakTemplateDeclaration: 10
 PenaltyExcessCharacter: 1000000
 PenaltyReturnTypeOnItsOwnLine: 200
+PenaltyIndentedWhitespace: 0
 PointerAlignment: Right
-ReflowComments:  true
-SortIncludes:    false
+PPIndentWidth: -1
+ReferenceAlignment: Pointer
+ReflowComments: true
+RemoveBracesLLVM: false
+RequiresClausePosition: OwnLine
+SeparateDefinitionBlocks: Leave
+ShortNamespaceLines: 1
+SortIncludes: Never
+SortJavaStaticImport: Before
 SortUsingDeclarations: false
 SpaceAfterCStyleCast: false
 SpaceAfterLogicalNot: false
 SpaceAfterTemplateKeyword: true
 SpaceBeforeAssignmentOperators: true
+SpaceBeforeCaseColon: false
 SpaceBeforeCpp11BracedList: false
 SpaceBeforeCtorInitializerColon: true
 SpaceBeforeInheritanceColon: true
 SpaceBeforeParens: ControlStatements
+SpaceBeforeParensOptions:
+  AfterControlStatements: true
+  AfterForeachMacros: true
+  AfterFunctionDefinitionName: false
+  AfterFunctionDeclarationName: false
+  AfterIfMacros: true
+  AfterOverloadedOperator: false
+  AfterRequiresInClause: false
+  AfterRequiresInExpression: false
+  BeforeNonEmptyParentheses: false
+SpaceAroundPointerQualifiers: Default
 SpaceBeforeRangeBasedForLoopColon: true
 SpaceInEmptyBlock: false
 SpaceInEmptyParentheses: false
 SpacesBeforeTrailingComments: 1
-SpacesInAngles:  false
+SpacesInAngles: Never
 SpacesInConditionalStatement: false
 SpacesInContainerLiterals: true
 SpacesInCStyleCastParentheses: false
+SpacesInLineCommentPrefix:
+  Minimum: 1
+  Maximum: -1
 SpacesInParentheses: false
 SpacesInSquareBrackets: false
 SpaceBeforeSquareBrackets: false
-Standard:        Latest
+BitFieldColonSpacing: Both
+Standard: Latest
+StatementAttributeLikeMacros:
+  - Q_EMIT
 StatementMacros:
   - Q_UNUSED
   - QT_REQUIRE_VERSION
-TabWidth:        8
-UseCRLF:         false
-UseTab:          Never
-...
-
+TabWidth: 8
+UseCRLF: false
+UseTab: Never
+WhitespaceSensitiveMacros:
+  - STRINGIZE
+  - PP_STRINGIZE
+  - BOOST_PP_STRINGIZE
+  - NS_SWIFT_NAME
+  - CF_SWIFT_NAME
+---
diff --git a/example/plugins/c-api/basic_auth/basic_auth.c b/example/plugins/c-api/basic_auth/basic_auth.c
index 95a87edc1a4..d798ee6ab15 100644
--- a/example/plugins/c-api/basic_auth/basic_auth.c
+++ b/example/plugins/c-api/basic_auth/basic_auth.c
@@ -52,8 +52,8 @@ base64_decode(const char *input)
     *output++ = decode(0) << 2 | decode(1) >> 4;
     *output++ = decode(1) << 4 | decode(2) >> 2;
     *output++ = decode(2) << 6 | decode(3);
-    len -= 4;
-    input += 4;
+    len       -= 4;
+    input     += 4;
   }
 
   /*
@@ -139,7 +139,7 @@ handle_dns(TSHttpTxn txnp, TSCont contp)
     goto done;
   }
   *password = '\0';
-  password += 1;
+  password  += 1;
 
   if (!authorized(user, password)) {
     TSError("[%s] %s:%s not authorized", PLUGIN_NAME, user, password);
diff --git a/example/plugins/c-api/bnull_transform/bnull_transform.c b/example/plugins/c-api/bnull_transform/bnull_transform.c
index 8cb2c44dc1a..db41fdbb93b 100644
--- a/example/plugins/c-api/bnull_transform/bnull_transform.c
+++ b/example/plugins/c-api/bnull_transform/bnull_transform.c
@@ -41,7 +41,7 @@
 
 #define PLUGIN_NAME "bnull_transform"
 
-#define TS_NULL_MUTEX NULL
+#define TS_NULL_MUTEX     NULL
 #define STATE_BUFFER_DATA 0
 #define STATE_OUTPUT_DATA 1
 
diff --git a/example/plugins/c-api/cache_scan/cache_scan.cc b/example/plugins/c-api/cache_scan/cache_scan.cc
index 4e0d9a952e3..e0546be0be0 100644
--- a/example/plugins/c-api/cache_scan/cache_scan.cc
+++ b/example/plugins/c-api/cache_scan/cache_scan.cc
@@ -68,10 +68,10 @@ handle_scan(TSCont contp, TSEvent event, void *edata)
   cache_scan_state *cstate = static_cast<cache_scan_state *>(TSContDataGet(contp));
 
   if (event == TS_EVENT_CACHE_REMOVE) {
-    cstate->done       = 1;
-    const char error[] = "Cache remove operation succeeded";
-    cstate->cache_vc   = static_cast<TSVConn>(edata);
-    cstate->write_vio  = TSVConnWrite(cstate->net_vc, contp, cstate->resp_reader, INT64_MAX);
+    cstate->done        = 1;
+    const char error[]  = "Cache remove operation succeeded";
+    cstate->cache_vc    = static_cast<TSVConn>(edata);
+    cstate->write_vio   = TSVConnWrite(cstate->net_vc, contp, cstate->resp_reader, INT64_MAX);
     cstate->total_bytes += TSIOBufferWrite(cstate->resp_buffer, error, sizeof(error) - 1);
     TSVIONBytesSet(cstate->write_vio, cstate->total_bytes);
     TSVIOReenable(cstate->write_vio);
@@ -83,8 +83,8 @@ handle_scan(TSCont contp, TSEvent event, void *edata)
     const char error[] = "Cache remove operation failed error=";
     char rc[12];
     snprintf(rc, 12, "%p", edata);
-    cstate->cache_vc  = static_cast<TSVConn>(edata);
-    cstate->write_vio = TSVConnWrite(cstate->net_vc, contp, cstate->resp_reader, INT64_MAX);
+    cstate->cache_vc    = static_cast<TSVConn>(edata);
+    cstate->write_vio   = TSVConnWrite(cstate->net_vc, contp, cstate->resp_reader, INT64_MAX);
     cstate->total_bytes += TSIOBufferWrite(cstate->resp_buffer, error, sizeof(error) - 1);
     cstate->total_bytes += TSIOBufferWrite(cstate->resp_buffer, rc, strlen(rc));
 
@@ -104,7 +104,7 @@ handle_scan(TSCont contp, TSEvent event, void *edata)
       event == TS_EVENT_CACHE_SCAN_OPERATION_FAILED) {
     cstate->done = 1;
     if (cstate->resp_buffer) {
-      const char error[] = "Cache scan operation blocked or failed";
+      const char error[]  = "Cache scan operation blocked or failed";
       cstate->total_bytes += TSIOBufferWrite(cstate->resp_buffer, error, sizeof(error) - 1);
     }
     if (cstate->write_vio) {
@@ -159,12 +159,12 @@ handle_scan(TSCont contp, TSEvent event, void *edata)
   if (event == TS_EVENT_CACHE_SCAN_DONE) {
     cstate->done = 1;
     char s[512];
-    int s_len = snprintf(s, sizeof(s),
-                         "</pre></p>\n<p>%d total objects in cache</p>\n"
-                         "<form method=\"GET\" action=\"/show-cache\">"
-                         "Enter URL to delete: <input type=\"text\" size=\"40\" name=\"remove_url\">"
-                         "<input type=\"submit\"  value=\"Delete URL\">",
-                         cstate->total_items);
+    int s_len           = snprintf(s, sizeof(s),
+                                   "</pre></p>\n<p>%d total objects in cache</p>\n"
+                                             "<form method=\"GET\" action=\"/show-cache\">"
+                                             "Enter URL to delete: <input type=\"text\" size=\"40\" name=\"remove_url\">"
+                                             "<input type=\"submit\"  value=\"Delete URL\">",
+                                   cstate->total_items);
     cstate->total_bytes += TSIOBufferWrite(cstate->resp_buffer, s, s_len);
     TSVIONBytesSet(cstate->write_vio, cstate->total_bytes);
     if (!cstate->write_pending) {
@@ -271,7 +271,7 @@ handle_io(TSCont contp, TSEvent event, void * /* edata ATS_UNUSED */)
         cstate->pending_action = actionp;
       }
     } else {
-      char head[] = "<h3>Cache Contents:</h3>\n<p><pre>\n";
+      char head[]         = "<h3>Cache Contents:</h3>\n<p><pre>\n";
       cstate->total_bytes += TSIOBufferWrite(cstate->resp_buffer, head, sizeof(head) - 1);
       // start scan
       TSAction actionp = TSCacheScan(contp, nullptr, 512000);
diff --git a/example/plugins/c-api/intercept/intercept.cc b/example/plugins/c-api/intercept/intercept.cc
index 03bf86da29c..d25eda99bff 100644
--- a/example/plugins/c-api/intercept/intercept.cc
+++ b/example/plugins/c-api/intercept/intercept.cc
@@ -43,7 +43,7 @@
 // request. You can enable extensive logging with the "intercept" diagnostic tag.
 
 #define PLUGIN_NAME "intercept"
-#define PORT 60000
+#define PORT        60000
 
 #define VDEBUG(fmt, ...) TSDebug(PLUGIN_NAME, fmt, ##__VA_ARGS__)
 
@@ -164,7 +164,8 @@ static const char *
 InterceptProxySideVC(const InterceptState *istate, TSVConn vc)
 {
   return (istate->client.vc && vc == istate->client.vc) ? "<client>" :
-                                                          (istate->server.vc && vc == istate->server.vc) ? "<server>" : "<unknown>";
+         (istate->server.vc && vc == istate->server.vc) ? "<server>" :
+                                                          "<unknown>";
 }
 
 static bool
@@ -244,9 +245,9 @@ InterceptTransferData(InterceptIO *from, InterceptIO *to)
     while (ptr && remain) {
       int64_t nbytes;
 
-      nbytes = TSIOBufferWrite(to->writeio.iobuf, ptr, remain);
-      remain -= nbytes;
-      ptr += nbytes;
+      nbytes   = TSIOBufferWrite(to->writeio.iobuf, ptr, remain);
+      remain   -= nbytes;
+      ptr      += nbytes;
       consumed += nbytes;
     }
   }
diff --git a/example/plugins/c-api/passthru/passthru.cc b/example/plugins/c-api/passthru/passthru.cc
index 887dac000ca..6ddef92e671 100644
--- a/example/plugins/c-api/passthru/passthru.cc
+++ b/example/plugins/c-api/passthru/passthru.cc
@@ -114,7 +114,7 @@ struct PassthruIO {
   }
 
   // noncopyable
-  PassthruIO(const PassthruIO &) = delete;
+  PassthruIO(const PassthruIO &)            = delete;
   PassthruIO &operator=(const PassthruIO &) = delete;
 };
 
@@ -158,7 +158,7 @@ struct PassthruSession {
   }
 
   // noncopyable
-  PassthruSession(const PassthruSession &) = delete;
+  PassthruSession(const PassthruSession &)            = delete;
   PassthruSession &operator=(const PassthruSession &) = delete;
 };
 
diff --git a/example/plugins/c-api/protocol/Protocol.h b/example/plugins/c-api/protocol/Protocol.h
index 6d883c18cdb..fbb01bf4f2b 100644
--- a/example/plugins/c-api/protocol/Protocol.h
+++ b/example/plugins/c-api/protocol/Protocol.h
@@ -37,7 +37,7 @@
 #define PLUGIN_NAME "protocol"
 
 #define MAX_SERVER_NAME_LENGTH 1024
-#define MAX_FILE_NAME_LENGTH 1024
+#define MAX_FILE_NAME_LENGTH   1024
 
 /* MAX_SERVER_NAME_LENGTH + MAX_FILE_NAME_LENGTH + strlen("\n\n") */
 #define MAX_REQUEST_LENGTH 2050
diff --git a/example/plugins/c-api/protocol/TxnSM.c b/example/plugins/c-api/protocol/TxnSM.c
index cb7f00f44ec..98d2265852f 100644
--- a/example/plugins/c-api/protocol/TxnSM.c
+++ b/example/plugins/c-api/protocol/TxnSM.c
@@ -939,7 +939,7 @@ get_info_from_buffer(TSIOBufferReader the_reader)
     if (read_done > 0) {
       TSIOBufferReaderConsume(the_reader, read_done);
       read_avail -= read_done;
-      info += read_done;
+      info       += read_done;
     }
   }
 
diff --git a/example/plugins/c-api/protocol/TxnSM.h b/example/plugins/c-api/protocol/TxnSM.h
index b3e8f3f4caa..d74de56fee4 100644
--- a/example/plugins/c-api/protocol/TxnSM.h
+++ b/example/plugins/c-api/protocol/TxnSM.h
@@ -30,8 +30,8 @@ typedef int (*TxnSMHandler)(TSCont contp, TSEvent event, void *data);
 TSCont TxnSMCreate(TSMutex pmutex, TSVConn client_vc, int server_port);
 
 #define TXN_SM_ALIVE 0xAAAA0123
-#define TXN_SM_DEAD 0xFEE1DEAD
-#define TXN_SM_ZERO 0x00001111
+#define TXN_SM_DEAD  0xFEE1DEAD
+#define TXN_SM_ZERO  0x00001111
 
 /* The Txn State Machine */
 typedef struct _TxnSM {
diff --git a/example/plugins/c-api/remap_header_add/remap_header_add.cc b/example/plugins/c-api/remap_header_add/remap_header_add.cc
index f538fae264e..702da50251d 100644
--- a/example/plugins/c-api/remap_header_add/remap_header_add.cc
+++ b/example/plugins/c-api/remap_header_add/remap_header_add.cc
@@ -44,7 +44,7 @@ struct remap_line {
 };
 
 #define PLUGIN_NAME "headeradd_remap"
-#define EXTERN extern "C"
+#define EXTERN      extern "C"
 
 EXTERN void
 ParseArgIntoNv(const char *arg, char **n, char **v)
diff --git a/example/plugins/c-api/request_buffer/request_buffer.c b/example/plugins/c-api/request_buffer/request_buffer.c
index 2214cda5243..0a3f253e1e7 100644
--- a/example/plugins/c-api/request_buffer/request_buffer.c
+++ b/example/plugins/c-api/request_buffer/request_buffer.c
@@ -54,7 +54,7 @@ request_body_get(TSHttpTxn txnp, int *len)
     char_data = TSIOBufferBlockReadStart(block, post_buffer_reader, &data_len);
     memcpy(ret + consumed, char_data, data_len);
     consumed += data_len;
-    block = TSIOBufferBlockNext(block);
+    block    = TSIOBufferBlockNext(block);
   }
   TSIOBufferReaderFree(post_buffer_reader);
 
diff --git a/example/plugins/c-api/server_transform/server_transform.c b/example/plugins/c-api/server_transform/server_transform.c
index c4f29bdf6e1..3d1d90d3ed7 100644
--- a/example/plugins/c-api/server_transform/server_transform.c
+++ b/example/plugins/c-api/server_transform/server_transform.c
@@ -51,12 +51,12 @@
 
 #define PLUGIN_NAME "server-transform"
 
-#define STATE_BUFFER 1
-#define STATE_CONNECT 2
-#define STATE_WRITE 3
+#define STATE_BUFFER      1
+#define STATE_CONNECT     2
+#define STATE_WRITE       3
 #define STATE_READ_STATUS 4
-#define STATE_READ 5
-#define STATE_BYPASS 6
+#define STATE_READ        5
+#define STATE_BYPASS      6
 
 typedef struct {
   int state;
diff --git a/example/plugins/c-api/ssl_preaccept/ssl_preaccept.cc b/example/plugins/c-api/ssl_preaccept/ssl_preaccept.cc
index be662ad29b1..db395df197d 100644
--- a/example/plugins/c-api/ssl_preaccept/ssl_preaccept.cc
+++ b/example/plugins/c-api/ssl_preaccept/ssl_preaccept.cc
@@ -35,7 +35,7 @@
 #include <deque>
 
 #define PLUGIN_NAME "ssl-preaccept"
-#define PCP "[" PLUGIN_NAME "] "
+#define PCP         "[" PLUGIN_NAME "] "
 
 namespace
 {
diff --git a/example/plugins/c-api/ssl_sni/ssl_sni.cc b/example/plugins/c-api/ssl_sni/ssl_sni.cc
index a0b676be081..be9c5dde982 100644
--- a/example/plugins/c-api/ssl_sni/ssl_sni.cc
+++ b/example/plugins/c-api/ssl_sni/ssl_sni.cc
@@ -32,7 +32,7 @@
 #include <openssl/ssl.h>
 
 #define PLUGIN_NAME "ssl_sni"
-#define PCP "[" PLUGIN_NAME "] "
+#define PCP         "[" PLUGIN_NAME "] "
 
 namespace
 {
diff --git a/example/plugins/c-api/ssl_sni_allowlist/ssl_sni_allowlist.cc b/example/plugins/c-api/ssl_sni_allowlist/ssl_sni_allowlist.cc
index b2e969c384a..79002ef0b26 100644
--- a/example/plugins/c-api/ssl_sni_allowlist/ssl_sni_allowlist.cc
+++ b/example/plugins/c-api/ssl_sni_allowlist/ssl_sni_allowlist.cc
@@ -32,7 +32,7 @@
 #include <openssl/ssl.h>
 
 #define PLUGIN_NAME "ssl_sni_allowlist"
-#define PCP "[" PLUGIN_NAME "] "
+#define PCP         "[" PLUGIN_NAME "] "
 
 namespace
 {
diff --git a/example/plugins/c-api/thread_pool/psi.c b/example/plugins/c-api/thread_pool/psi.c
index a25220d2b7c..730341c32dd 100644
--- a/example/plugins/c-api/thread_pool/psi.c
+++ b/example/plugins/c-api/thread_pool/psi.c
@@ -47,13 +47,13 @@
 #define NB_THREADS 3
 
 #define PSI_FILENAME_MAX_SIZE 512
-#define PSI_PATH_MAX_SIZE 256
-#define PSI_PATH "include"
+#define PSI_PATH_MAX_SIZE     256
+#define PSI_PATH              "include"
 
-#define PSI_START_TAG "<!--include="
+#define PSI_START_TAG     "<!--include="
 #define PSI_START_TAG_LEN 12
 
-#define PSI_END_TAG "-->"
+#define PSI_END_TAG     "-->"
 #define PSI_END_TAG_LEN 3
 
 #define MIME_FIELD_XPSI "X-Psi"
diff --git a/example/plugins/c-api/thread_pool/thread.h b/example/plugins/c-api/thread_pool/thread.h
index f0eaa62f7dc..9949ff9d7e5 100644
--- a/example/plugins/c-api/thread_pool/thread.h
+++ b/example/plugins/c-api/thread_pool/thread.h
@@ -26,7 +26,7 @@
 #define PLUGIN_NAME "psi"
 
 #define MAGIC_ALIVE 0xfeedbabe
-#define MAGIC_DEAD 0xdeadbeef
+#define MAGIC_DEAD  0xdeadbeef
 
 /* If more than MAX_JOBS_ALARM are present in queue, the plugin
    will log error messages. This should be tuned based on your application */
diff --git a/example/plugins/c-api/verify_cert/verify_cert.cc b/example/plugins/c-api/verify_cert/verify_cert.cc
index 4682379c09f..6959b7bf229 100644
--- a/example/plugins/c-api/verify_cert/verify_cert.cc
+++ b/example/plugins/c-api/verify_cert/verify_cert.cc
@@ -30,7 +30,7 @@
 #include <openssl/ssl.h>
 
 #define PLUGIN_NAME "verify_cert"
-#define PCP "[" PLUGIN_NAME "] "
+#define PCP         "[" PLUGIN_NAME "] "
 
 namespace
 {
diff --git a/example/plugins/cpp-api/websocket/WSBuffer.cc b/example/plugins/cpp-api/websocket/WSBuffer.cc
index 3b8a9b39ada..314af2ae797 100644
--- a/example/plugins/cpp-api/websocket/WSBuffer.cc
+++ b/example/plugins/cpp-api/websocket/WSBuffer.cc
@@ -52,7 +52,7 @@
 #endif
 
 #define BASE64_ENCODE_DSTLEN(_length) ((_length * 8) / 6 + 4)
-#define WS_DIGEST_MAX BASE64_ENCODE_DSTLEN(20)
+#define WS_DIGEST_MAX                 BASE64_ENCODE_DSTLEN(20)
 
 static const std::string magic = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
 
@@ -146,7 +146,7 @@ WSBuffer::read_buffered_message(std::string &message, int &code)
   if (final) {
     message = msg_buf_;
     message += ws_buf_.substr(pos, msg_len);
-    code = frame;
+    code    = frame;
   } else {
     msg_buf_ += ws_buf_.substr(pos, msg_len);
   }
@@ -222,13 +222,13 @@ WSBuffer::get_frame(size_t len, int code)
 
   int len_len;
   if (len <= 125) {
-    frame += char(len);
+    frame   += char(len);
     len_len = 0;
   } else if (len <= UINT16_MAX) {
-    frame += char(WS_16BIT_LEN);
+    frame   += char(WS_16BIT_LEN);
     len_len = 2;
   } else {
-    frame += char(WS_64BIT_LEN);
+    frame   += char(WS_64BIT_LEN);
     len_len = 8;
   }
   // Convert length to big-endian bytes.
diff --git a/example/plugins/cpp-api/websocket/WSBuffer.h b/example/plugins/cpp-api/websocket/WSBuffer.h
index cf7bdc54b0a..3b3075aecbb 100644
--- a/example/plugins/cpp-api/websocket/WSBuffer.h
+++ b/example/plugins/cpp-api/websocket/WSBuffer.h
@@ -35,13 +35,13 @@ enum ws_frametype {
 };
 typedef enum ws_frametype WS_FRAMETYPE;
 
-#define WS_RSV1 0x40
-#define WS_RSV2 0x20
-#define WS_RSV3 0x10
-#define WS_MASKED 0x80
-#define WS_OPCODE 0x0F
-#define WS_FIN 0x80
-#define WS_LENGTH 0x7F
+#define WS_RSV1      0x40
+#define WS_RSV2      0x20
+#define WS_RSV3      0x10
+#define WS_MASKED    0x80
+#define WS_OPCODE    0x0F
+#define WS_FIN       0x80
+#define WS_LENGTH    0x7F
 #define WS_16BIT_LEN 126
 #define WS_64BIT_LEN 127
 
diff --git a/include/records/I_RecProcess.h b/include/records/I_RecProcess.h
index 13dee87bda8..2df2572be19 100644
--- a/include/records/I_RecProcess.h
+++ b/include/records/I_RecProcess.h
@@ -125,8 +125,8 @@ inline int
 RecIncrRawStat(RecRawStatBlock *rsb, EThread *ethread, int id, int64_t incr)
 {
   RecRawStat *tlp = raw_stat_get_tlp(rsb, id, ethread);
-  tlp->sum += incr;
-  tlp->count += 1;
+  tlp->sum        += incr;
+  tlp->count      += 1;
   return REC_ERR_OKAY;
 }
 
@@ -134,8 +134,8 @@ inline int
 RecDecrRawStat(RecRawStatBlock *rsb, EThread *ethread, int id, int64_t decr)
 {
   RecRawStat *tlp = raw_stat_get_tlp(rsb, id, ethread);
-  tlp->sum -= decr;
-  tlp->count += 1;
+  tlp->sum        -= decr;
+  tlp->count      += 1;
   return REC_ERR_OKAY;
 }
 
@@ -143,7 +143,7 @@ inline int
 RecIncrRawStatSum(RecRawStatBlock *rsb, EThread *ethread, int id, int64_t incr)
 {
   RecRawStat *tlp = raw_stat_get_tlp(rsb, id, ethread);
-  tlp->sum += incr;
+  tlp->sum        += incr;
   return REC_ERR_OKAY;
 }
 
@@ -151,6 +151,6 @@ inline int
 RecIncrRawStatCount(RecRawStatBlock *rsb, EThread *ethread, int id, int64_t incr)
 {
   RecRawStat *tlp = raw_stat_get_tlp(rsb, id, ethread);
-  tlp->count += incr;
+  tlp->count      += incr;
   return REC_ERR_OKAY;
 }
diff --git a/include/records/P_RecDefs.h b/include/records/P_RecDefs.h
index 2721db9a217..32b4b967e82 100644
--- a/include/records/P_RecDefs.h
+++ b/include/records/P_RecDefs.h
@@ -30,27 +30,27 @@
 // We need at least this many internal record entries for our configurations and metrics. Any
 // additional slots in librecords will be allocated to the plugin metrics. These should be
 // updated if we change the internal librecords size significantly.
-#define REC_INTERNAL_RECORDS 1100
+#define REC_INTERNAL_RECORDS    1100
 #define REC_DEFAULT_API_RECORDS 1400
 
 #define REC_CONFIG_UPDATE_INTERVAL_MS 3000
-#define REC_REMOTE_SYNC_INTERVAL_MS 5000
+#define REC_REMOTE_SYNC_INTERVAL_MS   5000
 
 #define REC_RAW_STAT_SYNC_INTERVAL_MS 5000
-#define REC_STAT_UPDATE_INTERVAL_MS 10000
+#define REC_STAT_UPDATE_INTERVAL_MS   10000
 
 //-------------------------------------------------------------------------
 // Record Items
 //-------------------------------------------------------------------------
 
-#define REC_LOCAL_UPDATE_REQUIRED 1
+#define REC_LOCAL_UPDATE_REQUIRED   1
 #define REC_PROCESS_UPDATE_REQUIRED (REC_LOCAL_UPDATE_REQUIRED << 1)
-#define REC_UPDATE_REQUIRED (REC_LOCAL_UPDATE_REQUIRED | REC_PROCESS_UPDATE_REQUIRED)
+#define REC_UPDATE_REQUIRED         (REC_LOCAL_UPDATE_REQUIRED | REC_PROCESS_UPDATE_REQUIRED)
 
 #define REC_DISK_SYNC_REQUIRED 1
 #define REC_PEER_SYNC_REQUIRED (REC_DISK_SYNC_REQUIRED << 1)
 #define REC_INC_CONFIG_VERSION (REC_PEER_SYNC_REQUIRED << 1)
-#define REC_SYNC_REQUIRED (REC_DISK_SYNC_REQUIRED | REC_PEER_SYNC_REQUIRED)
+#define REC_SYNC_REQUIRED      (REC_DISK_SYNC_REQUIRED | REC_PEER_SYNC_REQUIRED)
 
 enum RecEntryT {
   RECE_NULL,
diff --git a/include/records/P_RecUtils.h b/include/records/P_RecUtils.h
index 7da594bda5b..9ee44baec3f 100644
--- a/include/records/P_RecUtils.h
+++ b/include/records/P_RecUtils.h
@@ -74,5 +74,5 @@ void _RecDebug(DiagsLevel dl, const SourceLocation &loc, const char *fmt, ...);
 
 void RecDebugOff();
 
-#define RecLog(level, fmt, ...) _RecLog(level, MakeSourceLocation(), fmt, ##__VA_ARGS__)
+#define RecLog(level, fmt, ...)   _RecLog(level, MakeSourceLocation(), fmt, ##__VA_ARGS__)
 #define RecDebug(level, fmt, ...) _RecDebug(level, MakeSourceLocation(), fmt, ##__VA_ARGS__)
diff --git a/include/shared/rpc/RPCRequests.h b/include/shared/rpc/RPCRequests.h
index 7faaa3e0de2..dd441e46a33 100644
--- a/include/shared/rpc/RPCRequests.h
+++ b/include/shared/rpc/RPCRequests.h
@@ -141,7 +141,7 @@ struct RecordLookupRequest : ClientRequest {
   }
   template <typename... Args>
   void
-  emplace_rec(Args &&... p)
+  emplace_rec(Args &&...p)
   {
     super::params.push_back(Params{std::forward<Args>(p)...});
   }
diff --git a/include/ts/apidefs.h.in b/include/ts/apidefs.h.in
index 519bca4d2d6..8ede2bc26a0 100644
--- a/include/ts/apidefs.h.in
+++ b/include/ts/apidefs.h.in
@@ -136,14 +136,14 @@ extern "C" {
 /* clang-format on */
 
 #define TS_HTTP_VERSION(a, b) ((((a)&0xFFFF) << 16) | ((b)&0xFFFF))
-#define TS_HTTP_MINOR(v) ((v)&0xFFFF)
-#define TS_HTTP_MAJOR(v) (((v) >> 16) & 0xFFFF)
+#define TS_HTTP_MINOR(v)      ((v)&0xFFFF)
+#define TS_HTTP_MAJOR(v)      (((v) >> 16) & 0xFFFF)
 
 #ifndef TS_RES_MEM_PATH
 #define __TS_RES_PATH(x) #x
-#define _TS_RES_PATH(x) __TS_RES_PATH(x)
-#define TS_RES_PATH(x) x __FILE__ ":" _TS_RES_PATH(__LINE__)
-#define TS_RES_MEM_PATH TS_RES_PATH("memory/")
+#define _TS_RES_PATH(x)  __TS_RES_PATH(x)
+#define TS_RES_PATH(x)   x __FILE__ ":" _TS_RES_PATH(__LINE__)
+#define TS_RES_MEM_PATH  TS_RES_PATH("memory/")
 #endif
 
 #ifndef TS_DEPRECATED
@@ -1459,7 +1459,7 @@ typedef enum {
   TS_UUID_V5,
 } TSUuidVersion;
 
-#define TS_UUID_STRING_LEN 36
+#define TS_UUID_STRING_LEN   36
 #define TS_CRUUID_STRING_LEN (TS_UUID_STRING_LEN + 19 + 1) /* UUID-len + len(uint64_t) + '-' */
 typedef struct tsapi_uuid *TSUuid;
 
diff --git a/include/ts/experimental.h b/include/ts/experimental.h
index 309909022f7..3e7fe574436 100644
--- a/include/ts/experimental.h
+++ b/include/ts/experimental.h
@@ -97,19 +97,19 @@ tsapi void TSHttpTxnServerRequestBodySet(TSHttpTxn txnp, char *buf, int64_t bufl
 
 /* ===== High Resolution Time ===== */
 #define TS_HRTIME_FOREVER (10 * TS_HRTIME_DECADE)
-#define TS_HRTIME_DECADE (10 * TS_HRTIME_YEAR)
-#define TS_HRTIME_YEAR (365 * TS_HRTIME_DAY + TS_HRTIME_DAY / 4)
-#define TS_HRTIME_WEEK (7 * TS_HRTIME_DAY)
-#define TS_HRTIME_DAY (24 * TS_HRTIME_HOUR)
-#define TS_HRTIME_HOUR (60 * TS_HRTIME_MINUTE)
-#define TS_HRTIME_MINUTE (60 * TS_HRTIME_SECOND)
-#define TS_HRTIME_SECOND (1000 * TS_HRTIME_MSECOND)
+#define TS_HRTIME_DECADE  (10 * TS_HRTIME_YEAR)
+#define TS_HRTIME_YEAR    (365 * TS_HRTIME_DAY + TS_HRTIME_DAY / 4)
+#define TS_HRTIME_WEEK    (7 * TS_HRTIME_DAY)
+#define TS_HRTIME_DAY     (24 * TS_HRTIME_HOUR)
+#define TS_HRTIME_HOUR    (60 * TS_HRTIME_MINUTE)
+#define TS_HRTIME_MINUTE  (60 * TS_HRTIME_SECOND)
+#define TS_HRTIME_SECOND  (1000 * TS_HRTIME_MSECOND)
 #define TS_HRTIME_MSECOND (1000 * TS_HRTIME_USECOND)
 #define TS_HRTIME_USECOND (1000 * TS_HRTIME_NSECOND)
 #define TS_HRTIME_NSECOND (1LL)
 
 #define TS_HRTIME_APPROX_SECONDS(_x) ((_x) >> 30) /*  off by 7.3% */
-#define TS_HRTIME_APPROX_FACTOR (((float)(1 << 30)) / (((float)HRTIME_SECOND)))
+#define TS_HRTIME_APPROX_FACTOR      (((float)(1 << 30)) / (((float)HRTIME_SECOND)))
 
 /*
 ////////////////////////////////////////////////////////////////////
@@ -118,12 +118,12 @@ tsapi void TSHttpTxnServerRequestBodySet(TSHttpTxn txnp, char *buf, int64_t bufl
 //
 ////////////////////////////////////////////////////////////////////
 */
-#define TS_HRTIME_YEARS(_x) ((_x)*TS_HRTIME_YEAR)
-#define TS_HRTIME_WEEKS(_x) ((_x)*TS_HRTIME_WEEK)
-#define TS_HRTIME_DAYS(_x) ((_x)*TS_HRTIME_DAY)
-#define TS_HRTIME_HOURS(_x) ((_x)*TS_HRTIME_HOUR)
-#define TS_HRTIME_MINUTES(_x) ((_x)*TS_HRTIME_MINUTE)
-#define TS_HRTIME_SECONDS(_x) ((_x)*TS_HRTIME_SECOND)
+#define TS_HRTIME_YEARS(_x)    ((_x)*TS_HRTIME_YEAR)
+#define TS_HRTIME_WEEKS(_x)    ((_x)*TS_HRTIME_WEEK)
+#define TS_HRTIME_DAYS(_x)     ((_x)*TS_HRTIME_DAY)
+#define TS_HRTIME_HOURS(_x)    ((_x)*TS_HRTIME_HOUR)
+#define TS_HRTIME_MINUTES(_x)  ((_x)*TS_HRTIME_MINUTE)
+#define TS_HRTIME_SECONDS(_x)  ((_x)*TS_HRTIME_SECOND)
 #define TS_HRTIME_MSECONDS(_x) ((_x)*TS_HRTIME_MSECOND)
 #define TS_HRTIME_USECONDS(_x) ((_x)*TS_HRTIME_USECOND)
 #define TS_HRTIME_NSECONDS(_x) ((_x)*TS_HRTIME_NSECOND)
@@ -335,13 +335,13 @@ tsapi TSReturnCode TSMgmtConfigFileAdd(const char *parent, const char *fileName)
  * Interfaces used by Wireless group
  * ---------------------------------------------------------------------- */
 
-#define TS_NET_EVENT_DATAGRAM_READ_COMPLETE TS_EVENT_INTERNAL_206
-#define TS_NET_EVENT_DATAGRAM_READ_ERROR TS_EVENT_INTERNAL_207
+#define TS_NET_EVENT_DATAGRAM_READ_COMPLETE  TS_EVENT_INTERNAL_206
+#define TS_NET_EVENT_DATAGRAM_READ_ERROR     TS_EVENT_INTERNAL_207
 #define TS_NET_EVENT_DATAGRAM_WRITE_COMPLETE TS_EVENT_INTERNAL_208
-#define TS_NET_EVENT_DATAGRAM_WRITE_ERROR TS_EVENT_INTERNAL_209
-#define TS_NET_EVENT_DATAGRAM_READ_READY TS_EVENT_INTERNAL_210
-#define TS_NET_EVENT_DATAGRAM_OPEN TS_EVENT_INTERNAL_211
-#define TS_NET_EVENT_DATAGRAM_ERROR TS_EVENT_INTERNAL_212
+#define TS_NET_EVENT_DATAGRAM_WRITE_ERROR    TS_EVENT_INTERNAL_209
+#define TS_NET_EVENT_DATAGRAM_READ_READY     TS_EVENT_INTERNAL_210
+#define TS_NET_EVENT_DATAGRAM_OPEN           TS_EVENT_INTERNAL_211
+#define TS_NET_EVENT_DATAGRAM_ERROR          TS_EVENT_INTERNAL_212
 
 /**
  * Extended FetchSM's AIPs
diff --git a/include/ts/remap.h b/include/ts/remap.h
index 49a38e019c6..2d3d31b8e10 100644
--- a/include/ts/remap.h
+++ b/include/ts/remap.h
@@ -31,8 +31,8 @@
 extern "C" {
 #endif /* __cplusplus */
 
-#define TSREMAP_VMAJOR 3 /* major version number */
-#define TSREMAP_VMINOR 0 /* minor version number */
+#define TSREMAP_VMAJOR  3 /* major version number */
+#define TSREMAP_VMINOR  0 /* minor version number */
 #define TSREMAP_VERSION ((TSREMAP_VMAJOR << 16) | TSREMAP_VMINOR)
 
 typedef struct _tsremap_api_info {
diff --git a/include/ts/sdt.h b/include/ts/sdt.h
index 68f8d926af8..9072723caf3 100644
--- a/include/ts/sdt.h
+++ b/include/ts/sdt.h
@@ -27,8 +27,8 @@
 
 #include <sys/sdt.h>
 
-#define ATS_PROBE(probe) DTRACE_PROBE(trafficserver, probe)
-#define ATS_PROBE1(probe, param1) DTRACE_PROBE1(trafficserver, probe, param1)
+#define ATS_PROBE(probe)                  DTRACE_PROBE(trafficserver, probe)
+#define ATS_PROBE1(probe, param1)         DTRACE_PROBE1(trafficserver, probe, param1)
 #define ATS_PROBE2(probe, param1, param2) DTRACE_PROBE2(trafficserver, probe, param1, param2)
 
 #else
diff --git a/include/ts/ts.h b/include/ts/ts.h
index 3160873a2ca..d3f5a6d6153 100644
--- a/include/ts/ts.h
+++ b/include/ts/ts.h
@@ -38,13 +38,13 @@ extern "C" {
 
 /* --------------------------------------------------------------------------
    Memory */
-#define TSmalloc(s) _TSmalloc((s), TS_RES_MEM_PATH)
-#define TSrealloc(p, s) _TSrealloc((p), (s), TS_RES_MEM_PATH)
-#define TSstrdup(p) _TSstrdup((p), -1, TS_RES_MEM_PATH)
-#define TSstrndup(p, n) _TSstrdup((p), (n), TS_RES_MEM_PATH)
+#define TSmalloc(s)        _TSmalloc((s), TS_RES_MEM_PATH)
+#define TSrealloc(p, s)    _TSrealloc((p), (s), TS_RES_MEM_PATH)
+#define TSstrdup(p)        _TSstrdup((p), -1, TS_RES_MEM_PATH)
+#define TSstrndup(p, n)    _TSstrdup((p), (n), TS_RES_MEM_PATH)
 #define TSstrlcpy(d, s, l) _TSstrlcpy((d), (s), (l))
 #define TSstrlcat(d, s, l) _TSstrlcat((d), (s), (l))
-#define TSfree(p) _TSfree(p)
+#define TSfree(p)          _TSfree(p)
 
 tsapi void *_TSmalloc(size_t size, const char *path);
 tsapi void *_TSrealloc(void *ptr, size_t size, const char *path);
diff --git a/include/tscore/AcidPtr.h b/include/tscore/AcidPtr.h
index bc4fc6fdab2..74f10d9e854 100644
--- a/include/tscore/AcidPtr.h
+++ b/include/tscore/AcidPtr.h
@@ -102,7 +102,7 @@ template <typename T> class AcidPtr
   std::shared_ptr<T> data_ptr;
 
 public:
-  AcidPtr(const AcidPtr &) = delete;
+  AcidPtr(const AcidPtr &)            = delete;
   AcidPtr &operator=(const AcidPtr &) = delete;
 
   AcidPtr() : data_ptr(new T()) {}
@@ -165,8 +165,8 @@ template <typename T> class AcidCommitPtr : public std::unique_ptr<T>
   AcidPtr<T> &data;           // data location
 
 public:
-  AcidCommitPtr()                      = delete;
-  AcidCommitPtr(const AcidCommitPtr &) = delete;
+  AcidCommitPtr()                                    = delete;
+  AcidCommitPtr(const AcidCommitPtr &)               = delete;
   AcidCommitPtr &operator=(const AcidCommitPtr<T> &) = delete;
 
   AcidCommitPtr(AcidPtr<T> &data_ptr) : commit_lock(AcidCommitMutexGet(&data_ptr)), data(data_ptr)
diff --git a/include/tscore/Allocator.h b/include/tscore/Allocator.h
index 00e1ce6a801..309dd571273 100644
--- a/include/tscore/Allocator.h
+++ b/include/tscore/Allocator.h
@@ -240,7 +240,7 @@ template <class C, bool Destruct_on_free_ = false, typename BaseAllocator = Allo
   /** Allocates objects of the templated type.  Arguments are forwarded to the constructor for the object. */
   template <typename... Args>
   C *
-  alloc(Args &&... args)
+  alloc(Args &&...args)
   {
     void *ptr = this->alloc_void();
 
diff --git a/include/tscore/Arena.h b/include/tscore/Arena.h
index 4a456db82bf..9978f773b28 100644
--- a/include/tscore/Arena.h
+++ b/include/tscore/Arena.h
@@ -105,7 +105,7 @@ Arena::str_alloc(size_t len)
 
   while (tmp >= 128) {
     size += 1;
-    tmp /= 128;
+    tmp  /= 128;
   }
 
   mem = (unsigned char *)alloc(size, 1);
@@ -116,7 +116,7 @@ Arena::str_alloc(size_t len)
 
   while (tmp >= 128) {
     *p-- = (unsigned char)(255 - (tmp % 128));
-    tmp /= 128;
+    tmp  /= 128;
   }
   *p = (unsigned char)tmp;
 
diff --git a/include/tscore/BaseLogFile.h b/include/tscore/BaseLogFile.h
index aad473586d1..ed325fbec67 100644
--- a/include/tscore/BaseLogFile.h
+++ b/include/tscore/BaseLogFile.h
@@ -41,8 +41,8 @@
 
 #define LOGFILE_ROLLED_EXTENSION ".old"
 #define LOGFILE_SEPARATOR_STRING "_"
-#define LOGFILE_DEFAULT_PERMS (0644)
-#define LOGFILE_ROLL_MAXPATHLEN 4096
+#define LOGFILE_DEFAULT_PERMS    (0644)
+#define LOGFILE_ROLL_MAXPATHLEN  4096
 #define BASELOGFILE_DEBUG_MODE \
   0 // change this to 1 to enable debug messages
     // TODO find a way to enable this from autotools
@@ -166,7 +166,7 @@ class BaseLogFile
 {
 public:
   // member functions
-  BaseLogFile()        = delete;
+  BaseLogFile()                               = delete;
   BaseLogFile &operator=(const BaseLogFile &) = delete;
   BaseLogFile(const char *name);
   BaseLogFile(const char *name, uint64_t sig);
diff --git a/include/tscore/BufferWriter.h b/include/tscore/BufferWriter.h
index 0d1758ab29f..f58dbcf13c7 100644
--- a/include/tscore/BufferWriter.h
+++ b/include/tscore/BufferWriter.h
@@ -186,14 +186,14 @@ class BufferWriter
       "{} {1} {}", and "{0} {1} {2}" are equivalent. Using an explicit index does not reset the
       position of subsequent substitutions, therefore "{} {0} {}" is equivalent to "{0} {0} {2}".
   */
-  template <typename... Rest> BufferWriter &print(TextView fmt, Rest &&... rest);
+  template <typename... Rest> BufferWriter &print(TextView fmt, Rest &&...rest);
   /** Print overload to take arguments as a tuple instead of explicitly.
       This is useful for forwarding variable arguments from other functions / methods.
   */
   template <typename... Args> BufferWriter &printv(TextView fmt, std::tuple<Args...> const &args);
 
   /// Print using a preparsed @a fmt.
-  template <typename... Args> BufferWriter &print(BWFormat const &fmt, Args &&... args);
+  template <typename... Args> BufferWriter &print(BWFormat const &fmt, Args &&...args);
   /** Print overload to take arguments as a tuple instead of explicitly.
       This is useful for forwarding variable arguments from other functions / methods.
   */
@@ -233,10 +233,10 @@ class FixedBufferWriter : public BufferWriter
    */
   FixedBufferWriter(std::nullptr_t);
 
-  FixedBufferWriter(const FixedBufferWriter &) = delete;
+  FixedBufferWriter(const FixedBufferWriter &)            = delete;
   FixedBufferWriter &operator=(const FixedBufferWriter &) = delete;
   FixedBufferWriter(FixedBufferWriter &&)                 = delete;
-  FixedBufferWriter &operator=(FixedBufferWriter &&) = delete;
+  FixedBufferWriter &operator=(FixedBufferWriter &&)      = delete;
 
   FixedBufferWriter(swoc::MemSpan<char> &span) : _buf(span.begin()), _capacity(static_cast<size_t>(span.size())) {}
 
@@ -395,9 +395,9 @@ class FixedBufferWriter : public BufferWriter
   ssize_t operator>>(int fd) const override;
 
   // Overrides for co-variance
-  template <typename... Rest> self_type &print(TextView fmt, Rest &&... rest);
+  template <typename... Rest> self_type &print(TextView fmt, Rest &&...rest);
   template <typename... Args> self_type &printv(TextView fmt, std::tuple<Args...> const &args);
-  template <typename... Args> self_type &print(BWFormat const &fmt, Args &&... args);
+  template <typename... Args> self_type &print(BWFormat const &fmt, Args &&...args);
   template <typename... Args> self_type &printv(BWFormat const &fmt, std::tuple<Args...> const &args);
 
 protected:
@@ -530,7 +530,9 @@ namespace bw_fmt
   /// @a TUPLE.  Due to language limitations it cannot be done directly. The formatters can be
   /// accessed via standard array access in contrast to templated tuple access. The actual array is
   /// static and therefore at run time the only operation is loading the address of the array.
-  template <typename TUPLE, size_t... N> ArgFormatterSignature<TUPLE> *Get_Arg_Formatter_Array(std::index_sequence<N...>)
+  template <typename TUPLE, size_t... N>
+  ArgFormatterSignature<TUPLE> *
+  Get_Arg_Formatter_Array(std::index_sequence<N...>)
   {
     static ArgFormatterSignature<TUPLE> fa[sizeof...(N)] = {&bw_fmt::Arg_Formatter<TUPLE, N>...};
     return fa;
@@ -609,7 +611,7 @@ class BWFormat
 
 template <typename... Args>
 BufferWriter &
-BufferWriter::print(TextView fmt, Args &&... args)
+BufferWriter::print(TextView fmt, Args &&...args)
 {
   return this->printv(fmt, std::forward_as_tuple(args...));
 }
@@ -670,7 +672,7 @@ BufferWriter::printv(TextView fmt, std::tuple<Args...> const &args)
 
 template <typename... Args>
 BufferWriter &
-BufferWriter::print(BWFormat const &fmt, Args &&... args)
+BufferWriter::print(BWFormat const &fmt, Args &&...args)
 {
   return this->printv(fmt, std::forward_as_tuple(args...));
 }
@@ -865,7 +867,7 @@ bwprintv(std::string &s, ts::TextView fmt, std::tuple<Args...> const &args)
 
 template <typename... Args>
 std::string &
-bwprint(std::string &s, ts::TextView fmt, Args &&... args)
+bwprint(std::string &s, ts::TextView fmt, Args &&...args)
 {
   return bwprintv(s, fmt, std::forward_as_tuple(args...));
 }
@@ -880,7 +882,7 @@ inline FixedBufferWriter::FixedBufferWriter(char *buffer, size_t capacity) : _bu
 
 template <typename... Args>
 inline auto
-FixedBufferWriter::print(TextView fmt, Args &&... args) -> self_type &
+FixedBufferWriter::print(TextView fmt, Args &&...args) -> self_type &
 {
   return static_cast<self_type &>(this->super_type::printv(fmt, std::forward_as_tuple(args...)));
 }
@@ -894,7 +896,7 @@ FixedBufferWriter::printv(TextView fmt, std::tuple<Args...> const &args) -> self
 
 template <typename... Args>
 inline auto
-FixedBufferWriter::print(BWFormat const &fmt, Args &&... args) -> self_type &
+FixedBufferWriter::print(BWFormat const &fmt, Args &&...args) -> self_type &
 {
   return static_cast<self_type &>(this->super_type::printv(fmt, std::forward_as_tuple(args...)));
 }
diff --git a/include/tscore/Diags.h b/include/tscore/Diags.h
index d87baec412c..7e2b872fb2d 100644
--- a/include/tscore/Diags.h
+++ b/include/tscore/Diags.h
@@ -82,12 +82,12 @@ diags()
     DiagsError_log_message.message(LEVEL, DiagsError_loc, __VA_ARGS__); \
   } while (false)
 
-#define Status(...) DiagsError(DL_Status, __VA_ARGS__)       // Log information
-#define Note(...) DiagsError(DL_Note, __VA_ARGS__)           // Log significant information
-#define Warning(...) DiagsError(DL_Warning, __VA_ARGS__)     // Log concerning information
-#define Error(...) DiagsError(DL_Error, __VA_ARGS__)         // Log operational failure, fail CI
-#define Fatal(...) DiagsError(DL_Fatal, __VA_ARGS__)         // Log recoverable crash, fail CI, exit & allow restart
-#define Alert(...) DiagsError(DL_Alert, __VA_ARGS__)         // Log recoverable crash, fail CI, exit & restart, Ops attention
+#define Status(...)    DiagsError(DL_Status, __VA_ARGS__)    // Log information
+#define Note(...)      DiagsError(DL_Note, __VA_ARGS__)      // Log significant information
+#define Warning(...)   DiagsError(DL_Warning, __VA_ARGS__)   // Log concerning information
+#define Error(...)     DiagsError(DL_Error, __VA_ARGS__)     // Log operational failure, fail CI
+#define Fatal(...)     DiagsError(DL_Fatal, __VA_ARGS__)     // Log recoverable crash, fail CI, exit & allow restart
+#define Alert(...)     DiagsError(DL_Alert, __VA_ARGS__)     // Log recoverable crash, fail CI, exit & restart, Ops attention
 #define Emergency(...) DiagsError(DL_Emergency, __VA_ARGS__) // Log unrecoverable crash, fail CI, exit, Ops attention
 
 /** Apply throttling to a log site.
@@ -108,10 +108,10 @@ diags()
     STDE_log_message.message(LEVEL, STDE_loc, __VA_ARGS__);      \
   } while (false)
 
-#define SiteThrottledStatus(...) SiteThrottledDiagsError(DL_Status, __VA_ARGS__)   // Log information
-#define SiteThrottledNote(...) SiteThrottledDiagsError(DL_Note, __VA_ARGS__)       // Log significant information
+#define SiteThrottledStatus(...)  SiteThrottledDiagsError(DL_Status, __VA_ARGS__)  // Log information
+#define SiteThrottledNote(...)    SiteThrottledDiagsError(DL_Note, __VA_ARGS__)    // Log significant information
 #define SiteThrottledWarning(...) SiteThrottledDiagsError(DL_Warning, __VA_ARGS__) // Log concerning information
-#define SiteThrottledError(...) SiteThrottledDiagsError(DL_Error, __VA_ARGS__)     // Log operational failure, fail CI
+#define SiteThrottledError(...)   SiteThrottledDiagsError(DL_Error, __VA_ARGS__)   // Log operational failure, fail CI
 #define SiteThrottledFatal(...) \
   SiteThrottledDiagsError(DL_Fatal, __VA_ARGS__) // Log recoverable crash, fail CI, exit & allow restart
 #define SiteThrottledAlert(...) \
@@ -126,12 +126,12 @@ diags()
     DiagsErrorV_log_message.message_va(LEVEL, DiagsErrorV_loc, FMT, AP); \
   } while (false)
 
-#define StatusV(fmt, ap) DiagsErrorV(DL_Status, fmt, ap)
-#define NoteV(fmt, ap) DiagsErrorV(DL_Note, fmt, ap)
-#define WarningV(fmt, ap) DiagsErrorV(DL_Warning, fmt, ap)
-#define ErrorV(fmt, ap) DiagsErrorV(DL_Error, fmt, ap)
-#define FatalV(fmt, ap) DiagsErrorV(DL_Fatal, fmt, ap)
-#define AlertV(fmt, ap) DiagsErrorV(DL_Alert, fmt, ap)
+#define StatusV(fmt, ap)    DiagsErrorV(DL_Status, fmt, ap)
+#define NoteV(fmt, ap)      DiagsErrorV(DL_Note, fmt, ap)
+#define WarningV(fmt, ap)   DiagsErrorV(DL_Warning, fmt, ap)
+#define ErrorV(fmt, ap)     DiagsErrorV(DL_Error, fmt, ap)
+#define FatalV(fmt, ap)     DiagsErrorV(DL_Fatal, fmt, ap)
+#define AlertV(fmt, ap)     DiagsErrorV(DL_Alert, fmt, ap)
 #define EmergencyV(fmt, ap) DiagsErrorV(DL_Emergency, fmt, ap)
 
 /** See the comment above SiteThrottledDiagsError for an explanation of how the
@@ -143,12 +143,12 @@ diags()
     STDEV_log_message.message_va(LEVEL, STDEV_loc, FMT, AP);      \
   } while (false)
 
-#define SiteThrottledStatusV(fmt, ap) SiteThrottledDiagsErrorV(DL_Status, fmt, ap)
-#define SiteThrottledNoteV(fmt, ap) SiteThrottledDiagsErrorV(DL_Note, fmt, ap)
-#define SiteThrottledWarningV(fmt, ap) SiteThrottledDiagsErrorV(DL_Warning, fmt, ap)
-#define SiteThrottledErrorV(fmt, ap) SiteThrottledDiagsErrorV(DL_Error, fmt, ap)
-#define SiteThrottledFatalV(fmt, ap) SiteThrottledDiagsErrorV(DL_Fatal, fmt, ap)
-#define SiteThrottledAlertV(fmt, ap) SiteThrottledDiagsErrorV(DL_Alert, fmt, ap)
+#define SiteThrottledStatusV(fmt, ap)    SiteThrottledDiagsErrorV(DL_Status, fmt, ap)
+#define SiteThrottledNoteV(fmt, ap)      SiteThrottledDiagsErrorV(DL_Note, fmt, ap)
+#define SiteThrottledWarningV(fmt, ap)   SiteThrottledDiagsErrorV(DL_Warning, fmt, ap)
+#define SiteThrottledErrorV(fmt, ap)     SiteThrottledDiagsErrorV(DL_Error, fmt, ap)
+#define SiteThrottledFatalV(fmt, ap)     SiteThrottledDiagsErrorV(DL_Fatal, fmt, ap)
+#define SiteThrottledAlertV(fmt, ap)     SiteThrottledDiagsErrorV(DL_Alert, fmt, ap)
 #define SiteThrottledEmergencyV(fmt, ap) SiteThrottledDiagsErrorV(DL_Emergency, fmt, ap)
 
 #if TS_USE_DIAGS
@@ -243,10 +243,10 @@ is_dbg_ctl_enabled(DbgCtl const &ctl)
     }                                               \
   } while (false)
 
-#define is_action_tag_set(_t) unlikely(diags()->on(_t, DiagsTagType_Action))
-#define debug_tag_assert(_t, _a) (is_debug_tag_set(_t) ? (ink_release_assert(_a), 0) : 0)
+#define is_action_tag_set(_t)     unlikely(diags()->on(_t, DiagsTagType_Action))
+#define debug_tag_assert(_t, _a)  (is_debug_tag_set(_t) ? (ink_release_assert(_a), 0) : 0)
 #define action_tag_assert(_t, _a) (is_action_tag_set(_t) ? (ink_release_assert(_a), 0) : 0)
-#define is_diags_on(_t) is_debug_tag_set(_t) // Deprecated.
+#define is_diags_on(_t)           is_debug_tag_set(_t) // Deprecated.
 
 #else // TS_USE_DIAGS
 
@@ -255,10 +255,10 @@ is_dbg_ctl_enabled(DbgCtl const &ctl)
 #define Debug(...)
 #define SpecificDbg(...)
 
-#define is_debug_tag_set(_t) 0
-#define is_action_tag_set(_t) 0
+#define is_debug_tag_set(_t)      0
+#define is_action_tag_set(_t)     0
 #define debug_tag_assert(_t, _a)  /**/
 #define action_tag_assert(_t, _a) /**/
-#define is_diags_on(_t) 0
+#define is_diags_on(_t)           0
 
 #endif // TS_USE_DIAGS
diff --git a/include/tscore/Errata.h b/include/tscore/Errata.h
index 227a9456a02..c320664056e 100644
--- a/include/tscore/Errata.h
+++ b/include/tscore/Errata.h
@@ -194,7 +194,7 @@ class Errata
       to strings and concatenated to form the message text.
       @return A reference to this object.
   */
-  template <typename... Args> self &push(Id id, Code code, Args const &... args);
+  template <typename... Args> self &push(Id id, Code code, Args const &...args);
 
   /** Push a nested status.
       @a err becomes the top item.
@@ -403,7 +403,7 @@ struct Errata::Message {
   template <typename... Args>
   Message(Id id,     ///< Message Id.
           Code code, ///< Message Code.
-          Args const &... text);
+          Args const &...text);
 
   /// Reset to the message to default state.
   self &clear();
@@ -470,7 +470,7 @@ struct Errata::Message {
 
   static SuccessTest const DEFAULT_SUCCESS_TEST;
 
-  template <typename... Args> static std::string stringify(Args const &... items);
+  template <typename... Args> static std::string stringify(Args const &...items);
 
   Id m_id     = 0;            ///< Message ID.
   Code m_code = Default_Code; ///< Message code.
@@ -740,7 +740,7 @@ inline Errata::Message::Message(std::string const &text) : m_text(text) {}
 inline Errata::Message::Message(Id id, std::string const &text) : m_id(id), m_text(text) {}
 inline Errata::Message::Message(Id id, Code code, std::string const &text) : m_id(id), m_code(code), m_text(text) {}
 template <typename... Args>
-Errata::Message::Message(Id id, Code code, Args const &... text) : m_id(id), m_code(code), m_text(stringify(text...))
+Errata::Message::Message(Id id, Code code, Args const &...text) : m_id(id), m_code(code), m_text(stringify(text...))
 {
 }
 
@@ -804,7 +804,7 @@ Errata::Message::set(Errata const &err)
 
 template <typename... Args>
 std::string
-Errata::Message::stringify(Args const &... items)
+Errata::Message::stringify(Args const &...items)
 {
   std::ostringstream s;
   (void)(int[]){0, ((s << items), 0)...};
@@ -871,7 +871,7 @@ Errata::push(Id id, Code code, std::string const &text)
 
 template <typename... Args>
 auto
-Errata::push(Id id, Code code, Args const &... args) -> self &
+Errata::push(Id id, Code code, Args const &...args) -> self &
 {
   this->push(Message(id, code, args...));
   return *this;
diff --git a/include/tscore/Extendible.h b/include/tscore/Extendible.h
index 2cae57f9c79..723256debd5 100644
--- a/include/tscore/Extendible.h
+++ b/include/tscore/Extendible.h
@@ -53,10 +53,19 @@
 
 //////////////////////////////////////////
 /// SUPPORT MACRO
-#define DEF_EXT_NEW_DEL(cls)                                               \
-  void *operator new(size_t sz) { return ats_malloc(ext::sizeOf<cls>()); } \
-  void *operator new(size_t sz, void *ptr) { return ptr; }                 \
-  void operator delete(void *ptr) { free(ptr); }
+#define DEF_EXT_NEW_DEL(cls)               \
+  void *operator new(size_t sz)            \
+  {                                        \
+    return ats_malloc(ext::sizeOf<cls>()); \
+  }                                        \
+  void *operator new(size_t sz, void *ptr) \
+  {                                        \
+    return ptr;                            \
+  }                                        \
+  void operator delete(void *ptr)          \
+  {                                        \
+    free(ptr);                             \
+  }
 
 //////////////////////////////////////////
 /// HELPER CLASSES
@@ -233,9 +242,9 @@ template <typename Derived_t> class Extendible
 // define the static schema per derived type
 template <typename Derived_t> details::Schema Extendible<Derived_t>::schema;
 
-//####################################################
-//####################################################
-// UTILITY Functions
+// ####################################################
+// ####################################################
+//  UTILITY Functions
 
 //////////////////////////////////////////////////////
 /// HexToString function for serializing untyped C storage
@@ -269,9 +278,9 @@ serializeField(std::ostream &os, Field_t const &f)
     os << f;
   }
 }
-//####################################################
-//####################################################
-//####################################################
+// ####################################################
+// ####################################################
+// ####################################################
 
 /////////////////////////////////////////////////////////////////////
 // FieldId
@@ -283,7 +292,7 @@ template <typename Derived_t, typename Field_t> class FieldId
   bool isValid() const;
   FieldId(ext::details::FieldDesc const &);
   FieldId() {}
-  FieldId(FieldId const &) = default;
+  FieldId(FieldId const &)            = default;
   FieldId &operator=(FieldId const &) = default;
 };
 
@@ -448,10 +457,10 @@ FieldId<Derived_t, Field_t>::isValid() const
   return desc != nullptr;
 }
 
-//####################################################
-//####################################################
-//####################################################
-// Functional API for Extendible Field Access
+// ####################################################
+// ####################################################
+// ####################################################
+//  Functional API for Extendible Field Access
 //
 
 ////////////////////////////////////////////////////
@@ -637,7 +646,7 @@ namespace details
 // allocate and initialize an extendible data structure
 template <typename Derived_t, typename... Args>
 Derived_t *
-create(Args &&... args)
+create(Args &&...args)
 {
   // don't instantiate until all Fields are finalized.
   ink_assert(ext::details::areFieldsFinalized());
diff --git a/include/tscore/HTTPVersion.h b/include/tscore/HTTPVersion.h
index b6e3b66f32f..6425c2d6675 100644
--- a/include/tscore/HTTPVersion.h
+++ b/include/tscore/HTTPVersion.h
@@ -27,7 +27,7 @@ class HTTPVersion
 {
 public:
   HTTPVersion() {}
-  HTTPVersion(HTTPVersion const &that) = default;
+  HTTPVersion(HTTPVersion const &that)        = default;
   HTTPVersion &operator=(const HTTPVersion &) = default;
 
   explicit HTTPVersion(int version);
diff --git a/include/tscore/History.h b/include/tscore/History.h
index 203e08a38ad..3a91d7adac2 100644
--- a/include/tscore/History.h
+++ b/include/tscore/History.h
@@ -26,8 +26,8 @@
 #include "tscore/SourceLocation.h"
 #include "tscore/ink_memory.h"
 
-#define NO_REENTRANT 99999
-#define NO_EVENT NO_REENTRANT
+#define NO_REENTRANT         99999
+#define NO_EVENT             NO_REENTRANT
 #define HISTORY_DEFAULT_SIZE 65
 
 struct HistoryEntry {
diff --git a/include/tscore/InkErrno.h b/include/tscore/InkErrno.h
index 3b6a89d5e81..85e135359c2 100644
--- a/include/tscore/InkErrno.h
+++ b/include/tscore/InkErrno.h
@@ -32,30 +32,30 @@
 
 #define INK_START_ERRNO 20000
 
-#define SOCK_ERRNO INK_START_ERRNO
-#define NET_ERRNO INK_START_ERRNO + 100
+#define SOCK_ERRNO  INK_START_ERRNO
+#define NET_ERRNO   INK_START_ERRNO + 100
 #define CACHE_ERRNO INK_START_ERRNO + 400
-#define HTTP_ERRNO INK_START_ERRNO + 600
+#define HTTP_ERRNO  INK_START_ERRNO + 600
 
-#define ENET_THROTTLING (NET_ERRNO + 1)
-#define ENET_CONNECT_TIMEOUT (NET_ERRNO + 2)
-#define ENET_CONNECT_FAILED (NET_ERRNO + 3)
+#define ENET_THROTTLING         (NET_ERRNO + 1)
+#define ENET_CONNECT_TIMEOUT    (NET_ERRNO + 2)
+#define ENET_CONNECT_FAILED     (NET_ERRNO + 3)
 #define ENET_SSL_CONNECT_FAILED (NET_ERRNO + 4)
-#define ENET_SSL_FAILED (NET_ERRNO + 5)
+#define ENET_SSL_FAILED         (NET_ERRNO + 5)
 
-#define ESOCK_DENIED (SOCK_ERRNO + 0)
-#define ESOCK_TIMEOUT (SOCK_ERRNO + 1)
+#define ESOCK_DENIED              (SOCK_ERRNO + 0)
+#define ESOCK_TIMEOUT             (SOCK_ERRNO + 1)
 #define ESOCK_NO_SOCK_SERVER_CONN (SOCK_ERRNO + 2)
 
-#define ECACHE_NO_DOC (CACHE_ERRNO + 0)
-#define ECACHE_DOC_BUSY (CACHE_ERRNO + 1)
-#define ECACHE_DIR_BAD (CACHE_ERRNO + 2)
-#define ECACHE_BAD_META_DATA (CACHE_ERRNO + 3)
-#define ECACHE_READ_FAIL (CACHE_ERRNO + 4)
-#define ECACHE_WRITE_FAIL (CACHE_ERRNO + 5)
+#define ECACHE_NO_DOC           (CACHE_ERRNO + 0)
+#define ECACHE_DOC_BUSY         (CACHE_ERRNO + 1)
+#define ECACHE_DIR_BAD          (CACHE_ERRNO + 2)
+#define ECACHE_BAD_META_DATA    (CACHE_ERRNO + 3)
+#define ECACHE_READ_FAIL        (CACHE_ERRNO + 4)
+#define ECACHE_WRITE_FAIL       (CACHE_ERRNO + 5)
 #define ECACHE_MAX_ALT_EXCEEDED (CACHE_ERRNO + 6)
-#define ECACHE_NOT_READY (CACHE_ERRNO + 7)
-#define ECACHE_ALT_MISS (CACHE_ERRNO + 8)
+#define ECACHE_NOT_READY        (CACHE_ERRNO + 7)
+#define ECACHE_ALT_MISS         (CACHE_ERRNO + 8)
 #define ECACHE_BAD_READ_REQUEST (CACHE_ERRNO + 9)
 
 #define EHTTP_ERROR (HTTP_ERRNO + 0)
diff --git a/include/tscore/IntrusiveHashMap.h b/include/tscore/IntrusiveHashMap.h
index 83bad931b71..bbf90a77ccb 100644
--- a/include/tscore/IntrusiveHashMap.h
+++ b/include/tscore/IntrusiveHashMap.h
@@ -302,14 +302,15 @@ template <typename H> class IntrusiveHashMap
   size_t _expansion_limit{DEFAULT_EXPANSION_LIMIT};            ///< Limit value for expansion.
 
   // noncopyable
-  IntrusiveHashMap(const IntrusiveHashMap &) = delete;
+  IntrusiveHashMap(const IntrusiveHashMap &)            = delete;
   IntrusiveHashMap &operator=(const IntrusiveHashMap &) = delete;
 
   // Hash table size prime list.
-  static constexpr std::array<size_t, 29> PRIME = {{1,        3,        7,         13,        31,       61,      127,     251,
-                                                    509,      1021,     2039,      4093,      8191,     16381,   32749,   65521,
-                                                    131071,   262139,   524287,    1048573,   2097143,  4194301, 8388593, 16777213,
-                                                    33554393, 67108859, 134217689, 268435399, 536870909}};
+  static constexpr std::array<size_t, 29> PRIME = {
+    {1, 3, 7, 13, 31, 61, 127, 251, 509, 1021,
+     2039, 4093, 8191, 16381, 32749, 65521, 131071, 262139, 524287, 1048573,
+     2097143, 4194301, 8388593, 16777213, 33554393, 67108859, 134217689, 268435399, 536870909}
+  };
 };
 
 template <typename H>
diff --git a/include/tscore/IpMap.h b/include/tscore/IpMap.h
index 4268afa9cd4..72c54482ee4 100644
--- a/include/tscore/IpMap.h
+++ b/include/tscore/IpMap.h
@@ -201,7 +201,7 @@ class IpMap
   ~IpMap(); ///< Destructor.
 
   self_type &operator=(self_type const &that) = delete;
-  self_type &operator                         =(self_type &&that);
+  self_type &operator=(self_type &&that);
 
   /** Mark a range.
       All addresses in the range [ @a min , @a max ] are marked with @a data.
diff --git a/include/tscore/List.h b/include/tscore/List.h
index db5a8bca23c..695fd4715ad 100644
--- a/include/tscore/List.h
+++ b/include/tscore/List.h
@@ -150,9 +150,15 @@ template <class C> struct Link : public SLink<C> {
     static _c *&next_link(_c *c);            \
     static _c *&prev_link(_c *c);            \
   };
-#define LINK_DEFINITION(_c, _f)                                           \
-  inline _c *&Link##_##_c##_##_f::next_link(_c *c) { return c->_f.next; } \
-  inline _c *&Link##_##_c##_##_f::prev_link(_c *c) { return c->_f.prev; }
+#define LINK_DEFINITION(_c, _f)                    \
+  inline _c *&Link##_##_c##_##_f::next_link(_c *c) \
+  {                                                \
+    return c->_f.next;                             \
+  }                                                \
+  inline _c *&Link##_##_c##_##_f::prev_link(_c *c) \
+  {                                                \
+    return c->_f.prev;                             \
+  }
 //
 //      List descriptor for singly-linked list of objects of type C.
 //
@@ -186,9 +192,9 @@ template <class C, class L = typename C::Link_link> class SLL
   SLL() : head(nullptr) {}
   SLL(C *c) : head(c) {}
 };
-#define SList(_c, _f) SLL<_c, _c::Link##_##_f>
+#define SList(_c, _f)           SLL<_c, _c::Link##_##_f>
 #define SListM(_c, _m, _ml, _l) SLL<_c, _c::Link##_##_ml##_##_l>
-#define forl_LL(_c, _p, _l) for (_c *_p = (_l).head; _p; _p = (_l).next(_p))
+#define forl_LL(_c, _p, _l)     for (_c *_p = (_l).head; _p; _p = (_l).next(_p))
 
 template <class C, class L>
 inline void
@@ -344,7 +350,7 @@ template <class C, class L = typename C::Link_link> struct DLL {
   const_iterator end() const;
 };
 
-#define DList(_c, _f) DLL<_c, _c::Link##_##_f>
+#define DList(_c, _f)           DLL<_c, _c::Link##_##_f>
 #define DListM(_c, _m, _ml, _l) DLL<_c, _c::Link##_##_ml##_##_l>
 
 template <class C, class L>
@@ -552,7 +558,7 @@ template <class C, class L = typename C::Link_link> class Queue : public DLL<C,
 
   Queue() : tail(nullptr) {}
 };
-#define Que(_c, _f) Queue<_c, _c::Link##_##_f>
+#define Que(_c, _f)           Queue<_c, _c::Link##_##_f>
 #define QueM(_c, _m, _mf, _f) Queue<_c, _c::Link##_##_mf##_##_f>
 
 template <class C, class L>
@@ -722,7 +728,7 @@ template <class C, class L = typename C::Link_link> struct CountQueue : public Q
   inline void append(CountQueue<C, L> &q);
   inline void append_clear(CountQueue<C, L> &q);
 };
-#define CountQue(_c, _f) CountQueue<_c, _c::Link##_##_f>
+#define CountQue(_c, _f)           CountQueue<_c, _c::Link##_##_f>
 #define CountQueM(_c, _m, _mf, _f) CountQueue<_c, _c::Link##_##_mf##_##_f>
 
 template <class C, class L>
@@ -939,7 +945,7 @@ template <class C, class L = typename C::Link_link> struct AtomicSLL {
   AtomicSLL();
 };
 
-#define ASLL(_c, _l) AtomicSLL<_c, _c::Link##_##_l>
+#define ASLL(_c, _l)           AtomicSLL<_c, _c::Link##_##_l>
 #define ASLLM(_c, _m, _ml, _l) AtomicSLL<_c, _c::Link##_##_ml##_##_l>
 
 template <class C, class L> inline AtomicSLL<C, L>::AtomicSLL()
diff --git a/include/tscore/MT_hashtable.h b/include/tscore/MT_hashtable.h
index 92ada4d8863..363a856e56f 100644
--- a/include/tscore/MT_hashtable.h
+++ b/include/tscore/MT_hashtable.h
@@ -31,9 +31,9 @@
  ****************************************************************************/
 #pragma once
 
-#define MT_HASHTABLE_PARTITION_BITS 6
-#define MT_HASHTABLE_PARTITIONS (1 << MT_HASHTABLE_PARTITION_BITS)
-#define MT_HASHTABLE_PARTITION_MASK (MT_HASHTABLE_PARTITIONS - 1)
+#define MT_HASHTABLE_PARTITION_BITS    6
+#define MT_HASHTABLE_PARTITIONS        (1 << MT_HASHTABLE_PARTITION_BITS)
+#define MT_HASHTABLE_PARTITION_MASK    (MT_HASHTABLE_PARTITIONS - 1)
 #define MT_HASHTABLE_MAX_CHAIN_AVG_LEN 4
 template <class key_t, class data_t> struct HashTableEntry {
   key_t key;
diff --git a/include/tscore/MemArena.h b/include/tscore/MemArena.h
index c64dbe61c75..b5d9dd66512 100644
--- a/include/tscore/MemArena.h
+++ b/include/tscore/MemArena.h
@@ -145,7 +145,7 @@ class MemArena
       deleted, the memory will all be reclaimed when the Arena is destroyed. In general it is a bad idea
       to make objects in the Arena that own memory that is not also in the Arena.
   */
-  template <typename T, typename... Args> T *make(Args &&... args);
+  template <typename T, typename... Args> T *make(Args &&...args);
 
   /** Freeze reserved memory.
 
@@ -265,13 +265,13 @@ MemArena::Block::alloc(size_t n)
 {
   ink_assert(n <= this->remaining());
   swoc::MemSpan<void> zret = this->remnant().prefix(n);
-  allocated += n;
+  allocated                += n;
   return zret;
 }
 
 template <typename T, typename... Args>
 T *
-MemArena::make(Args &&... args)
+MemArena::make(Args &&...args)
 {
   return new (this->alloc(sizeof(T)).data()) T(std::forward<Args>(args)...);
 }
diff --git a/include/tscore/ParseRules.h b/include/tscore/ParseRules.h
index 92bd687da04..fdaadf3f741 100644
--- a/include/tscore/ParseRules.h
+++ b/include/tscore/ParseRules.h
@@ -37,36 +37,36 @@ typedef unsigned int CTypeResult;
 // decimal multipliers
 #define USE_SI_MULTIPLIERS 1
 
-#define is_char_BIT (1 << 0)
-#define is_upalpha_BIT (1 << 1)
-#define is_loalpha_BIT (1 << 2)
-#define is_alpha_BIT (1 << 3)
-#define is_digit_BIT (1 << 4)
-#define is_ctl_BIT (1 << 5)
-#define is_ws_BIT (1 << 6)
-#define is_hex_BIT (1 << 7)
-#define is_pchar_BIT (1 << 8)
-#define is_extra_BIT (1 << 9)
-#define is_safe_BIT (1 << 10)
-#define is_unsafe_BIT (1 << 11)
-#define is_national_BIT (1 << 12)
-#define is_reserved_BIT (1 << 13)
-#define is_unreserved_BIT (1 << 14)
-#define is_punct_BIT (1 << 15)
-#define is_end_of_url_BIT (1 << 16)
-#define is_tspecials_BIT (1 << 17)
-#define is_spcr_BIT (1 << 18)
-#define is_splf_BIT (1 << 19)
-#define is_wslfcr_BIT (1 << 20)
-#define is_eow_BIT (1 << 21)
-#define is_token_BIT (1 << 22)
-#define is_uri_BIT (1 << 23)
-#define is_sep_BIT (1 << 24)
-#define is_empty_BIT (1 << 25)
-#define is_alnum_BIT (1 << 26)
-#define is_space_BIT (1 << 27)
-#define is_control_BIT (1 << 28)
-#define is_mime_sep_BIT (1 << 29)
+#define is_char_BIT            (1 << 0)
+#define is_upalpha_BIT         (1 << 1)
+#define is_loalpha_BIT         (1 << 2)
+#define is_alpha_BIT           (1 << 3)
+#define is_digit_BIT           (1 << 4)
+#define is_ctl_BIT             (1 << 5)
+#define is_ws_BIT              (1 << 6)
+#define is_hex_BIT             (1 << 7)
+#define is_pchar_BIT           (1 << 8)
+#define is_extra_BIT           (1 << 9)
+#define is_safe_BIT            (1 << 10)
+#define is_unsafe_BIT          (1 << 11)
+#define is_national_BIT        (1 << 12)
+#define is_reserved_BIT        (1 << 13)
+#define is_unreserved_BIT      (1 << 14)
+#define is_punct_BIT           (1 << 15)
+#define is_end_of_url_BIT      (1 << 16)
+#define is_tspecials_BIT       (1 << 17)
+#define is_spcr_BIT            (1 << 18)
+#define is_splf_BIT            (1 << 19)
+#define is_wslfcr_BIT          (1 << 20)
+#define is_eow_BIT             (1 << 21)
+#define is_token_BIT           (1 << 22)
+#define is_uri_BIT             (1 << 23)
+#define is_sep_BIT             (1 << 24)
+#define is_empty_BIT           (1 << 25)
+#define is_alnum_BIT           (1 << 26)
+#define is_space_BIT           (1 << 27)
+#define is_control_BIT         (1 << 28)
+#define is_mime_sep_BIT        (1 << 29)
 #define is_http_field_name_BIT (1 << 30)
 /* shut up the DEC compiler */
 #define is_http_field_value_BIT (((CTypeResult)1) << 31)
@@ -163,7 +163,7 @@ class ParseRules
   static const char *strchr(const char *s, char c);
 
   // noncopyable
-  ParseRules(const ParseRules &) = delete;
+  ParseRules(const ParseRules &)            = delete;
   ParseRules &operator=(const ParseRules &) = delete;
 };
 
diff --git a/include/tscore/PluginUserArgs.h b/include/tscore/PluginUserArgs.h
index b466829c1fb..d6fc52bdb2e 100644
--- a/include/tscore/PluginUserArgs.h
+++ b/include/tscore/PluginUserArgs.h
@@ -28,12 +28,14 @@
 #include "tscore/ink_assert.h"
 #include "tscore/PluginUserArgs.h"
 
-static constexpr std::array<size_t, TS_USER_ARGS_COUNT> MAX_USER_ARGS = {{
-  16, /* max number of user arguments for TXN */
-  8,  /* max number of user arguments for SSN */
-  4,  /* max number of user arguments for VCONN */
-  128 /* max number of user arguments for GLB */
-}};
+static constexpr std::array<size_t, TS_USER_ARGS_COUNT> MAX_USER_ARGS = {
+  {
+   16, /* max number of user arguments for TXN */
+    8, /* max number of user arguments for SSN */
+    4, /* max number of user arguments for VCONN */
+    128 /* max number of user arguments for GLB */
+  }
+};
 
 /** Stagger each user argument value so we can detect mismatched
  * indices.
diff --git a/include/tscore/Regression.h b/include/tscore/Regression.h
index 6c58973817a..51590490755 100644
--- a/include/tscore/Regression.h
+++ b/include/tscore/Regression.h
@@ -44,15 +44,15 @@
 //   }
 
 // status values
-#define REGRESSION_TEST_PASSED 1
+#define REGRESSION_TEST_PASSED     1
 #define REGRESSION_TEST_INPROGRESS 0 // initial value
-#define REGRESSION_TEST_FAILED -1
-#define REGRESSION_TEST_NOT_RUN -2
+#define REGRESSION_TEST_FAILED     -1
+#define REGRESSION_TEST_NOT_RUN    -2
 
 // regression types
-#define REGRESSION_TEST_NONE 0
-#define REGRESSION_TEST_QUICK 1
-#define REGRESSION_TEST_NIGHTLY 2
+#define REGRESSION_TEST_NONE     0
+#define REGRESSION_TEST_QUICK    1
+#define REGRESSION_TEST_NIGHTLY  2
 #define REGRESSION_TEST_EXTENDED 3
 
 // regression options
diff --git a/include/tscore/Tokenizer.h b/include/tscore/Tokenizer.h
index 305d2c270d6..9ed214dce05 100644
--- a/include/tscore/Tokenizer.h
+++ b/include/tscore/Tokenizer.h
@@ -103,10 +103,10 @@
 
 #include "tscore/ink_apidefs.h"
 
-#define COPY_TOKS (1u << 0)
-#define SHARE_TOKS (1u << 1)
+#define COPY_TOKS        (1u << 0)
+#define SHARE_TOKS       (1u << 1)
 #define ALLOW_EMPTY_TOKS (1u << 2)
-#define ALLOW_SPACES (1u << 3)
+#define ALLOW_SPACES     (1u << 3)
 
 #define TOK_NODE_ELEMENTS 16
 
diff --git a/include/tscore/TsBuffer.h b/include/tscore/TsBuffer.h
index a823641472f..a1921317f04 100644
--- a/include/tscore/TsBuffer.h
+++ b/include/tscore/TsBuffer.h
@@ -433,7 +433,7 @@ ConstBuffer::operator++()
 inline ConstBuffer &
 ConstBuffer::operator+=(size_t n)
 {
-  _ptr += n;
+  _ptr  += n;
   _size -= n;
   return *this;
 }
@@ -465,7 +465,7 @@ ConstBuffer::splitOn(char const *p)
   if (this->contains(p)) {
     size_t n = p - _ptr;
     zret.set(_ptr, n);
-    _ptr = p + 1;
+    _ptr  = p + 1;
     _size -= n + 1;
   }
   return zret;
diff --git a/include/tscore/bwf_std_format.h b/include/tscore/bwf_std_format.h
index cb060edd170..20595631678 100644
--- a/include/tscore/bwf_std_format.h
+++ b/include/tscore/bwf_std_format.h
@@ -88,7 +88,11 @@ namespace bwf
   namespace detail
   {
     // Special case conversions - these handle nullptr because the @c std::string_view spec is stupid.
-    inline std::string_view FirstOfConverter(std::nullptr_t) { return std::string_view{}; }
+    inline std::string_view
+    FirstOfConverter(std::nullptr_t)
+    {
+      return std::string_view{};
+    }
     inline std::string_view
     FirstOfConverter(char const *s)
     {
@@ -106,7 +110,7 @@ namespace bwf
   /// All arguments must be convertible to @c std::string.
   template <typename... Args>
   std::string_view
-  FirstOf(Args &&... args)
+  FirstOf(Args &&...args)
   {
     std::array<std::string_view, sizeof...(args)> strings{{detail::FirstOfConverter(args)...}};
     for (auto &s : strings) {
diff --git a/include/tscore/ink_aiocb.h b/include/tscore/ink_aiocb.h
index 3a7b30e7505..a4260c5ede5 100644
--- a/include/tscore/ink_aiocb.h
+++ b/include/tscore/ink_aiocb.h
@@ -35,7 +35,7 @@
 
 /* TODO use native aiocb where possible */
 
-#define LIO_READ 0x1
+#define LIO_READ  0x1
 #define LIO_WRITE 0x2
 
 struct ink_aiocb {
diff --git a/include/tscore/ink_config.h.in b/include/tscore/ink_config.h.in
index 30737e19c4c..90841cd8aec 100644
--- a/include/tscore/ink_config.h.in
+++ b/include/tscore/ink_config.h.in
@@ -41,7 +41,7 @@
 
 // Helper macro to convert integer defines into string literals
 #define _TS_STR(x) #x
-#define TS_STR(x) _TS_STR(x)
+#define TS_STR(x)  _TS_STR(x)
 
 /* clang-format off */
 #define BUILD_MACHINE "@build_machine@"
diff --git a/include/tscore/ink_defs.h b/include/tscore/ink_defs.h
index 2fe7351089d..70ec3767219 100644
--- a/include/tscore/ink_defs.h
+++ b/include/tscore/ink_defs.h
@@ -71,14 +71,14 @@ countof(const T (&)[N])
 #define countof(x) ((unsigned)(sizeof(x) / sizeof((x)[0])))
 #endif
 
-#define SOCKOPT_ON ((char *)&on)
+#define SOCKOPT_ON  ((char *)&on)
 #define SOCKOPT_OFF ((char *)&off)
 
 #ifndef ABS
 #define ABS(x) (((x) < 0) ? (-(x)) : (x))
 #endif
 
-#define ATS_UNUSED __attribute__((unused))
+#define ATS_UNUSED         __attribute__((unused))
 #define ATS_WARN_IF_UNUSED __attribute__((warn_unused_result))
 #define ATS_UNUSED_RETURN(x) \
   if (x) {                   \
diff --git a/include/tscore/ink_hrtime.h b/include/tscore/ink_hrtime.h
index 9358b6358db..39829428be3 100644
--- a/include/tscore/ink_hrtime.h
+++ b/include/tscore/ink_hrtime.h
@@ -49,19 +49,19 @@ char *int64_to_str(char *buf, unsigned int buf_size, int64_t val, unsigned int *
 //////////////////////////////////////////////////////////////////////////////
 
 #define HRTIME_FOREVER (10 * HRTIME_DECADE)
-#define HRTIME_DECADE (10 * HRTIME_YEAR)
-#define HRTIME_YEAR (365 * HRTIME_DAY + HRTIME_DAY / 4)
-#define HRTIME_WEEK (7 * HRTIME_DAY)
-#define HRTIME_DAY (24 * HRTIME_HOUR)
-#define HRTIME_HOUR (60 * HRTIME_MINUTE)
-#define HRTIME_MINUTE (60 * HRTIME_SECOND)
-#define HRTIME_SECOND (1000 * HRTIME_MSECOND)
+#define HRTIME_DECADE  (10 * HRTIME_YEAR)
+#define HRTIME_YEAR    (365 * HRTIME_DAY + HRTIME_DAY / 4)
+#define HRTIME_WEEK    (7 * HRTIME_DAY)
+#define HRTIME_DAY     (24 * HRTIME_HOUR)
+#define HRTIME_HOUR    (60 * HRTIME_MINUTE)
+#define HRTIME_MINUTE  (60 * HRTIME_SECOND)
+#define HRTIME_SECOND  (1000 * HRTIME_MSECOND)
 #define HRTIME_MSECOND (1000 * HRTIME_USECOND)
 #define HRTIME_USECOND (1000 * HRTIME_NSECOND)
 #define HRTIME_NSECOND (static_cast<ink_hrtime>(1))
 
 #define HRTIME_APPROX_SECONDS(_x) ((_x) >> 30) // off by 7.3%
-#define HRTIME_APPROX_FACTOR (((float)(1 << 30)) / (((float)HRTIME_SECOND)))
+#define HRTIME_APPROX_FACTOR      (((float)(1 << 30)) / (((float)HRTIME_SECOND)))
 
 //////////////////////////////////////////////////////////////////////////////
 //
@@ -71,12 +71,12 @@ char *int64_to_str(char *buf, unsigned int buf_size, int64_t val, unsigned int *
 
 // simple macros
 
-#define HRTIME_YEARS(_x) ((_x)*HRTIME_YEAR)
-#define HRTIME_WEEKS(_x) ((_x)*HRTIME_WEEK)
-#define HRTIME_DAYS(_x) ((_x)*HRTIME_DAY)
-#define HRTIME_HOURS(_x) ((_x)*HRTIME_HOUR)
-#define HRTIME_MINUTES(_x) ((_x)*HRTIME_MINUTE)
-#define HRTIME_SECONDS(_x) ((_x)*HRTIME_SECOND)
+#define HRTIME_YEARS(_x)    ((_x)*HRTIME_YEAR)
+#define HRTIME_WEEKS(_x)    ((_x)*HRTIME_WEEK)
+#define HRTIME_DAYS(_x)     ((_x)*HRTIME_DAY)
+#define HRTIME_HOURS(_x)    ((_x)*HRTIME_HOUR)
+#define HRTIME_MINUTES(_x)  ((_x)*HRTIME_MINUTE)
+#define HRTIME_SECONDS(_x)  ((_x)*HRTIME_SECOND)
 #define HRTIME_MSECONDS(_x) ((_x)*HRTIME_MSECOND)
 #define HRTIME_USECONDS(_x) ((_x)*HRTIME_USECOND)
 #define HRTIME_NSECONDS(_x) ((_x)*HRTIME_NSECOND)
diff --git a/include/tscore/ink_inet.h b/include/tscore/ink_inet.h
index 1c70107512e..5bd45fc5eb8 100644
--- a/include/tscore/ink_inet.h
+++ b/include/tscore/ink_inet.h
@@ -1246,10 +1246,9 @@ struct IpAddr {
   bool
   operator==(self const &that) const
   {
-    return _family == AF_INET ?
-             (that._family == AF_INET && _addr._ip4 == that._addr._ip4) :
-             _family == AF_INET6 ? (that._family == AF_INET6 && 0 == memcmp(&_addr._ip6, &that._addr._ip6, TS_IP6_SIZE)) :
-                                   (_family == AF_UNSPEC && that._family == AF_UNSPEC);
+    return _family == AF_INET  ? (that._family == AF_INET && _addr._ip4 == that._addr._ip4) :
+           _family == AF_INET6 ? (that._family == AF_INET6 && 0 == memcmp(&_addr._ip6, &that._addr._ip6, TS_IP6_SIZE)) :
+                                 (_family == AF_UNSPEC && that._family == AF_UNSPEC);
   }
 
   /// Inequality.
diff --git a/include/tscore/ink_lockfile.h b/include/tscore/ink_lockfile.h
index dab70612374..dfe90056f68 100644
--- a/include/tscore/ink_lockfile.h
+++ b/include/tscore/ink_lockfile.h
@@ -26,9 +26,9 @@
 #include "tscore/ink_defs.h"
 #include "tscore/ink_string.h"
 
-#define COP_LOCK "cop.lock"
+#define COP_LOCK     "cop.lock"
 #define MANAGER_LOCK "manager.lock"
-#define SERVER_LOCK "server.lock"
+#define SERVER_LOCK  "server.lock"
 
 class Lockfile
 {
diff --git a/include/tscore/ink_memory.h b/include/tscore/ink_memory.h
index d461f9b9b89..9974a98f72a 100644
--- a/include/tscore/ink_memory.h
+++ b/include/tscore/ink_memory.h
@@ -165,7 +165,9 @@ make_iovec(PtrType ptr, SizeType sz)
   return iov;
 }
 
-template <typename PtrType, unsigned N> static inline IOVec make_iovec(PtrType (&array)[N])
+template <typename PtrType, unsigned N>
+static inline IOVec
+make_iovec(PtrType (&array)[N])
 {
   IOVec iov = {&array[0], static_cast<size_t>(sizeof(array))};
   return iov;
@@ -382,7 +384,7 @@ class ats_scoped_resource
   value_type _r; ///< Resource.
 private:
   ats_scoped_resource(self const &) = delete; ///< Copy constructor not permitted.
-  self &operator=(self const &) = delete;     ///< Self assignment not permitted.
+  self &operator=(self const &)     = delete; ///< Self assignment not permitted.
 };
 
 namespace detail
diff --git a/include/tscore/ink_queue.h b/include/tscore/ink_queue.h
index 517fdab1e1d..53ce721f69b 100644
--- a/include/tscore/ink_queue.h
+++ b/include/tscore/ink_queue.h
@@ -121,10 +121,10 @@ union head_p {
 
 #ifdef DEBUG
 #define FROM_PTR(_x) (void *)(((uintptr_t)_x) + 1)
-#define TO_PTR(_x) (void *)(((uintptr_t)_x) - 1)
+#define TO_PTR(_x)   (void *)(((uintptr_t)_x) - 1)
 #else
 #define FROM_PTR(_x) ((void *)(_x))
-#define TO_PTR(_x) ((void *)(_x))
+#define TO_PTR(_x)   ((void *)(_x))
 #endif
 
 #if (defined(__i386__) || defined(__arm__) || defined(__mips__)) && (SIZEOF_VOIDP == 4)
@@ -161,7 +161,7 @@ union head_p {
   ((void *)((((intptr_t)(_x).data) & 0x0000FFFFFFFFFFFFLL) | ((~((((intptr_t)(_x).data) >> 63) - 1)) << 48)))
 #endif
 
-#define FREELIST_VERSION(_x) ((((intptr_t)(_x).data) & 0x7FFF000000000000LL) >> 48)
+#define FREELIST_VERSION(_x)                     ((((intptr_t)(_x).data) & 0x7FFF000000000000LL) >> 48)
 #define SET_FREELIST_POINTER_VERSION(_x, _p, _v) (_x).data = ((((intptr_t)(_p)) & 0x8000FFFFFFFFFFFFLL) | (((_v)&0x7FFFLL) << 48))
 #elif defined(__aarch64__)
 /* Layout of FREELIST_POINTER
@@ -180,7 +180,7 @@ union head_p {
   ((void *)((((intptr_t)(_x).data) & 0x000FFFFFFFFFFFFFLL) | ((~((((intptr_t)(_x).data) >> 63) - 1)) << 52)))
 #endif
 
-#define FREELIST_VERSION(_x) ((((intptr_t)(_x).data) & 0x7FF0000000000000LL) >> 52)
+#define FREELIST_VERSION(_x)                     ((((intptr_t)(_x).data) & 0x7FF0000000000000LL) >> 52)
 #define SET_FREELIST_POINTER_VERSION(_x, _p, _v) (_x).data = ((((intptr_t)(_p)) & 0x800FFFFFFFFFFFFFLL) | (((_v)&0x7FFLL) << 52))
 #else
 #error "unsupported processor"
diff --git a/include/tscore/ink_resolver.h b/include/tscore/ink_resolver.h
index ab666114edc..924f518052b 100644
--- a/include/tscore/ink_resolver.h
+++ b/include/tscore/ink_resolver.h
@@ -77,56 +77,56 @@
 #include <array>
 
 #if defined(openbsd)
-#define NS_INT16SZ INT16SZ
-#define NS_INT32SZ INT32SZ
+#define NS_INT16SZ   INT16SZ
+#define NS_INT32SZ   INT32SZ
 #define NS_CMPRSFLGS INDIR_MASK
-#define NS_GET16 GETSHORT
-#define NS_GET32 GETLONG
-#define NS_PUT16 PUTSHORT
-#define NS_PUT32 PUTLONG
+#define NS_GET16     GETSHORT
+#define NS_GET32     GETLONG
+#define NS_PUT16     PUTSHORT
+#define NS_PUT32     PUTLONG
 #endif
 
 #ifndef T_DNAME
 #define T_DNAME ns_t_dname
 #endif
-#define INK_RES_F_VC 0x00000001       /*%< socket is TCP */
-#define INK_RES_F_CONN 0x00000002     /*%< socket is connected */
-#define INK_RES_F_EDNS0ERR 0x00000004 /*%< EDNS0 caused errors */
-#define INK_RES_F__UNUSED 0x00000008  /*%< (unused) */
-#define INK_RES_F_LASTMASK 0x000000F0 /*%< ordinal server of last res_nsend */
-#define INK_RES_F_LASTSHIFT 4         /*%< bit position of LASTMASK "flag" */
+#define INK_RES_F_VC         0x00000001 /*%< socket is TCP */
+#define INK_RES_F_CONN       0x00000002 /*%< socket is connected */
+#define INK_RES_F_EDNS0ERR   0x00000004 /*%< EDNS0 caused errors */
+#define INK_RES_F__UNUSED    0x00000008 /*%< (unused) */
+#define INK_RES_F_LASTMASK   0x000000F0 /*%< ordinal server of last res_nsend */
+#define INK_RES_F_LASTSHIFT  4          /*%< bit position of LASTMASK "flag" */
 #define INK_RES_GETLAST(res) (((res)._flags & INK_RES_F_LASTMASK) >> INK_RES_F_LASTSHIFT)
 
 /* res_findzonecut2() options */
 #define INK_RES_EXHAUSTIVE 0x00000001 /*%< always do all queries */
-#define INK_RES_IPV4ONLY 0x00000002   /*%< IPv4 only */
-#define INK_RES_IPV6ONLY 0x00000004   /*%< IPv6 only */
+#define INK_RES_IPV4ONLY   0x00000002 /*%< IPv4 only */
+#define INK_RES_IPV6ONLY   0x00000004 /*%< IPv6 only */
 
 /*%
  *  * Resolver options (keep these in synch with res_debug.c, please)
  [amc] Most of these are never used. AFAICT it's RECURSE and DEBUG only.
  *   */
-#define INK_RES_INIT 0x00000001           /*%< address initialized */
-#define INK_RES_DEBUG 0x00000002          /*%< print debug messages */
-#define INK_RES_AAONLY 0x00000004         /*%< authoritative answers only (!IMPL)*/
-#define INK_RES_USEVC 0x00000008          /*%< use virtual circuit */
-#define INK_RES_PRIMARY 0x00000010        /*%< query primary server only (!IMPL) */
-#define INK_RES_IGNTC 0x00000020          /*%< ignore truncation errors */
-#define INK_RES_RECURSE 0x00000040        /*%< recursion desired */
-#define INK_RES_DEFNAMES 0x00000080       /*%< use default domain name */
-#define INK_RES_STAYOPEN 0x00000100       /*%< Keep TCP socket open */
-#define INK_RES_DNSRCH 0x00000200         /*%< search up local domain tree */
-#define INK_RES_INSECURE1 0x00000400      /*%< type 1 security disabled */
-#define INK_RES_INSECURE2 0x00000800      /*%< type 2 security disabled */
-#define INK_RES_NOALIASES 0x00001000      /*%< shuts off HOSTALIASES feature */
-#define INK_RES_USE_INET6 0x00002000      /*%< use/map IPv6 in gethostbyname() */
-#define INK_RES_ROTATE 0x00004000         /*%< rotate ns list after each query */
+#define INK_RES_INIT        0x00000001    /*%< address initialized */
+#define INK_RES_DEBUG       0x00000002    /*%< print debug messages */
+#define INK_RES_AAONLY      0x00000004    /*%< authoritative answers only (!IMPL)*/
+#define INK_RES_USEVC       0x00000008    /*%< use virtual circuit */
+#define INK_RES_PRIMARY     0x00000010    /*%< query primary server only (!IMPL) */
+#define INK_RES_IGNTC       0x00000020    /*%< ignore truncation errors */
+#define INK_RES_RECURSE     0x00000040    /*%< recursion desired */
+#define INK_RES_DEFNAMES    0x00000080    /*%< use default domain name */
+#define INK_RES_STAYOPEN    0x00000100    /*%< Keep TCP socket open */
+#define INK_RES_DNSRCH      0x00000200    /*%< search up local domain tree */
+#define INK_RES_INSECURE1   0x00000400    /*%< type 1 security disabled */
+#define INK_RES_INSECURE2   0x00000800    /*%< type 2 security disabled */
+#define INK_RES_NOALIASES   0x00001000    /*%< shuts off HOSTALIASES feature */
+#define INK_RES_USE_INET6   0x00002000    /*%< use/map IPv6 in gethostbyname() */
+#define INK_RES_ROTATE      0x00004000    /*%< rotate ns list after each query */
 #define INK_RES_NOCHECKNAME 0x00008000    /*%< do not check names for sanity. */
-#define INK_RES_KEEPTSIG 0x00010000       /*%< do not strip TSIG records */
-#define INK_RES_BLAST 0x00020000          /*%< blast all recursive servers */
-#define INK_RES_NSID 0x00040000           /*%< request name server ID */
-#define INK_RES_NOTLDQUERY 0x00100000     /*%< don't unqualified name as a tld */
-#define INK_RES_USE_DNSSEC 0x00200000     /*%< use DNSSEC using OK bit in OPT */
+#define INK_RES_KEEPTSIG    0x00010000    /*%< do not strip TSIG records */
+#define INK_RES_BLAST       0x00020000    /*%< blast all recursive servers */
+#define INK_RES_NSID        0x00040000    /*%< request name server ID */
+#define INK_RES_NOTLDQUERY  0x00100000    /*%< don't unqualified name as a tld */
+#define INK_RES_USE_DNSSEC  0x00200000    /*%< use DNSSEC using OK bit in OPT */
 /* #define INK_RES_DEBUG2   0x00400000 */ /* nslookup internal */
 /* KAME extensions: use higher bit to avoid conflict with ISC use */
 #define INK_RES_USE_DNAME 0x10000000 /*%< use DNAME */
@@ -134,19 +134,19 @@
 
 #define INK_RES_DEFAULT (INK_RES_RECURSE | INK_RES_DEFNAMES | INK_RES_DNSRCH)
 
-#define INK_MAXNS 32           /*%< max # name servers we'll track */
-#define INK_MAXDFLSRCH 3       /*%< # default domain levels to try */
-#define INK_MAXDNSRCH 6        /*%< max # domains in search path */
-#define INK_LOCALDOMAINPARTS 2 /*%< min levels in name that is "local" */
-#define INK_RES_TIMEOUT 5      /*%< min. seconds between retries */
-#define INK_RES_TIMEOUT 5      /*%< min. seconds between retries */
-#define INK_RES_MAXNDOTS 15    /*%< should reflect bit field size */
-#define INK_RES_MAXRETRANS 30  /*%< only for resolv.conf/RES_OPTIONS */
-#define INK_RES_MAXRETRY 5     /*%< only for resolv.conf/RES_OPTIONS */
-#define INK_RES_DFLRETRY 2     /*%< Default #/tries. */
-#define INK_RES_MAXTIME 65535  /*%< Infinity, in milliseconds. */
-
-#define INK_NS_TYPE_ELT 0x40 /*%< EDNS0 extended label type */
+#define INK_MAXNS            32    /*%< max # name servers we'll track */
+#define INK_MAXDFLSRCH       3     /*%< # default domain levels to try */
+#define INK_MAXDNSRCH        6     /*%< max # domains in search path */
+#define INK_LOCALDOMAINPARTS 2     /*%< min levels in name that is "local" */
+#define INK_RES_TIMEOUT      5     /*%< min. seconds between retries */
+#define INK_RES_TIMEOUT      5     /*%< min. seconds between retries */
+#define INK_RES_MAXNDOTS     15    /*%< should reflect bit field size */
+#define INK_RES_MAXRETRANS   30    /*%< only for resolv.conf/RES_OPTIONS */
+#define INK_RES_MAXRETRY     5     /*%< only for resolv.conf/RES_OPTIONS */
+#define INK_RES_DFLRETRY     2     /*%< Default #/tries. */
+#define INK_RES_MAXTIME      65535 /*%< Infinity, in milliseconds. */
+
+#define INK_NS_TYPE_ELT             0x40 /*%< EDNS0 extended label type */
 #define INK_DNS_LABELTYPE_BITSTRING 0x41
 
 /// IP family preference for DNS resolution.
@@ -209,7 +209,7 @@ struct HostResData {
   do {                                                                   \
     const u_char *t_cp = (const u_char *)(cp);                           \
     (s)                = ((uint16_t)t_cp[0] << 8) | ((uint16_t)t_cp[1]); \
-    (cp) += NS_INT16SZ;                                                  \
+    (cp)               += NS_INT16SZ;                                    \
   } while (0)
 #endif
 
@@ -218,7 +218,7 @@ struct HostResData {
   do {                                                                                                                           \
     const u_char *t_cp = (const u_char *)(cp);                                                                                   \
     (l)                = ((uint32_t)t_cp[0] << 24) | ((uint32_t)t_cp[1] << 16) | ((uint32_t)t_cp[2] << 8) | ((uint32_t)t_cp[3]); \
-    (cp) += NS_INT32SZ;                                                                                                          \
+    (cp)               += NS_INT32SZ;                                                                                            \
   } while (0)
 #endif
 
@@ -229,7 +229,7 @@ struct HostResData {
     u_char *t_cp = (u_char *)(cp); \
     *t_cp++      = t_s >> 8;       \
     *t_cp        = t_s;            \
-    (cp) += NS_INT16SZ;            \
+    (cp)         += NS_INT16SZ;    \
   } while (0)
 #endif
 
@@ -242,7 +242,7 @@ struct HostResData {
     *t_cp++      = t_l >> 16;      \
     *t_cp++      = t_l >> 8;       \
     *t_cp        = t_l;            \
-    (cp) += NS_INT32SZ;            \
+    (cp)         += NS_INT32SZ;    \
   } while (0)
 #endif
 
diff --git a/include/tscore/ink_resource.h b/include/tscore/ink_resource.h
index 578fb5785d9..5c17b3dd14e 100644
--- a/include/tscore/ink_resource.h
+++ b/include/tscore/ink_resource.h
@@ -32,8 +32,8 @@ extern uint64_t ssl_memory_allocated;
 extern uint64_t ssl_memory_freed;
 
 #define __RES_PATH(x) #x
-#define _RES_PATH(x) __RES_PATH(x)
-#define RES_PATH(x) x __FILE__ ":" _RES_PATH(__LINE__)
+#define _RES_PATH(x)  __RES_PATH(x)
+#define RES_PATH(x)   x __FILE__ ":" _RES_PATH(__LINE__)
 
 class Resource;
 
diff --git a/include/tscore/ink_string++.h b/include/tscore/ink_string++.h
index fc9d86c343e..69c99c1b144 100644
--- a/include/tscore/ink_string++.h
+++ b/include/tscore/ink_string++.h
@@ -84,9 +84,9 @@ struct Str {
  *                                                                     *
  ***********************************************************************/
 
-#define STRLIST_BASE_HEAP_SIZE 128
+#define STRLIST_BASE_HEAP_SIZE     128
 #define STRLIST_OVERFLOW_HEAP_SIZE 1024
-#define STRLIST_BASE_CELLS 5
+#define STRLIST_BASE_CELLS         5
 
 struct StrListOverflow;
 
@@ -181,7 +181,7 @@ StrList::base_heap_alloc(int size)
   char *p;
 
   if (size <= (base_heap_size - base_heap_used)) {
-    p = &(base_heap[base_heap_used]);
+    p              = &(base_heap[base_heap_used]);
     base_heap_used += size;
     return ((void *)p);
   } else {
diff --git a/include/tscore/ink_string.h b/include/tscore/ink_string.h
index 59fef765f60..7d009f7eb70 100644
--- a/include/tscore/ink_string.h
+++ b/include/tscore/ink_string.h
@@ -139,7 +139,7 @@ ptr_len_str(const char *p1, int l1, const char *str)
           return match_start;
         }
       } else if (str_index > 0) {
-        l1 += (p1 - match_start);
+        l1        += (p1 - match_start);
         p1        = match_start;
         str_index = 0;
       }
@@ -310,34 +310,34 @@ ink_small_itoa(int val, char *buf, int buf_len)
     return 1;
   } else if (val < 100) { // 10 - 99
     buf[1] = '0' + (val % 10);
-    val /= 10;
+    val    /= 10;
     buf[0] = '0' + (val % 10);
     return 2;
   } else if (val < 1000) { // 100 - 999
     buf[2] = '0' + (val % 10);
-    val /= 10;
+    val    /= 10;
     buf[1] = '0' + (val % 10);
-    val /= 10;
+    val    /= 10;
     buf[0] = '0' + (val % 10);
     return 3;
   } else if (val < 10000) { // 1000 - 9999
     buf[3] = '0' + (val % 10);
-    val /= 10;
+    val    /= 10;
     buf[2] = '0' + (val % 10);
-    val /= 10;
+    val    /= 10;
     buf[1] = '0' + (val % 10);
-    val /= 10;
+    val    /= 10;
     buf[0] = '0' + (val % 10);
     return 4;
   } else { // 10000 - 99999
     buf[4] = '0' + (val % 10);
-    val /= 10;
+    val    /= 10;
     buf[3] = '0' + (val % 10);
-    val /= 10;
+    val    /= 10;
     buf[2] = '0' + (val % 10);
-    val /= 10;
+    val    /= 10;
     buf[1] = '0' + (val % 10);
-    val /= 10;
+    val    /= 10;
     buf[0] = '0' + (val % 10);
     return 5;
   }
diff --git a/include/tscore/ink_thread.h b/include/tscore/ink_thread.h
index 84747d2ef60..644c587a425 100644
--- a/include/tscore/ink_thread.h
+++ b/include/tscore/ink_thread.h
@@ -51,7 +51,7 @@
 #include <sys/prctl.h>
 #endif
 
-#define INK_MUTEX_INIT PTHREAD_MUTEX_INITIALIZER
+#define INK_MUTEX_INIT       PTHREAD_MUTEX_INITIALIZER
 #define INK_THREAD_STACK_MIN PTHREAD_STACK_MIN
 
 typedef pthread_t ink_thread;
diff --git a/include/tscpp/api/Continuation.h b/include/tscpp/api/Continuation.h
index 1557ecc964b..259bc67ebd1 100644
--- a/include/tscpp/api/Continuation.h
+++ b/include/tscpp/api/Continuation.h
@@ -76,7 +76,7 @@ class Continuation
   }
 
   // No copying.
-  Continuation(const Continuation &) = delete;
+  Continuation(const Continuation &)            = delete;
   Continuation &operator=(const Continuation &) = delete;
 
   // Moving allowed.
diff --git a/include/tscpp/api/Logger.h b/include/tscpp/api/Logger.h
index 08eb50f1eae..bfad9247099 100644
--- a/include/tscpp/api/Logger.h
+++ b/include/tscpp/api/Logger.h
@@ -99,8 +99,8 @@ extern "C" void TSError(const char *fmt, ...) ATSCPPAPI_PRINTFLIKE(1, 2);
 // This is weird, but see the following:
 //   http://stackoverflow.com/questions/5641427/how-to-make-preprocessor-generate-a-string-for-line-keyword
 #define STRINGIFY0(x) #x
-#define STRINGIFY(x) STRINGIFY0(x)
-#define LINE_NO STRINGIFY(__LINE__)
+#define STRINGIFY(x)  STRINGIFY0(x)
+#define LINE_NO       STRINGIFY(__LINE__)
 
 /**
  * A helper macro to get access to the Diag messages available in traffic server. These can be enabled
diff --git a/include/tscpp/api/noncopyable.h b/include/tscpp/api/noncopyable.h
index 304449b0832..a330c4d679c 100644
--- a/include/tscpp/api/noncopyable.h
+++ b/include/tscpp/api/noncopyable.h
@@ -52,7 +52,7 @@ class noncopyable
   noncopyable() {}
   ~noncopyable() {}
 
-  noncopyable(const noncopyable &) = delete;
+  noncopyable(const noncopyable &)                  = delete;
   const noncopyable &operator=(const noncopyable &) = delete;
 };
 
diff --git a/include/tscpp/util/Histogram.h b/include/tscpp/util/Histogram.h
index c69b52c0550..1587ff9e5e7 100644
--- a/include/tscpp/util/Histogram.h
+++ b/include/tscpp/util/Histogram.h
@@ -146,7 +146,7 @@ Histogram<R, S>::operator()(raw_type sample) -> self_type &
   if (sample < LOWER_BOUND) {
     idx = sample;                    // sample -> bucket is identity in the underflow range.
   } else if (sample < UPPER_BOUND) { // not overflow bucket.
-    idx -= N_SPAN_BUCKETS;           // bottom bucket in the range.
+    idx       -= N_SPAN_BUCKETS;     // bottom bucket in the range.
     auto mask = MSB_MASK;            // Mask to probe for bit set.
     // Shift needed after finding the MSB to put the span bits in the LSBs.
     unsigned normalize_shift_count = N_RANGE_BITS - 1;
diff --git a/include/tscpp/util/PostScript.h b/include/tscpp/util/PostScript.h
index fc46c3b16c6..ac69f263f0a 100644
--- a/include/tscpp/util/PostScript.h
+++ b/include/tscpp/util/PostScript.h
@@ -54,7 +54,7 @@ template <typename Callable> class PostScript
   }
 
   // No copying or moving.
-  PostScript(const PostScript &) = delete;
+  PostScript(const PostScript &)            = delete;
   PostScript &operator=(const PostScript &) = delete;
 
 private:
diff --git a/include/tscpp/util/TextView.h b/include/tscpp/util/TextView.h
index 15638b7a5e6..70583552e2c 100644
--- a/include/tscpp/util/TextView.h
+++ b/include/tscpp/util/TextView.h
@@ -133,9 +133,9 @@ class TextView : public std::string_view
   const char *data_end() const;
 
   /// Assignment.
-  self_type &operator                    =(super_type const &that);
+  self_type &operator=(super_type const &that);
   template <size_t N> self_type &operator=(const char (&s)[N]);
-  self_type &operator                    =(const std::string &s);
+  self_type &operator=(const std::string &s);
 
   /// Explicitly set the view.
   self_type &assign(char const *ptr, size_t n);
@@ -1197,7 +1197,10 @@ namespace literals
    * rather bizarre to me, but there it is. Update: this depends on the version of the compiler,
    * so hopefully someday this can be removed.
    */
-  constexpr ts::TextView operator"" _tv(const char *s, size_t n) { return {s, n}; }
+  constexpr ts::TextView operator"" _tv(const char *s, size_t n)
+  {
+    return {s, n};
+  }
 } // namespace literals
 
 /** Functor for STL containers that need caseless comparisons of standard string types.
diff --git a/include/tscpp/util/TsSharedMutex.h b/include/tscpp/util/TsSharedMutex.h
index fe1769a3c45..7ee0ab84c21 100644
--- a/include/tscpp/util/TsSharedMutex.h
+++ b/include/tscpp/util/TsSharedMutex.h
@@ -37,7 +37,7 @@
 // Should be plugin code.
 #include <ts/ts.h>
 #define L_Assert TSAssert
-#define L_Fatal TSFatal
+#define L_Fatal  TSFatal
 #endif
 
 #ifdef X
@@ -67,7 +67,7 @@ class shared_mutex
 
   // No copying or moving.
   //
-  shared_mutex(shared_mutex const &) = delete;
+  shared_mutex(shared_mutex const &)            = delete;
   shared_mutex &operator=(shared_mutex const &) = delete;
 
   void
diff --git a/include/tscpp/util/ts_errata.h b/include/tscpp/util/ts_errata.h
index 729a56740a6..1f500795226 100644
--- a/include/tscpp/util/ts_errata.h
+++ b/include/tscpp/util/ts_errata.h
@@ -37,4 +37,5 @@ static constexpr swoc::Errata::Severity ERRATA_EMERGENCY{DL_Emergency};
 
 // This is treated as an array so must numerically match with @c DiagsLevel
 static constexpr std::array<swoc::TextView, 9> Severity_Names{
-  {"Diag", "Debug", "Status", "Note", "Warn", "Error", "Fatal", "Alert", "Emergency"}};
+  {"Diag", "Debug", "Status", "Note", "Warn", "Error", "Fatal", "Alert", "Emergency"}
+};
diff --git a/iocore/aio/AIO.cc b/iocore/aio/AIO.cc
index 078d2b58d30..26d281194f1 100644
--- a/iocore/aio/AIO.cc
+++ b/iocore/aio/AIO.cc
@@ -549,7 +549,7 @@ DiskHandler::DiskHandler()
   }
 
   if (aio_io_uring_sq_poll_ms > 0) {
-    p.flags |= IORING_SETUP_SQPOLL;
+    p.flags          |= IORING_SETUP_SQPOLL;
     p.sq_thread_idle = aio_io_uring_sq_poll_ms;
   }
 
diff --git a/iocore/aio/I_AIO.h b/iocore/aio/I_AIO.h
index 40a41db345c..eb3cc58eacc 100644
--- a/iocore/aio/I_AIO.h
+++ b/iocore/aio/I_AIO.h
@@ -38,8 +38,8 @@ static constexpr ts::ModuleVersion AIO_MODULE_PUBLIC_VERSION(1, 0, ts::ModuleVer
 
 #define AIO_EVENT_DONE (AIO_EVENT_EVENTS_START + 0)
 
-#define AIO_MODE_THREAD 0
-#define AIO_MODE_NATIVE 1
+#define AIO_MODE_THREAD   0
+#define AIO_MODE_NATIVE   1
 #define AIO_MODE_IO_URING 2
 
 #if TS_USE_LINUX_NATIVE_AIO
@@ -50,7 +50,7 @@ static constexpr ts::ModuleVersion AIO_MODULE_PUBLIC_VERSION(1, 0, ts::ModuleVer
 #define AIO_MODE AIO_MODE_THREAD
 #endif
 
-#define LIO_READ 0x1
+#define LIO_READ  0x1
 #define LIO_WRITE 0x2
 
 #if AIO_MODE == AIO_MODE_NATIVE
@@ -65,7 +65,7 @@ typedef struct io_event ink_io_event_t;
 // XXX hokey old-school compatibility with ink_aiocb.h ...
 #define aio_nbytes u.c.nbytes
 #define aio_offset u.c.offset
-#define aio_buf u.c.buf
+#define aio_buf    u.c.buf
 
 #elif AIO_MODE == AIO_MODE_IO_URING
 #include <liburing.h>
diff --git a/iocore/aio/test_AIO.cc b/iocore/aio/test_AIO.cc
index bef0a8ea3b7..4fb441ef1ef 100644
--- a/iocore/aio/test_AIO.cc
+++ b/iocore/aio/test_AIO.cc
@@ -190,8 +190,8 @@ dump_summary()
     double ops_sec = (dev[i]->seq_reads + dev[i]->seq_writes + dev[i]->rand_reads) / secs;
     printf("%s: #sr:%d #sw:%d #rr:%d %0.1f secs %0.1f ops/sec\n", dev[i]->path, dev[i]->seq_reads, dev[i]->seq_writes,
            dev[i]->rand_reads, secs, ops_sec);
-    total_secs += secs;
-    total_seq_reads += dev[i]->seq_reads;
+    total_secs       += secs;
+    total_seq_reads  += dev[i]->seq_reads;
     total_seq_writes += dev[i]->seq_writes;
     total_rand_reads += dev[i]->rand_reads;
   }
@@ -199,12 +199,12 @@ dump_summary()
   printf("aggregate results\n");
   printf("-----------------\n");
   total_secs /= orig_n_accessors;
-  float sr = (total_seq_reads * seq_read_size) / total_secs;
-  sr /= 1024.0 * 1024.0;
-  float sw = (total_seq_writes * seq_write_size) / total_secs;
-  sw /= 1024.0 * 1024.0;
-  float rr = (total_rand_reads * rand_read_size) / total_secs;
-  rr /= 1024.0 * 1024.0;
+  float sr   = (total_seq_reads * seq_read_size) / total_secs;
+  sr         /= 1024.0 * 1024.0;
+  float sw   = (total_seq_writes * seq_write_size) / total_secs;
+  sw         /= 1024.0 * 1024.0;
+  float rr   = (total_rand_reads * rand_read_size) / total_secs;
+  rr         /= 1024.0 * 1024.0;
   printf("%f ops %0.2f mbytes/sec %0.1f ops/sec %0.1f ops/sec/disk seq_read\n", total_seq_reads, sr, total_seq_reads / total_secs,
          total_seq_reads / total_secs / n_disk_path);
   printf("%f ops %0.2f mbytes/sec %0.1f ops/sec %0.1f ops/sec/disk seq_write\n", total_seq_writes, sw,
@@ -270,7 +270,7 @@ AIO_Device::do_fd(int /* event ATS_UNUSED */, Event * /* e ATS_UNUSED */)
   off_t max_hotset_offset = (static_cast<off_t>(hotset_size)) * 1024 * 1024; // MB-GB
   off_t seq_read_point    = (static_cast<off_t> MIN_OFFSET);
   off_t seq_write_point   = (static_cast<off_t> MIN_OFFSET) + max_offset / 2 + write_after * 1024 * 1024;
-  seq_write_point += (id % n_disk_path) * (max_offset / (threads_per_disk * 4));
+  seq_write_point         += (id % n_disk_path) * (max_offset / (threads_per_disk * 4));
   if (seq_write_point > max_offset) {
     seq_write_point = MIN_OFFSET;
   }
diff --git a/iocore/cache/Cache.cc b/iocore/cache/Cache.cc
index cb64b6ea7f3..80acb209d3e 100644
--- a/iocore/cache/Cache.cc
+++ b/iocore/cache/Cache.cc
@@ -945,14 +945,14 @@ CacheProcessor::cacheInitialized()
             CACHE_VOL_SUM_DYN_STAT(cache_ram_cache_bytes_total_stat, (int64_t)gvol[i]->dirlen());
           }
           vol_total_cache_bytes = gvol[i]->len - gvol[i]->dirlen();
-          total_cache_bytes += vol_total_cache_bytes;
+          total_cache_bytes     += vol_total_cache_bytes;
           Debug("cache_init", "CacheProcessor::cacheInitialized - total_cache_bytes = %" PRId64 " = %" PRId64 "Mb",
                 total_cache_bytes, total_cache_bytes / (1024 * 1024));
 
           CACHE_VOL_SUM_DYN_STAT(cache_bytes_total_stat, vol_total_cache_bytes);
 
           vol_total_direntries = gvol[i]->buckets * gvol[i]->segments * DIR_DEPTH;
-          total_direntries += vol_total_direntries;
+          total_direntries     += vol_total_direntries;
           CACHE_VOL_SUM_DYN_STAT(cache_direntries_total_stat, vol_total_direntries);
 
           vol_used_direntries = dir_entries_used(gvol[i]);
@@ -995,14 +995,14 @@ CacheProcessor::cacheInitialized()
           Debug("cache_init", "CacheProcessor::cacheInitialized[%d] - ram_cache_bytes = %" PRId64 " = %" PRId64 "Mb", i,
                 ram_cache_bytes, ram_cache_bytes / (1024 * 1024));
           vol_total_cache_bytes = gvol[i]->len - gvol[i]->dirlen();
-          total_cache_bytes += vol_total_cache_bytes;
+          total_cache_bytes     += vol_total_cache_bytes;
           CACHE_VOL_SUM_DYN_STAT(cache_bytes_total_stat, vol_total_cache_bytes);
           CACHE_VOL_SUM_DYN_STAT(cache_stripes_stat, 1); // Count the cache stripes
           Debug("cache_init", "CacheProcessor::cacheInitialized - total_cache_bytes = %" PRId64 " = %" PRId64 "Mb",
                 total_cache_bytes, total_cache_bytes / (1024 * 1024));
 
           vol_total_direntries = gvol[i]->buckets * gvol[i]->segments * DIR_DEPTH;
-          total_direntries += vol_total_direntries;
+          total_direntries     += vol_total_direntries;
           CACHE_VOL_SUM_DYN_STAT(cache_direntries_total_stat, vol_total_direntries);
 
           vol_used_direntries = dir_entries_used(gvol[i]);
@@ -1462,15 +1462,15 @@ Vol::handle_recover_from_data(int event, void * /* data ATS_UNUSED */)
       }
       ink_assert(done == to_check);
 
-      got_len = io.aiocb.aio_nbytes - done;
+      got_len     = io.aiocb.aio_nbytes - done;
       recover_pos += io.aiocb.aio_nbytes;
-      s = static_cast<char *>(io.aiocb.aio_buf) + done;
-      e = s + got_len;
+      s           = static_cast<char *>(io.aiocb.aio_buf) + done;
+      e           = s + got_len;
     } else {
-      got_len = io.aiocb.aio_nbytes;
+      got_len     = io.aiocb.aio_nbytes;
       recover_pos += io.aiocb.aio_nbytes;
-      s = static_cast<char *>(io.aiocb.aio_buf);
-      e = s + got_len;
+      s           = static_cast<char *>(io.aiocb.aio_buf);
+      e           = s + got_len;
     }
   }
   // examine what we got
@@ -1526,7 +1526,7 @@ Vol::handle_recover_from_data(int event, void * /* data ATS_UNUSED */)
           // case 2
           if (doc->sync_serial > last_sync_serial && doc->sync_serial <= header->sync_serial + 1) {
             last_sync_serial = doc->sync_serial;
-            s += round_to_approx_size(doc->len);
+            s                += round_to_approx_size(doc->len);
             continue;
           }
           // case 3 - we have already recovered some data and
@@ -1561,7 +1561,7 @@ Vol::handle_recover_from_data(int event, void * /* data ATS_UNUSED */)
       }
       // doc->magic == DOC_MAGIC && doc->sync_serial == last_sync_serial
       last_write_serial = doc->write_serial;
-      s += round_to_approx_size(doc->len);
+      s                 += round_to_approx_size(doc->len);
     }
 
     /* if (s > e) then we gone through RECOVERY_SIZE; we need to
@@ -1803,7 +1803,7 @@ build_vol_hash_table(CacheHostRecord *cp)
     }
     mapping[map] = i;
     p[map++]     = cp->vols[i];
-    total += (cp->vols[i]->len >> STORE_BLOCK_SHIFT);
+    total        += (cp->vols[i]->len >> STORE_BLOCK_SHIFT);
   }
 
   num_vols -= bad_vols;
@@ -1829,11 +1829,11 @@ build_vol_hash_table(CacheHostRecord *cp)
 
   // estimate allocation
   for (int i = 0; i < num_vols; i++) {
-    forvol[i] = (VOL_HASH_TABLE_SIZE * (p[i]->len >> STORE_BLOCK_SHIFT)) / total;
-    used += forvol[i];
+    forvol[i]         = (VOL_HASH_TABLE_SIZE * (p[i]->len >> STORE_BLOCK_SHIFT)) / total;
+    used              += forvol[i];
     rtable_entries[i] = p[i]->len / VOL_HASH_ALLOC_SIZE;
-    rtable_size += rtable_entries[i];
-    gotvol[i] = 0;
+    rtable_size       += rtable_entries[i];
+    gotvol[i]         = 0;
   }
   // spread around the excess
   int extra = VOL_HASH_TABLE_SIZE - used;
@@ -1926,8 +1926,8 @@ CacheProcessor::mark_storage_offline(CacheDisk *d, ///< Target disk
 
   for (p = 0; p < gnvol; p++) {
     if (d->fd == gvol[p]->fd) {
-      total_dir_delete += gvol[p]->buckets * gvol[p]->segments * DIR_DEPTH;
-      used_dir_delete += dir_entries_used(gvol[p]);
+      total_dir_delete   += gvol[p]->buckets * gvol[p]->segments * DIR_DEPTH;
+      used_dir_delete    += dir_entries_used(gvol[p]);
       total_bytes_delete += gvol[p]->len - gvol[p]->dirlen();
     }
   }
@@ -1953,10 +1953,10 @@ CacheProcessor::mark_storage_offline(CacheDisk *d, ///< Target disk
     if (theCache) {
       ReplaceablePtr<CacheHostTable>::ScopedReader hosttable(&theCache->hosttable);
       if (!hosttable->gen_host_rec.vol_hash_table) {
-        unsigned int caches_ready = 0;
-        caches_ready              = caches_ready | (1 << CACHE_FRAG_TYPE_HTTP);
-        caches_ready              = caches_ready | (1 << CACHE_FRAG_TYPE_NONE);
-        caches_ready              = ~caches_ready;
+        unsigned int caches_ready   = 0;
+        caches_ready                = caches_ready | (1 << CACHE_FRAG_TYPE_HTTP);
+        caches_ready                = caches_ready | (1 << CACHE_FRAG_TYPE_NONE);
+        caches_ready                = ~caches_ready;
         CacheProcessor::cache_ready &= caches_ready;
         Warning("all volumes for http cache are corrupt, http cache disabled");
       }
@@ -2504,8 +2504,8 @@ cplist_init()
       while (p) {
         if (p->vol_number == dp[j]->vol_number) {
           ink_assert(p->scheme == (int)dp[j]->dpb_queue.head->b->type);
-          p->size += dp[j]->size;
-          p->num_vols += dp[j]->num_volblocks;
+          p->size         += dp[j]->size;
+          p->num_vols     += dp[j]->num_volblocks;
           p->disk_vols[i] = dp[j];
           break;
         }
@@ -2669,7 +2669,7 @@ fillExclusiveDisks(CacheVol *cp)
           cp->disk_vols[i] = gdisks[i]->get_diskvol(volume_number);
         }
         size_diff -= dpb->len;
-        cp->size += dpb->len;
+        cp->size  += dpb->len;
         cp->num_vols++;
       } else {
         Debug("cache_init", "create_volume failed");
@@ -2721,10 +2721,10 @@ cplist_reconfigure()
       }
 
       ink_assert(gdisks[i]->header->num_volumes == 1);
-      DiskVol **dp = gdisks[i]->disk_vols;
-      gnvol += dp[0]->num_volblocks;
-      cp->size += dp[0]->size;
-      cp->num_vols += dp[0]->num_volblocks;
+      DiskVol **dp     = gdisks[i]->disk_vols;
+      gnvol            += dp[0]->num_volblocks;
+      cp->size         += dp[0]->size;
+      cp->num_vols     += dp[0]->num_volblocks;
       cp->disk_vols[i] = dp[0];
     }
   } else {
@@ -2830,7 +2830,7 @@ cplist_reconfigure()
         cp_list.enqueue(new_cp);
         cp_list_len++;
         config_vol->cachep = new_cp;
-        gnvol += new_cp->num_vols;
+        gnvol              += new_cp->num_vols;
         continue;
       }
       //    else
@@ -2896,7 +2896,7 @@ cplist_reconfigure()
               cp->disk_vols[disk_no] = gdisks[disk_no]->get_diskvol(volume_number);
             }
             size_diff -= dpb->len;
-            cp->size += dpb->len;
+            cp->size  += dpb->len;
             cp->num_vols++;
           } else {
             break;
@@ -2944,9 +2944,9 @@ create_volume(int volume_number, off_t size_in_blocks, int scheme, CacheVol *cp)
   int i = curr_vol;
   while (size_in_blocks > 0) {
     if (gdisks[i]->free_space >= (sp[i] + blocks_per_vol)) {
-      sp[i] += blocks_per_vol;
+      sp[i]          += blocks_per_vol;
       size_in_blocks -= blocks_per_vol;
-      full_disks = 0;
+      full_disks     = 0;
     } else {
       full_disks += 1;
       if (full_disks == gndisks) {
diff --git a/iocore/cache/CacheDir.cc b/iocore/cache/CacheDir.cc
index b73eea0d35f..1038c3e0a2f 100644
--- a/iocore/cache/CacheDir.cc
+++ b/iocore/cache/CacheDir.cc
@@ -978,7 +978,7 @@ sync_cache_dir_on_shutdown()
         continue;
       }
       d->header->last_write_pos = d->header->write_pos;
-      d->header->write_pos += d->agg_buf_pos;
+      d->header->write_pos      += d->agg_buf_pos;
       ink_assert(d->header->write_pos == d->header->agg_pos);
       d->agg_buf_pos = 0;
       d->header->write_serial++;
@@ -1286,14 +1286,14 @@ Vol::dir_check(bool /* fix ATS_UNUSED */) // TODO: we should eliminate this para
       ++hist[std::min(h, SEGMENT_HISTOGRAM_WIDTH)];
       seg_chain_max = std::max(seg_chain_max, h);
     }
-    int fl_size = dir_freelist_length(this, s);
-    in_use += seg_in_use;
-    empty += seg_empty;
-    stale += seg_stale;
-    free += fl_size;
-    buckets_in_use += seg_buckets_in_use;
+    int fl_size      = dir_freelist_length(this, s);
+    in_use           += seg_in_use;
+    empty            += seg_empty;
+    stale            += seg_stale;
+    free             += fl_size;
+    buckets_in_use   += seg_buckets_in_use;
     max_chain_length = std::max(max_chain_length, seg_chain_max);
-    bytes_in_use += seg_bytes_in_use;
+    bytes_in_use     += seg_bytes_in_use;
 
     printf("  - Segment-%d | Entries: used=%d stale=%d free=%d disk-bytes=%d Buckets: used=%d empty=%d max=%d avg=%.2f dups=%d\n",
            s, seg_in_use, seg_stale, fl_size, seg_bytes_in_use, seg_buckets_in_use, seg_empty, seg_chain_max,
diff --git a/iocore/cache/CacheDisk.cc b/iocore/cache/CacheDisk.cc
index c9b1c75d3a4..e061e3f69e0 100644
--- a/iocore/cache/CacheDisk.cc
+++ b/iocore/cache/CacheDisk.cc
@@ -289,11 +289,11 @@ CacheDisk::create_volume(int number, off_t size_in_blocks, int scheme)
     /* allocate in 128 megabyte chunks. The Remaining space should
        be thrown away */
     size_in_blocks = (p->len - (p->len % blocks_per_vol));
-    wasted_space += p->len % blocks_per_vol;
+    wasted_space   += p->len % blocks_per_vol;
   }
 
   free_blocks->dpb_queue.remove(q);
-  free_space -= p->len;
+  free_space        -= p->len;
   free_blocks->size -= p->len;
 
   size_t new_size = p->len - size_in_blocks;
@@ -301,14 +301,14 @@ CacheDisk::create_volume(int number, off_t size_in_blocks, int scheme)
     /* create a new volume */
     DiskVolBlock *dpb = &header->vol_info[header->num_diskvol_blks];
     *dpb              = *p;
-    dpb->len -= size_in_blocks;
-    dpb->offset += (size_in_blocks * STORE_BLOCK_SIZE);
+    dpb->len          -= size_in_blocks;
+    dpb->offset       += (size_in_blocks * STORE_BLOCK_SIZE);
 
     DiskVolBlockQueue *new_q = new DiskVolBlockQueue();
     new_q->b                 = dpb;
     free_blocks->dpb_queue.enqueue(new_q);
     free_blocks->size += dpb->len;
-    free_space += dpb->len;
+    free_space        += dpb->len;
     header->num_diskvol_blks++;
   } else {
     header->num_free--;
@@ -353,7 +353,7 @@ CacheDisk::delete_volume(int number)
         DiskVolBlock *p = q->b;
         p->type         = CACHE_NONE_TYPE;
         p->free         = 1;
-        free_space += p->len;
+        free_space      += p->len;
         header->num_free++;
         header->num_used--;
         DiskVolBlockQueue *temp_q = q->link.next;
@@ -362,7 +362,7 @@ CacheDisk::delete_volume(int number)
         q = temp_q;
       }
       free_blocks->num_volblocks += disk_vols[i]->num_volblocks;
-      free_blocks->size += disk_vols[i]->size;
+      free_blocks->size          += disk_vols[i]->size;
 
       delete disk_vols[i];
 
diff --git a/iocore/cache/CacheHosting.cc b/iocore/cache/CacheHosting.cc
index 74d6a61b982..b74a8d51d17 100644
--- a/iocore/cache/CacheHosting.cc
+++ b/iocore/cache/CacheHosting.cc
@@ -684,7 +684,7 @@ ConfigVolumes::BuildListFromString(char *config_file_path, char *file_buf)
       }
 
       if (strcasecmp(tmp, "volume") == 0) { // match volume
-        tmp += 7;                           // size of string volume including null
+        tmp           += 7;                 // size of string volume including null
         volume_number = atoi(tmp);
 
         if (volume_seen[volume_number]) {
@@ -705,17 +705,17 @@ ConfigVolumes::BuildListFromString(char *config_file_path, char *file_buf)
         tmp += 7;                                  // size of string scheme including null
 
         if (!strcasecmp(tmp, "http")) {
-          tmp += 4;
+          tmp    += 4;
           scheme = CACHE_HTTP_TYPE;
         } else if (!strcasecmp(tmp, "mixt")) {
-          tmp += 4;
+          tmp    += 4;
           scheme = CACHE_RTSP_TYPE;
         } else {
           err = "Unexpected end of line";
           break;
         }
       } else if (strcasecmp(tmp, "size") == 0) { // match size
-        tmp += 5;
+        tmp  += 5;
         size = atoi(tmp);
 
         while (ParseRules::is_digit(*tmp)) {
@@ -738,10 +738,10 @@ ConfigVolumes::BuildListFromString(char *config_file_path, char *file_buf)
       } else if (strcasecmp(tmp, "ramcache") == 0) { // match ramcache
         tmp += 9;
         if (!strcasecmp(tmp, "false")) {
-          tmp += 5;
+          tmp              += 5;
           ramcache_enabled = false;
         } else if (!strcasecmp(tmp, "true")) {
-          tmp += 4;
+          tmp              += 4;
           ramcache_enabled = true;
         } else {
           err = "Unexpected end of line";
@@ -790,7 +790,7 @@ ConfigVolumes::BuildListFromString(char *config_file_path, char *file_buf)
 }
 
 /* Test the cache volume with different configurations */
-#define MEGS_128 (128 * 1024 * 1024)
+#define MEGS_128              (128 * 1024 * 1024)
 #define ROUND_TO_VOL_SIZE(_x) (((_x) + (MEGS_128 - 1)) & ~(MEGS_128 - 1))
 extern CacheDisk **gdisks;
 extern Queue<CacheVol> cp_list;
@@ -875,7 +875,7 @@ create_config(RegressionTest *t, int num)
       off_t vol_blocks = gdisks[i]->num_usable_blocks;
       /* round down the blocks to the nearest
          multiple of STORE_BLOCKS_PER_VOL */
-      vol_blocks = (vol_blocks / STORE_BLOCKS_PER_VOL) * STORE_BLOCKS_PER_VOL;
+      vol_blocks  = (vol_blocks / STORE_BLOCKS_PER_VOL) * STORE_BLOCKS_PER_VOL;
       total_space += vol_blocks;
     }
 
@@ -920,7 +920,7 @@ create_config(RegressionTest *t, int num)
       off_t vol_blocks = gdisks[i]->num_usable_blocks;
       /* round down the blocks to the nearest
          multiple of STORE_BLOCKS_PER_VOL */
-      vol_blocks = (vol_blocks / STORE_BLOCKS_PER_VOL) * STORE_BLOCKS_PER_VOL;
+      vol_blocks  = (vol_blocks / STORE_BLOCKS_PER_VOL) * STORE_BLOCKS_PER_VOL;
       total_space += vol_blocks;
 
       if (num == 2) {
diff --git a/iocore/cache/CacheHttp.cc b/iocore/cache/CacheHttp.cc
index 2cf8f98ba2d..5064f7d0a03 100644
--- a/iocore/cache/CacheHttp.cc
+++ b/iocore/cache/CacheHttp.cc
@@ -143,16 +143,16 @@ CacheHTTPInfoVector::print(char *buffer, size_t buf_size, bool temps)
         url = u.string_get(&arena);
         if (url) {
           snprintf(p, buf_size, "[%s] ", url);
-          tmp = strlen(p);
-          p += tmp;
+          tmp      = strlen(p);
+          p        += tmp;
           buf_size -= tmp;
         }
       }
 
       if (temps || !(data[i].alternate.object_key_get() == zero_key)) {
         snprintf(p, buf_size, "[%d %s]", data[i].alternate.id_get(), CacheKey(data[i].alternate.object_key_get()).toHexStr(buf));
-        tmp = strlen(p);
-        p += tmp;
+        tmp      = strlen(p);
+        p        += tmp;
         buf_size -= tmp;
       }
     }
@@ -186,8 +186,8 @@ CacheHTTPInfoVector::marshal(char *buf, int length)
 
   for (int i = 0; i < xcount; i++) {
     int tmp = data[i].alternate.marshal(buf, length);
-    length -= tmp;
-    buf += tmp;
+    length  -= tmp;
+    buf     += tmp;
     count++;
   }
 
@@ -212,7 +212,7 @@ CacheHTTPInfoVector::unmarshal(const char *buf, int length, RefCountObj *block_p
       return -1;
     }
     info.m_alt = (HTTPCacheAlt *)buf;
-    buf += tmp;
+    buf        += tmp;
 
     data(xcount).alternate = info;
     xcount++;
diff --git a/iocore/cache/CachePages.cc b/iocore/cache/CachePages.cc
index 651499ce32c..06741388059 100644
--- a/iocore/cache/CachePages.cc
+++ b/iocore/cache/CachePages.cc
@@ -164,7 +164,7 @@ struct ShowCache : public ShowCont {
   }
 };
 
-#define STREQ_PREFIX(_x, _s) (!strncasecmp(_x, _s, sizeof(_s) - 1))
+#define STREQ_PREFIX(_x, _s)         (!strncasecmp(_x, _s, sizeof(_s) - 1))
 #define STREQ_LEN_PREFIX(_x, _l, _s) (path_len < sizeof(_s) && !strncasecmp(_x, _s, sizeof(_s) - 1))
 
 Action *
@@ -385,10 +385,10 @@ ShowCache::handleCacheEvent(int event, Event *e)
         CHECK_SHOW(show("<tr><td>Request Header</td><td><PRE>"));
         offset = 0;
         do {
-          used = 0;
-          tmp  = offset;
-          done = cached_request->print(b, 4095, &used, &tmp);
-          offset += used;
+          used    = 0;
+          tmp     = offset;
+          done    = cached_request->print(b, 4095, &used, &tmp);
+          offset  += used;
           b[used] = '\0';
           CHECK_SHOW(show("%s", b));
         } while (!done);
@@ -398,10 +398,10 @@ ShowCache::handleCacheEvent(int event, Event *e)
         CHECK_SHOW(show("<tr><td>Response Header</td><td><PRE>"));
         offset = 0;
         do {
-          used = 0;
-          tmp  = offset;
-          done = cached_response->print(b, 4095, &used, &tmp);
-          offset += used;
+          used    = 0;
+          tmp     = offset;
+          done    = cached_response->print(b, 4095, &used, &tmp);
+          offset  += used;
           b[used] = '\0';
           CHECK_SHOW(show("%s", b));
         } while (!done);
diff --git a/iocore/cache/CachePagesInternal.cc b/iocore/cache/CachePagesInternal.cc
index f4c8cb19f4e..9f0f0ecf1c4 100644
--- a/iocore/cache/CachePagesInternal.cc
+++ b/iocore/cache/CachePagesInternal.cc
@@ -56,7 +56,7 @@ extern Vol **gvol;
 // Stat Pages
 ShowCacheInternal *theshowcacheInternal = nullptr;
 
-#define STREQ_PREFIX(_x, _s) (!strncasecmp(_x, _s, sizeof(_s) - 1))
+#define STREQ_PREFIX(_x, _s)         (!strncasecmp(_x, _s, sizeof(_s) - 1))
 #define STREQ_LEN_PREFIX(_x, _l, _s) (path_len < sizeof(_s) && !strncasecmp(_x, _s, sizeof(_s) - 1))
 
 Action *
diff --git a/iocore/cache/CacheRead.cc b/iocore/cache/CacheRead.cc
index 6b15fc9eabf..eb53637c5cf 100644
--- a/iocore/cache/CacheRead.cc
+++ b/iocore/cache/CacheRead.cc
@@ -777,7 +777,7 @@ CacheVC::openReadMain(int /* event ATS_UNUSED */, Event * /* e ATS_UNUSED */)
   b->_buf_end = b->_end;
   vio.buffer.writer()->append_block(b);
   vio.ndone += bytes;
-  doc_pos += bytes;
+  doc_pos   += bytes;
   if (vio.ntodo() <= 0) {
     return calluser(VC_EVENT_READ_COMPLETE);
   } else {
@@ -1137,9 +1137,10 @@ CacheVC::openReadStartHead(int event, Event *e)
                "first alt=%d[%s]",
                key.slice32(0), uml, doc->hlen, doc->len, sizeof(Doc), doc->v_major, doc->v_minor, vector.count(), alt_length,
                alt->m_magic,
-               (CACHE_ALT_MAGIC_ALIVE == alt->m_magic ?
-                  "alive" :
-                  CACHE_ALT_MAGIC_MARSHALED == alt->m_magic ? "serial" : CACHE_ALT_MAGIC_DEAD == alt->m_magic ? "dead" : "bogus"));
+               (CACHE_ALT_MAGIC_ALIVE == alt->m_magic     ? "alive" :
+                CACHE_ALT_MAGIC_MARSHALED == alt->m_magic ? "serial" :
+                CACHE_ALT_MAGIC_DEAD == alt->m_magic      ? "dead" :
+                                                            "bogus"));
           dir_delete(&key, vol, &dir);
         }
         err = ECACHE_BAD_META_DATA;
diff --git a/iocore/cache/CacheTest.cc b/iocore/cache/CacheTest.cc
index f1d50fd7e48..9e4a5b90b7d 100644
--- a/iocore/cache/CacheTest.cc
+++ b/iocore/cache/CacheTest.cc
@@ -219,8 +219,8 @@ CacheTestSM::fill_buffer()
 {
   int64_t avail = buffer->write_avail();
   CacheKey k    = key;
-  k.b[1] += content_salt;
-  int64_t sk = static_cast<int64_t>(sizeof(key));
+  k.b[1]        += content_salt;
+  int64_t sk    = static_cast<int64_t>(sizeof(key));
   while (avail > 0) {
     int64_t l = avail;
     if (l > sk) {
@@ -246,7 +246,7 @@ CacheTestSM::check_buffer()
 {
   int64_t avail = buffer_reader->read_avail();
   CacheKey k    = key;
-  k.b[1] += content_salt;
+  k.b[1]        += content_salt;
   char b[sizeof(key)];
   int64_t sk  = static_cast<int64_t>(sizeof(key));
   int64_t pos = cvio->ndone - buffer_reader->read_avail();
@@ -266,7 +266,7 @@ CacheTestSM::check_buffer()
       return 0;
     }
     buffer_reader->consume(l);
-    pos += l;
+    pos   += l;
     avail -= l;
   }
   return 1;
diff --git a/iocore/cache/CacheVol.cc b/iocore/cache/CacheVol.cc
index 9d45c88002e..c4e8006e2d9 100644
--- a/iocore/cache/CacheVol.cc
+++ b/iocore/cache/CacheVol.cc
@@ -23,7 +23,7 @@
 
 #include "P_Cache.h"
 
-#define SCAN_BUF_SIZE RECOVERY_SIZE
+#define SCAN_BUF_SIZE              RECOVERY_SIZE
 #define SCAN_WRITER_LOCK_MAX_RETRY 5
 
 Action *
@@ -211,9 +211,9 @@ CacheVC::scanObject(int /* event ATS_UNUSED */, Event * /* e ATS_UNUSED */)
   // If there is data in the buffer before the start that is from a partial object read previously
   // Fix things as if we read it this time.
   if (scan_fix_buffer_offset) {
-    io.aio_result += scan_fix_buffer_offset;
-    io.aiocb.aio_nbytes += scan_fix_buffer_offset;
-    io.aiocb.aio_offset -= scan_fix_buffer_offset;
+    io.aio_result          += scan_fix_buffer_offset;
+    io.aiocb.aio_nbytes    += scan_fix_buffer_offset;
+    io.aiocb.aio_offset    -= scan_fix_buffer_offset;
     io.aiocb.aio_buf       = static_cast<char *>(io.aiocb.aio_buf) - scan_fix_buffer_offset;
     scan_fix_buffer_offset = 0;
   }
@@ -351,7 +351,7 @@ CacheVC::scanObject(int /* event ATS_UNUSED */, Event * /* e ATS_UNUSED */)
     off_t partial_object_len = io.aiocb.aio_nbytes - (reinterpret_cast<char *>(doc) - buf->data());
     // Copy partial object to beginning of the buffer.
     memmove(buf->data(), reinterpret_cast<char *>(doc), partial_object_len);
-    io.aiocb.aio_offset += io.aiocb.aio_nbytes;
+    io.aiocb.aio_offset    += io.aiocb.aio_nbytes;
     io.aiocb.aio_nbytes    = SCAN_BUF_SIZE - partial_object_len;
     io.aiocb.aio_buf       = buf->data() + partial_object_len;
     scan_fix_buffer_offset = partial_object_len;
diff --git a/iocore/cache/CacheWrite.cc b/iocore/cache/CacheWrite.cc
index b59fe7b6633..5e32aed8a30 100644
--- a/iocore/cache/CacheWrite.cc
+++ b/iocore/cache/CacheWrite.cc
@@ -23,9 +23,9 @@
 
 #include "P_Cache.h"
 
-#define UINT_WRAP_LTE(_x, _y) (((_y) - (_x)) < INT_MAX) // exploit overflow
-#define UINT_WRAP_GTE(_x, _y) (((_x) - (_y)) < INT_MAX) // exploit overflow
-#define UINT_WRAP_LT(_x, _y) (((_x) - (_y)) >= INT_MAX) // exploit overflow
+#define UINT_WRAP_LTE(_x, _y) (((_y) - (_x)) < INT_MAX)  // exploit overflow
+#define UINT_WRAP_GTE(_x, _y) (((_x) - (_y)) < INT_MAX)  // exploit overflow
+#define UINT_WRAP_LT(_x, _y)  (((_x) - (_y)) >= INT_MAX) // exploit overflow
 
 // Given a key, finds the index of the alternate which matches
 // used to get the alternate which is actually present in the document
@@ -226,9 +226,9 @@ CacheVC::handleWrite(int event, Event * /* e ATS_UNUSED */)
 
   set_agg_write_in_progress();
   POP_HANDLER;
-  agg_len = vol->round_to_approx_size(write_len + header_len + frag_len + sizeof(Doc));
+  agg_len            = vol->round_to_approx_size(write_len + header_len + frag_len + sizeof(Doc));
   vol->agg_todo_size += agg_len;
-  bool agg_error = (agg_len > AGG_SIZE || header_len + sizeof(Doc) > MAX_FRAG_SIZE ||
+  bool agg_error     = (agg_len > AGG_SIZE || header_len + sizeof(Doc) > MAX_FRAG_SIZE ||
                     (!f.readers && (vol->agg_todo_size > cache_config_agg_write_backlog + AGG_SIZE) && write_len));
 #ifdef CACHE_AGG_FAIL_RATE
   agg_error = agg_error || ((uint32_t)mutex->thread_holding->generator.random() < (uint32_t)(UINT_MAX * CACHE_AGG_FAIL_RATE));
@@ -240,7 +240,7 @@ CacheVC::handleWrite(int event, Event * /* e ATS_UNUSED */)
     CACHE_INCREMENT_DYN_STAT(cache_write_backlog_failure_stat);
     CACHE_INCREMENT_DYN_STAT(base_stat + CACHE_STAT_FAILURE);
     vol->agg_todo_size -= agg_len;
-    io.aio_result = AIO_SOFT_FAILURE;
+    io.aio_result      = AIO_SOFT_FAILURE;
     if (event == EVENT_CALL) {
       return EVENT_RETURN;
     }
@@ -266,7 +266,7 @@ iobufferblock_memcpy(char *p, int len, IOBufferBlock *ab, int offset)
     char *start   = b->_start;
     char *end     = b->_end;
     int max_bytes = end - start;
-    max_bytes -= offset;
+    max_bytes     -= offset;
     if (max_bytes <= 0) {
       offset = -max_bytes;
       b      = b->next.get();
@@ -277,8 +277,8 @@ iobufferblock_memcpy(char *p, int len, IOBufferBlock *ab, int offset)
       bytes = max_bytes;
     }
     ::memcpy(p, start + offset, bytes);
-    p += bytes;
-    len -= bytes;
+    p      += bytes;
+    len    -= bytes;
     b      = b->next.get();
     offset = 0;
   }
@@ -369,7 +369,7 @@ Vol::aggWriteDone(int event, Event *e)
   }
   if (io.ok()) {
     header->last_write_pos = header->write_pos;
-    header->write_pos += io.aiocb.aio_nbytes;
+    header->write_pos      += io.aiocb.aio_nbytes;
     ink_assert(header->write_pos >= start);
     DDebug("cache_agg", "Dir %s, Write: %" PRIu64 ", last Write: %" PRIu64 "", hash_text.get(), header->write_pos,
            header->last_write_pos);
@@ -533,7 +533,7 @@ CacheVC::evacuateDocDone(int /* event ATS_UNUSED */, Event * /* e ATS_UNUSED */)
           Dir dir_tmp;
           dir_lookaside_probe(&evac->earliest_key, vol, &dir_tmp, &eblock);
           if (eblock) {
-            CacheVC *earliest_evac = eblock->earliest_evacuator;
+            CacheVC *earliest_evac   = eblock->earliest_evacuator;
             earliest_evac->total_len += doc->data_len();
             if (earliest_evac->total_len == earliest_evac->doc_len) {
               dir_lookaside_fixup(&evac->earliest_key, vol);
@@ -569,7 +569,7 @@ CacheVC::evacuateDocDone(int /* event ATS_UNUSED */, Event * /* e ATS_UNUSED */)
           DDebug("cache_evac", "evacuating earliest: %X %d", (int)doc->key.slice32(0), (int)dir_offset(&overwrite_dir));
           ink_assert(dir_compare_tag(&overwrite_dir, &doc->key));
           ink_assert(b->earliest_evacuator == this);
-          total_len += doc->data_len();
+          total_len    += doc->data_len();
           first_key    = doc->first_key;
           earliest_dir = dir;
           if (dir_probe(&first_key, vol, &dir, &last_collision) > 0) {
@@ -633,7 +633,7 @@ Vol::evacuateWrite(CacheVC *evacuator, int event, Event *e)
   // push to front of aggregation write list, so it is written first
 
   evacuator->agg_len = round_to_approx_size((reinterpret_cast<Doc *>(evacuator->buf->data()))->len);
-  agg_todo_size += evacuator->agg_len;
+  agg_todo_size      += evacuator->agg_len;
   /* insert the evacuator after all the other evacuators */
   CacheVC *cur   = static_cast<CacheVC *>(agg.head);
   CacheVC *after = nullptr;
@@ -1043,8 +1043,8 @@ Vol::aggWrite(int event, void * /* e ATS_UNUSED */)
     int wrotelen = agg_copy(agg_buffer + agg_buf_pos, c);
     ink_assert(writelen == wrotelen);
     agg_todo_size -= writelen;
-    agg_buf_pos += writelen;
-    CacheVC *n = (CacheVC *)c->link.next;
+    agg_buf_pos   += writelen;
+    CacheVC *n    = (CacheVC *)c->link.next;
     agg.dequeue();
     if (c->f.sync && c->f.use_first_key) {
       CacheVC *last = sync.tail;
@@ -1451,11 +1451,11 @@ CacheVC::openWriteMain(int /* event ATS_UNUSED */, Event * /* e ATS_UNUSED */)
   int64_t avail       = total_avail;
   int64_t towrite     = avail + length;
   if (towrite > ntodo) {
-    avail -= (towrite - ntodo);
+    avail   -= (towrite - ntodo);
     towrite = ntodo;
   }
   if (towrite > static_cast<int>(MAX_FRAG_SIZE)) {
-    avail -= (towrite - MAX_FRAG_SIZE);
+    avail   -= (towrite - MAX_FRAG_SIZE);
     towrite = MAX_FRAG_SIZE;
   }
   if (!blocks && towrite) {
diff --git a/iocore/cache/I_Cache.h b/iocore/cache/I_Cache.h
index 5cdb1f604bc..c01a683ced4 100644
--- a/iocore/cache/I_Cache.h
+++ b/iocore/cache/I_Cache.h
@@ -31,19 +31,19 @@
 
 static constexpr ts::ModuleVersion CACHE_MODULE_VERSION(1, 0);
 
-#define CACHE_WRITE_OPT_OVERWRITE 0x0001
+#define CACHE_WRITE_OPT_OVERWRITE      0x0001
 #define CACHE_WRITE_OPT_CLOSE_COMPLETE 0x0002
-#define CACHE_WRITE_OPT_SYNC (CACHE_WRITE_OPT_CLOSE_COMPLETE | 0x0004)
+#define CACHE_WRITE_OPT_SYNC           (CACHE_WRITE_OPT_CLOSE_COMPLETE | 0x0004)
 #define CACHE_WRITE_OPT_OVERWRITE_SYNC (CACHE_WRITE_OPT_SYNC | CACHE_WRITE_OPT_OVERWRITE)
 
 #define SCAN_KB_PER_SECOND 8192 // 1TB/8MB = 131072 = 36 HOURS to scan a TB
 
 #define RAM_CACHE_ALGORITHM_CLFUS 0
-#define RAM_CACHE_ALGORITHM_LRU 1
+#define RAM_CACHE_ALGORITHM_LRU   1
 
-#define CACHE_COMPRESSION_NONE 0
-#define CACHE_COMPRESSION_FASTLZ 1
-#define CACHE_COMPRESSION_LIBZ 2
+#define CACHE_COMPRESSION_NONE    0
+#define CACHE_COMPRESSION_FASTLZ  1
+#define CACHE_COMPRESSION_LIBZ    2
 #define CACHE_COMPRESSION_LIBLZMA 3
 
 enum { RAM_HIT_COMPRESS_NONE = 1, RAM_HIT_COMPRESS_FASTLZ, RAM_HIT_COMPRESS_LIBZ, RAM_HIT_COMPRESS_LIBLZMA, RAM_HIT_LAST_ENTRY };
diff --git a/iocore/cache/I_CacheDefs.h b/iocore/cache/I_CacheDefs.h
index b8dfd5c3bd6..8d7bf98b8a9 100644
--- a/iocore/cache/I_CacheDefs.h
+++ b/iocore/cache/I_CacheDefs.h
@@ -25,12 +25,12 @@
 
 #include "tscore/CryptoHash.h"
 
-#define CACHE_INIT_FAILED -1
+#define CACHE_INIT_FAILED  -1
 #define CACHE_INITIALIZING 0
-#define CACHE_INITIALIZED 1
+#define CACHE_INITIALIZED  1
 
 #define CACHE_ALT_INDEX_DEFAULT -1
-#define CACHE_ALT_REMOVED -2
+#define CACHE_ALT_REMOVED       -2
 
 static const uint8_t CACHE_DB_MAJOR_VERSION = 24;
 static const uint8_t CACHE_DB_MINOR_VERSION = 2;
@@ -45,19 +45,19 @@ static const uint8_t CACHE_DIR_MINOR_VERSION = 0;
 #define CACHE_DB_FDS 128
 
 // opcodes
-#define CACHE_OPEN_READ 1
-#define CACHE_OPEN_READ_BUFFER 2
-#define CACHE_OPEN_READ_LONG 3
-#define CACHE_OPEN_READ_BUFFER_LONG 4
-#define CACHE_OPEN_WRITE 5
-#define CACHE_OPEN_WRITE_BUFFER 6
-#define CACHE_OPEN_WRITE_LONG 7
+#define CACHE_OPEN_READ              1
+#define CACHE_OPEN_READ_BUFFER       2
+#define CACHE_OPEN_READ_LONG         3
+#define CACHE_OPEN_READ_BUFFER_LONG  4
+#define CACHE_OPEN_WRITE             5
+#define CACHE_OPEN_WRITE_BUFFER      6
+#define CACHE_OPEN_WRITE_LONG        7
 #define CACHE_OPEN_WRITE_BUFFER_LONG 8
-#define CACHE_UPDATE 9
-#define CACHE_REMOVE 10
-#define CACHE_LINK 11
-#define CACHE_DEREF 12
-#define CACHE_LOOKUP_OP 13
+#define CACHE_UPDATE                 9
+#define CACHE_REMOVE                 10
+#define CACHE_LINK                   11
+#define CACHE_DEREF                  12
+#define CACHE_LOOKUP_OP              13
 
 enum CacheType {
   CACHE_NONE_TYPE = 0, // for empty disk fragments
@@ -130,7 +130,7 @@ struct HttpCacheKey {
 };
 
 #define CACHE_ALLOW_MULTIPLE_WRITES 1
-#define CACHE_EXPECTED_SIZE 32768
+#define CACHE_EXPECTED_SIZE         32768
 
 /* uses of the CacheKey
    word(0) - cache partition segment
diff --git a/iocore/cache/I_Store.h b/iocore/cache/I_Store.h
index dc0b4e12e43..c32f02e7627 100644
--- a/iocore/cache/I_Store.h
+++ b/iocore/cache/I_Store.h
@@ -33,8 +33,8 @@
 #include "tscore/ink_platform.h"
 #include "tscore/Result.h"
 
-#define STORE_BLOCK_SIZE 8192
-#define STORE_BLOCK_SHIFT 13
+#define STORE_BLOCK_SIZE       8192
+#define STORE_BLOCK_SHIFT      13
 #define DEFAULT_HW_SECTOR_SIZE 512
 
 enum span_error_t {
diff --git a/iocore/cache/P_CacheDir.h b/iocore/cache/P_CacheDir.h
index b83e6111ab6..267912472f5 100644
--- a/iocore/cache/P_CacheDir.h
+++ b/iocore/cache/P_CacheDir.h
@@ -35,31 +35,31 @@ struct CacheVC;
 
 // Constants
 
-#define DIR_TAG_WIDTH 12
-#define DIR_MASK_TAG(_t) ((_t) & ((1 << DIR_TAG_WIDTH) - 1))
-#define SIZEOF_DIR 10
+#define DIR_TAG_WIDTH         12
+#define DIR_MASK_TAG(_t)      ((_t) & ((1 << DIR_TAG_WIDTH) - 1))
+#define SIZEOF_DIR            10
 #define ESTIMATED_OBJECT_SIZE 8000
 
-#define MAX_DIR_SEGMENTS (32 * (1 << 16))
-#define DIR_DEPTH 4
+#define MAX_DIR_SEGMENTS        (32 * (1 << 16))
+#define DIR_DEPTH               4
 #define MAX_ENTRIES_PER_SEGMENT (1 << 16)
 #define MAX_BUCKETS_PER_SEGMENT (MAX_ENTRIES_PER_SEGMENT / DIR_DEPTH)
-#define DIR_SIZE_WIDTH 6
-#define DIR_BLOCK_SIZES 4
-#define DIR_BLOCK_SHIFT(_i) (3 * (_i))
-#define DIR_BLOCK_SIZE(_i) (CACHE_BLOCK_SIZE << DIR_BLOCK_SHIFT(_i))
+#define DIR_SIZE_WIDTH          6
+#define DIR_BLOCK_SIZES         4
+#define DIR_BLOCK_SHIFT(_i)     (3 * (_i))
+#define DIR_BLOCK_SIZE(_i)      (CACHE_BLOCK_SIZE << DIR_BLOCK_SHIFT(_i))
 #define DIR_SIZE_WITH_BLOCK(_i) ((1 << DIR_SIZE_WIDTH) * DIR_BLOCK_SIZE(_i))
-#define DIR_OFFSET_BITS 40
-#define DIR_OFFSET_MAX ((((off_t)1) << DIR_OFFSET_BITS) - 1)
+#define DIR_OFFSET_BITS         40
+#define DIR_OFFSET_MAX          ((((off_t)1) << DIR_OFFSET_BITS) - 1)
 
-#define SYNC_MAX_WRITE (2 * 1024 * 1024)
-#define SYNC_DELAY HRTIME_MSECONDS(500)
+#define SYNC_MAX_WRITE     (2 * 1024 * 1024)
+#define SYNC_DELAY         HRTIME_MSECONDS(500)
 #define DO_NOT_REMOVE_THIS 0
 
 // Debugging Options
 
-//#define DO_CHECK_DIR_FAST
-//#define DO_CHECK_DIR
+// #define DO_CHECK_DIR_FAST
+// #define DO_CHECK_DIR
 
 // Macros
 
@@ -92,7 +92,7 @@ struct CacheVC;
 #define dir_write_valid(_d, _e) \
   (_d->header->phase == dir_phase(_e) ? vol_in_phase_valid(_d, _e) : vol_out_of_phase_write_valid(_d, _e))
 #define dir_agg_buf_valid(_d, _e) (_d->header->phase == dir_phase(_e) && _d->vol_in_phase_agg_buf_valid(_e))
-#define dir_is_empty(_e) (!dir_offset(_e))
+#define dir_is_empty(_e)          (!dir_offset(_e))
 #define dir_clear(_e) \
   do {                \
     (_e)->w[0] = 0;   \
@@ -124,15 +124,15 @@ struct Dir {
   // USE MACROS TO PREVENT UNALIGNED LOADS
   // bits are numbered from lowest in u16 to highest
   // always index as u16 to avoid byte order issues
-  unsigned int offset : 24;      // (0,1:0-7) 16M * 512 = 8GB
-  unsigned int big : 2;          // (1:8-9) 512 << (3 * big)
-  unsigned int size : 6;         // (1:10-15) 6**2 = 64, 64*512 = 32768 .. 64*256=16MB
-  unsigned int tag : 12;         // (2:0-11) 2048 / 8 entries/bucket = .4%
-  unsigned int phase : 1;        // (2:12)
-  unsigned int head : 1;         // (2:13) first segment in a document
-  unsigned int pinned : 1;       // (2:14)
-  unsigned int token : 1;        // (2:15)
-  unsigned int next : 16;        // (3)
+  unsigned int offset      : 24; // (0,1:0-7) 16M * 512 = 8GB
+  unsigned int big         : 2;  // (1:8-9) 512 << (3 * big)
+  unsigned int size        : 6;  // (1:10-15) 6**2 = 64, 64*512 = 32768 .. 64*256=16MB
+  unsigned int tag         : 12; // (2:0-11) 2048 / 8 entries/bucket = .4%
+  unsigned int phase       : 1;  // (2:12)
+  unsigned int head        : 1;  // (2:13) first segment in a document
+  unsigned int pinned      : 1;  // (2:14)
+  unsigned int token       : 1;  // (2:15)
+  unsigned int next        : 16; // (3)
   unsigned int offset_high : 16; // 8GB * 65k = 0.5PB (4)
 #else
   uint16_t w[5];
@@ -146,10 +146,10 @@ struct FreeDir {
 #if DO_NOT_REMOVE_THIS
   // THE BIT-FIELD INTERPRETATION OF THIS STRUCT WHICH HAS TO
   // USE MACROS TO PREVENT UNALIGNED LOADS
-  unsigned int offset : 24; // 0: empty
-  unsigned int reserved : 8;
-  unsigned int prev : 16;        // (2)
-  unsigned int next : 16;        // (3)
+  unsigned int offset      : 24; // 0: empty
+  unsigned int reserved    : 8;
+  unsigned int prev        : 16; // (2)
+  unsigned int next        : 16; // (3)
   unsigned int offset_high : 16; // 0: empty
 #else
   uint16_t w[5];
@@ -165,12 +165,12 @@ struct FreeDir {
     (_e)->w[1] = (uint16_t)((((_o) >> 16) & 0xFF) | ((_e)->w[1] & 0xFF00)); \
     (_e)->w[4] = (uint16_t)((_o) >> 24);                                    \
   } while (0)
-#define dir_bit(_e, _w, _b) ((uint32_t)(((_e)->w[_w] >> (_b)) & 1))
+#define dir_bit(_e, _w, _b)         ((uint32_t)(((_e)->w[_w] >> (_b)) & 1))
 #define dir_set_bit(_e, _w, _b, _v) (_e)->w[_w] = (uint16_t)(((_e)->w[_w] & ~(1 << (_b))) | (((_v) ? 1 : 0) << (_b)))
-#define dir_big(_e) ((uint32_t)((((_e)->w[1]) >> 8) & 0x3))
-#define dir_set_big(_e, _v) (_e)->w[1] = (uint16_t)(((_e)->w[1] & 0xFCFF) | (((uint16_t)(_v)) & 0x3) << 8)
-#define dir_size(_e) ((uint32_t)(((_e)->w[1]) >> 10))
-#define dir_set_size(_e, _v) (_e)->w[1] = (uint16_t)(((_e)->w[1] & ((1 << 10) - 1)) | ((_v) << 10))
+#define dir_big(_e)                 ((uint32_t)((((_e)->w[1]) >> 8) & 0x3))
+#define dir_set_big(_e, _v)         (_e)->w[1] = (uint16_t)(((_e)->w[1] & 0xFCFF) | (((uint16_t)(_v)) & 0x3) << 8)
+#define dir_size(_e)                ((uint32_t)(((_e)->w[1]) >> 10))
+#define dir_set_size(_e, _v)        (_e)->w[1] = (uint16_t)(((_e)->w[1] & ((1 << 10) - 1)) | ((_v) << 10))
 #define dir_set_approx_size(_e, _s)                   \
   do {                                                \
     if ((_s) <= DIR_SIZE_WITH_BLOCK(0)) {             \
@@ -197,16 +197,16 @@ struct FreeDir {
 #define dir_tag(_e) ((uint32_t)((_e)->w[2] & ((1 << DIR_TAG_WIDTH) - 1)))
 #define dir_set_tag(_e, _t) \
   (_e)->w[2] = (uint16_t)(((_e)->w[2] & ~((1 << DIR_TAG_WIDTH) - 1)) | ((_t) & ((1 << DIR_TAG_WIDTH) - 1)))
-#define dir_phase(_e) dir_bit(_e, 2, 12)
-#define dir_set_phase(_e, _v) dir_set_bit(_e, 2, 12, _v)
-#define dir_head(_e) dir_bit(_e, 2, 13)
-#define dir_set_head(_e, _v) dir_set_bit(_e, 2, 13, _v)
-#define dir_pinned(_e) dir_bit(_e, 2, 14)
+#define dir_phase(_e)          dir_bit(_e, 2, 12)
+#define dir_set_phase(_e, _v)  dir_set_bit(_e, 2, 12, _v)
+#define dir_head(_e)           dir_bit(_e, 2, 13)
+#define dir_set_head(_e, _v)   dir_set_bit(_e, 2, 13, _v)
+#define dir_pinned(_e)         dir_bit(_e, 2, 14)
 #define dir_set_pinned(_e, _v) dir_set_bit(_e, 2, 14, _v)
 // Bit 2:15 is unused.
-#define dir_next(_e) (_e)->w[3]
+#define dir_next(_e)         (_e)->w[3]
 #define dir_set_next(_e, _o) (_e)->w[3] = (uint16_t)(_o)
-#define dir_prev(_e) (_e)->w[2]
+#define dir_prev(_e)         (_e)->w[2]
 #define dir_set_prev(_e, _o) (_e)->w[2] = (uint16_t)(_o)
 
 // INKqa11166 - Cache can not store 2 HTTP alternates simultaneously.
diff --git a/iocore/cache/P_CacheDisk.h b/iocore/cache/P_CacheDisk.h
index 134a57231ee..30bea53adc0 100644
--- a/iocore/cache/P_CacheDisk.h
+++ b/iocore/cache/P_CacheDisk.h
@@ -27,19 +27,19 @@
 
 extern int cache_config_max_disk_errors;
 
-#define DISK_BAD(_x) ((_x)->num_errors >= cache_config_max_disk_errors)
+#define DISK_BAD(_x)           ((_x)->num_errors >= cache_config_max_disk_errors)
 #define DISK_BAD_SIGNALLED(_x) (_x->num_errors > cache_config_max_disk_errors)
-#define SET_DISK_BAD(_x) (_x->num_errors = cache_config_max_disk_errors)
-#define SET_DISK_OKAY(_x) (_x->num_errors = 0)
+#define SET_DISK_BAD(_x)       (_x->num_errors = cache_config_max_disk_errors)
+#define SET_DISK_OKAY(_x)      (_x->num_errors = 0)
 
-#define VOL_BLOCK_SIZE (1024 * 1024 * 128)
-#define MIN_VOL_SIZE VOL_BLOCK_SIZE
-#define ROUND_DOWN_TO_VOL_BLOCK(_x) (((_x) & ~(VOL_BLOCK_SIZE - 1)))
-#define VOL_BLOCK_SHIFT 27
+#define VOL_BLOCK_SIZE                (1024 * 1024 * 128)
+#define MIN_VOL_SIZE                  VOL_BLOCK_SIZE
+#define ROUND_DOWN_TO_VOL_BLOCK(_x)   (((_x) & ~(VOL_BLOCK_SIZE - 1)))
+#define VOL_BLOCK_SHIFT               27
 #define ROUND_DOWN_TO_STORE_BLOCK(_x) (((_x) >> STORE_BLOCK_SHIFT) << STORE_BLOCK_SHIFT)
 
 #define STORE_BLOCKS_PER_VOL (VOL_BLOCK_SIZE / STORE_BLOCK_SIZE)
-#define DISK_HEADER_MAGIC 0xABCD1237
+#define DISK_HEADER_MAGIC    0xABCD1237
 
 /* each disk vol block has a corresponding Vol object */
 struct CacheDisk;
diff --git a/iocore/cache/P_CacheHosting.h b/iocore/cache/P_CacheHosting.h
index 6fe4887b4e8..7e13c72aaef 100644
--- a/iocore/cache/P_CacheHosting.h
+++ b/iocore/cache/P_CacheHosting.h
@@ -166,7 +166,7 @@ template <typename T> class ReplaceablePtr
     }
 
   private:
-    ScopedReader(const ScopedReader &) = delete;
+    ScopedReader(const ScopedReader &)            = delete;
     ScopedReader &operator=(const ScopedReader &) = delete;
 
     ReplaceablePtr<T> *ptr;
@@ -198,14 +198,14 @@ template <typename T> class ReplaceablePtr
     }
 
   private:
-    ScopedWriter(const ScopedWriter &) = delete;
+    ScopedWriter(const ScopedWriter &)            = delete;
     ScopedWriter &operator=(const ScopedWriter &) = delete;
 
     ReplaceablePtr<T> *ptr;
   };
 
 private:
-  ReplaceablePtr(const ReplaceablePtr &) = delete;
+  ReplaceablePtr(const ReplaceablePtr &)            = delete;
   ReplaceablePtr &operator=(const ReplaceablePtr &) = delete;
 
   std::unique_ptr<T> h = nullptr;
diff --git a/iocore/cache/P_CacheInternal.h b/iocore/cache/P_CacheInternal.h
index e6c25849e7f..b3bdda40bbb 100644
--- a/iocore/cache/P_CacheInternal.h
+++ b/iocore/cache/P_CacheInternal.h
@@ -404,7 +404,7 @@ struct CacheVC : public CacheVConnection {
   time_t get_pin_in_cache() override;
 
 // offsets from the base stat
-#define CACHE_STAT_ACTIVE 0
+#define CACHE_STAT_ACTIVE  0
 #define CACHE_STAT_SUCCESS 1
 #define CACHE_STAT_FAILURE 2
 
@@ -491,27 +491,27 @@ struct CacheVC : public CacheVConnection {
   union {
     uint32_t flags;
     struct {
-      unsigned int use_first_key : 1;
-      unsigned int overwrite : 1;      // overwrite first_key Dir if it exists
-      unsigned int close_complete : 1; // WRITE_COMPLETE is final
-      unsigned int sync : 1;           // write to be committed to durable storage before WRITE_COMPLETE
-      unsigned int evacuator : 1;
-      unsigned int single_fragment : 1;
-      unsigned int evac_vector : 1;
-      unsigned int lookup : 1;
-      unsigned int update : 1;
-      unsigned int remove : 1;
-      unsigned int remove_aborted_writers : 1;
-      unsigned int open_read_timeout : 1; // UNUSED
-      unsigned int data_done : 1;
+      unsigned int use_first_key           : 1;
+      unsigned int overwrite               : 1; // overwrite first_key Dir if it exists
+      unsigned int close_complete          : 1; // WRITE_COMPLETE is final
+      unsigned int sync                    : 1; // write to be committed to durable storage before WRITE_COMPLETE
+      unsigned int evacuator               : 1;
+      unsigned int single_fragment         : 1;
+      unsigned int evac_vector             : 1;
+      unsigned int lookup                  : 1;
+      unsigned int update                  : 1;
+      unsigned int remove                  : 1;
+      unsigned int remove_aborted_writers  : 1;
+      unsigned int open_read_timeout       : 1; // UNUSED
+      unsigned int data_done               : 1;
       unsigned int read_from_writer_called : 1;
-      unsigned int not_from_ram_cache : 1; // entire object was from ram cache
-      unsigned int rewrite_resident_alt : 1;
-      unsigned int readers : 1;
-      unsigned int doc_from_ram_cache : 1;
-      unsigned int hit_evacuate : 1;
-      unsigned int compressed_in_ram : 1; // compressed state in ram cache
-      unsigned int allow_empty_doc : 1;   // used for cache empty http document
+      unsigned int not_from_ram_cache      : 1; // entire object was from ram cache
+      unsigned int rewrite_resident_alt    : 1;
+      unsigned int readers                 : 1;
+      unsigned int doc_from_ram_cache      : 1;
+      unsigned int hit_evacuate            : 1;
+      unsigned int compressed_in_ram       : 1; // compressed state in ram cache
+      unsigned int allow_empty_doc         : 1; // used for cache empty http document
     } f;
   };
   // BTF optimization used to skip reading stuff in cache partition that doesn't contain any
@@ -971,7 +971,7 @@ int64_t cache_bytes_total();
 
 #ifdef DEBUG
 #define CACHE_DEBUG_INCREMENT_DYN_STAT(_x) CACHE_INCREMENT_DYN_STAT(_x)
-#define CACHE_DEBUG_SUM_DYN_STAT(_x, _y) CACHE_SUM_DYN_STAT(_x, _y)
+#define CACHE_DEBUG_SUM_DYN_STAT(_x, _y)   CACHE_SUM_DYN_STAT(_x, _y)
 #else
 #define CACHE_DEBUG_INCREMENT_DYN_STAT(_x)
 #define CACHE_DEBUG_SUM_DYN_STAT(_x, _y)
diff --git a/iocore/cache/P_CacheTest.h b/iocore/cache/P_CacheTest.h
index 40d797cdb18..9d21f8b640d 100644
--- a/iocore/cache/P_CacheTest.h
+++ b/iocore/cache/P_CacheTest.h
@@ -26,9 +26,9 @@
 #include "P_Cache.h"
 #include "RegressionSM.h"
 
-#define MAX_HOSTS_POSSIBLE 256
+#define MAX_HOSTS_POSSIBLE    256
 #define PINNED_DOC_TABLE_SIZE 16
-#define PINNED_DOC_TABLES 246
+#define PINNED_DOC_TABLES     246
 
 struct PinnedDocEntry {
   CacheKey key;
@@ -127,22 +127,24 @@ struct CacheTestSM : public RegressionSM {
 };
 
 // It is 2010 and C++ STILL doesn't have closures, a technology of the 1950s, unbelievable
-#define CACHE_SM(_t, _sm, _f)                                               \
-  struct CacheTestSM__##_sm : public CacheTestSM {                          \
-    void                                                                    \
-    make_request_internal() override _f                                     \
-                                                                            \
-      CacheTestSM__##_sm(RegressionTest *t)                                 \
-      : CacheTestSM(t, #_sm)                                                \
-    {                                                                       \
-    }                                                                       \
-                                                                            \
-    CacheTestSM__##_sm(const CacheTestSM__##_sm &xsm) : CacheTestSM(xsm) {} \
-    RegressionSM *                                                          \
-    clone() override                                                        \
-    {                                                                       \
-      return new CacheTestSM__##_sm(*this);                                 \
-    }                                                                       \
+#define CACHE_SM(_t, _sm, _f)                                            \
+  struct CacheTestSM__##_sm : public CacheTestSM {                       \
+    void                                                                 \
+    make_request_internal() override _f                                  \
+                                                                         \
+      CacheTestSM__##_sm(RegressionTest *t)                              \
+      : CacheTestSM(t, #_sm)                                             \
+    {                                                                    \
+    }                                                                    \
+                                                                         \
+    CacheTestSM__##_sm(const CacheTestSM__##_sm &xsm) : CacheTestSM(xsm) \
+    {                                                                    \
+    }                                                                    \
+    RegressionSM *                                                       \
+    clone() override                                                     \
+    {                                                                    \
+      return new CacheTestSM__##_sm(*this);                              \
+    }                                                                    \
   } _sm(_t);
 
 void force_link_CacheTest();
diff --git a/iocore/cache/P_CacheVol.h b/iocore/cache/P_CacheVol.h
index 3c7c5d9f3d3..d760f583da9 100644
--- a/iocore/cache/P_CacheVol.h
+++ b/iocore/cache/P_CacheVol.h
@@ -25,45 +25,45 @@
 
 #include <atomic>
 
-#define CACHE_BLOCK_SHIFT 9
-#define CACHE_BLOCK_SIZE (1 << CACHE_BLOCK_SHIFT) // 512, smallest sector size
+#define CACHE_BLOCK_SHIFT        9
+#define CACHE_BLOCK_SIZE         (1 << CACHE_BLOCK_SHIFT) // 512, smallest sector size
 #define ROUND_TO_STORE_BLOCK(_x) INK_ALIGN((_x), STORE_BLOCK_SIZE)
 #define ROUND_TO_CACHE_BLOCK(_x) INK_ALIGN((_x), CACHE_BLOCK_SIZE)
-#define ROUND_TO_SECTOR(_p, _x) INK_ALIGN((_x), _p->sector_size)
-#define ROUND_TO(_x, _y) INK_ALIGN((_x), (_y))
+#define ROUND_TO_SECTOR(_p, _x)  INK_ALIGN((_x), _p->sector_size)
+#define ROUND_TO(_x, _y)         INK_ALIGN((_x), (_y))
 
 // Vol (volumes)
-#define VOL_MAGIC 0xF1D0F00D
-#define START_BLOCKS 16 // 8k, STORE_BLOCK_SIZE
-#define START_POS ((off_t)START_BLOCKS * CACHE_BLOCK_SIZE)
-#define AGG_SIZE (4 * 1024 * 1024)     // 4MB
-#define AGG_HIGH_WATER (AGG_SIZE / 2)  // 2MB
-#define EVACUATION_SIZE (2 * AGG_SIZE) // 8MB
-#define MAX_VOL_SIZE ((off_t)512 * 1024 * 1024 * 1024 * 1024)
-#define MAX_VOL_BLOCKS (MAX_VOL_SIZE / CACHE_BLOCK_SIZE)
-#define MAX_FRAG_SIZE (AGG_SIZE - sizeof(Doc)) // true max
-#define LEAVE_FREE DEFAULT_MAX_BUFFER_SIZE
-#define PIN_SCAN_EVERY 16 // scan every 1/16 of disk
-#define VOL_HASH_TABLE_SIZE 32707
-#define VOL_HASH_EMPTY 0xFFFF
-#define VOL_HASH_ALLOC_SIZE (8 * 1024 * 1024) // one chance per this unit
-#define LOOKASIDE_SIZE 256
-#define EVACUATION_BUCKET_SIZE (2 * EVACUATION_SIZE) // 16MB
-#define RECOVERY_SIZE EVACUATION_SIZE                // 8MB
-#define AIO_NOT_IN_PROGRESS -1
-#define AIO_AGG_WRITE_IN_PROGRESS -2
-#define AUTO_SIZE_RAM_CACHE -1                               // 1-1 with directory size
+#define VOL_MAGIC                    0xF1D0F00D
+#define START_BLOCKS                 16 // 8k, STORE_BLOCK_SIZE
+#define START_POS                    ((off_t)START_BLOCKS * CACHE_BLOCK_SIZE)
+#define AGG_SIZE                     (4 * 1024 * 1024) // 4MB
+#define AGG_HIGH_WATER               (AGG_SIZE / 2)    // 2MB
+#define EVACUATION_SIZE              (2 * AGG_SIZE)    // 8MB
+#define MAX_VOL_SIZE                 ((off_t)512 * 1024 * 1024 * 1024 * 1024)
+#define MAX_VOL_BLOCKS               (MAX_VOL_SIZE / CACHE_BLOCK_SIZE)
+#define MAX_FRAG_SIZE                (AGG_SIZE - sizeof(Doc)) // true max
+#define LEAVE_FREE                   DEFAULT_MAX_BUFFER_SIZE
+#define PIN_SCAN_EVERY               16 // scan every 1/16 of disk
+#define VOL_HASH_TABLE_SIZE          32707
+#define VOL_HASH_EMPTY               0xFFFF
+#define VOL_HASH_ALLOC_SIZE          (8 * 1024 * 1024) // one chance per this unit
+#define LOOKASIDE_SIZE               256
+#define EVACUATION_BUCKET_SIZE       (2 * EVACUATION_SIZE) // 16MB
+#define RECOVERY_SIZE                EVACUATION_SIZE       // 8MB
+#define AIO_NOT_IN_PROGRESS          -1
+#define AIO_AGG_WRITE_IN_PROGRESS    -2
+#define AUTO_SIZE_RAM_CACHE          -1                      // 1-1 with directory size
 #define DEFAULT_TARGET_FRAGMENT_SIZE (1048576 - sizeof(Doc)) // 1MB
 
 #define dir_offset_evac_bucket(_o) (_o / (EVACUATION_BUCKET_SIZE / CACHE_BLOCK_SIZE))
-#define dir_evac_bucket(_e) dir_offset_evac_bucket(dir_offset(_e))
+#define dir_evac_bucket(_e)        dir_offset_evac_bucket(dir_offset(_e))
 #define offset_evac_bucket(_d, _o) \
   dir_offset_evac_bucket((_d->offset_to_vol_offset(_o)
 
 // Documents
 
-#define DOC_MAGIC ((uint32_t)0x5F129B13)
-#define DOC_CORRUPT ((uint32_t)0xDEADBABE)
+#define DOC_MAGIC       ((uint32_t)0x5F129B13)
+#define DOC_CORRUPT     ((uint32_t)0xDEADBABE)
 #define DOC_NO_CHECKSUM ((uint32_t)0xA0B0C0D0)
 
 struct Cache;
@@ -102,10 +102,10 @@ struct EvacuationBlock {
   union {
     unsigned int init;
     struct {
-      unsigned int done : 1;          // has been evacuated
-      unsigned int pinned : 1;        // check pinning timeout
+      unsigned int done          : 1; // has been evacuated
+      unsigned int pinned        : 1; // check pinning timeout
       unsigned int evacuate_head : 1; // check pinning timeout
-      unsigned int unused : 29;
+      unsigned int unused        : 29;
     } f;
   };
 
@@ -291,9 +291,9 @@ struct Doc {
 #endif
   uint32_t hlen;         ///< Length of this header.
   uint32_t doc_type : 8; ///< Doc type - indicates the format of this structure and its content.
-  uint32_t v_major : 8;  ///< Major version number.
-  uint32_t v_minor : 8;  ///< Minor version number.
-  uint32_t unused : 8;   ///< Unused, forced to zero.
+  uint32_t v_major  : 8; ///< Major version number.
+  uint32_t v_minor  : 8; ///< Minor version number.
+  uint32_t unused   : 8; ///< Unused, forced to zero.
   uint32_t sync_serial;
   uint32_t write_serial;
   uint32_t pinned; // pinned until
diff --git a/iocore/cache/RamCacheCLFUS.cc b/iocore/cache/RamCacheCLFUS.cc
index d939091cb31..803cb69abb2 100644
--- a/iocore/cache/RamCacheCLFUS.cc
+++ b/iocore/cache/RamCacheCLFUS.cc
@@ -35,18 +35,18 @@
 #endif
 
 #define REQUIRED_COMPRESSION 0.9 // must get to this size or declared incompressible
-#define REQUIRED_SHRINK 0.8      // must get to this size or keep original buffer (with padding)
-#define HISTORY_HYSTERIA 10      // extra temporary history
-#define ENTRY_OVERHEAD 256       // per-entry overhead to consider when computing cache value/size
-#define LZMA_BASE_MEMLIMIT (64 * 1024 * 1024)
-//#define CHECK_ACOUNTING 1 // very expensive double checking of all sizes
+#define REQUIRED_SHRINK      0.8 // must get to this size or keep original buffer (with padding)
+#define HISTORY_HYSTERIA     10  // extra temporary history
+#define ENTRY_OVERHEAD       256 // per-entry overhead to consider when computing cache value/size
+#define LZMA_BASE_MEMLIMIT   (64 * 1024 * 1024)
+// #define CHECK_ACOUNTING 1 // very expensive double checking of all sizes
 
-#define REQUEUE_HITS(_h) ((_h) ? ((_h)-1) : 0)
+#define REQUEUE_HITS(_h)              ((_h) ? ((_h)-1) : 0)
 #define CACHE_VALUE_HITS_SIZE(_h, _s) ((float)((_h) + 1) / ((_s) + ENTRY_OVERHEAD))
-#define CACHE_VALUE(_x) CACHE_VALUE_HITS_SIZE((_x)->hits, (_x)->size)
+#define CACHE_VALUE(_x)               CACHE_VALUE_HITS_SIZE((_x)->hits, (_x)->size)
 
 #define AVERAGE_VALUE_OVER 100
-#define REQUEUE_LIMIT 100
+#define REQUEUE_LIMIT      100
 
 struct RamCacheCLFUSEntry {
   CryptoHash key;
@@ -57,10 +57,10 @@ struct RamCacheCLFUSEntry {
   uint32_t compressed_len;
   union {
     struct {
-      uint32_t compressed : 3; // compression type
+      uint32_t compressed     : 3; // compression type
       uint32_t incompressible : 1;
-      uint32_t lru : 1;
-      uint32_t copy : 1; // copy-in-copy-out
+      uint32_t lru            : 1;
+      uint32_t copy           : 1; // copy-in-copy-out
     } flag_bits;
     uint32_t flags;
   };
@@ -219,7 +219,7 @@ check_accounting(RamCacheCLFUS *c)
   while (y) {
     x++;
     xsize += y->size + ENTRY_OVERHEAD;
-    y = y->lru_link.next;
+    y     = y->lru_link.next;
   }
   y = c->lru[1].head;
   while (y) {
@@ -294,7 +294,7 @@ RamCacheCLFUS::get(CryptoHash *key, Ptr<IOBufferData> *ret_data, uint64_t auxkey
           data->_mem_type    = DEFAULT_ALLOC;
           if (!e->flag_bits.copy) { // don't bother if we have to copy anyway
             int64_t delta = (static_cast<int64_t>(e->compressed_len)) - static_cast<int64_t>(e->size);
-            this->_bytes += delta;
+            this->_bytes  += delta;
             CACHE_SUM_DYN_STAT_THREAD(cache_ram_cache_bytes_stat, delta);
             e->size = e->compressed_len;
             check_accounting(this);
@@ -527,7 +527,7 @@ RamCacheCLFUS::compress_entries(EThread *thread, int do_at_most)
         ats_free(b);
         e->compressed_len = l;
         int64_t delta     = (static_cast<int64_t>(l)) - static_cast<int64_t>(e->size);
-        this->_bytes += delta;
+        this->_bytes      += delta;
         CACHE_SUM_DYN_STAT_THREAD(cache_ram_cache_bytes_stat, delta);
         e->size = l;
       } else {
@@ -536,7 +536,7 @@ RamCacheCLFUS::compress_entries(EThread *thread, int do_at_most)
         bb                      = static_cast<char *>(ats_malloc(e->len));
         memcpy(bb, e->data->data(), e->len);
         int64_t delta = (static_cast<int64_t>(e->len)) - static_cast<int64_t>(e->size);
-        this->_bytes += delta;
+        this->_bytes  += delta;
         CACHE_SUM_DYN_STAT_THREAD(cache_ram_cache_bytes_stat, delta);
         e->size = e->len;
         l       = e->len;
@@ -562,7 +562,8 @@ RamCacheCLFUS::compress_entries(EThread *thread, int do_at_most)
   return;
 }
 
-void RamCacheCLFUS::_requeue_victims(Que(RamCacheCLFUSEntry, lru_link) & victims)
+void
+RamCacheCLFUS::_requeue_victims(Que(RamCacheCLFUSEntry, lru_link) & victims)
 {
   RamCacheCLFUSEntry *victim = nullptr;
   while ((victim = victims.dequeue())) {
@@ -601,7 +602,7 @@ RamCacheCLFUS::put(CryptoHash *key, IOBufferData *data, uint32_t len, bool copy,
       this->_lru[e->flag_bits.lru].remove(e);
       this->_lru[e->flag_bits.lru].enqueue(e);
       int64_t delta = (static_cast<int64_t>(size)) - static_cast<int64_t>(e->size);
-      this->_bytes += delta;
+      this->_bytes  += delta;
       CACHE_SUM_DYN_STAT_THREAD(cache_ram_cache_bytes_stat, delta);
       if (!copy) {
         e->size = size;
@@ -722,7 +723,7 @@ RamCacheCLFUS::put(CryptoHash *key, IOBufferData *data, uint32_t len, bool copy,
     e->data->_mem_type = DEFAULT_ALLOC;
   }
   e->flag_bits.copy = copy;
-  this->_bytes += size + ENTRY_OVERHEAD;
+  this->_bytes      += size + ENTRY_OVERHEAD;
   CACHE_SUM_DYN_STAT_THREAD(cache_ram_cache_bytes_stat, size);
   e->size = size;
   this->_objects++;
diff --git a/iocore/cache/Store.cc b/iocore/cache/Store.cc
index 5c7c799fdda..b3c75bf0067 100644
--- a/iocore/cache/Store.cc
+++ b/iocore/cache/Store.cc
@@ -613,8 +613,8 @@ try_alloc(Store &target, Span *source, unsigned int start_blocks, bool one_only
         source->offset += a;
       }
       source->blocks -= a;
-      ds = d;
-      blocks -= a;
+      ds             = d;
+      blocks         -= a;
       if (one_only) {
         break;
       }
diff --git a/iocore/cache/test/CacheTestHandler.h b/iocore/cache/test/CacheTestHandler.h
index 3d2c1a0b697..ea8724a8e1b 100644
--- a/iocore/cache/test/CacheTestHandler.h
+++ b/iocore/cache/test/CacheTestHandler.h
@@ -26,8 +26,8 @@
 void test_done();
 
 #define TEST_DONE() test_done();
-#define T_DONE 1
-#define T_CONT 1
+#define T_DONE      1
+#define T_CONT      1
 
 #define DEFAULT_URL "http://www.scw00.com/"
 
diff --git a/iocore/cache/test/main.cc b/iocore/cache/test/main.cc
index 9151dee9bd8..6864d951b5f 100644
--- a/iocore/cache/test/main.cc
+++ b/iocore/cache/test/main.cc
@@ -27,7 +27,7 @@
 
 #include <unistd.h>
 
-#define THREADS 1
+#define THREADS        1
 #define DIAGS_LOG_FILE "diags.log"
 
 // Create a new temp directory and return it
@@ -177,9 +177,9 @@ generate_key(HTTPInfo &info)
 void
 CacheWriteTest::fill_data()
 {
-  size_t size = std::min(WRITE_LIMIT, this->_size);
-  auto n      = this->_write_buffer->write(this->_cursor, size);
-  this->_size -= n;
+  size_t size   = std::min(WRITE_LIMIT, this->_size);
+  auto n        = this->_write_buffer->write(this->_cursor, size);
+  this->_size   -= n;
   this->_cursor += n;
 }
 
diff --git a/iocore/dns/DNS.cc b/iocore/dns/DNS.cc
index f47c702af93..4fa421011c8 100644
--- a/iocore/dns/DNS.cc
+++ b/iocore/dns/DNS.cc
@@ -26,10 +26,10 @@
 
 #include "I_SplitDNS.h"
 
-#define SRV_COST (RRFIXEDSZ + 0)
-#define SRV_WEIGHT (RRFIXEDSZ + 2)
-#define SRV_PORT (RRFIXEDSZ + 4)
-#define SRV_SERVER (RRFIXEDSZ + 6)
+#define SRV_COST    (RRFIXEDSZ + 0)
+#define SRV_WEIGHT  (RRFIXEDSZ + 2)
+#define SRV_PORT    (RRFIXEDSZ + 4)
+#define SRV_SERVER  (RRFIXEDSZ + 6)
 #define SRV_FIXEDSZ (RRFIXEDSZ + 6)
 
 EventType ET_DNS = ET_CALL;
@@ -1135,7 +1135,7 @@ DNSHandler::get_query_id()
         return q1;
       }
     }
-    i <<= 6;
+    i  <<= 6;
     q2 &= 0x3F;
     while (query_id_in_use(i + q2)) {
       ++q2;
@@ -1662,8 +1662,8 @@ dns_process(DNSHandler *handler, HostEnt *buf, int len)
         n = rname_len + 1;
       }
       buf->ent.h_name = reinterpret_cast<char *>(bp);
-      bp += n;
-      buflen -= n;
+      bp              += n;
+      buflen          -= n;
     }
     //
     // Configure HostEnt data structure
@@ -1701,7 +1701,7 @@ dns_process(DNSHandler *handler, HostEnt *buf, int len)
     if (e->qtype == T_SRV) {
       for (int ctr = ntohs(h->qdcount); ctr > 0; ctr--) {
         int strlen = dn_skipname(here, eom);
-        here += strlen + QFIXEDSZ;
+        here       += strlen + QFIXEDSZ;
       }
     }
     //
@@ -1737,18 +1737,18 @@ dns_process(DNSHandler *handler, HostEnt *buf, int len)
           ++error;
           break;
         }
-        cp += n;
-        *ap++ = bp;
-        n     = strlen(reinterpret_cast<char *>(bp)) + 1;
-        bp += n;
+        cp     += n;
+        *ap++  = bp;
+        n      = strlen(reinterpret_cast<char *>(bp)) + 1;
+        bp     += n;
         buflen -= n;
-        n = strlen(reinterpret_cast<char *>(tbuf)) + 1;
+        n      = strlen(reinterpret_cast<char *>(tbuf)) + 1;
         if (n > buflen) {
           ++error;
           break;
         }
         ink_strlcpy(reinterpret_cast<char *>(bp), reinterpret_cast<char *>(tbuf), buflen);
-        bp += n;
+        bp     += n;
         buflen -= n;
         if (is_debug_tag_set("dns")) {
           switch (type) {
@@ -1779,27 +1779,27 @@ dns_process(DNSHandler *handler, HostEnt *buf, int len)
         if (!answer) {
           buf->ent.h_name = reinterpret_cast<char *>(bp);
           Debug("dns", "received PTR name = %s", bp);
-          n = strlen(reinterpret_cast<char *>(bp)) + 1;
-          bp += n;
+          n      = strlen(reinterpret_cast<char *>(bp)) + 1;
+          bp     += n;
           buflen -= n;
         } else if (ap < &buf->host_aliases[DNS_MAX_ALIASES - 1]) {
           *ap++ = bp;
           Debug("dns", "received PTR alias = %s", bp);
-          n = strlen(reinterpret_cast<char *>(bp)) + 1;
-          bp += n;
+          n      = strlen(reinterpret_cast<char *>(bp)) + 1;
+          bp     += n;
           buflen -= n;
         }
       } else if (type == T_SRV) {
         if (buf->srv_hosts.hosts.size() >= hostdb_round_robin_max_count) {
           break;
         }
-        cp         = here; /* hack */
-        int strlen = dn_skipname(cp, eom);
-        cp += strlen;
+        cp                           = here; /* hack */
+        int strlen                   = dn_skipname(cp, eom);
+        cp                           += strlen;
         const unsigned char *srv_off = cp;
-        cp += SRV_FIXEDSZ;
-        cp += dn_skipname(cp, eom);
-        here = cp; /* hack */
+        cp                           += SRV_FIXEDSZ;
+        cp                           += dn_skipname(cp, eom);
+        here                         = cp; /* hack */
 
         SRV srv;
 
@@ -1837,13 +1837,13 @@ dns_process(DNSHandler *handler, HostEnt *buf, int len)
           buf->ent.h_name     = reinterpret_cast<char *>(bp);
           nn                  = strlen(reinterpret_cast<char *>(bp)) + 1;
           Debug("dns", "received %s name = %s", QtypeName(type), bp);
-          bp += nn;
+          bp     += nn;
           buflen -= nn;
         }
         // attempt to use the original buffer (if it is word aligned)
         if (!(((uintptr_t)cp) % sizeof(unsigned int))) {
           *hap++ = cp;
-          cp += n;
+          cp     += n;
         } else {
           ip_text_buffer ip_string;
           bp = static_cast<unsigned char *>(align_pointer_forward(bp, sizeof(int)));
diff --git a/iocore/dns/DNSConnection.cc b/iocore/dns/DNSConnection.cc
index fcd6655a84e..12e83f82ffb 100644
--- a/iocore/dns/DNSConnection.cc
+++ b/iocore/dns/DNSConnection.cc
@@ -39,7 +39,7 @@
 // #define RECV_BUF_SIZE            (1024*64)
 // #define SEND_BUF_SIZE            (1024*64)
 #define FIRST_RANDOM_PORT (16000)
-#define LAST_RANDOM_PORT (60000)
+#define LAST_RANDOM_PORT  (60000)
 
 DNSConnection::Options const DNSConnection::DEFAULT_OPTIONS;
 
diff --git a/iocore/dns/P_DNSProcessor.h b/iocore/dns/P_DNSProcessor.h
index 9abc1d71ab0..cea47f5de6e 100644
--- a/iocore/dns/P_DNSProcessor.h
+++ b/iocore/dns/P_DNSProcessor.h
@@ -26,20 +26,20 @@
 #include "I_EventSystem.h"
 #include "tscore/PendingAction.h"
 
-#define MAX_NAMED 32
-#define DEFAULT_DNS_RETRIES 5
-#define MAX_DNS_RETRIES 9
-#define DEFAULT_DNS_TIMEOUT 30
-#define MAX_DNS_IN_FLIGHT 2048
+#define MAX_NAMED                       32
+#define DEFAULT_DNS_RETRIES             5
+#define MAX_DNS_RETRIES                 9
+#define DEFAULT_DNS_TIMEOUT             30
+#define MAX_DNS_IN_FLIGHT               2048
 #define MAX_DNS_TCP_CONTINUOUS_FAILURES 10
-#define DEFAULT_FAILOVER_NUMBER (DEFAULT_DNS_RETRIES + 1)
-#define DEFAULT_FAILOVER_PERIOD (DEFAULT_DNS_TIMEOUT + 30)
+#define DEFAULT_FAILOVER_NUMBER         (DEFAULT_DNS_RETRIES + 1)
+#define DEFAULT_FAILOVER_PERIOD         (DEFAULT_DNS_TIMEOUT + 30)
 // how many seconds before FAILOVER_PERIOD to try the primary with
 // a well known address
 #define DEFAULT_FAILOVER_TRY_PERIOD (DEFAULT_DNS_TIMEOUT + 1)
-#define DEFAULT_DNS_SEARCH 1
-#define FAILOVER_SOON_RETRY 5
-#define NO_NAMESERVER_SELECTED -1
+#define DEFAULT_DNS_SEARCH          1
+#define FAILOVER_SOON_RETRY         5
+#define NO_NAMESERVER_SELECTED      -1
 
 //
 // Config
@@ -58,13 +58,13 @@ extern unsigned int dns_sequence_number;
 // Constants
 //
 
-#define DNS_PERIOD HRTIME_MSECONDS(100)
-#define DNS_DELAY_PERIOD HRTIME_MSECONDS(10)
+#define DNS_PERIOD                         HRTIME_MSECONDS(100)
+#define DNS_DELAY_PERIOD                   HRTIME_MSECONDS(10)
 #define DNS_SEQUENCE_NUMBER_RESTART_OFFSET 4000
-#define DNS_PRIMARY_RETRY_PERIOD HRTIME_SECONDS(5)
-#define DNS_PRIMARY_REOPEN_PERIOD HRTIME_SECONDS(60)
-#define BAD_DNS_RESULT (reinterpret_cast<HostEnt *>((uintptr_t)-1))
-#define DEFAULT_NUM_TRY_SERVER 8
+#define DNS_PRIMARY_RETRY_PERIOD           HRTIME_SECONDS(5)
+#define DNS_PRIMARY_REOPEN_PERIOD          HRTIME_SECONDS(60)
+#define BAD_DNS_RESULT                     (reinterpret_cast<HostEnt *>((uintptr_t)-1))
+#define DEFAULT_NUM_TRY_SERVER             8
 
 // these are from nameser.h
 #ifndef HFIXEDSZ
diff --git a/iocore/dns/SplitDNS.cc b/iocore/dns/SplitDNS.cc
index b993f1e7f51..23125e9f80c 100644
--- a/iocore/dns/SplitDNS.cc
+++ b/iocore/dns/SplitDNS.cc
@@ -407,7 +407,7 @@ SplitDNSRecord::ProcessDomainSrchList(char *val)
 
   for (int i = 0; i < numTok; i++) {
     const char *current = pTok[i];
-    int cnt             = sz += strlen(current);
+    int cnt = sz += strlen(current);
 
     if (MAXDNAME - 1 < sz) {
       break;
diff --git a/iocore/eventsystem/IOBuffer.cc b/iocore/eventsystem/IOBuffer.cc
index 805886dfab7..55e0c174910 100644
--- a/iocore/eventsystem/IOBuffer.cc
+++ b/iocore/eventsystem/IOBuffer.cc
@@ -123,7 +123,7 @@ MIOBuffer::write(IOBufferBlock const *b, int64_t alen, int64_t offset)
 
   while (b && len > 0) {
     int64_t max_bytes = b->read_avail();
-    max_bytes -= offset;
+    max_bytes         -= offset;
     if (max_bytes <= 0) {
       offset = -max_bytes;
       b      = b->next.get();
@@ -136,12 +136,12 @@ MIOBuffer::write(IOBufferBlock const *b, int64_t alen, int64_t offset)
       bytes = len;
     }
     IOBufferBlock *bb = b->clone();
-    bb->_start += offset;
+    bb->_start        += offset;
     bb->_buf_end = bb->_end = bb->_start + bytes;
     append_block(bb);
     offset = 0;
-    len -= bytes;
-    b = b->next.get();
+    len    -= bytes;
+    b      = b->next.get();
   }
 
   return alen - len;
@@ -184,10 +184,10 @@ IOBufferReader::read(void *ab, int64_t len)
     }
     ::memcpy(b, start(), l);
     consume(l);
-    b += l;
-    n -= l;
+    b     += l;
+    n     -= l;
     bytes += l;
-    l = block_read_avail();
+    l     = block_read_avail();
   }
   return bytes;
 }
@@ -197,12 +197,12 @@ int64_t
 IOBufferReader::memchr(char c, int64_t len, int64_t offset)
 {
   IOBufferBlock *b = block.get();
-  offset += start_offset;
-  int64_t o = offset;
+  offset           += start_offset;
+  int64_t o        = offset;
 
   while (b && len) {
     int64_t max_bytes = b->read_avail();
-    max_bytes -= offset;
+    max_bytes         -= offset;
     if (max_bytes <= 0) {
       offset = -max_bytes;
       b      = b->next.get();
@@ -219,8 +219,8 @@ IOBufferReader::memchr(char c, int64_t len, int64_t offset)
     if (p) {
       return static_cast<int64_t>(o - start_offset + p - s);
     }
-    o += bytes;
-    len -= bytes;
+    o      += bytes;
+    len    -= bytes;
     b      = b->next.get();
     offset = 0;
   }
@@ -233,11 +233,11 @@ IOBufferReader::memcpy(void *ap, int64_t len, int64_t offset)
 {
   char *p          = static_cast<char *>(ap);
   IOBufferBlock *b = block.get();
-  offset += start_offset;
+  offset           += start_offset;
 
   while (b && len) {
     int64_t max_bytes = b->read_avail();
-    max_bytes -= offset;
+    max_bytes         -= offset;
     if (max_bytes <= 0) {
       offset = -max_bytes;
       b      = b->next.get();
@@ -250,8 +250,8 @@ IOBufferReader::memcpy(void *ap, int64_t len, int64_t offset)
       bytes = len;
     }
     ::memcpy(p, b->start() + offset, bytes);
-    p += bytes;
-    len -= bytes;
+    p      += bytes;
+    len    -= bytes;
     b      = b->next.get();
     offset = 0;
   }
@@ -277,7 +277,7 @@ IOBufferChain::write(IOBufferBlock *blocks, int64_t length, int64_t offset)
       if (offset) {
         bb->consume(offset);
         block_bytes -= offset; // bytes really available to use.
-        offset = 0;
+        offset      = 0;
       }
       if (block_bytes > n) {
         bb->_end -= (block_bytes - n);
@@ -290,7 +290,7 @@ IOBufferChain::write(IOBufferBlock *blocks, int64_t length, int64_t offset)
   }
 
   length -= n; // actual bytes written to chain.
-  _len += length;
+  _len   += length;
   return length;
 }
 
@@ -334,8 +334,8 @@ IOBufferChain::consume(int64_t size)
   while (_head != nullptr && size > 0 && (bytes = _head->read_avail()) > 0) {
     if (size >= bytes) {
       _head = _head->next;
-      zret += bytes;
-      size -= bytes;
+      zret  += bytes;
+      size  -= bytes;
     } else {
       _head->consume(size);
       zret += size;
diff --git a/iocore/eventsystem/I_Action.h b/iocore/eventsystem/I_Action.h
index 659f2b54ad3..643f9a017f6 100644
--- a/iocore/eventsystem/I_Action.h
+++ b/iocore/eventsystem/I_Action.h
@@ -199,7 +199,7 @@ class Action
 };
 
 #define ACTION_RESULT_DONE MAKE_ACTION_RESULT(1)
-#define ACTION_IO_ERROR MAKE_ACTION_RESULT(2)
+#define ACTION_IO_ERROR    MAKE_ACTION_RESULT(2)
 
 // Use these classes by
 // #define ACTION_RESULT_HOST_DB_OFFLINE
diff --git a/iocore/eventsystem/I_Continuation.h b/iocore/eventsystem/I_Continuation.h
index 8493995f3c5..b32605b4deb 100644
--- a/iocore/eventsystem/I_Continuation.h
+++ b/iocore/eventsystem/I_Continuation.h
@@ -84,7 +84,8 @@ continuation_handler_void_ptr(int (C::*fp)(int, T *))
 
 // Overload for nullptr.
 //
-constexpr ContinuationHandler continuation_handler_void_ptr(std::nullptr_t)
+constexpr ContinuationHandler
+continuation_handler_void_ptr(std::nullptr_t)
 {
 #undef X
 #if !defined(__GNUC__)
diff --git a/iocore/eventsystem/I_EThread.h b/iocore/eventsystem/I_EThread.h
index 91d0ca1c64a..05de946ba05 100644
--- a/iocore/eventsystem/I_EThread.h
+++ b/iocore/eventsystem/I_EThread.h
@@ -301,7 +301,7 @@ class EThread : public Thread
   EThread();
   EThread(ThreadType att, int anid);
   EThread(ThreadType att, Event *e);
-  EThread(const EThread &) = delete;
+  EThread(const EThread &)            = delete;
   EThread &operator=(const EThread &) = delete;
   ~EThread() override;
 
diff --git a/iocore/eventsystem/I_Event.h b/iocore/eventsystem/I_Event.h
index 10aad0ae518..bca99164dd2 100644
--- a/iocore/eventsystem/I_Event.h
+++ b/iocore/eventsystem/I_Event.h
@@ -35,58 +35,58 @@
 
 // Events
 
-#define EVENT_NONE CONTINUATION_EVENT_NONE // 0
+#define EVENT_NONE      CONTINUATION_EVENT_NONE // 0
 #define EVENT_IMMEDIATE 1
-#define EVENT_INTERVAL 2
-#define EVENT_ERROR 3
-#define EVENT_CALL 4 // used internally in state machines
-#define EVENT_POLL 5 // negative event; activated on poll or epoll
+#define EVENT_INTERVAL  2
+#define EVENT_ERROR     3
+#define EVENT_CALL      4 // used internally in state machines
+#define EVENT_POLL      5 // negative event; activated on poll or epoll
 
 // Event callback return functions
 
-#define EVENT_DONE CONTINUATION_DONE // 0
-#define EVENT_CONT CONTINUATION_CONT // 1
-#define EVENT_RETURN 5
-#define EVENT_RESTART 6
+#define EVENT_DONE            CONTINUATION_DONE // 0
+#define EVENT_CONT            CONTINUATION_CONT // 1
+#define EVENT_RETURN          5
+#define EVENT_RESTART         6
 #define EVENT_RESTART_DELAYED 7
 
 // Event numbers block allocation
 // ** ALL NEW EVENT TYPES SHOULD BE ALLOCATED FROM BLOCKS LISTED HERE! **
 
-#define VC_EVENT_EVENTS_START 100
-#define NET_EVENT_EVENTS_START 200
-#define DISK_EVENT_EVENTS_START 300
-#define HOSTDB_EVENT_EVENTS_START 500
-#define DNS_EVENT_EVENTS_START 600
-#define CONFIG_EVENT_EVENTS_START 800
-#define LOG_EVENT_EVENTS_START 900
-#define REFCOUNT_CACHE_EVENT_EVENTS_START 1000
-#define CACHE_EVENT_EVENTS_START 1100
-#define CACHE_DIRECTORY_EVENT_EVENTS_START 1200
-#define CACHE_DB_EVENT_EVENTS_START 1300
-#define HTTP_NET_CONNECTION_EVENT_EVENTS_START 1400
+#define VC_EVENT_EVENTS_START                   100
+#define NET_EVENT_EVENTS_START                  200
+#define DISK_EVENT_EVENTS_START                 300
+#define HOSTDB_EVENT_EVENTS_START               500
+#define DNS_EVENT_EVENTS_START                  600
+#define CONFIG_EVENT_EVENTS_START               800
+#define LOG_EVENT_EVENTS_START                  900
+#define REFCOUNT_CACHE_EVENT_EVENTS_START       1000
+#define CACHE_EVENT_EVENTS_START                1100
+#define CACHE_DIRECTORY_EVENT_EVENTS_START      1200
+#define CACHE_DB_EVENT_EVENTS_START             1300
+#define HTTP_NET_CONNECTION_EVENT_EVENTS_START  1400
 #define HTTP_NET_VCONNECTION_EVENT_EVENTS_START 1500
-#define GC_EVENT_EVENTS_START 1600
-#define TRANSFORM_EVENTS_START 2000
-#define STAT_PAGES_EVENTS_START 2100
-#define HTTP_SESSION_EVENTS_START 2200
-#define HTTP2_SESSION_EVENTS_START 2250
-#define HTTP_TUNNEL_EVENTS_START 2300
-#define HTTP_SCH_UPDATE_EVENTS_START 2400
-#define QUIC_EVENT_EVENTS_START 2500
-#define HTTP3_SESSION_EVENTS_START 2600
-#define QPACK_EVENT_EVENTS_START 2700
-#define NT_ASYNC_CONNECT_EVENT_EVENTS_START 3000
-#define NT_ASYNC_IO_EVENT_EVENTS_START 3100
-#define RAFT_EVENT_EVENTS_START 3200
-#define SIMPLE_EVENT_EVENTS_START 3300
-#define UPDATE_EVENT_EVENTS_START 3500
-#define AIO_EVENT_EVENTS_START 3900
-#define BLOCK_CACHE_EVENT_EVENTS_START 4000
-#define UTILS_EVENT_EVENTS_START 5000
-#define INK_API_EVENT_EVENTS_START 60000
-#define SRV_EVENT_EVENTS_START 62000
-#define REMAP_EVENT_EVENTS_START 63000
+#define GC_EVENT_EVENTS_START                   1600
+#define TRANSFORM_EVENTS_START                  2000
+#define STAT_PAGES_EVENTS_START                 2100
+#define HTTP_SESSION_EVENTS_START               2200
+#define HTTP2_SESSION_EVENTS_START              2250
+#define HTTP_TUNNEL_EVENTS_START                2300
+#define HTTP_SCH_UPDATE_EVENTS_START            2400
+#define QUIC_EVENT_EVENTS_START                 2500
+#define HTTP3_SESSION_EVENTS_START              2600
+#define QPACK_EVENT_EVENTS_START                2700
+#define NT_ASYNC_CONNECT_EVENT_EVENTS_START     3000
+#define NT_ASYNC_IO_EVENT_EVENTS_START          3100
+#define RAFT_EVENT_EVENTS_START                 3200
+#define SIMPLE_EVENT_EVENTS_START               3300
+#define UPDATE_EVENT_EVENTS_START               3500
+#define AIO_EVENT_EVENTS_START                  3900
+#define BLOCK_CACHE_EVENT_EVENTS_START          4000
+#define UTILS_EVENT_EVENTS_START                5000
+#define INK_API_EVENT_EVENTS_START              60000
+#define SRV_EVENT_EVENTS_START                  62000
+#define REMAP_EVENT_EVENTS_START                63000
 
 // define misc events here
 #define ONE_WAY_TUNNEL_EVENT_PEER_CLOSE (SIMPLE_EVENT_EVENTS_START + 1)
@@ -209,11 +209,11 @@ class Event : public Action
 
   EThread *ethread = nullptr;
 
-  unsigned int in_the_prot_queue : 1;
+  unsigned int in_the_prot_queue     : 1;
   unsigned int in_the_priority_queue : 1;
-  unsigned int immediate : 1;
-  unsigned int globally_allocated : 1;
-  unsigned int in_heap : 4;
+  unsigned int immediate             : 1;
+  unsigned int globally_allocated    : 1;
+  unsigned int in_heap               : 4;
   int callback_event = 0;
 
   ink_hrtime timeout_at = 0;
@@ -238,7 +238,7 @@ class Event : public Action
 #endif
 
   // noncopyable: prevent unauthorized copies (Not implemented)
-  Event(const Event &) = delete;
+  Event(const Event &)            = delete;
   Event &operator=(const Event &) = delete;
 
 private:
diff --git a/iocore/eventsystem/I_EventProcessor.h b/iocore/eventsystem/I_EventProcessor.h
index 5d21102e9da..26c1a78632a 100644
--- a/iocore/eventsystem/I_EventProcessor.h
+++ b/iocore/eventsystem/I_EventProcessor.h
@@ -247,7 +247,7 @@ class EventProcessor : public Processor
 
   EventProcessor();
   ~EventProcessor() override;
-  EventProcessor(const EventProcessor &) = delete;
+  EventProcessor(const EventProcessor &)            = delete;
   EventProcessor &operator=(const EventProcessor &) = delete;
 
   /**
diff --git a/iocore/eventsystem/I_IOBuffer.h b/iocore/eventsystem/I_IOBuffer.h
index b179d8051d4..cdf1d8d1cdc 100644
--- a/iocore/eventsystem/I_IOBuffer.h
+++ b/iocore/eventsystem/I_IOBuffer.h
@@ -58,11 +58,11 @@ enum AllocType {
   DEFAULT_ALLOC,
 };
 
-#define DEFAULT_BUFFER_NUMBER 128
-#define DEFAULT_HUGE_BUFFER_NUMBER 32
-#define MAX_MIOBUFFER_READERS 5
-#define DEFAULT_BUFFER_ALIGNMENT 8192 // should be disk/page size
-#define DEFAULT_BUFFER_BASE_SIZE 128
+#define DEFAULT_BUFFER_NUMBER               128
+#define DEFAULT_HUGE_BUFFER_NUMBER          32
+#define MAX_MIOBUFFER_READERS               5
+#define DEFAULT_BUFFER_ALIGNMENT            8192 // should be disk/page size
+#define DEFAULT_BUFFER_BASE_SIZE            128
 #define DEFAULT_PLUGIN_VC_BUFFER_WATER_MARK 0 // ensure we retain existing behavior
 
 ////////////////////////////////////////////////
@@ -71,43 +71,43 @@ enum AllocType {
 // still work if it uses BUFFER_SIZE_INDEX_2K //
 // instead.                                   //
 ////////////////////////////////////////////////
-#define BUFFER_SIZE_INDEX_128 0
-#define BUFFER_SIZE_INDEX_256 1
-#define BUFFER_SIZE_INDEX_512 2
-#define BUFFER_SIZE_INDEX_1K 3
-#define BUFFER_SIZE_INDEX_2K 4
-#define BUFFER_SIZE_INDEX_4K 5
-#define BUFFER_SIZE_INDEX_8K 6
-#define BUFFER_SIZE_INDEX_16K 7
-#define BUFFER_SIZE_INDEX_32K 8
-#define BUFFER_SIZE_INDEX_64K 9
+#define BUFFER_SIZE_INDEX_128  0
+#define BUFFER_SIZE_INDEX_256  1
+#define BUFFER_SIZE_INDEX_512  2
+#define BUFFER_SIZE_INDEX_1K   3
+#define BUFFER_SIZE_INDEX_2K   4
+#define BUFFER_SIZE_INDEX_4K   5
+#define BUFFER_SIZE_INDEX_8K   6
+#define BUFFER_SIZE_INDEX_16K  7
+#define BUFFER_SIZE_INDEX_32K  8
+#define BUFFER_SIZE_INDEX_64K  9
 #define BUFFER_SIZE_INDEX_128K 10
 #define BUFFER_SIZE_INDEX_256K 11
 #define BUFFER_SIZE_INDEX_512K 12
-#define BUFFER_SIZE_INDEX_1M 13
-#define BUFFER_SIZE_INDEX_2M 14
-#define MAX_BUFFER_SIZE_INDEX 14
-#define DEFAULT_BUFFER_SIZES (MAX_BUFFER_SIZE_INDEX + 1)
+#define BUFFER_SIZE_INDEX_1M   13
+#define BUFFER_SIZE_INDEX_2M   14
+#define MAX_BUFFER_SIZE_INDEX  14
+#define DEFAULT_BUFFER_SIZES   (MAX_BUFFER_SIZE_INDEX + 1)
 
 #define BUFFER_SIZE_FOR_INDEX(_i) (DEFAULT_BUFFER_BASE_SIZE * (1 << (_i)))
 #define DEFAULT_SMALL_BUFFER_SIZE BUFFER_SIZE_INDEX_512
 #define DEFAULT_LARGE_BUFFER_SIZE BUFFER_SIZE_INDEX_4K
-#define DEFAULT_TS_BUFFER_SIZE BUFFER_SIZE_INDEX_8K
-#define DEFAULT_MAX_BUFFER_SIZE BUFFER_SIZE_FOR_INDEX(MAX_BUFFER_SIZE_INDEX)
-#define MIN_IOBUFFER_SIZE BUFFER_SIZE_INDEX_128
-#define MAX_IOBUFFER_SIZE (DEFAULT_BUFFER_SIZES - 1)
+#define DEFAULT_TS_BUFFER_SIZE    BUFFER_SIZE_INDEX_8K
+#define DEFAULT_MAX_BUFFER_SIZE   BUFFER_SIZE_FOR_INDEX(MAX_BUFFER_SIZE_INDEX)
+#define MIN_IOBUFFER_SIZE         BUFFER_SIZE_INDEX_128
+#define MAX_IOBUFFER_SIZE         (DEFAULT_BUFFER_SIZES - 1)
 
 #define BUFFER_SIZE_ALLOCATED(_i) (BUFFER_SIZE_INDEX_IS_FAST_ALLOCATED(_i) || BUFFER_SIZE_INDEX_IS_XMALLOCED(_i))
 
-#define BUFFER_SIZE_NOT_ALLOCATED DEFAULT_BUFFER_SIZES
-#define BUFFER_SIZE_INDEX_IS_XMALLOCED(_size_index) (_size_index < 0)
+#define BUFFER_SIZE_NOT_ALLOCATED                        DEFAULT_BUFFER_SIZES
+#define BUFFER_SIZE_INDEX_IS_XMALLOCED(_size_index)      (_size_index < 0)
 #define BUFFER_SIZE_INDEX_IS_FAST_ALLOCATED(_size_index) (((uint64_t)_size_index) < DEFAULT_BUFFER_SIZES)
-#define BUFFER_SIZE_INDEX_IS_CONSTANT(_size_index) (_size_index >= DEFAULT_BUFFER_SIZES)
+#define BUFFER_SIZE_INDEX_IS_CONSTANT(_size_index)       (_size_index >= DEFAULT_BUFFER_SIZES)
 
-#define BUFFER_SIZE_FOR_XMALLOC(_size) (-(_size))
+#define BUFFER_SIZE_FOR_XMALLOC(_size)            (-(_size))
 #define BUFFER_SIZE_INDEX_FOR_XMALLOC_SIZE(_size) (-(_size))
 
-#define BUFFER_SIZE_FOR_CONSTANT(_size) (_size - DEFAULT_BUFFER_SIZES)
+#define BUFFER_SIZE_FOR_CONSTANT(_size)            (_size - DEFAULT_BUFFER_SIZES)
 #define BUFFER_SIZE_INDEX_FOR_CONSTANT_SIZE(_size) (_size + DEFAULT_BUFFER_SIZES)
 
 extern FreelistAllocator ioBufAllocator[DEFAULT_BUFFER_SIZES];
@@ -235,7 +235,7 @@ class IOBufferData : public RefCountObj
   IOBufferData() : _size_index(BUFFER_SIZE_NOT_ALLOCATED) {}
 
   // noncopyable, declaration only
-  IOBufferData(const IOBufferData &) = delete;
+  IOBufferData(const IOBufferData &)            = delete;
   IOBufferData &operator=(const IOBufferData &) = delete;
 };
 
@@ -478,7 +478,7 @@ class IOBufferBlock : public RefCountObj
   IOBufferBlock();
 
   // noncopyable
-  IOBufferBlock(const IOBufferBlock &) = delete;
+  IOBufferBlock(const IOBufferBlock &)            = delete;
   IOBufferBlock &operator=(const IOBufferBlock &) = delete;
 };
 
@@ -1280,7 +1280,7 @@ struct MIOBufferAccessor {
 #endif
 
   // noncopyable
-  MIOBufferAccessor(const MIOBufferAccessor &) = delete;
+  MIOBufferAccessor(const MIOBufferAccessor &)            = delete;
   MIOBufferAccessor &operator=(const MIOBufferAccessor &) = delete;
 
 private:
@@ -1319,7 +1319,7 @@ class Empty_MIOBuffer_tracker
 };
 
 /// MIOBuffer allocator/deallocator
-#define new_MIOBuffer MIOBuffer_tracker(RES_PATH("memory/IOBuffer/"))
+#define new_MIOBuffer       MIOBuffer_tracker(RES_PATH("memory/IOBuffer/"))
 #define new_empty_MIOBuffer Empty_MIOBuffer_tracker(RES_PATH("memory/IOBuffer/"))
 extern void free_MIOBuffer(MIOBuffer *mio);
 //////////////////////////////////////////////////////////////////////
@@ -1368,7 +1368,7 @@ class IOBufferData_tracker
 };
 
 // TODO: remove new_xmalloc_IOBufferData. Because ats_xmalloc() doesn't exist anymore.
-#define new_IOBufferData IOBufferData_tracker(RES_PATH("memory/IOBuffer/"))
+#define new_IOBufferData                  IOBufferData_tracker(RES_PATH("memory/IOBuffer/"))
 #define new_xmalloc_IOBufferData(b, size) new_xmalloc_IOBufferData_internal(RES_PATH("memory/IOBuffer/"), (b), (size))
 
 extern int64_t iobuffer_size_to_index(int64_t size, int64_t max);
@@ -1414,7 +1414,7 @@ IOBufferChain::operator+=(self_type const &that)
   else {
     _tail->next = that._head;
     _tail       = that._tail;
-    _len += that._len;
+    _len        += that._len;
   }
   return *this;
 }
diff --git a/iocore/eventsystem/I_Lock.h b/iocore/eventsystem/I_Lock.h
index 7efa45f462c..1dcaf55626c 100644
--- a/iocore/eventsystem/I_Lock.h
+++ b/iocore/eventsystem/I_Lock.h
@@ -27,7 +27,7 @@
 #include "tscore/Diags.h"
 #include "I_Thread.h"
 
-#define MAX_LOCK_TIME HRTIME_MSECONDS(200)
+#define MAX_LOCK_TIME               HRTIME_MSECONDS(200)
 #define THREAD_MUTEX_THREAD_HOLDING (-1024 * 1024)
 
 /*------------------------------------------------------*\
@@ -111,10 +111,10 @@
 #endif
 
 #ifdef DEBUG
-#define MUTEX_TAKE_LOCK(_m, _t) Mutex_lock(MakeSourceLocation(), (char *)nullptr, _m, _t)
+#define MUTEX_TAKE_LOCK(_m, _t)         Mutex_lock(MakeSourceLocation(), (char *)nullptr, _m, _t)
 #define MUTEX_TAKE_LOCK_FOR(_m, _t, _c) Mutex_lock(MakeSourceLocation(), nullptr, _m, _t)
 #else
-#define MUTEX_TAKE_LOCK(_m, _t) Mutex_lock(_m, _t)
+#define MUTEX_TAKE_LOCK(_m, _t)         Mutex_lock(_m, _t)
 #define MUTEX_TAKE_LOCK_FOR(_m, _t, _c) Mutex_lock(_m, _t)
 #endif // DEBUG
 
diff --git a/iocore/eventsystem/I_MIOBufferWriter.h b/iocore/eventsystem/I_MIOBufferWriter.h
index 08e29a75524..2c3d83ea161 100644
--- a/iocore/eventsystem/I_MIOBufferWriter.h
+++ b/iocore/eventsystem/I_MIOBufferWriter.h
@@ -123,11 +123,19 @@ class MIOBufferWriter : public ts::BufferWriter
 
   // Not useful in this derived class.
   //
-  self_type &clip(size_t) override { return *this; }
+  self_type &
+  clip(size_t) override
+  {
+    return *this;
+  }
 
   // Not useful in this derived class.
   //
-  self_type &extend(size_t) override { return *this; }
+  self_type &
+  extend(size_t) override
+  {
+    return *this;
+  }
 
   // This must not be called for this derived class.
   //
diff --git a/iocore/eventsystem/I_PriorityEventQueue.h b/iocore/eventsystem/I_PriorityEventQueue.h
index 4488123f4b1..ff507eae6cf 100644
--- a/iocore/eventsystem/I_PriorityEventQueue.h
+++ b/iocore/eventsystem/I_PriorityEventQueue.h
@@ -27,7 +27,7 @@
 #include "I_Event.h"
 
 // <5ms, 10, 20, 40, 80, 160, 320, 640, 1280, 2560, 5120
-#define N_PQ_LIST 10
+#define N_PQ_LIST          10
 #define PQ_BUCKET_TIME(_i) (HRTIME_MSECONDS(5) << (_i))
 
 class EThread;
diff --git a/iocore/eventsystem/I_Processor.h b/iocore/eventsystem/I_Processor.h
index 291c7386d3b..e24b4ac0f04 100644
--- a/iocore/eventsystem/I_Processor.h
+++ b/iocore/eventsystem/I_Processor.h
@@ -26,9 +26,9 @@
 
 #include "tscore/ink_platform.h"
 
-#define PROCESSOR_RECONFIGURE 0x01
-#define PROCESSOR_CHECK 0x02
-#define PROCESSOR_FIX 0x04
+#define PROCESSOR_RECONFIGURE   0x01
+#define PROCESSOR_CHECK         0x02
+#define PROCESSOR_FIX           0x04
 #define PROCESSOR_IGNORE_ERRORS 0x08
 
 class Processor;
@@ -107,7 +107,7 @@ class Processor
   }
 
   // noncopyable, prevent unauthorized copies (Not implemented)
-  Processor(const Processor &) = delete;
+  Processor(const Processor &)            = delete;
   Processor &operator=(const Processor &) = delete;
 
 protected:
diff --git a/iocore/eventsystem/I_ProxyAllocator.h b/iocore/eventsystem/I_ProxyAllocator.h
index a94c589b1fa..a5320de7447 100644
--- a/iocore/eventsystem/I_ProxyAllocator.h
+++ b/iocore/eventsystem/I_ProxyAllocator.h
@@ -50,7 +50,7 @@ struct ProxyAllocator {
 
 template <class CAlloc, typename... Args>
 typename CAlloc::Value_type *
-thread_alloc(CAlloc &a, ProxyAllocator &l, Args &&... args)
+thread_alloc(CAlloc &a, ProxyAllocator &l, Args &&...args)
 {
   if (!cmd_disable_pfreelist && l.freelist) {
     void *v    = l.freelist;
@@ -70,14 +70,14 @@ void thread_freeup(Allocator &a, ProxyAllocator &l);
 
 // Potentially empty variable arguments -- non-standard GCC way
 //
-#define THREAD_ALLOC(_a, _t, ...) thread_alloc(::_a, _t->_a, ##__VA_ARGS__)
+#define THREAD_ALLOC(_a, _t, ...)      thread_alloc(::_a, _t->_a, ##__VA_ARGS__)
 #define THREAD_ALLOC_INIT(_a, _t, ...) thread_alloc(::_a, _t->_a, ##__VA_ARGS__)
 
 #else
 
 // Potentially empty variable arguments -- Standard C++20 way
 //
-#define THREAD_ALLOC(_a, _t, ...) thread_alloc(::_a, _t->_a __VA_OPT__(, ) __VA_ARGS__)
+#define THREAD_ALLOC(_a, _t, ...)      thread_alloc(::_a, _t->_a __VA_OPT__(, ) __VA_ARGS__)
 #define THREAD_ALLOC_INIT(_a, _t, ...) thread_alloc(::_a, _t->_a __VA_OPT__(, ) __VA_ARGS__)
 
 #endif
diff --git a/iocore/eventsystem/I_Thread.h b/iocore/eventsystem/I_Thread.h
index 844cfaeb01f..910f41c29b9 100644
--- a/iocore/eventsystem/I_Thread.h
+++ b/iocore/eventsystem/I_Thread.h
@@ -170,7 +170,7 @@ class Thread
   */
   static ink_hrtime get_hrtime_updated();
 
-  Thread(const Thread &) = delete;
+  Thread(const Thread &)            = delete;
   Thread &operator=(const Thread &) = delete;
   virtual ~Thread();
 
diff --git a/iocore/eventsystem/I_VConnection.h b/iocore/eventsystem/I_VConnection.h
index bfbeb0c3b21..c60915e78af 100644
--- a/iocore/eventsystem/I_VConnection.h
+++ b/iocore/eventsystem/I_VConnection.h
@@ -36,8 +36,8 @@
 // Data Types
 //
 #define VCONNECTION_CACHE_DATA_BASE 0
-#define VCONNECTION_NET_DATA_BASE 100
-#define VCONNECTION_API_DATA_BASE 200
+#define VCONNECTION_NET_DATA_BASE   100
+#define VCONNECTION_API_DATA_BASE   200
 
 //
 // Event signals
@@ -57,7 +57,7 @@
 */
 #define VC_EVENT_WRITE_READY (VC_EVENT_EVENTS_START + 1)
 
-#define VC_EVENT_READ_COMPLETE (VC_EVENT_EVENTS_START + 2)
+#define VC_EVENT_READ_COMPLETE  (VC_EVENT_EVENTS_START + 2)
 #define VC_EVENT_WRITE_COMPLETE (VC_EVENT_EVENTS_START + 3)
 
 /**
@@ -398,7 +398,8 @@ struct DummyVConnection : public VConnection, public PluginUserArgs<TS_USER_ARGS
                 "cannot use default implementation");
   }
 
-  void do_io_shutdown(ShutdownHowTo_t /* howto ATS_UNUSED */) override
+  void
+  do_io_shutdown(ShutdownHowTo_t /* howto ATS_UNUSED */) override
   {
     ink_assert(!"VConnection::do_io_shutdown -- "
                 "cannot use default implementation");
diff --git a/iocore/eventsystem/MIOBufferWriter.cc b/iocore/eventsystem/MIOBufferWriter.cc
index 67f6108952e..22d5ebe612a 100644
--- a/iocore/eventsystem/MIOBufferWriter.cc
+++ b/iocore/eventsystem/MIOBufferWriter.cc
@@ -56,7 +56,7 @@ MIOBufferWriter::write(const void *data_, size_t length)
     std::memcpy(iobbPtr->end(), data, writeSize);
     iobbPtr->fill(writeSize);
 
-    data += writeSize;
+    data   += writeSize;
     length -= writeSize;
 
     _numWritten += writeSize;
diff --git a/iocore/eventsystem/PQ-List.cc b/iocore/eventsystem/PQ-List.cc
index eeaec5a439d..ef611029f8c 100644
--- a/iocore/eventsystem/PQ-List.cc
+++ b/iocore/eventsystem/PQ-List.cc
@@ -37,7 +37,7 @@ PriorityEventQueue::check_ready(ink_hrtime now, EThread *t)
   uint32_t todo_buckets  = check_buckets ^ last_check_buckets;
   last_check_time        = now;
   last_check_buckets     = check_buckets;
-  todo_buckets &= ((1 << (N_PQ_LIST - 1)) - 1);
+  todo_buckets           &= ((1 << (N_PQ_LIST - 1)) - 1);
   while (todo_buckets) {
     k++;
     todo_buckets >>= 1;
diff --git a/iocore/eventsystem/P_IOBuffer.h b/iocore/eventsystem/P_IOBuffer.h
index a3193b60b00..f1ce0394587 100644
--- a/iocore/eventsystem/P_IOBuffer.h
+++ b/iocore/eventsystem/P_IOBuffer.h
@@ -94,7 +94,7 @@ iobufferblock_clone(IOBufferBlock *src, int64_t offset, int64_t len)
     }
 
     IOBufferBlock *new_buf = src->clone();
-    new_buf->_start += offset;
+    new_buf->_start        += offset;
     new_buf->_buf_end = new_buf->_end = new_buf->_start + bytes;
 
     if (!start_buf) {
@@ -105,7 +105,7 @@ iobufferblock_clone(IOBufferBlock *src, int64_t offset, int64_t len)
       current_buf       = new_buf;
     }
 
-    len -= bytes;
+    len    -= bytes;
     src    = src->next.get();
     offset = 0;
   }
@@ -132,8 +132,8 @@ iobufferblock_skip(IOBufferBlock *b, int64_t *poffset, int64_t *plen, int64_t wr
     }
 
     if (len >= max_bytes) {
-      b = b->next.get();
-      len -= max_bytes;
+      b      = b->next.get();
+      len    -= max_bytes;
       offset = 0;
     } else {
       offset = offset + len;
@@ -142,7 +142,7 @@ iobufferblock_skip(IOBufferBlock *b, int64_t *poffset, int64_t *plen, int64_t wr
   }
 
   *poffset = offset;
-  *plen -= write;
+  *plen    -= write;
   return b;
 }
 
@@ -431,7 +431,7 @@ IOBufferReader::skip_empty_blocks()
 {
   while (block->next && block->next->read_avail() && start_offset >= block->size()) {
     start_offset -= block->size();
-    block = block->next;
+    block        = block->next;
   }
 }
 
@@ -564,7 +564,7 @@ IOBufferReader::consume(int64_t n)
   int64_t r = block->read_avail();
   int64_t s = start_offset;
   while (r <= s && block->next && block->next->read_avail()) {
-    s -= r;
+    s            -= r;
     start_offset = s;
     block        = block->next;
     r            = block->read_avail();
diff --git a/iocore/eventsystem/UnixEThread.cc b/iocore/eventsystem/UnixEThread.cc
index a4e4d45b97c..eeff1d93b6a 100644
--- a/iocore/eventsystem/UnixEThread.cc
+++ b/iocore/eventsystem/UnixEThread.cc
@@ -39,7 +39,7 @@
 
 struct AIOCallback;
 
-#define NO_HEARTBEAT -1
+#define NO_HEARTBEAT                  -1
 #define THREAD_MAX_HEARTBEAT_MSECONDS 60
 
 // !! THIS MUST BE IN THE ENUM ORDER !!
@@ -351,13 +351,13 @@ EThread::execute()
 EThread::Metrics::Slice &
 EThread::Metrics::Slice::operator+=(Slice const &that)
 {
-  this->_events._max = std::max(this->_events._max, that._events._max);
-  this->_events._min = std::min(this->_events._min, that._events._min);
+  this->_events._max   = std::max(this->_events._max, that._events._max);
+  this->_events._min   = std::min(this->_events._min, that._events._min);
   this->_events._total += that._events._total;
   this->_duration._min = std::min(this->_duration._min, that._duration._min);
   this->_duration._max = std::max(this->_duration._max, that._duration._max);
-  this->_count += that._count;
-  this->_wait += that._wait;
+  this->_count         += that._count;
+  this->_wait          += that._wait;
   return *this;
 }
 
@@ -389,6 +389,6 @@ EThread::Metrics::summarize(Metrics &global)
   // Only summarize if there's no outstanding decay.
   if (0 == _decay_count) {
     global._loop_timing += _loop_timing;
-    global._api_timing += _api_timing;
+    global._api_timing  += _api_timing;
   }
 }
diff --git a/iocore/eventsystem/unit_tests/test_EventSystem.cc b/iocore/eventsystem/unit_tests/test_EventSystem.cc
index 776724fad6a..37a056a787f 100644
--- a/iocore/eventsystem/unit_tests/test_EventSystem.cc
+++ b/iocore/eventsystem/unit_tests/test_EventSystem.cc
@@ -32,7 +32,7 @@
 #include "diags.i"
 
 #define TEST_TIME_SECOND 60
-#define TEST_THREADS 2
+#define TEST_THREADS     2
 
 TEST_CASE("EventSystem", "[iocore]")
 {
diff --git a/iocore/eventsystem/unit_tests/test_MIOBufferWriter.cc b/iocore/eventsystem/unit_tests/test_MIOBufferWriter.cc
index 622d4ac9d65..d0a0be2bc40 100644
--- a/iocore/eventsystem/unit_tests/test_MIOBufferWriter.cc
+++ b/iocore/eventsystem/unit_tests/test_MIOBufferWriter.cc
@@ -119,7 +119,7 @@ genData(int numBytes)
   std::string s(numBytes, ' ');
 
   for (int i{0}; i < numBytes; ++i) {
-    s[i] = genData;
+    s[i]    = genData;
     genData += 7;
   }
 
diff --git a/iocore/hostdb/HostDB.cc b/iocore/hostdb/HostDB.cc
index fadbf9b23d7..ee8511d27b3 100644
--- a/iocore/hostdb/HostDB.cc
+++ b/iocore/hostdb/HostDB.cc
@@ -2111,7 +2111,7 @@ HostDBRecord::alloc(TextView query_name, unsigned int rr_count, size_t srv_name_
   // where in our block of memory we are
   int offset = sizeof(self_type);
   memcpy(self->apply_offset<void>(offset), query_name);
-  offset += qn_size;
+  offset          += qn_size;
   self->rr_offset = offset;
   self->rr_count  = rr_count;
   // Construct the info instances to a valid state.
@@ -2178,8 +2178,8 @@ HostDBRecord::select_best_srv(char *target, InkRand *rand, ts_time now, ts_secon
     }
 
     if (target.data.srv.srv_priority <= p) {
-      p = target.data.srv.srv_priority;
-      weight += target.data.srv.srv_weight;
+      p              = target.data.srv.srv_priority;
+      weight         += target.data.srv.srv_weight;
       live[live_n++] = &target;
     } else {
       break;
diff --git a/iocore/hostdb/I_HostDBProcessor.h b/iocore/hostdb/I_HostDBProcessor.h
index 58397998adf..2d8c01ced54 100644
--- a/iocore/hostdb/I_HostDBProcessor.h
+++ b/iocore/hostdb/I_HostDBProcessor.h
@@ -40,12 +40,12 @@
 #include "SRV.h"
 
 // Event returned on a lookup
-#define EVENT_HOST_DB_LOOKUP (HOSTDB_EVENT_EVENTS_START + 0)
-#define EVENT_HOST_DB_IP_REMOVED (HOSTDB_EVENT_EVENTS_START + 1)
+#define EVENT_HOST_DB_LOOKUP       (HOSTDB_EVENT_EVENTS_START + 0)
+#define EVENT_HOST_DB_IP_REMOVED   (HOSTDB_EVENT_EVENTS_START + 1)
 #define EVENT_HOST_DB_GET_RESPONSE (HOSTDB_EVENT_EVENTS_START + 2)
 
-#define EVENT_SRV_LOOKUP (SRV_EVENT_EVENTS_START + 0)
-#define EVENT_SRV_IP_REMOVED (SRV_EVENT_EVENTS_START + 1)
+#define EVENT_SRV_LOOKUP       (SRV_EVENT_EVENTS_START + 0)
+#define EVENT_SRV_IP_REMOVED   (SRV_EVENT_EVENTS_START + 1)
 #define EVENT_SRV_GET_RESPONSE (SRV_EVENT_EVENTS_START + 2)
 
 //
@@ -105,10 +105,10 @@ class HostDBRecord;
 
 /// Information for an SRV record.
 struct SRVInfo {
-  unsigned int srv_offset : 16; ///< Memory offset from @c HostDBInfo to name.
-  unsigned int srv_weight : 16;
+  unsigned int srv_offset   : 16; ///< Memory offset from @c HostDBInfo to name.
+  unsigned int srv_weight   : 16;
   unsigned int srv_priority : 16;
-  unsigned int srv_port : 16;
+  unsigned int srv_port     : 16;
   unsigned int key;
 };
 
@@ -849,7 +849,8 @@ ResolveInfo::mark_active_server_dead(ts_time now)
   return active != nullptr && active->mark_down(now);
 }
 
-inline bool ResolveInfo::set_active(std::nullptr_t)
+inline bool
+ResolveInfo::set_active(std::nullptr_t)
 {
   active     = nullptr;
   resolved_p = false;
diff --git a/iocore/hostdb/P_HostDBProcessor.h b/iocore/hostdb/P_HostDBProcessor.h
index ad1fd1a9706..c3c9f217b78 100644
--- a/iocore/hostdb/P_HostDBProcessor.h
+++ b/iocore/hostdb/P_HostDBProcessor.h
@@ -85,7 +85,7 @@ extern const char *string_for(HostDBMark mark);
 //
 
 #define HOST_DB_HITS_BITS 3
-#define HOST_DB_TAG_BITS 56
+#define HOST_DB_TAG_BITS  56
 
 #define CONFIGURATION_HISTORY_PROBE_DEPTH 1
 
@@ -95,7 +95,7 @@ extern const char *string_for(HostDBMark mark);
 // 2.2: IP family split 2.1 : IPv6
 
 #define DEFAULT_HOST_DB_FILENAME "host.db"
-#define DEFAULT_HOST_DB_SIZE (1 << 14)
+#define DEFAULT_HOST_DB_SIZE     (1 << 14)
 // Timeout DNS every 24 hours by default if ttl_mode is enabled
 #define HOST_DB_IP_TIMEOUT (24 * 60 * 60)
 // DNS entries should be revalidated every 12 hours
@@ -103,7 +103,7 @@ extern const char *string_for(HostDBMark mark);
 // DNS entries which failed lookup, should be revalidated every hour
 #define HOST_DB_IP_FAIL_TIMEOUT (60 * 60)
 
-//#define HOST_DB_MAX_INTERVAL                 (0x7FFFFFFF)
+// #define HOST_DB_MAX_INTERVAL                 (0x7FFFFFFF)
 const unsigned int HOST_DB_MAX_TTL = (0x1FFFFF); // 24 days
 
 //
@@ -111,10 +111,10 @@ const unsigned int HOST_DB_MAX_TTL = (0x1FFFFF); // 24 days
 //
 
 // period to wait for a remote probe...
-#define HOST_DB_RETRY_PERIOD HRTIME_MSECONDS(20)
+#define HOST_DB_RETRY_PERIOD   HRTIME_MSECONDS(20)
 #define HOST_DB_ITERATE_PERIOD HRTIME_MSECONDS(5)
 
-//#define TEST(_x) _x
+// #define TEST(_x) _x
 #define TEST(_x)
 
 struct HostEnt;
@@ -248,7 +248,7 @@ struct HostDBContinuation : public Continuation {
   //  void *m_pDS;
   Action *pending_action = nullptr;
 
-  unsigned int missing : 1;
+  unsigned int missing   : 1;
   unsigned int force_dns : 1;
 
   int probeEvent(int event, Event *e);
diff --git a/iocore/hostdb/test_HostFile.cc b/iocore/hostdb/test_HostFile.cc
index ee002e8bac8..7b728c3f129 100644
--- a/iocore/hostdb/test_HostFile.cc
+++ b/iocore/hostdb/test_HostFile.cc
@@ -148,7 +148,7 @@ HostDBRecord::alloc(ts::TextView query_name, unsigned int rr_count, size_t srv_n
   // where in our block of memory we are
   int offset = sizeof(self_type);
   memcpy(self->apply_offset<void>(offset), query_name);
-  offset += qn_size;
+  offset          += qn_size;
   self->rr_offset = offset;
   self->rr_count  = rr_count;
   // Construct the info instances to a valid state.
diff --git a/iocore/hostdb/test_RefCountCache.cc b/iocore/hostdb/test_RefCountCache.cc
index 7e9c7f0916e..331694e5e7b 100644
--- a/iocore/hostdb/test_RefCountCache.cc
+++ b/iocore/hostdb/test_RefCountCache.cc
@@ -138,7 +138,7 @@ testRefcounting()
 
   // Create and then immediately delete an item
   ExampleStruct *to_delete = ExampleStruct::alloc();
-  ret |= to_delete->refcount() != 0;
+  ret                      |= to_delete->refcount() != 0;
   cache->put(1, to_delete);
   ret |= to_delete->refcount() != 1;
   cache->erase(1);
@@ -147,7 +147,7 @@ testRefcounting()
 
   // Set an item in the cache
   ExampleStruct *tmp = ExampleStruct::alloc();
-  ret |= tmp->refcount() != 0;
+  ret                |= tmp->refcount() != 0;
   printf("ret=%d ref=%d\n", ret, tmp->refcount());
   cache->put(static_cast<uint64_t>(1), tmp);
   ret |= tmp->refcount() != 1;
@@ -156,11 +156,11 @@ testRefcounting()
 
   // Grab a pointer to item 1
   Ptr<ExampleStruct> ccitem = cache->get(static_cast<uint64_t>(1));
-  ret |= tmp->refcount() != 2;
+  ret                       |= tmp->refcount() != 2;
   printf("ret=%d ref=%d\n", ret, tmp->refcount());
 
   Ptr<ExampleStruct> tmpAfter = cache->get(static_cast<uint64_t>(1));
-  ret |= tmp->refcount() != 3;
+  ret                         |= tmp->refcount() != 3;
   printf("ret=%d ref=%d\n", ret, tmp->refcount());
 
   // Delete a single item
@@ -187,7 +187,7 @@ testclear()
 
   // Create and then immediately delete an item
   ExampleStruct *item = ExampleStruct::alloc();
-  ret |= item->refcount() != 0;
+  ret                 |= item->refcount() != 0;
   cache->put(1, item);
   ret |= item->refcount() != 1;
   cache->clear();
diff --git a/iocore/net/BIO_fastopen.cc b/iocore/net/BIO_fastopen.cc
index f46d8e1c361..48e5abbe3fb 100644
--- a/iocore/net/BIO_fastopen.cc
+++ b/iocore/net/BIO_fastopen.cc
@@ -181,18 +181,20 @@ fastopen_ctrl(BIO *bio, int cmd, long larg, void *ptr)
 }
 
 #ifndef HAVE_BIO_METH_NEW
-static const BIO_METHOD fastopen_methods[] = {{
-  .type          = BIO_TYPE_SOCKET,
-  .name          = "fastopen",
-  .bwrite        = fastopen_bwrite,
-  .bread         = fastopen_bread,
-  .bputs         = nullptr,
-  .bgets         = nullptr,
-  .ctrl          = fastopen_ctrl,
-  .create        = fastopen_create,
-  .destroy       = fastopen_destroy,
-  .callback_ctrl = nullptr,
-}};
+static const BIO_METHOD fastopen_methods[] = {
+  {
+   .type          = BIO_TYPE_SOCKET,
+   .name          = "fastopen",
+   .bwrite        = fastopen_bwrite,
+   .bread         = fastopen_bread,
+   .bputs         = nullptr,
+   .bgets         = nullptr,
+   .ctrl          = fastopen_ctrl,
+   .create        = fastopen_create,
+   .destroy       = fastopen_destroy,
+   .callback_ctrl = nullptr,
+   }
+};
 #else
 static const BIO_METHOD *fastopen_methods = [] {
   BIO_METHOD *methods = BIO_meth_new(BIO_TYPE_SOCKET, "fastopen");
diff --git a/iocore/net/Connection.cc b/iocore/net/Connection.cc
index 3d60ebe6aac..9209d5733e2 100644
--- a/iocore/net/Connection.cc
+++ b/iocore/net/Connection.cc
@@ -41,7 +41,7 @@
 // #define RECV_BUF_SIZE            (1024*64)
 // #define SEND_BUF_SIZE            (1024*64)
 #define FIRST_RANDOM_PORT 16000
-#define LAST_RANDOM_PORT 32000
+#define LAST_RANDOM_PORT  32000
 
 int
 get_listen_backlog()
diff --git a/iocore/net/I_Net.h b/iocore/net/I_Net.h
index 93662583b3e..9a992d4b4c1 100644
--- a/iocore/net/I_Net.h
+++ b/iocore/net/I_Net.h
@@ -64,21 +64,21 @@ extern int net_throttle_delay;
 extern std::string_view net_ccp_in;
 extern std::string_view net_ccp_out;
 
-#define NET_EVENT_OPEN (NET_EVENT_EVENTS_START)
-#define NET_EVENT_OPEN_FAILED (NET_EVENT_EVENTS_START + 1)
-#define NET_EVENT_ACCEPT (NET_EVENT_EVENTS_START + 2)
-#define NET_EVENT_ACCEPT_SUCCEED (NET_EVENT_EVENTS_START + 3)
-#define NET_EVENT_ACCEPT_FAILED (NET_EVENT_EVENTS_START + 4)
-#define NET_EVENT_CANCEL (NET_EVENT_EVENTS_START + 5)
-#define NET_EVENT_DATAGRAM_READ_COMPLETE (NET_EVENT_EVENTS_START + 6)
-#define NET_EVENT_DATAGRAM_READ_ERROR (NET_EVENT_EVENTS_START + 7)
+#define NET_EVENT_OPEN                    (NET_EVENT_EVENTS_START)
+#define NET_EVENT_OPEN_FAILED             (NET_EVENT_EVENTS_START + 1)
+#define NET_EVENT_ACCEPT                  (NET_EVENT_EVENTS_START + 2)
+#define NET_EVENT_ACCEPT_SUCCEED          (NET_EVENT_EVENTS_START + 3)
+#define NET_EVENT_ACCEPT_FAILED           (NET_EVENT_EVENTS_START + 4)
+#define NET_EVENT_CANCEL                  (NET_EVENT_EVENTS_START + 5)
+#define NET_EVENT_DATAGRAM_READ_COMPLETE  (NET_EVENT_EVENTS_START + 6)
+#define NET_EVENT_DATAGRAM_READ_ERROR     (NET_EVENT_EVENTS_START + 7)
 #define NET_EVENT_DATAGRAM_WRITE_COMPLETE (NET_EVENT_EVENTS_START + 8)
-#define NET_EVENT_DATAGRAM_WRITE_ERROR (NET_EVENT_EVENTS_START + 9)
-#define NET_EVENT_DATAGRAM_READ_READY (NET_EVENT_EVENTS_START + 10)
-#define NET_EVENT_DATAGRAM_OPEN (NET_EVENT_EVENTS_START + 11)
-#define NET_EVENT_DATAGRAM_ERROR (NET_EVENT_EVENTS_START + 12)
-#define NET_EVENT_ACCEPT_INTERNAL (NET_EVENT_EVENTS_START + 22)
-#define NET_EVENT_CONNECT_INTERNAL (NET_EVENT_EVENTS_START + 23)
+#define NET_EVENT_DATAGRAM_WRITE_ERROR    (NET_EVENT_EVENTS_START + 9)
+#define NET_EVENT_DATAGRAM_READ_READY     (NET_EVENT_EVENTS_START + 10)
+#define NET_EVENT_DATAGRAM_OPEN           (NET_EVENT_EVENTS_START + 11)
+#define NET_EVENT_DATAGRAM_ERROR          (NET_EVENT_EVENTS_START + 12)
+#define NET_EVENT_ACCEPT_INTERNAL         (NET_EVENT_EVENTS_START + 22)
+#define NET_EVENT_CONNECT_INTERNAL        (NET_EVENT_EVENTS_START + 23)
 
 #define MAIN_ACCEPT_PORT -1
 
diff --git a/iocore/net/I_NetProcessor.h b/iocore/net/I_NetProcessor.h
index 893f89da8e7..d4f5d29fd01 100644
--- a/iocore/net/I_NetProcessor.h
+++ b/iocore/net/I_NetProcessor.h
@@ -224,7 +224,7 @@ class NetProcessor : public Processor
   static AcceptOptions const DEFAULT_ACCEPT_OPTIONS;
 
   // noncopyable
-  NetProcessor(const NetProcessor &) = delete;
+  NetProcessor(const NetProcessor &)            = delete;
   NetProcessor &operator=(const NetProcessor &) = delete;
 
 private:
diff --git a/iocore/net/I_NetVConnection.h b/iocore/net/I_NetVConnection.h
index 1389beb14f4..cded188cbe7 100644
--- a/iocore/net/I_NetVConnection.h
+++ b/iocore/net/I_NetVConnection.h
@@ -817,7 +817,7 @@ class NetVConnection : public VConnection, public PluginUserArgs<TS_USER_ARGS_VC
   }
 
   // noncopyable
-  NetVConnection(const NetVConnection &) = delete;
+  NetVConnection(const NetVConnection &)            = delete;
   NetVConnection &operator=(const NetVConnection &) = delete;
 
   ProxyProtocolVersion
diff --git a/iocore/net/I_Socks.h b/iocore/net/I_Socks.h
index b1e7e5c75ba..e1249e77f6f 100644
--- a/iocore/net/I_Socks.h
+++ b/iocore/net/I_Socks.h
@@ -30,16 +30,16 @@
 #define SOCKS_WITH_TS
 
 #define SOCKS_DEFAULT_VERSION 0 // defined the configuration variable
-#define SOCKS4_VERSION 4
-#define SOCKS5_VERSION 5
-#define SOCKS_CONNECT 1
-#define SOCKS4_REQ_LEN 9
-#define SOCKS4_REP_LEN 8
-#define SOCKS5_REP_LEN 262 // maximum possible
-#define SOCKS4_REQ_GRANTED 90
-#define SOCKS4_CONN_FAILED 91
-#define SOCKS5_REQ_GRANTED 0
-#define SOCKS5_CONN_FAILED 1
+#define SOCKS4_VERSION        4
+#define SOCKS5_VERSION        5
+#define SOCKS_CONNECT         1
+#define SOCKS4_REQ_LEN        9
+#define SOCKS4_REP_LEN        8
+#define SOCKS5_REP_LEN        262 // maximum possible
+#define SOCKS4_REQ_GRANTED    90
+#define SOCKS4_CONN_FAILED    91
+#define SOCKS5_REQ_GRANTED    0
+#define SOCKS5_CONN_FAILED    1
 
 enum {
   // For these two, we need to pick two values which are not used for any of the
diff --git a/iocore/net/Net.cc b/iocore/net/Net.cc
index 7f1ec3ceb5e..0fc615b5032 100644
--- a/iocore/net/Net.cc
+++ b/iocore/net/Net.cc
@@ -81,30 +81,30 @@ static inline void
 register_net_stats()
 {
   const std::pair<const char *, Net_Stats> persistent[] = {
-    {"proxy.process.net.calls_to_read", net_calls_to_read_stat},
-    {"proxy.process.net.calls_to_read_nodata", net_calls_to_read_nodata_stat},
-    {"proxy.process.net.calls_to_readfromnet", net_calls_to_readfromnet_stat},
-    {"proxy.process.net.calls_to_write", net_calls_to_write_stat},
-    {"proxy.process.net.calls_to_write_nodata", net_calls_to_write_nodata_stat},
-    {"proxy.process.net.calls_to_writetonet", net_calls_to_writetonet_stat},
+    {"proxy.process.net.calls_to_read",                       net_calls_to_read_stat                  },
+    {"proxy.process.net.calls_to_read_nodata",                net_calls_to_read_nodata_stat           },
+    {"proxy.process.net.calls_to_readfromnet",                net_calls_to_readfromnet_stat           },
+    {"proxy.process.net.calls_to_write",                      net_calls_to_write_stat                 },
+    {"proxy.process.net.calls_to_write_nodata",               net_calls_to_write_nodata_stat          },
+    {"proxy.process.net.calls_to_writetonet",                 net_calls_to_writetonet_stat            },
     {"proxy.process.net.inactivity_cop_lock_acquire_failure", inactivity_cop_lock_acquire_failure_stat},
-    {"proxy.process.net.net_handler_run", net_handler_run_stat},
-    {"proxy.process.net.read_bytes", net_read_bytes_stat},
-    {"proxy.process.net.write_bytes", net_write_bytes_stat},
-    {"proxy.process.net.fastopen_out.attempts", net_fastopen_attempts_stat},
-    {"proxy.process.net.fastopen_out.successes", net_fastopen_successes_stat},
-    {"proxy.process.socks.connections_successful", socks_connections_successful_stat},
-    {"proxy.process.socks.connections_unsuccessful", socks_connections_unsuccessful_stat},
+    {"proxy.process.net.net_handler_run",                     net_handler_run_stat                    },
+    {"proxy.process.net.read_bytes",                          net_read_bytes_stat                     },
+    {"proxy.process.net.write_bytes",                         net_write_bytes_stat                    },
+    {"proxy.process.net.fastopen_out.attempts",               net_fastopen_attempts_stat              },
+    {"proxy.process.net.fastopen_out.successes",              net_fastopen_successes_stat             },
+    {"proxy.process.socks.connections_successful",            socks_connections_successful_stat       },
+    {"proxy.process.socks.connections_unsuccessful",          socks_connections_unsuccessful_stat     },
   };
 
   const std::pair<const char *, Net_Stats> non_persistent[] = {
-    {"proxy.process.net.accepts_currently_open", net_accepts_currently_open_stat},
-    {"proxy.process.net.connections_currently_open", net_connections_currently_open_stat},
-    {"proxy.process.net.default_inactivity_timeout_applied", default_inactivity_timeout_applied_stat},
-    {"proxy.process.net.default_inactivity_timeout_count", default_inactivity_timeout_count_stat},
-    {"proxy.process.net.dynamic_keep_alive_timeout_in_count", keep_alive_queue_timeout_count_stat},
-    {"proxy.process.net.dynamic_keep_alive_timeout_in_total", keep_alive_queue_timeout_total_stat},
-    {"proxy.process.socks.connections_currently_open", socks_connections_currently_open_stat},
+    {"proxy.process.net.accepts_currently_open",              net_accepts_currently_open_stat        },
+    {"proxy.process.net.connections_currently_open",          net_connections_currently_open_stat    },
+    {"proxy.process.net.default_inactivity_timeout_applied",  default_inactivity_timeout_applied_stat},
+    {"proxy.process.net.default_inactivity_timeout_count",    default_inactivity_timeout_count_stat  },
+    {"proxy.process.net.dynamic_keep_alive_timeout_in_count", keep_alive_queue_timeout_count_stat    },
+    {"proxy.process.net.dynamic_keep_alive_timeout_in_total", keep_alive_queue_timeout_total_stat    },
+    {"proxy.process.socks.connections_currently_open",        socks_connections_currently_open_stat  },
   };
 
   for (auto &p : persistent) {
diff --git a/iocore/net/NetEvent.h b/iocore/net/NetEvent.h
index 27808bf4fb4..c535374a42a 100644
--- a/iocore/net/NetEvent.h
+++ b/iocore/net/NetEvent.h
@@ -119,7 +119,7 @@ class NetEvent
     unsigned int flags = 0;
     struct {
       unsigned int got_local_addr : 1;
-      unsigned int shutdown : 2;
+      unsigned int shutdown       : 2;
     } f;
   };
 };
diff --git a/iocore/net/NetVCTest.cc b/iocore/net/NetVCTest.cc
index 59a066b8b0f..191113c494a 100644
--- a/iocore/net/NetVCTest.cc
+++ b/iocore/net/NetVCTest.cc
@@ -45,38 +45,37 @@
 //
 NVC_test_def netvc_tests_def[] = {
 
-  {"basic", 2000, 2000, 2000, 2000, 50, 10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE},
-  {"basic", 2000, 2000, 2000, 2000, 50, 10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE},
+  {"basic",    2000,    2000,    2000,    2000,    50,    10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE    },
+  {"basic",    2000,    2000,    2000,    2000,    50,    10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE    },
 
-  {"basic2", 10001, 10001, 5001, 5001, 1024, 10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE},
-  {"basic2", 5001, 5001, 10001, 10001, 1024, 10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE},
+  {"basic2",   10001,   10001,   5001,    5001,    1024,  10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE    },
+  {"basic2",   5001,    5001,    10001,   10001,   1024,  10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE    },
 
-  {"large", 1000000, 1000000, 500000, 500000, 8192, 10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE},
-  {"large", 500000, 500000, 1000000, 1000000, 8192, 10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE},
+  {"large",    1000000, 1000000, 500000,  500000,  8192,  10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE    },
+  {"large",    500000,  500000,  1000000, 1000000, 8192,  10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE    },
 
-  // Test large block transfers
-  {"larget", 1000000, 1000000, 500000, 500000, 40000, 10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE},
-  {"larget", 500000, 500000, 1000000, 1000000, 40000, 10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE},
+ // Test large block transfers
+  {"larget",   1000000, 1000000, 500000,  500000,  40000, 10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE    },
+  {"larget",   500000,  500000,  1000000, 1000000, 40000, 10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE    },
 
-  {"eos", 4000, 4000, 10, 10, 8192, 10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE},
-  {"eos", 10, 10, 6000, 6000, 8192, 10, VC_EVENT_EOS, VC_EVENT_WRITE_COMPLETE},
+  {"eos",      4000,    4000,    10,      10,      8192,  10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE    },
+  {"eos",      10,      10,      6000,    6000,    8192,  10, VC_EVENT_EOS,           VC_EVENT_WRITE_COMPLETE    },
 
-  {"werr", 4000, 4000, 10, 10, 129, 10, VC_EVENT_READ_COMPLETE, VC_EVENT_ERROR},
-  {"werr", 10, 10, 10, 10, 129, 10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE},
+  {"werr",     4000,    4000,    10,      10,      129,   10, VC_EVENT_READ_COMPLETE, VC_EVENT_ERROR             },
+  {"werr",     10,      10,      10,      10,      129,   10, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE    },
 
-  {"itimeout", 6000, 8000, 10, 10, 512, 10, VC_EVENT_READ_COMPLETE, VC_EVENT_INACTIVITY_TIMEOUT},
-  {"itimeout", 10, 10, 6000, 8000, 512, 20, VC_EVENT_EOS, VC_EVENT_WRITE_COMPLETE},
+  {"itimeout", 6000,    8000,    10,      10,      512,   10, VC_EVENT_READ_COMPLETE, VC_EVENT_INACTIVITY_TIMEOUT},
+  {"itimeout", 10,      10,      6000,    8000,    512,   20, VC_EVENT_EOS,           VC_EVENT_WRITE_COMPLETE    },
 
-  // Test the small transfer code one byte at a time
-  {"smallt", 400, 400, 500, 500, 1, 15, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE},
-  {"smallt", 500, 500, 400, 400, 1, 15, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE},
+ // Test the small transfer code one byte at a time
+  {"smallt",   400,     400,     500,     500,     1,     15, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE    },
+  {"smallt",   500,     500,     400,     400,     1,     15, VC_EVENT_READ_COMPLETE, VC_EVENT_WRITE_COMPLETE    },
 
-  // The purpose of this test is show that stack can over flow if we move too
+ // The purpose of this test is show that stack can over flow if we move too
   //   small of blocks between the buffers.  EVENT_NONE is wild card error event
   //   since which side gets the timeout is unpredictable
-  {"overflow", 1000000, 1000000, 50, 50, 1, 20, VC_EVENT_READ_COMPLETE, EVENT_NONE},
-  {"overflow", 50, 50, 0, 35000, 1024, 35, EVENT_NONE, VC_EVENT_WRITE_COMPLETE}
-
+  {"overflow", 1000000, 1000000, 50,      50,      1,     20, VC_EVENT_READ_COMPLETE, EVENT_NONE                 },
+  {"overflow", 50,      50,      0,       35000,   1024,  35, EVENT_NONE,             VC_EVENT_WRITE_COMPLETE    }
 };
 const unsigned num_netvc_tests = countof(netvc_tests_def);
 
@@ -278,7 +277,7 @@ NetVCTest::write_handler(int event)
     if (write_vio->ndone < bytes_to_send) {
       int left_to_send = bytes_to_send - actual_bytes_sent;
       ink_assert(left_to_send >= 0);
-      int to_fill = std::min(left_to_send, write_bytes_to_add_per);
+      int to_fill       = std::min(left_to_send, write_bytes_to_add_per);
       actual_bytes_sent += fill_buffer(write_buffer, &write_seed, to_fill);
       write_vio->reenable();
     }
diff --git a/iocore/net/P_Connection.h b/iocore/net/P_Connection.h
index 6bc43815322..dd1a95c051c 100644
--- a/iocore/net/P_Connection.h
+++ b/iocore/net/P_Connection.h
@@ -58,19 +58,19 @@ struct NetVCOptions;
 //
 
 #define NON_BLOCKING_CONNECT true
-#define BLOCKING_CONNECT false
-#define CONNECT_WITH_TCP true
-#define CONNECT_WITH_UDP false
-#define NON_BLOCKING true
-#define BLOCKING false
-#define BIND_RANDOM_PORT true
-#define BIND_ANY_PORT false
-#define ENABLE_MC_LOOPBACK true
-#define DISABLE_MC_LOOPBACK false
-#define BC_NO_CONNECT true
-#define BC_CONNECT false
-#define BC_NO_BIND true
-#define BC_BIND false
+#define BLOCKING_CONNECT     false
+#define CONNECT_WITH_TCP     true
+#define CONNECT_WITH_UDP     false
+#define NON_BLOCKING         true
+#define BLOCKING             false
+#define BIND_RANDOM_PORT     true
+#define BIND_ANY_PORT        false
+#define ENABLE_MC_LOOPBACK   true
+#define DISABLE_MC_LOOPBACK  false
+#define BC_NO_CONNECT        true
+#define BC_CONNECT           false
+#define BC_NO_BIND           true
+#define BC_BIND              false
 
 ///////////////////////////////////////////////////////////////////////
 //
diff --git a/iocore/net/P_Net.h b/iocore/net/P_Net.h
index 9381b0a1a60..09c2fa12512 100644
--- a/iocore/net/P_Net.h
+++ b/iocore/net/P_Net.h
@@ -62,9 +62,9 @@ enum Net_Stats {
 
 struct RecRawStatBlock;
 extern RecRawStatBlock *net_rsb;
-#define SSL_HANDSHAKE_WANT_READ 6
-#define SSL_HANDSHAKE_WANT_WRITE 7
-#define SSL_HANDSHAKE_WANT_ACCEPT 8
+#define SSL_HANDSHAKE_WANT_READ    6
+#define SSL_HANDSHAKE_WANT_WRITE   7
+#define SSL_HANDSHAKE_WANT_ACCEPT  8
 #define SSL_HANDSHAKE_WANT_CONNECT 9
 
 #define NET_INCREMENT_DYN_STAT(_x) RecIncrRawStatSum(net_rsb, mutex->thread_holding, (int)_x, 1)
@@ -88,7 +88,7 @@ extern RecRawStatBlock *net_rsb;
   } while (0);
 
 // For global access
-#define NET_SUM_GLOBAL_DYN_STAT(_x, _r) RecIncrGlobalRawStatSum(net_rsb, (_x), (_r))
+#define NET_SUM_GLOBAL_DYN_STAT(_x, _r)   RecIncrGlobalRawStatSum(net_rsb, (_x), (_r))
 #define NET_READ_GLOBAL_DYN_SUM(_x, _sum) RecGetGlobalRawStatSum(net_rsb, _x, &_sum)
 
 #include "tscore/ink_platform.h"
diff --git a/iocore/net/P_QUICNextProtocolAccept_native.h b/iocore/net/P_QUICNextProtocolAccept_native.h
index 6dee22225d4..d4394755f59 100644
--- a/iocore/net/P_QUICNextProtocolAccept_native.h
+++ b/iocore/net/P_QUICNextProtocolAccept_native.h
@@ -46,7 +46,7 @@ class QUICNextProtocolAccept : public SessionAccept
   SSLNextProtocolSet *getProtoSet();
 
   // noncopyable
-  QUICNextProtocolAccept(const QUICNextProtocolAccept &) = delete;
+  QUICNextProtocolAccept(const QUICNextProtocolAccept &)            = delete;
   QUICNextProtocolAccept &operator=(const QUICNextProtocolAccept &) = delete;
 
 private:
diff --git a/iocore/net/P_QUICNextProtocolAccept_quiche.h b/iocore/net/P_QUICNextProtocolAccept_quiche.h
index 49654d58177..7b39ef417ea 100644
--- a/iocore/net/P_QUICNextProtocolAccept_quiche.h
+++ b/iocore/net/P_QUICNextProtocolAccept_quiche.h
@@ -46,7 +46,7 @@ class QUICNextProtocolAccept : public SessionAccept
   SSLNextProtocolSet *getProtoSet();
 
   // noncopyable
-  QUICNextProtocolAccept(const QUICNextProtocolAccept &) = delete;
+  QUICNextProtocolAccept(const QUICNextProtocolAccept &)            = delete;
   QUICNextProtocolAccept &operator=(const QUICNextProtocolAccept &) = delete;
 
 private:
diff --git a/iocore/net/P_SNIActionPerformer.h b/iocore/net/P_SNIActionPerformer.h
index 8088d25bd9a..9d6d98480b8 100644
--- a/iocore/net/P_SNIActionPerformer.h
+++ b/iocore/net/P_SNIActionPerformer.h
@@ -233,7 +233,7 @@ class VerifyClient : public ActionItem
   }
 
   // No copying or moving.
-  VerifyClient(VerifyClient const &) = delete;
+  VerifyClient(VerifyClient const &)            = delete;
   VerifyClient &operator=(VerifyClient const &) = delete;
 };
 
diff --git a/iocore/net/P_SSLNetProcessor.h b/iocore/net/P_SSLNetProcessor.h
index 92183ed82d7..70fbc0989cf 100644
--- a/iocore/net/P_SSLNetProcessor.h
+++ b/iocore/net/P_SSLNetProcessor.h
@@ -68,7 +68,7 @@ struct SSLNetProcessor : public UnixNetProcessor {
   NetVConnection *allocate_vc(EThread *t) override;
 
   // noncopyable
-  SSLNetProcessor(const SSLNetProcessor &) = delete;
+  SSLNetProcessor(const SSLNetProcessor &)            = delete;
   SSLNetProcessor &operator=(const SSLNetProcessor &) = delete;
 };
 
diff --git a/iocore/net/P_SSLNetVConnection.h b/iocore/net/P_SSLNetVConnection.h
index f14ffffba14..de6c666246c 100644
--- a/iocore/net/P_SSLNetVConnection.h
+++ b/iocore/net/P_SSLNetVConnection.h
@@ -74,8 +74,8 @@
 // (another 20-60 bytes on average, depending on the negotiated ciphersuite [2]).
 // All in all: 1500 - 40 (IP) - 20 (TCP) - 40 (TCP options) - TLS overhead (60-100)
 // For larger records, the size is determined by TLS protocol record size
-#define SSL_DEF_TLS_RECORD_SIZE 1300  // 1500 - 40 (IP) - 20 (TCP) - 40 (TCP options) - TLS overhead (60-100)
-#define SSL_MAX_TLS_RECORD_SIZE 16383 // 2^14 - 1
+#define SSL_DEF_TLS_RECORD_SIZE           1300  // 1500 - 40 (IP) - 20 (TCP) - 40 (TCP options) - TLS overhead (60-100)
+#define SSL_MAX_TLS_RECORD_SIZE           16383 // 2^14 - 1
 #define SSL_DEF_TLS_RECORD_BYTE_THRESHOLD 1000000
 #define SSL_DEF_TLS_RECORD_MSEC_THRESHOLD 1000
 
@@ -315,7 +315,7 @@ class SSLNetVConnection : public UnixNetVConnection,
   SslVConnOp hookOpRequested = SSL_HOOK_OP_DEFAULT;
 
   // noncopyable
-  SSLNetVConnection(const SSLNetVConnection &) = delete;
+  SSLNetVConnection(const SSLNetVConnection &)            = delete;
   SSLNetVConnection &operator=(const SSLNetVConnection &) = delete;
 
   bool protocol_mask_set = false;
diff --git a/iocore/net/P_SSLNextProtocolAccept.h b/iocore/net/P_SSLNextProtocolAccept.h
index b32c81be8a4..18070cd6bc8 100644
--- a/iocore/net/P_SSLNextProtocolAccept.h
+++ b/iocore/net/P_SSLNextProtocolAccept.h
@@ -49,7 +49,7 @@ class SSLNextProtocolAccept : public SessionAccept
   SSLNextProtocolSet *getProtoSet();
 
   // noncopyable
-  SSLNextProtocolAccept(const SSLNextProtocolAccept &) = delete;            // disabled
+  SSLNextProtocolAccept(const SSLNextProtocolAccept &)            = delete; // disabled
   SSLNextProtocolAccept &operator=(const SSLNextProtocolAccept &) = delete; // disabled
 
 private:
diff --git a/iocore/net/P_SSLNextProtocolSet.h b/iocore/net/P_SSLNextProtocolSet.h
index 8b05b0a89c0..feb08234fd3 100644
--- a/iocore/net/P_SSLNextProtocolSet.h
+++ b/iocore/net/P_SSLNextProtocolSet.h
@@ -54,7 +54,7 @@ class SSLNextProtocolSet
   };
 
   // noncopyable
-  SSLNextProtocolSet(const SSLNextProtocolSet &) = delete;            // disabled
+  SSLNextProtocolSet(const SSLNextProtocolSet &)            = delete; // disabled
   SSLNextProtocolSet &operator=(const SSLNextProtocolSet &) = delete; // disabled
 
 private:
diff --git a/iocore/net/P_TLSKeyLogger.h b/iocore/net/P_TLSKeyLogger.h
index 18fadbe8762..87515e21daf 100644
--- a/iocore/net/P_TLSKeyLogger.h
+++ b/iocore/net/P_TLSKeyLogger.h
@@ -34,7 +34,7 @@
 class TLSKeyLogger
 {
 public:
-  TLSKeyLogger(const TLSKeyLogger &) = delete;
+  TLSKeyLogger(const TLSKeyLogger &)            = delete;
   TLSKeyLogger &operator=(const TLSKeyLogger &) = delete;
 
   ~TLSKeyLogger()
diff --git a/iocore/net/P_UDPNet.h b/iocore/net/P_UDPNet.h
index 8df862846a0..39837dcfbd3 100644
--- a/iocore/net/P_UDPNet.h
+++ b/iocore/net/P_UDPNet.h
@@ -60,8 +60,8 @@ extern UDPNetProcessorInternal udpNetInternal;
 
 // 20 ms slots; 2048 slots  => 40 sec. into the future
 #define SLOT_TIME_MSEC 20
-#define SLOT_TIME HRTIME_MSECONDS(SLOT_TIME_MSEC)
-#define N_SLOTS 2048
+#define SLOT_TIME      HRTIME_MSECONDS(SLOT_TIME_MSEC)
+#define N_SLOTS        2048
 
 constexpr int UDP_PERIOD    = 9;
 constexpr int UDP_NH_PERIOD = UDP_PERIOD + 1;
diff --git a/iocore/net/P_UDPPacket.h b/iocore/net/P_UDPPacket.h
index 22b432f0e32..6eb75270956 100644
--- a/iocore/net/P_UDPPacket.h
+++ b/iocore/net/P_UDPPacket.h
@@ -110,7 +110,7 @@ UDPPacket::getPktLength() const
   b            = p->chain.get();
   while (b) {
     p->pktLength += b->read_avail();
-    b = b->next.get();
+    b            = b->next.get();
   }
   return p->pktLength;
 }
diff --git a/iocore/net/P_UnixNet.h b/iocore/net/P_UnixNet.h
index 7c1f3d10c8a..dc58c09e8af 100644
--- a/iocore/net/P_UnixNet.h
+++ b/iocore/net/P_UnixNet.h
@@ -27,16 +27,16 @@
 
 #include "tscore/ink_platform.h"
 
-#define USE_EDGE_TRIGGER_EPOLL 1
+#define USE_EDGE_TRIGGER_EPOLL  1
 #define USE_EDGE_TRIGGER_KQUEUE 1
-#define USE_EDGE_TRIGGER_PORT 1
+#define USE_EDGE_TRIGGER_PORT   1
 
-#define EVENTIO_NETACCEPT 1
-#define EVENTIO_READWRITE_VC 2
+#define EVENTIO_NETACCEPT      1
+#define EVENTIO_READWRITE_VC   2
 #define EVENTIO_DNS_CONNECTION 3
 #define EVENTIO_UDP_CONNECTION 4
-#define EVENTIO_ASYNC_SIGNAL 5
-#define EVENTIO_DISK 6
+#define EVENTIO_ASYNC_SIGNAL   5
+#define EVENTIO_DISK           6
 
 #if TS_USE_EPOLL
 #ifndef EPOLLEXCLUSIVE
@@ -44,10 +44,10 @@
 #endif
 #ifdef USE_EDGE_TRIGGER_EPOLL
 #define USE_EDGE_TRIGGER 1
-#define EVENTIO_READ (EPOLLIN | EPOLLET)
-#define EVENTIO_WRITE (EPOLLOUT | EPOLLET)
+#define EVENTIO_READ     (EPOLLIN | EPOLLET)
+#define EVENTIO_WRITE    (EPOLLOUT | EPOLLET)
 #else
-#define EVENTIO_READ EPOLLIN
+#define EVENTIO_READ  EPOLLIN
 #define EVENTIO_WRITE EPOLLOUT
 #endif
 #define EVENTIO_ERROR (EPOLLERR | EPOLLPRI | EPOLLHUP)
@@ -55,12 +55,12 @@
 
 #if TS_USE_KQUEUE
 #ifdef USE_EDGE_TRIGGER_KQUEUE
-#define USE_EDGE_TRIGGER 1
+#define USE_EDGE_TRIGGER    1
 #define INK_EV_EDGE_TRIGGER EV_CLEAR
 #else
 #define INK_EV_EDGE_TRIGGER 0
 #endif
-#define EVENTIO_READ INK_EVP_IN
+#define EVENTIO_READ  INK_EVP_IN
 #define EVENTIO_WRITE INK_EVP_OUT
 #define EVENTIO_ERROR (0x010 | 0x002 | 0x020) // ERR PRI HUP
 #endif
@@ -68,7 +68,7 @@
 #ifdef USE_EDGE_TRIGGER_PORT
 #define USE_EDGE_TRIGGER 1
 #endif
-#define EVENTIO_READ POLLIN
+#define EVENTIO_READ  POLLIN
 #define EVENTIO_WRITE POLLOUT
 #define EVENTIO_ERROR (POLLERR | POLLPRI | POLLHUP)
 #endif
@@ -173,13 +173,13 @@ extern int http_accept_port_number;
 #define TRANSIENT_ACCEPT_ERROR_MESSAGE_EVERY HRTIME_HOURS(24)
 
 // also the 'throttle connect headroom'
-#define EMERGENCY_THROTTLE 16
-#define THROTTLE_AT_ONCE 5
+#define EMERGENCY_THROTTLE       16
+#define THROTTLE_AT_ONCE         5
 #define HYPER_EMERGENCY_THROTTLE 6
 
-#define NET_THROTTLE_ACCEPT_HEADROOM 1.1  // 10%
+#define NET_THROTTLE_ACCEPT_HEADROOM  1.1 // 10%
 #define NET_THROTTLE_CONNECT_HEADROOM 1.0 // 0%
-#define NET_THROTTLE_MESSAGE_EVERY HRTIME_MINUTES(10)
+#define NET_THROTTLE_MESSAGE_EVERY    HRTIME_MINUTES(10)
 
 #define PRINT_IP(x) ((uint8_t *)&(x))[0], ((uint8_t *)&(x))[1], ((uint8_t *)&(x))[2], ((uint8_t *)&(x))[3]
 
diff --git a/iocore/net/P_UnixNetVConnection.h b/iocore/net/P_UnixNetVConnection.h
index da0e1a4ff4e..3b5647bbe37 100644
--- a/iocore/net/P_UnixNetVConnection.h
+++ b/iocore/net/P_UnixNetVConnection.h
@@ -105,7 +105,7 @@ class UnixNetVConnection : public NetVConnection, public NetEvent
   const char *protocol_contains(std::string_view tag) const override;
 
   // noncopyable
-  UnixNetVConnection(const NetVConnection &) = delete;
+  UnixNetVConnection(const NetVConnection &)            = delete;
   UnixNetVConnection &operator=(const NetVConnection &) = delete;
 
   /////////////////////////
diff --git a/iocore/net/P_UnixPollDescriptor.h b/iocore/net/P_UnixPollDescriptor.h
index 471d9e7647c..37acfba153b 100644
--- a/iocore/net/P_UnixPollDescriptor.h
+++ b/iocore/net/P_UnixPollDescriptor.h
@@ -33,7 +33,7 @@
 
 #if TS_USE_KQUEUE
 #include <sys/event.h>
-#define INK_EVP_IN 0x001
+#define INK_EVP_IN  0x001
 #define INK_EVP_PRI 0x002
 #define INK_EVP_OUT 0x004
 #define INK_EVP_ERR 0x010
@@ -61,9 +61,9 @@ struct PollDescriptor {
 
   PollDescriptor() { init(); }
 #if TS_USE_EPOLL
-#define get_ev_port(a) ((a)->epoll_fd)
+#define get_ev_port(a)      ((a)->epoll_fd)
 #define get_ev_events(a, x) ((a)->ePoll_Triggered_Events[(x)].events)
-#define get_ev_data(a, x) ((a)->ePoll_Triggered_Events[(x)].data.ptr)
+#define get_ev_data(a, x)   ((a)->ePoll_Triggered_Events[(x)].data.ptr)
 #define ev_next_event(a, x)
 #endif
 
@@ -71,9 +71,9 @@ struct PollDescriptor {
   struct kevent kq_Triggered_Events[POLL_DESCRIPTOR_SIZE];
 /* we define these here as numbers, because for kqueue mapping them to a combination of
  *filters / flags is hard to do. */
-#define get_ev_port(a) ((a)->kqueue_fd)
+#define get_ev_port(a)      ((a)->kqueue_fd)
 #define get_ev_events(a, x) ((a)->kq_event_convert((a)->kq_Triggered_Events[(x)].filter, (a)->kq_Triggered_Events[(x)].flags))
-#define get_ev_data(a, x) ((a)->kq_Triggered_Events[(x)].udata)
+#define get_ev_data(a, x)   ((a)->kq_Triggered_Events[(x)].udata)
   int
   kq_event_convert(int16_t event, uint16_t flags)
   {
@@ -95,10 +95,10 @@ struct PollDescriptor {
 
 #if TS_USE_PORT
   port_event_t Port_Triggered_Events[POLL_DESCRIPTOR_SIZE];
-#define get_ev_port(a) ((a)->port_fd)
+#define get_ev_port(a)      ((a)->port_fd)
 #define get_ev_events(a, x) ((a)->Port_Triggered_Events[(x)].portev_events)
-#define get_ev_data(a, x) ((a)->Port_Triggered_Events[(x)].portev_user)
-#define get_ev_odata(a, x) ((a)->Port_Triggered_Events[(x)].portev_object)
+#define get_ev_data(a, x)   ((a)->Port_Triggered_Events[(x)].portev_user)
+#define get_ev_odata(a, x)  ((a)->Port_Triggered_Events[(x)].portev_object)
 #define ev_next_event(a, x)
 #endif
 
diff --git a/iocore/net/QUICMultiCertConfigLoader.cc b/iocore/net/QUICMultiCertConfigLoader.cc
index f3aa8b9282d..f8c52fd6521 100644
--- a/iocore/net/QUICMultiCertConfigLoader.cc
+++ b/iocore/net/QUICMultiCertConfigLoader.cc
@@ -32,7 +32,7 @@
 #include "tscore/Filenames.h"
 // #include "QUICGlobals.h"
 
-#define QUICConfDebug(fmt, ...) Debug("quic_conf", fmt, ##__VA_ARGS__)
+#define QUICConfDebug(fmt, ...)         Debug("quic_conf", fmt, ##__VA_ARGS__)
 #define QUICGlobalQCDebug(qc, fmt, ...) Debug("quic_global", "[%s] " fmt, qc->cids().data(), ##__VA_ARGS__)
 
 int QUICCertConfig::_config_id = 0;
diff --git a/iocore/net/QUICNetVConnection.cc b/iocore/net/QUICNetVConnection.cc
index 84712aa38b2..2b3f3bbdeb9 100644
--- a/iocore/net/QUICNetVConnection.cc
+++ b/iocore/net/QUICNetVConnection.cc
@@ -54,10 +54,10 @@ static constexpr uint8_t QUANTUM_TEST_VALUE[1200] = {'Q'};
 
 #define QUICConDebug(fmt, ...) Debug(QUIC_DEBUG_TAG.data(), "[%s] " fmt, this->cids().data(), ##__VA_ARGS__)
 
-#define QUICConVDebug(fmt, ...) Debug("v_quic_net", "[%s] " fmt, this->cids().data(), ##__VA_ARGS__)
+#define QUICConVDebug(fmt, ...)   Debug("v_quic_net", "[%s] " fmt, this->cids().data(), ##__VA_ARGS__)
 #define QUICConVVVDebug(fmt, ...) Debug("vvv_quic_net", "[%s] " fmt, this->cids().data(), ##__VA_ARGS__)
 
-#define QUICFCDebug(fmt, ...) Debug("quic_flow_ctrl", "[%s] " fmt, this->cids().data(), ##__VA_ARGS__)
+#define QUICFCDebug(fmt, ...)  Debug("quic_flow_ctrl", "[%s] " fmt, this->cids().data(), ##__VA_ARGS__)
 #define QUICFCVDebug(fmt, ...) Debug("v_quic_flow_ctrl", "[%s] " fmt, this->cids().data(), ##__VA_ARGS__)
 
 #define QUICError(fmt, ...)                                           \
@@ -1442,7 +1442,7 @@ QUICNetVConnection::_state_closing_receive_packet()
 
     if (this->_state_closing_recv_packet_window < STATE_CLOSING_MAX_RECV_PKT_WIND &&
         this->_state_closing_recv_packet_count >= this->_state_closing_recv_packet_window) {
-      this->_state_closing_recv_packet_count = 0;
+      this->_state_closing_recv_packet_count  = 0;
       this->_state_closing_recv_packet_window <<= 1;
 
       this->_schedule_packet_write_ready(true);
@@ -1697,7 +1697,7 @@ QUICNetVConnection::_packetize_frames(uint8_t *packet_buf, QUICEncryptionLevel l
           ink_assert(ret == 0);
         }
         last_block = this->_store_frame(last_block, size_added, max_frame_size, *frame, frames);
-        len += size_added;
+        len        += size_added;
 
         // FIXME ACK frame should have priority
         if (frame->type() == QUICFrameType::STREAM) {
diff --git a/iocore/net/QUICNetVConnection_quiche.cc b/iocore/net/QUICNetVConnection_quiche.cc
index 6f9edb8ac85..7b52b8cf16b 100644
--- a/iocore/net/QUICNetVConnection_quiche.cc
+++ b/iocore/net/QUICNetVConnection_quiche.cc
@@ -28,7 +28,7 @@
 
 static constexpr ink_hrtime WRITE_READY_INTERVAL = HRTIME_MSECONDS(2);
 
-#define QUICConDebug(fmt, ...) Debug("quic_net", "[%s] " fmt, this->cids().data(), ##__VA_ARGS__)
+#define QUICConDebug(fmt, ...)  Debug("quic_net", "[%s] " fmt, this->cids().data(), ##__VA_ARGS__)
 #define QUICConVDebug(fmt, ...) Debug("v_quic_net", "[%s] " fmt, this->cids().data(), ##__VA_ARGS__)
 
 ClassAllocator<QUICNetVConnection> quicNetVCAllocator("quicNetVCAllocator");
diff --git a/iocore/net/QUICPacketHandler.cc b/iocore/net/QUICPacketHandler.cc
index d555b74aea7..e9f75ce431d 100644
--- a/iocore/net/QUICPacketHandler.cc
+++ b/iocore/net/QUICPacketHandler.cc
@@ -40,7 +40,7 @@
 static constexpr char debug_tag[]   = "quic_sec";
 static constexpr char v_debug_tag[] = "v_quic_sec";
 
-#define QUICDebug(fmt, ...) Debug(debug_tag, fmt, ##__VA_ARGS__)
+#define QUICDebug(fmt, ...)       Debug(debug_tag, fmt, ##__VA_ARGS__)
 #define QUICQCDebug(qc, fmt, ...) Debug(debug_tag, "[%s] " fmt, qc->cids().data(), ##__VA_ARGS__)
 
 // ["local dcid" - "local scid"]
diff --git a/iocore/net/QUICPacketHandler_quiche.cc b/iocore/net/QUICPacketHandler_quiche.cc
index eb5ca225286..ac28bfb5c5b 100644
--- a/iocore/net/QUICPacketHandler_quiche.cc
+++ b/iocore/net/QUICPacketHandler_quiche.cc
@@ -237,7 +237,11 @@ QUICPacketHandlerIn::_recv_packet(int event, UDPPacket *udp_packet)
     if (params->stateless_retry() && token_len == 0) {
       QUICConnectionId new_cid;
       new_cid.randomize();
-      QUICRetryToken retry_token = {udp_packet->from, {dcid, static_cast<uint8_t>(dcid_len)}, new_cid};
+      QUICRetryToken retry_token = {
+        udp_packet->from,
+        {dcid, static_cast<uint8_t>(dcid_len)},
+        new_cid
+      };
       Ptr<IOBufferBlock> udp_payload(new_IOBufferBlock());
       udp_payload->alloc(iobuffer_size_to_index(DEFAULT_MAX_DATAGRAM_SIZE, BUFFER_SIZE_INDEX_2K));
       ssize_t written =
diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc
index d6ee5f86258..95d2b6aedf1 100644
--- a/iocore/net/SSLConfig.cc
+++ b/iocore/net/SSLConfig.cc
@@ -285,7 +285,7 @@ SSLConfigParams::initialize()
 #endif
 
 #ifdef SSL_OP_NO_COMPRESSION
-  ssl_ctx_options |= SSL_OP_NO_COMPRESSION;
+  ssl_ctx_options        |= SSL_OP_NO_COMPRESSION;
   ssl_client_ctx_options |= SSL_OP_NO_COMPRESSION;
 #else
   sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
@@ -293,23 +293,23 @@ SSLConfigParams::initialize()
 
 // Enable ephemeral DH parameters for the case where we use a cipher with DH forward security.
 #ifdef SSL_OP_SINGLE_DH_USE
-  ssl_ctx_options |= SSL_OP_SINGLE_DH_USE;
+  ssl_ctx_options        |= SSL_OP_SINGLE_DH_USE;
   ssl_client_ctx_options |= SSL_OP_SINGLE_DH_USE;
 #endif
 
 #ifdef SSL_OP_SINGLE_ECDH_USE
-  ssl_ctx_options |= SSL_OP_SINGLE_ECDH_USE;
+  ssl_ctx_options        |= SSL_OP_SINGLE_ECDH_USE;
   ssl_client_ctx_options |= SSL_OP_SINGLE_ECDH_USE;
 #endif
 
   // Enable all SSL compatibility workarounds.
-  ssl_ctx_options |= SSL_OP_ALL;
+  ssl_ctx_options        |= SSL_OP_ALL;
   ssl_client_ctx_options |= SSL_OP_ALL;
 
 // According to OpenSSL source, applications must enable this if they support the Server Name extension. Since
 // we do, then we ought to enable this. Httpd also enables this unconditionally.
 #ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
-  ssl_ctx_options |= SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION;
+  ssl_ctx_options        |= SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION;
   ssl_client_ctx_options |= SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION;
 #endif
 
diff --git a/iocore/net/SSLDiags.h b/iocore/net/SSLDiags.h
index e0161d9ea42..0301e9bc413 100644
--- a/iocore/net/SSLDiags.h
+++ b/iocore/net/SSLDiags.h
@@ -28,10 +28,10 @@
 class SSLNetVConnection;
 
 // Log an SSL error.
-#define SSLError(fmt, ...) SSLDiagnostic(MakeSourceLocation(), false, nullptr, fmt, ##__VA_ARGS__)
+#define SSLError(fmt, ...)       SSLDiagnostic(MakeSourceLocation(), false, nullptr, fmt, ##__VA_ARGS__)
 #define SSLErrorVC(vc, fmt, ...) SSLDiagnostic(MakeSourceLocation(), false, (vc), fmt, ##__VA_ARGS__)
 // Log a SSL diagnostic using the "ssl" diagnostic tag.
-#define SSLDebug(fmt, ...) SSLDiagnostic(MakeSourceLocation(), true, nullptr, fmt, ##__VA_ARGS__)
+#define SSLDebug(fmt, ...)       SSLDiagnostic(MakeSourceLocation(), true, nullptr, fmt, ##__VA_ARGS__)
 #define SSLVCDebug(vc, fmt, ...) SSLDiagnostic(MakeSourceLocation(), true, (vc), fmt, ##__VA_ARGS__)
 
 void SSLDiagnostic(const SourceLocation &loc, bool debug, SSLNetVConnection *vc, const char *fmt, ...) TS_PRINTFLIKE(4, 5);
diff --git a/iocore/net/SSLNetVConnection.cc b/iocore/net/SSLNetVConnection.cc
index 6f0fec1c91d..0e118b7fa5e 100644
--- a/iocore/net/SSLNetVConnection.cc
+++ b/iocore/net/SSLNetVConnection.cc
@@ -58,19 +58,19 @@ using namespace std::literals;
 #define BIO_eof(b) (int)BIO_ctrl(b, BIO_CTRL_EOF, 0, nullptr)
 #endif
 
-#define SSL_READ_ERROR_NONE 0
-#define SSL_READ_ERROR 1
-#define SSL_READ_READY 2
-#define SSL_READ_COMPLETE 3
-#define SSL_READ_WOULD_BLOCK 4
-#define SSL_READ_EOS 5
-#define SSL_HANDSHAKE_WANT_READ 6
-#define SSL_HANDSHAKE_WANT_WRITE 7
-#define SSL_HANDSHAKE_WANT_ACCEPT 8
+#define SSL_READ_ERROR_NONE        0
+#define SSL_READ_ERROR             1
+#define SSL_READ_READY             2
+#define SSL_READ_COMPLETE          3
+#define SSL_READ_WOULD_BLOCK       4
+#define SSL_READ_EOS               5
+#define SSL_HANDSHAKE_WANT_READ    6
+#define SSL_HANDSHAKE_WANT_WRITE   7
+#define SSL_HANDSHAKE_WANT_ACCEPT  8
 #define SSL_HANDSHAKE_WANT_CONNECT 9
-#define SSL_WRITE_WOULD_BLOCK 10
-#define SSL_WAIT_FOR_HOOK 11
-#define SSL_WAIT_FOR_ASYNC 12
+#define SSL_WRITE_WOULD_BLOCK      10
+#define SSL_WAIT_FOR_HOOK          11
+#define SSL_WAIT_FOR_ASYNC         12
 
 ClassAllocator<SSLNetVConnection> sslNetVCAllocator("sslNetVCAllocator");
 
@@ -610,8 +610,8 @@ SSLNetVConnection::net_read_io(NetHandler *nh, EThread *lthread)
           NetState *s            = &this->read;
           MIOBufferAccessor &buf = s->vio.buffer;
           int64_t r              = buf.writer()->write(this->handShakeHolder);
-          s->vio.nbytes += r;
-          s->vio.ndone += r;
+          s->vio.nbytes          += r;
+          s->vio.ndone           += r;
 
           // Clean up the handshake buffers
           this->free_handshake_buffers();
@@ -847,7 +847,7 @@ SSLNetVConnection::load_buffer_and_write(int64_t towrite, MIOBufferAccessor &buf
   } while (num_really_written == try_to_write && total_written < towrite);
 
   if (total_written > 0) {
-    sslLastWriteTime = now;
+    sslLastWriteTime  = now;
     sslTotalBytesSent += total_written;
   }
   redoWriteSize = 0;
@@ -859,7 +859,7 @@ SSLNetVConnection::load_buffer_and_write(int64_t towrite, MIOBufferAccessor &buf
       Debug("ssl", "SSL_write-SSL_ERROR_NONE");
       break;
     case SSL_ERROR_WANT_READ:
-      needs |= EVENTIO_READ;
+      needs              |= EVENTIO_READ;
       num_really_written = -EAGAIN;
       Debug("ssl.error", "SSL_write-SSL_ERROR_WANT_READ");
       break;
@@ -871,7 +871,7 @@ SSLNetVConnection::load_buffer_and_write(int64_t towrite, MIOBufferAccessor &buf
       if (SSL_ERROR_WANT_WRITE == err) {
         redoWriteSize = l;
       }
-      needs |= EVENTIO_WRITE;
+      needs              |= EVENTIO_WRITE;
       num_really_written = -EAGAIN;
       Debug("ssl.error", "SSL_write-SSL_ERROR_WANT_WRITE");
       break;
diff --git a/iocore/net/SSLSessionCache.cc b/iocore/net/SSLSessionCache.cc
index d62dba27be6..0e7f0323d77 100644
--- a/iocore/net/SSLSessionCache.cc
+++ b/iocore/net/SSLSessionCache.cc
@@ -28,8 +28,8 @@
 #include <shared_mutex>
 
 #define SSLSESSIONCACHE_STRINGIFY0(x) #x
-#define SSLSESSIONCACHE_STRINGIFY(x) SSLSESSIONCACHE_STRINGIFY0(x)
-#define SSLSESSIONCACHE_LINENO SSLSESSIONCACHE_STRINGIFY(__LINE__)
+#define SSLSESSIONCACHE_STRINGIFY(x)  SSLSESSIONCACHE_STRINGIFY0(x)
+#define SSLSESSIONCACHE_LINENO        SSLSESSIONCACHE_STRINGIFY(__LINE__)
 
 #ifdef DEBUG
 #define PRINT_BUCKET(x) this->print(x " at " __FILE__ ":" SSLSESSIONCACHE_LINENO);
diff --git a/iocore/net/SSLSessionCache.h b/iocore/net/SSLSessionCache.h
index dddf23075d9..bd0b6022b63 100644
--- a/iocore/net/SSLSessionCache.h
+++ b/iocore/net/SSLSessionCache.h
@@ -32,7 +32,7 @@
 #include <mutex>
 #include <tscpp/util/TsSharedMutex.h>
 
-#define SSL_MAX_SESSION_SIZE 256
+#define SSL_MAX_SESSION_SIZE      256
 #define SSL_MAX_ORIG_SESSION_SIZE 4096
 
 struct ssl_session_cache_exdata {
@@ -102,7 +102,7 @@ struct SSLSessionID : public TSSslSessionID {
       if (buflen > 2) { // we have enough space for 3 bytes, 2 hex and 1 null terminator
         snprintf(cur_pos, 3 /* including a null terminator */, "%02hhX", static_cast<unsigned char>(bytes[i]));
         cur_pos += 2;
-        buflen -= 2;
+        buflen  -= 2;
       } else { // not enough space for any more hex bytes, just null terminate
         *cur_pos = '\0';
         break;
@@ -176,7 +176,7 @@ class SSLSessionCache
   SSLSessionCache();
   ~SSLSessionCache();
 
-  SSLSessionCache(const SSLSessionCache &) = delete;
+  SSLSessionCache(const SSLSessionCache &)            = delete;
   SSLSessionCache &operator=(const SSLSessionCache &) = delete;
 
 private:
diff --git a/iocore/net/SSLStats.cc b/iocore/net/SSLStats.cc
index aaf3a8f8cc0..7ced1463775 100644
--- a/iocore/net/SSLStats.cc
+++ b/iocore/net/SSLStats.cc
@@ -51,8 +51,8 @@ SSLRecRawStatSyncCount(const char *name, RecDataT data_type, RecData *data, RecR
         shared_SSL_CTX ctx = cc->getCtx();
         if (ctx) {
           sessions += SSL_CTX_sess_accept_good(ctx.get());
-          hits += SSL_CTX_sess_hits(ctx.get());
-          misses += SSL_CTX_sess_misses(ctx.get());
+          hits     += SSL_CTX_sess_hits(ctx.get());
+          misses   += SSL_CTX_sess_misses(ctx.get());
           timeouts += SSL_CTX_sess_timeouts(ctx.get());
         }
       }
diff --git a/iocore/net/SSLStats.h b/iocore/net/SSLStats.h
index c46583b57ef..1677023d0b7 100644
--- a/iocore/net/SSLStats.h
+++ b/iocore/net/SSLStats.h
@@ -29,10 +29,10 @@
 #include "SSLDiags.h"
 
 /* Stats should only be accessed using these macros */
-#define SSL_INCREMENT_DYN_STAT(x) RecIncrRawStat(ssl_rsb, nullptr, (int)x, 1)
-#define SSL_DECREMENT_DYN_STAT(x) RecIncrRawStat(ssl_rsb, nullptr, (int)x, -1)
+#define SSL_INCREMENT_DYN_STAT(x)        RecIncrRawStat(ssl_rsb, nullptr, (int)x, 1)
+#define SSL_DECREMENT_DYN_STAT(x)        RecIncrRawStat(ssl_rsb, nullptr, (int)x, -1)
 #define SSL_SET_COUNT_DYN_STAT(x, count) RecSetRawStatCount(ssl_rsb, x, count)
-#define SSL_INCREMENT_DYN_STAT_EX(x, y) RecIncrRawStat(ssl_rsb, nullptr, (int)x, y)
+#define SSL_INCREMENT_DYN_STAT_EX(x, y)  RecIncrRawStat(ssl_rsb, nullptr, (int)x, y)
 #define SSL_CLEAR_DYN_STAT(x)            \
   do {                                   \
     RecSetRawStatSum(ssl_rsb, (x), 0);   \
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index 3774940101f..0eb5b81317d 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -902,12 +902,12 @@ ssl_private_key_validate_exec(const char *cmdLine)
 }
 
 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-#define ssl_malloc(size, file, line) ssl_malloc(size)
-#define ssl_realloc(ptr, size, file, line) ssl_realloc(ptr, size)
-#define ssl_free(ptr, file, line) ssl_free(ptr)
-#define ssl_track_malloc(size, file, line) ssl_track_malloc(size)
+#define ssl_malloc(size, file, line)             ssl_malloc(size)
+#define ssl_realloc(ptr, size, file, line)       ssl_realloc(ptr, size)
+#define ssl_free(ptr, file, line)                ssl_free(ptr)
+#define ssl_track_malloc(size, file, line)       ssl_track_malloc(size)
 #define ssl_track_realloc(ptr, size, file, line) ssl_track_realloc(ptr, size)
-#define ssl_track_free(ptr, file, line) ssl_track_free(ptr)
+#define ssl_track_free(ptr, file, line)          ssl_track_free(ptr)
 #endif
 
 void *
@@ -1459,7 +1459,7 @@ SSLMultiCertConfigLoader::_setup_session_cache(SSL_CTX *ctx)
   }
 
   int additional_cache_flags = 0;
-  additional_cache_flags |= (params->ssl_session_cache_auto_clear == 0) ? SSL_SESS_CACHE_NO_AUTO_CLEAR : 0;
+  additional_cache_flags     |= (params->ssl_session_cache_auto_clear == 0) ? SSL_SESS_CACHE_NO_AUTO_CLEAR : 0;
 
   switch (params->ssl_session_cache) {
   case SSLConfigParams::SSL_SESSION_CACHE_MODE_OFF:
diff --git a/iocore/net/Socks.cc b/iocore/net/Socks.cc
index 0ee6f96b937..aceddf700ea 100644
--- a/iocore/net/Socks.cc
+++ b/iocore/net/Socks.cc
@@ -598,7 +598,7 @@ socks5BasicAuthHandler(int event, unsigned char *p, void (**h_ptr)(void))
   switch (event) {
   case SOCKS_AUTH_OPEN:
     p[ret++] = SOCKS5_VERSION;        // version
-    p[ret++] = (pass_phrase) ? 2 : 1; //#Methods
+    p[ret++] = (pass_phrase) ? 2 : 1; // #Methods
     p[ret++] = 0;                     // no authentication
     if (pass_phrase) {
       p[ret++] = 2;
diff --git a/iocore/net/UnixConnection.cc b/iocore/net/UnixConnection.cc
index abeccb917b5..35875f1fcb2 100644
--- a/iocore/net/UnixConnection.cc
+++ b/iocore/net/UnixConnection.cc
@@ -33,7 +33,7 @@
 // #define RECV_BUF_SIZE            (1024*64)
 // #define SEND_BUF_SIZE            (1024*64)
 #define FIRST_RANDOM_PORT 16000
-#define LAST_RANDOM_PORT 32000
+#define LAST_RANDOM_PORT  32000
 
 #if TS_USE_TPROXY
 #if !defined(IP_TRANSPARENT)
diff --git a/iocore/net/UnixNetVConnection.cc b/iocore/net/UnixNetVConnection.cc
index c36d1438f7d..f8a7d78d224 100644
--- a/iocore/net/UnixNetVConnection.cc
+++ b/iocore/net/UnixNetVConnection.cc
@@ -27,7 +27,7 @@
 
 #include <termios.h>
 
-#define STATE_VIO_OFFSET ((uintptr_t) & ((NetState *)0)->vio)
+#define STATE_VIO_OFFSET   ((uintptr_t) & ((NetState *)0)->vio)
 #define STATE_FROM_VIO(_x) ((NetState *)(((char *)(_x)) - STATE_VIO_OFFSET))
 
 // Global
@@ -243,7 +243,7 @@ read_from_net(NetHandler *nh, UnixNetVConnection *vc, EThread *thread)
             a = togo;
           }
           tiovec[niov].iov_len = a;
-          rattempted += a;
+          rattempted           += a;
           niov++;
           if (a >= togo) {
             break;
@@ -691,7 +691,7 @@ UnixNetVConnection::do_io_shutdown(ShutdownHowTo_t howto)
     read.vio.buffer.clear();
     read.vio.nbytes = 0;
     read.vio.cont   = nullptr;
-    f.shutdown |= NetEvent::SHUTDOWN_READ;
+    f.shutdown      |= NetEvent::SHUTDOWN_READ;
     break;
   case IO_SHUTDOWN_WRITE:
     SocketManager::shutdown((this)->con.fd, 1);
@@ -699,7 +699,7 @@ UnixNetVConnection::do_io_shutdown(ShutdownHowTo_t howto)
     write.vio.buffer.clear();
     write.vio.nbytes = 0;
     write.vio.cont   = nullptr;
-    f.shutdown |= NetEvent::SHUTDOWN_WRITE;
+    f.shutdown       |= NetEvent::SHUTDOWN_WRITE;
     break;
   case IO_SHUTDOWN_READWRITE:
     SocketManager::shutdown((this)->con.fd, 2);
diff --git a/iocore/net/UnixUDPNet.cc b/iocore/net/UnixUDPNet.cc
index 46fa1e379f8..ec2eef0e98d 100644
--- a/iocore/net/UnixUDPNet.cc
+++ b/iocore/net/UnixUDPNet.cc
@@ -211,7 +211,7 @@ UDPNetProcessorInternal::udp_read_from_net(UDPNetHandler *nh, UDPConnection *xuc
       if (saved > buffer_size) {
         b->fill(buffer_size);
         saved -= buffer_size;
-        b = b->next.get();
+        b     = b->next.get();
       } else {
         b->fill(saved);
         saved      = 0;
@@ -975,8 +975,8 @@ UDPQueue::SendPackets()
       goto next_pkt;
     }
 
-    bytesUsed += pktLen;
-    bytesThisPipe -= pktLen;
+    bytesUsed           += pktLen;
+    bytesThisPipe       -= pktLen;
     packets[npackets++] = p;
   next_pkt:
     if (bytesThisPipe < 0 && npackets == N_MAX_PACKETS) {
@@ -1223,7 +1223,7 @@ UDPQueue::SendMultipleUDPPackets(UDPPacketInternal **p, uint16_t n)
             std::min(packet->segment_size, static_cast<uint16_t>(packet->chain.get()->end() - static_cast<char *>(iov->iov_base)));
           msg->msg_iov    = iov;
           msg->msg_iovlen = iov_len;
-          offset += iov->iov_len;
+          offset          += iov->iov_len;
           vlen++;
         }
         ink_assert(offset == packet->chain.get()->size());
diff --git a/iocore/net/YamlSNIConfig.cc b/iocore/net/YamlSNIConfig.cc
index 03656b794a3..7d20f771ce0 100644
--- a/iocore/net/YamlSNIConfig.cc
+++ b/iocore/net/YamlSNIConfig.cc
@@ -117,10 +117,18 @@ YamlSNIConfig::Item::EnableProtocol(YamlSNIConfig::TLSProtocol proto)
 
 VerifyClient::~VerifyClient() {}
 
-TsEnumDescriptor LEVEL_DESCRIPTOR         = {{{"NONE", 0}, {"MODERATE", 1}, {"STRICT", 2}}};
-TsEnumDescriptor POLICY_DESCRIPTOR        = {{{"DISABLED", 0}, {"PERMISSIVE", 1}, {"ENFORCED", 2}}};
-TsEnumDescriptor PROPERTIES_DESCRIPTOR    = {{{"NONE", 0}, {"SIGNATURE", 0x1}, {"NAME", 0x2}, {"ALL", 0x3}}};
-TsEnumDescriptor TLS_PROTOCOLS_DESCRIPTOR = {{{"TLSv1", 0}, {"TLSv1_1", 1}, {"TLSv1_2", 2}, {"TLSv1_3", 3}}};
+TsEnumDescriptor LEVEL_DESCRIPTOR = {
+  {{"NONE", 0}, {"MODERATE", 1}, {"STRICT", 2}}
+};
+TsEnumDescriptor POLICY_DESCRIPTOR = {
+  {{"DISABLED", 0}, {"PERMISSIVE", 1}, {"ENFORCED", 2}}
+};
+TsEnumDescriptor PROPERTIES_DESCRIPTOR = {
+  {{"NONE", 0}, {"SIGNATURE", 0x1}, {"NAME", 0x2}, {"ALL", 0x3}}
+};
+TsEnumDescriptor TLS_PROTOCOLS_DESCRIPTOR = {
+  {{"TLSv1", 0}, {"TLSv1_1", 1}, {"TLSv1_2", 2}, {"TLSv1_3", 3}}
+};
 
 std::set<std::string> valid_sni_config_keys = {TS_fqdn,
                                                TS_verify_client,
diff --git a/iocore/net/quic/Mock.h b/iocore/net/quic/Mock.h
index 3b0b31e26da..a096afcaf2c 100644
--- a/iocore/net/quic/Mock.h
+++ b/iocore/net/quic/Mock.h
@@ -634,7 +634,8 @@ class MockQUICPacketProtectionKeyInfo : public QUICPacketProtectionKeyInfo
     return EVP_GCM_TLS_TAG_LEN;
   }
 
-  const size_t *encryption_iv_len(QUICKeyPhase) const override
+  const size_t *
+  encryption_iv_len(QUICKeyPhase) const override
   {
     static size_t dummy = 12;
     return &dummy;
@@ -713,7 +714,10 @@ class MockQUICLossDetector : public QUICLossDetector
       _padder(NetVConnectionContext_t::NET_VCONNECTION_UNSET)
   {
   }
-  void rcv_frame(std::shared_ptr<const QUICFrame>) {}
+  void
+  rcv_frame(std::shared_ptr<const QUICFrame>)
+  {
+  }
 
   void
   on_packet_sent(QUICPacketUPtr packet)
@@ -742,14 +746,14 @@ class MockQUICStreamAdapter : public QUICStreamAdapter
   write_to_stream(const uint8_t *buf, size_t len)
   {
     this->_total_sending_data_len += len;
-    this->_sending_data_len += len;
+    this->_sending_data_len       += len;
   }
 
   int64_t
   write(QUICOffset offset, const uint8_t *data, uint64_t data_length, bool fin) override
   {
     this->_total_receiving_data_len += data_length;
-    this->_receiving_data_len += data_length;
+    this->_receiving_data_len       += data_length;
     return data_length;
   }
   bool
@@ -789,7 +793,7 @@ class MockQUICStreamAdapter : public QUICStreamAdapter
   Ptr<IOBufferBlock>
   _read(size_t len) override
   {
-    this->_sending_data_len -= len;
+    this->_sending_data_len  -= len;
     Ptr<IOBufferBlock> block = make_ptr<IOBufferBlock>(new_IOBufferBlock());
     block->alloc(iobuffer_size_to_index(len, BUFFER_SIZE_INDEX_32K));
     block->fill(len);
diff --git a/iocore/net/quic/QUICAckFrameCreator.cc b/iocore/net/quic/QUICAckFrameCreator.cc
index 2b494508d6b..afa4c20b623 100644
--- a/iocore/net/quic/QUICAckFrameCreator.cc
+++ b/iocore/net/quic/QUICAckFrameCreator.cc
@@ -310,7 +310,7 @@ QUICAckFrameManager::QUICAckFrameCreator::_create_ack_frame(uint8_t *buf)
     } else {
       uint64_t delay = this->_calculate_delay();
       ack_frame      = QUICFrameFactory::create_ack_frame(buf, largest_ack_number, delay, length - 1,
-                                                     this->_ack_manager->issue_frame_id(), this->_ack_manager);
+                                                          this->_ack_manager->issue_frame_id(), this->_ack_manager);
     }
 
     gap             = last_ack_number - pn;
diff --git a/iocore/net/quic/QUICCryptoStream.cc b/iocore/net/quic/QUICCryptoStream.cc
index 556918efc99..11f22e52e28 100644
--- a/iocore/net/quic/QUICCryptoStream.cc
+++ b/iocore/net/quic/QUICCryptoStream.cc
@@ -144,7 +144,7 @@ QUICCryptoStream::generate_frame(uint8_t *buf, QUICEncryptionLevel level, uint64
   block->_end = std::min(block->start() + frame_payload_size, block->_buf_end);
   ink_assert(static_cast<uint64_t>(block->read_avail()) == frame_payload_size);
 
-  frame = QUICFrameFactory::create_crypto_frame(buf, block, this->_send_offset, this->_issue_frame_id(), owner);
+  frame              = QUICFrameFactory::create_crypto_frame(buf, block, this->_send_offset, this->_issue_frame_id(), owner);
   this->_send_offset += frame_payload_size;
   this->_write_buffer_reader->consume(frame_payload_size);
   this->_records_crypto_frame(level, *static_cast<QUICCryptoFrame *>(frame));
diff --git a/iocore/net/quic/QUICFrame.cc b/iocore/net/quic/QUICFrame.cc
index 01bd80035d5..3e36f9a079f 100644
--- a/iocore/net/quic/QUICFrame.cc
+++ b/iocore/net/quic/QUICFrame.cc
@@ -47,7 +47,7 @@ read_varint(uint8_t *&pos, size_t len, uint64_t &field, size_t &field_len)
   }
 
   field = QUICIntUtil::read_QUICVariableInt(pos, len);
-  pos += field_len;
+  pos   += field_len;
   return true;
 }
 
@@ -174,7 +174,7 @@ QUICStreamFrame::parse(const uint8_t *buf, size_t len, const QUICPacketR *packet
   this->_has_offset_field = (buf[0] & 0x04) != 0; // "O" of "0b00010OLF"
   this->_has_length_field = (buf[0] & 0x02) != 0; // "L" of "0b00010OLF"
   this->_fin              = (buf[0] & 0x01) != 0; // "F" of "0b00010OLF"
-  pos += 1;
+  pos                     += 1;
 
   size_t field_len = 0;
   if (!read_varint(pos, LEFT_SPACE(pos), this->_stream_id, field_len)) {
@@ -203,7 +203,7 @@ QUICStreamFrame::parse(const uint8_t *buf, size_t len, const QUICPacketR *packet
   ink_assert(static_cast<uint64_t>(this->_block->write_avail()) > data_len);
   memcpy(this->_block->start(), pos, data_len);
   this->_block->fill(data_len);
-  pos += data_len;
+  pos         += data_len;
   this->_size = FRAME_SIZE(pos);
 }
 
@@ -307,14 +307,14 @@ QUICStreamFrame::_store_header(uint8_t *buf, size_t *len, bool include_length_fi
   // [Offset (i)] "O" of "0b0010OLF"
   if (this->has_offset_field()) {
     QUICTypeUtil::write_QUICOffset(this->offset(), buf + *len, &n);
-    *len += n;
+    *len   += n;
     buf[0] += 0x04;
   }
 
   // [Length (i)] "L of "0b0010OLF"
   if (include_length_field) {
     QUICIntUtil::write_QUICVariableInt(this->data_length(), buf + *len, &n);
-    *len += n;
+    *len   += n;
     buf[0] += 0x02;
   }
 
@@ -430,7 +430,7 @@ QUICCryptoFrame::parse(const uint8_t *buf, size_t len, const QUICPacketR *packet
   ink_assert(static_cast<uint64_t>(this->_block->write_avail()) > data_len);
   memcpy(this->_block->start(), pos, data_len);
   this->_block->fill(data_len);
-  pos += data_len;
+  pos         += data_len;
   this->_size = FRAME_SIZE(pos);
 }
 
@@ -703,7 +703,7 @@ QUICAckFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::ACK);
-  n += 1;
+  n              += 1;
 
   // Largest Acknowledged (i)
   QUICIntUtil::write_QUICVariableInt(this->_largest_acknowledged, block_start + n, &written_len);
@@ -1097,7 +1097,7 @@ QUICRstStreamFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::RESET_STREAM);
-  n += 1;
+  n              += 1;
 
   // Stream ID (i)
   QUICTypeUtil::write_QUICStreamId(this->_stream_id, block_start + n, &written_len);
@@ -1186,7 +1186,7 @@ QUICPingFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::PING);
-  n += 1;
+  n              += 1;
 
   block->fill(n);
   return block;
@@ -1353,8 +1353,8 @@ QUICConnectionCloseFrame::parse(const uint8_t *buf, size_t len, const QUICPacket
   this->_reason_phrase = reinterpret_cast<const char *>(pos);
 
   this->_valid = true;
-  pos += this->_reason_phrase_length;
-  this->_size = FRAME_SIZE(pos);
+  pos          += this->_reason_phrase_length;
+  this->_size  = FRAME_SIZE(pos);
 }
 
 QUICFrameType
@@ -1398,7 +1398,7 @@ QUICConnectionCloseFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = this->_type;
-  n += 1;
+  n              += 1;
 
   // Error Code (i)
   QUICIntUtil::write_QUICVariableInt(this->_error_code, block_start + n, &written_len);
@@ -1453,7 +1453,7 @@ QUICConnectionCloseFrame::debug_msg(char *msg, size_t msg_len) const
 
     int phrase_len = std::min(msg_len - len, static_cast<size_t>(this->reason_phrase_length()));
     memcpy(msg + len, this->reason_phrase(), phrase_len);
-    len += phrase_len;
+    len      += phrase_len;
     msg[len] = '\0';
     ++len;
   }
@@ -1559,7 +1559,7 @@ QUICMaxDataFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::MAX_DATA);
-  n += 1;
+  n              += 1;
 
   // Maximum Data (i)
   QUICTypeUtil::write_QUICMaxData(this->_maximum_data, block_start + n, &written_len);
@@ -1664,7 +1664,7 @@ QUICMaxStreamDataFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::MAX_STREAM_DATA);
-  n += 1;
+  n              += 1;
 
   // Stream ID (i)
   QUICTypeUtil::write_QUICStreamId(this->_stream_id, block_start + n, &written_len);
@@ -1772,7 +1772,7 @@ QUICMaxStreamsFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::MAX_STREAMS);
-  n += 1;
+  n              += 1;
 
   // Maximum Streams (i)
   QUICTypeUtil::write_QUICStreamId(this->_maximum_streams, block_start + n, &written_len);
@@ -1864,7 +1864,7 @@ QUICDataBlockedFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::DATA_BLOCKED);
-  n += 1;
+  n              += 1;
 
   // Data Limit (i)
   QUICTypeUtil::write_QUICOffset(this->_offset, block_start + n, &written_len);
@@ -1962,7 +1962,7 @@ QUICStreamDataBlockedFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::STREAM_DATA_BLOCKED);
-  n += 1;
+  n              += 1;
 
   // Stream ID (i)
   QUICTypeUtil::write_QUICStreamId(this->_stream_id, block_start + n, &written_len);
@@ -2058,7 +2058,7 @@ QUICStreamIdBlockedFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::STREAMS_BLOCKED);
-  n += 1;
+  n              += 1;
 
   // Stream Limit (i)
   QUICTypeUtil::write_QUICStreamId(this->_stream_id, block_start + n, &written_len);
@@ -2123,14 +2123,14 @@ QUICNewConnectionIdFrame::parse(const uint8_t *buf, size_t len, const QUICPacket
     return;
   }
   size_t cid_len = *pos;
-  pos += 1;
+  pos            += 1;
 
   // Connection ID (8..160)
   if (LEFT_SPACE(pos) < cid_len) {
     return;
   }
   this->_connection_id = QUICTypeUtil::read_QUICConnectionId(pos, cid_len);
-  pos += cid_len;
+  pos                  += cid_len;
 
   // Stateless Reset Token (128)
   if (LEFT_SPACE(pos) < QUICStatelessResetToken::LEN) {
@@ -2178,7 +2178,7 @@ QUICNewConnectionIdFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::NEW_CONNECTION_ID);
-  n += 1;
+  n              += 1;
 
   // Sequence Number (i)
   QUICIntUtil::write_QUICVariableInt(this->_sequence, block_start + n, &written_len);
@@ -2190,7 +2190,7 @@ QUICNewConnectionIdFrame::to_io_buffer_block(size_t limit) const
 
   // Length (8)
   *(block_start + n) = this->_connection_id.length();
-  n += 1;
+  n                  += 1;
 
   // Connection ID (8..160)
   QUICTypeUtil::write_QUICConnectionId(this->_connection_id, block_start + n, &written_len);
@@ -2324,7 +2324,7 @@ QUICStopSendingFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::STOP_SENDING);
-  n += 1;
+  n              += 1;
 
   // Stream ID (i)
   QUICTypeUtil::write_QUICStreamId(this->_stream_id, block_start + n, &written_len);
@@ -2425,7 +2425,7 @@ QUICPathChallengeFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::PATH_CHALLENGE);
-  n += 1;
+  n              += 1;
 
   // Data (64)
   memcpy(block_start + n, this->data(), QUICPathChallengeFrame::DATA_LEN);
@@ -2484,7 +2484,7 @@ QUICPathResponseFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::PATH_RESPONSE);
-  n += 1;
+  n              += 1;
 
   // Data (64)
   memcpy(block_start + n, this->data(), QUICPathChallengeFrame::DATA_LEN);
@@ -2620,7 +2620,7 @@ QUICNewTokenFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::NEW_TOKEN);
-  n += 1;
+  n              += 1;
 
   // Token Length (i)
   QUICIntUtil::write_QUICVariableInt(this->_token_length, block_start + n, &written_len);
@@ -2717,7 +2717,7 @@ QUICRetireConnectionIdFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::RETIRE_CONNECTION_ID);
-  n += 1;
+  n              += 1;
 
   // Sequence Number (i)
   QUICIntUtil::write_QUICVariableInt(this->_seq_num, block_start + n, &written_len);
@@ -2786,7 +2786,7 @@ QUICHandshakeDoneFrame::to_io_buffer_block(size_t limit) const
 
   // Type
   block_start[0] = static_cast<uint8_t>(QUICFrameType::HANDSHAKE_DONE);
-  n += 1;
+  n              += 1;
 
   block->fill(n);
   return block;
diff --git a/iocore/net/quic/QUICFrameDispatcher.cc b/iocore/net/quic/QUICFrameDispatcher.cc
index 131bc4001ae..ef846c9bb55 100644
--- a/iocore/net/quic/QUICFrameDispatcher.cc
+++ b/iocore/net/quic/QUICFrameDispatcher.cc
@@ -27,7 +27,7 @@
 static constexpr char tag[]   = "quic_net";
 static constexpr char v_tag[] = "v_quic_net";
 
-#define QUICDebug(fmt, ...) Debug(tag, "[%s] " fmt, this->_info->cids().data(), ##__VA_ARGS__)
+#define QUICDebug(fmt, ...)  Debug(tag, "[%s] " fmt, this->_info->cids().data(), ##__VA_ARGS__)
 #define QUICVDebug(fmt, ...) Debug(v_tag, "[%s] " fmt, this->_info->cids().data(), ##__VA_ARGS__)
 
 //
diff --git a/iocore/net/quic/QUICHKDF.cc b/iocore/net/quic/QUICHKDF.cc
index 51714e6b706..38105d8fe8d 100644
--- a/iocore/net/quic/QUICHKDF.cc
+++ b/iocore/net/quic/QUICHKDF.cc
@@ -40,8 +40,8 @@ QUICHKDF::expand(uint8_t *dst, size_t *dst_len, const uint8_t *secret, size_t se
   int hkdf_label_len = 0;
 
   // length field
-  hkdf_label[0] = (length >> 8) & 0xFF;
-  hkdf_label[1] = length & 0xFF;
+  hkdf_label[0]  = (length >> 8) & 0xFF;
+  hkdf_label[1]  = length & 0xFF;
   hkdf_label_len += 2;
 
   // label (prefix + Label) field
diff --git a/iocore/net/quic/QUICNewRenoCongestionController.cc b/iocore/net/quic/QUICNewRenoCongestionController.cc
index 7745670082d..ac41b8dc90e 100644
--- a/iocore/net/quic/QUICNewRenoCongestionController.cc
+++ b/iocore/net/quic/QUICNewRenoCongestionController.cc
@@ -118,9 +118,9 @@ QUICNewRenoCongestionController::_congestion_event(ink_hrtime sent_time)
   // start of the previous congestion recovery period.
   if (!this->_in_congestion_recovery(sent_time)) {
     this->_congestion_recovery_start_time = Thread::get_hrtime();
-    this->_congestion_window *= this->_k_loss_reduction_factor;
-    this->_congestion_window = std::max(this->_congestion_window, this->_k_minimum_window);
-    this->_ssthresh          = this->_congestion_window;
+    this->_congestion_window              *= this->_k_loss_reduction_factor;
+    this->_congestion_window              = std::max(this->_congestion_window, this->_k_minimum_window);
+    this->_ssthresh                       = this->_congestion_window;
     this->_context.trigger(QUICContext::CallbackEvent::CONGESTION_STATE_CHANGED, QUICCongestionController::State::RECOVERY);
     this->_context.trigger(QUICContext::CallbackEvent::METRICS_UPDATE, this->_congestion_window, this->_bytes_in_flight,
                            this->_ssthresh);
diff --git a/iocore/net/quic/QUICPacket.cc b/iocore/net/quic/QUICPacket.cc
index 4adb0c8dd26..8505b53a446 100644
--- a/iocore/net/quic/QUICPacket.cc
+++ b/iocore/net/quic/QUICPacket.cc
@@ -108,14 +108,14 @@ QUICPacket::store(uint8_t *buf, size_t *len) const
   while (block) {
     memcpy(buf + written, block->start(), block->size());
     written += block->size();
-    block = block->next;
+    block   = block->next;
   }
 
   block = this->payload_block();
   while (block) {
     memcpy(buf + written, block->start(), block->size());
     written += block->size();
-    block = block->next;
+    block   = block->next;
   }
 
   *len = written;
@@ -371,7 +371,7 @@ QUICLongHeaderPacket::_write_common_header(uint8_t *buf) const
 
   buf[0] = 0xC0;
   buf[0] += static_cast<uint8_t>(this->type()) << 4;
-  len += 1;
+  len    += 1;
 
   QUICTypeUtil::write_QUICVersion(this->_version, buf + len, &n);
   len += n;
@@ -380,28 +380,28 @@ QUICLongHeaderPacket::_write_common_header(uint8_t *buf) const
   if (this->_dcid != QUICConnectionId::ZERO()) {
     // Len
     buf[len] = this->_dcid.length();
-    len += 1;
+    len      += 1;
 
     // ID
     QUICTypeUtil::write_QUICConnectionId(this->_dcid, buf + len, &n);
     len += n;
   } else {
     buf[len] = 0;
-    len += 1;
+    len      += 1;
   }
 
   // SCID
   if (this->_scid != QUICConnectionId::ZERO()) {
     // Len
     buf[len] = this->_scid.length();
-    len += 1;
+    len      += 1;
 
     // ID
     QUICTypeUtil::write_QUICConnectionId(this->_scid, buf + len, &n);
     len += n;
   } else {
     buf[len] = 0;
-    len += 1;
+    len      += 1;
   }
 
   return len;
@@ -665,7 +665,7 @@ QUICShortHeaderPacket::attach_payload(Ptr<IOBufferBlock> payload, bool unprotect
   Ptr<IOBufferBlock> tmp = payload;
   while (tmp) {
     this->_payload_length += tmp->size();
-    tmp = tmp->next;
+    tmp                   = tmp->next;
   }
   if (unprotected) {
     this->_payload_length += aead_tag_len;
@@ -812,7 +812,7 @@ QUICStatelessResetPacket::header_block() const
   for (int i = 0; i < MIN_UNPREDICTABLE_FIELD_LEN; ++i) {
     buf[i] = static_cast<uint8_t>(rnd() & 0xFF);
   }
-  buf[0] = (buf[0] | 0x40) & 0x7f;
+  buf[0]      = (buf[0] | 0x40) & 0x7f;
   written_len += MIN_UNPREDICTABLE_FIELD_LEN;
 
   block->fill(written_len);
@@ -1021,9 +1021,9 @@ QUICVersionNegotiationPacketR::QUICVersionNegotiationPacketR(UDPConnection *udp_
 
   size_t offset = LONG_HDR_OFFSET_CONNECTION_ID;
   this->_dcid   = {raw_buf + offset, dcil};
-  offset += dcil + 1;
-  this->_scid = {raw_buf + offset, scil};
-  offset += scil;
+  offset        += dcil + 1;
+  this->_scid   = {raw_buf + offset, scil};
+  offset        += scil;
 
   this->_versions  = raw_buf + offset;
   this->_nversions = (len - offset) / sizeof(QUICVersion);
@@ -1175,7 +1175,7 @@ QUICInitialPacket::attach_payload(Ptr<IOBufferBlock> payload, bool unprotected)
   Ptr<IOBufferBlock> tmp = payload;
   while (tmp) {
     this->_payload_length += tmp->size();
-    tmp = tmp->next;
+    tmp                   = tmp->next;
   }
   if (unprotected) {
     this->_payload_length += aead_tag_len;
@@ -1213,18 +1213,18 @@ QUICInitialPacketR::QUICInitialPacketR(UDPConnection *udp_con, IpEndpoint from,
 
   size_t offset = LONG_HDR_OFFSET_CONNECTION_ID;
   this->_dcid   = {raw_buf + offset, dcil};
-  offset += dcil + 1;
-  this->_scid = {raw_buf + offset, scil};
-  offset += scil;
+  offset        += dcil + 1;
+  this->_scid   = {raw_buf + offset, scil};
+  offset        += scil;
 
   // Token Length Field
   uint64_t token_len = QUICIntUtil::read_QUICVariableInt(raw_buf + offset, len - offset);
-  offset += QUICVariableInt::size(raw_buf + offset);
+  offset             += QUICVariableInt::size(raw_buf + offset);
 
   // Token Field
   if (token_len) {
     this->_token = new QUICAddressValidationToken(raw_buf + offset, token_len);
-    offset += token_len;
+    offset       += token_len;
   } else {
     this->_token = new QUICAddressValidationToken(nullptr, 0);
   }
@@ -1401,7 +1401,7 @@ QUICZeroRttPacket::attach_payload(Ptr<IOBufferBlock> payload, bool unprotected)
   Ptr<IOBufferBlock> tmp = payload;
   while (tmp) {
     this->_payload_length += tmp->size();
-    tmp = tmp->next;
+    tmp                   = tmp->next;
   }
   if (unprotected) {
     this->_payload_length += aead_tag_len;
@@ -1439,9 +1439,9 @@ QUICZeroRttPacketR::QUICZeroRttPacketR(UDPConnection *udp_con, IpEndpoint from,
 
   size_t offset = LONG_HDR_OFFSET_CONNECTION_ID;
   this->_dcid   = {raw_buf + offset, dcil};
-  offset += dcil + 1;
-  this->_scid = {raw_buf + offset, scil};
-  offset += scil;
+  offset        += dcil + 1;
+  this->_scid   = {raw_buf + offset, scil};
+  offset        += scil;
 
   // Length Field
   offset += QUICVariableInt::size(raw_buf + offset);
@@ -1581,7 +1581,7 @@ QUICHandshakePacket::attach_payload(Ptr<IOBufferBlock> payload, bool unprotected
   Ptr<IOBufferBlock> tmp = payload;
   while (tmp) {
     this->_payload_length += tmp->size();
-    tmp = tmp->next;
+    tmp                   = tmp->next;
   }
   if (unprotected) {
     this->_payload_length += aead_tag_len;
@@ -1619,9 +1619,9 @@ QUICHandshakePacketR::QUICHandshakePacketR(UDPConnection *udp_con, IpEndpoint fr
 
   size_t offset = LONG_HDR_OFFSET_CONNECTION_ID;
   this->_dcid   = {raw_buf + offset, dcil};
-  offset += dcil + 1;
-  this->_scid = {raw_buf + offset, scil};
-  offset += scil;
+  offset        += dcil + 1;
+  this->_scid   = {raw_buf + offset, scil};
+  offset        += scil;
 
   // Length Field
   offset += QUICVariableInt::size(raw_buf + offset);
@@ -1788,13 +1788,13 @@ QUICRetryPacketR::QUICRetryPacketR(UDPConnection *udp_con, IpEndpoint from, IpEn
 
   size_t offset = LONG_HDR_OFFSET_CONNECTION_ID;
   this->_dcid   = {raw_buf + offset, dcil};
-  offset += dcil + 1;
-  this->_scid = {raw_buf + offset, scil};
-  offset += scil;
+  offset        += dcil + 1;
+  this->_scid   = {raw_buf + offset, scil};
+  offset        += scil;
 
   // Retry Token field
   this->_token = new QUICRetryToken(raw_buf + offset, len - offset - QUICRetryIntegrityTag::LEN);
-  offset += this->_token->length();
+  offset       += this->_token->length();
 
   // Retry Integrity Tag
   memcpy(this->_integrity_tag, raw_buf + offset, QUICRetryIntegrityTag::LEN);
diff --git a/iocore/net/quic/QUICPacket.h b/iocore/net/quic/QUICPacket.h
index aba3d88ede0..6aa64f561d5 100644
--- a/iocore/net/quic/QUICPacket.h
+++ b/iocore/net/quic/QUICPacket.h
@@ -34,7 +34,7 @@
 
 #define QUIC_FIELD_OFFSET_CONNECTION_ID 1
 #define QUIC_FIELD_OFFSET_PACKET_NUMBER 4
-#define QUIC_FIELD_OFFSET_PAYLOAD 5
+#define QUIC_FIELD_OFFSET_PAYLOAD       5
 
 class UDPConnection;
 
diff --git a/iocore/net/quic/QUICPacketPayloadProtector_boringssl.cc b/iocore/net/quic/QUICPacketPayloadProtector_boringssl.cc
index 0352e513d13..8c42d4370a3 100644
--- a/iocore/net/quic/QUICPacketPayloadProtector_boringssl.cc
+++ b/iocore/net/quic/QUICPacketPayloadProtector_boringssl.cc
@@ -67,7 +67,7 @@ QUICPacketPayloadProtector::_protect(uint8_t *cipher, size_t &cipher_len, size_t
       return false;
     }
     cipher_len += len;
-    b = b->next;
+    b          = b->next;
   }
 
   if (!EVP_EncryptFinal_ex(aead_ctx, cipher + cipher_len, &len)) {
diff --git a/iocore/net/quic/QUICPacketPayloadProtector_openssl.cc b/iocore/net/quic/QUICPacketPayloadProtector_openssl.cc
index c900718417b..a9bca670b5a 100644
--- a/iocore/net/quic/QUICPacketPayloadProtector_openssl.cc
+++ b/iocore/net/quic/QUICPacketPayloadProtector_openssl.cc
@@ -67,7 +67,7 @@ QUICPacketPayloadProtector::_protect(uint8_t *cipher, size_t &cipher_len, size_t
       return false;
     }
     cipher_len += len;
-    b = b->next;
+    b          = b->next;
   }
 
   if (!EVP_EncryptFinal_ex(aead_ctx, cipher + cipher_len, &len)) {
diff --git a/iocore/net/quic/QUICPacketReceiveQueue.cc b/iocore/net/quic/QUICPacketReceiveQueue.cc
index 5ab11717da9..a3594519be5 100644
--- a/iocore/net/quic/QUICPacketReceiveQueue.cc
+++ b/iocore/net/quic/QUICPacketReceiveQueue.cc
@@ -72,7 +72,7 @@ QUICPacketReceiveQueue::dequeue(uint8_t *packet_buf, QUICPacketCreationResult &r
     while (b) {
       memcpy(this->_payload.get() + written, b->start(), b->read_avail());
       written += b->read_avail();
-      b = b->next.get();
+      b       = b->next.get();
     }
   }
 
diff --git a/iocore/net/quic/QUICRetryIntegrityTag.h b/iocore/net/quic/QUICRetryIntegrityTag.h
index 3649fff1d7f..757f05fd309 100644
--- a/iocore/net/quic/QUICRetryIntegrityTag.h
+++ b/iocore/net/quic/QUICRetryIntegrityTag.h
@@ -35,12 +35,12 @@ class QUICRetryIntegrityTag
 private:
   // For version 1
   static constexpr uint8_t KEY_FOR_RETRY_INTEGRITY_TAG[]   = {0xbe, 0x0c, 0x69, 0x0b, 0x9f, 0x66, 0x57, 0x5a,
-                                                            0x1d, 0x76, 0x6b, 0x54, 0xe3, 0x68, 0xc8, 0x4e};
+                                                              0x1d, 0x76, 0x6b, 0x54, 0xe3, 0x68, 0xc8, 0x4e};
   static constexpr uint8_t NONCE_FOR_RETRY_INTEGRITY_TAG[] = {0x46, 0x15, 0x99, 0xd3, 0x5d, 0x63,
                                                               0x2b, 0xf2, 0x23, 0x98, 0x25, 0xbb};
   // For draft 29
   static constexpr uint8_t KEY_FOR_RETRY_INTEGRITY_TAG_D29[]   = {0xcc, 0xce, 0x18, 0x7e, 0xd0, 0x9a, 0x09, 0xd0,
-                                                                0x57, 0x28, 0x15, 0x5a, 0x6c, 0xb9, 0x6b, 0xe1};
+                                                                  0x57, 0x28, 0x15, 0x5a, 0x6c, 0xb9, 0x6b, 0xe1};
   static constexpr uint8_t NONCE_FOR_RETRY_INTEGRITY_TAG_D29[] = {0xe5, 0x49, 0x30, 0xf9, 0x7f, 0x21,
                                                                   0x36, 0xf0, 0x53, 0x0a, 0x8c, 0x1c};
 };
diff --git a/iocore/net/quic/QUICStats.h b/iocore/net/quic/QUICStats.h
index 51dcff2623c..f96206dd24b 100644
--- a/iocore/net/quic/QUICStats.h
+++ b/iocore/net/quic/QUICStats.h
@@ -32,10 +32,10 @@ enum class QUICStats {
   count,
 };
 
-#define QUIC_INCREMENT_DYN_STAT(x) RecIncrRawStat(quic_rsb, nullptr, (int)x, 1)
-#define QUIC_DECREMENT_DYN_STAT(x) RecIncrRawStat(quic_rsb, nullptr, (int)x, -1)
+#define QUIC_INCREMENT_DYN_STAT(x)        RecIncrRawStat(quic_rsb, nullptr, (int)x, 1)
+#define QUIC_DECREMENT_DYN_STAT(x)        RecIncrRawStat(quic_rsb, nullptr, (int)x, -1)
 #define QUIC_SET_COUNT_DYN_STAT(x, count) RecSetRawStatCount(quic_rsb, x, count)
-#define QUIC_INCREMENT_DYN_STAT_EX(x, y) RecIncrRawStat(quic_rsb, nullptr, (int)x, y)
+#define QUIC_INCREMENT_DYN_STAT_EX(x, y)  RecIncrRawStat(quic_rsb, nullptr, (int)x, y)
 #define QUIC_CLEAR_DYN_STAT(x)            \
   do {                                    \
     RecSetRawStatSum(quic_rsb, (x), 0);   \
diff --git a/iocore/net/quic/QUICStreamManager_native.cc b/iocore/net/quic/QUICStreamManager_native.cc
index 7ecf64b7d8a..24688c93fc1 100644
--- a/iocore/net/quic/QUICStreamManager_native.cc
+++ b/iocore/net/quic/QUICStreamManager_native.cc
@@ -99,7 +99,7 @@ QUICStreamManagerImpl::create_uni_stream(QUICStreamId &new_stream_id)
 {
   QUICConnectionErrorUPtr error = this->create_stream(this->_next_stream_id_uni);
   if (error == nullptr) {
-    new_stream_id = this->_next_stream_id_uni;
+    new_stream_id             = this->_next_stream_id_uni;
     this->_next_stream_id_uni += QUIC_STREAM_TYPES;
   }
 
@@ -118,7 +118,7 @@ QUICStreamManagerImpl::create_bidi_stream(QUICStreamId &new_stream_id)
 {
   QUICConnectionErrorUPtr error = this->create_stream(this->_next_stream_id_bidi);
   if (error == nullptr) {
-    new_stream_id = this->_next_stream_id_bidi;
+    new_stream_id              = this->_next_stream_id_bidi;
     this->_next_stream_id_bidi += QUIC_STREAM_TYPES;
   }
 
diff --git a/iocore/net/quic/QUICStreamVCAdapter.cc b/iocore/net/quic/QUICStreamVCAdapter.cc
index 7ed06c4a4d1..aad235fdf3b 100644
--- a/iocore/net/quic/QUICStreamVCAdapter.cc
+++ b/iocore/net/quic/QUICStreamVCAdapter.cc
@@ -72,7 +72,7 @@ QUICStreamVCAdapter::_read(size_t len)
     block                  = make_ptr<IOBufferBlock>(reader->get_current_block()->clone());
     if (block->size()) {
       block->consume(reader->start_offset);
-      block->_end = std::min(block->start() + len, block->_buf_end);
+      block->_end            = std::min(block->start() + len, block->_buf_end);
       this->_write_vio.ndone += block->size();
     }
     reader->consume(block->size());
diff --git a/iocore/net/quic/QUICTransportParameters.cc b/iocore/net/quic/QUICTransportParameters.cc
index eff5e7da8b0..d9fc0e8010a 100644
--- a/iocore/net/quic/QUICTransportParameters.cc
+++ b/iocore/net/quic/QUICTransportParameters.cc
@@ -99,7 +99,7 @@ QUICTransportParameters::_load(const uint8_t *buf, size_t len, QUICVersion versi
     // Read ID
     if (!QUICVariableInt::decode(param_id, l, p, len)) {
       len -= l;
-      p += l;
+      p   += l;
     } else {
       has_error = true;
       break;
@@ -115,7 +115,7 @@ QUICTransportParameters::_load(const uint8_t *buf, size_t len, QUICVersion versi
     // Read length of value
     if (!QUICVariableInt::decode(param_len, l, p, len)) {
       len -= l;
-      p += l;
+      p   += l;
     } else {
       has_error = true;
       break;
@@ -125,7 +125,7 @@ QUICTransportParameters::_load(const uint8_t *buf, size_t len, QUICVersion versi
     if (len >= param_len) {
       this->_parameters.insert(std::make_pair(param_id, new Value(p, param_len)));
       len -= param_len;
-      p += param_len;
+      p   += param_len;
     } else {
       has_error = true;
       break;
diff --git a/iocore/net/quic/QUICTypes.cc b/iocore/net/quic/QUICTypes.cc
index 18ee6d9237c..b50ac4db0bb 100644
--- a/iocore/net/quic/QUICTypes.cc
+++ b/iocore/net/quic/QUICTypes.cc
@@ -47,7 +47,7 @@ to_hex_str(char *dst, size_t dst_len, const uint8_t *src, size_t src_len)
   for (size_t i = 0; i < src_len; ++i) {
     *dst       = hex_digits[src[i] >> 4];
     *(dst + 1) = hex_digits[src[i] & 0xf];
-    dst += 2;
+    dst        += 2;
   }
   *dst = '\0';
 
@@ -373,11 +373,11 @@ QUICRetryToken::QUICRetryToken(const IpEndpoint &src, QUICConnectionId original_
 
   size_t cid_len;
   *(data + data_len) = original_dcid.length();
-  data_len += 1;
+  data_len           += 1;
   QUICTypeUtil::write_QUICConnectionId(original_dcid, data + data_len, &cid_len);
-  data_len += cid_len;
+  data_len           += cid_len;
   *(data + data_len) = scid.length();
-  data_len += 1;
+  data_len           += 1;
   QUICTypeUtil::write_QUICConnectionId(scid, data + data_len, &cid_len);
   data_len += cid_len;
 
@@ -388,11 +388,11 @@ QUICRetryToken::QUICRetryToken(const IpEndpoint &src, QUICConnectionId original_
   this->_token_len += 1;
 
   *(this->_token + this->_token_len) = original_dcid.length();
-  this->_token_len += 1;
+  this->_token_len                   += 1;
   QUICTypeUtil::write_QUICConnectionId(original_dcid, this->_token + this->_token_len, &cid_len);
-  this->_token_len += cid_len;
+  this->_token_len                   += cid_len;
   *(this->_token + this->_token_len) = scid.length();
-  this->_token_len += 1;
+  this->_token_len                   += 1;
   QUICTypeUtil::write_QUICConnectionId(scid, this->_token + this->_token_len, &cid_len);
   this->_token_len += cid_len;
 }
@@ -466,9 +466,9 @@ QUICPreferredAddress::QUICPreferredAddress(const uint8_t *buf, uint16_t len)
 
   // CID
   uint16_t cid_len = QUICIntUtil::read_nbytes_as_uint(p, 1);
-  p += 1;
-  this->_cid = QUICTypeUtil::read_QUICConnectionId(p, cid_len);
-  p += cid_len;
+  p                += 1;
+  this->_cid       = QUICTypeUtil::read_QUICConnectionId(p, cid_len);
+  p                += cid_len;
 
   // Token
   this->_token = {p};
@@ -553,7 +553,7 @@ QUICPreferredAddress::store(uint8_t *buf, uint16_t &len) const
   // CID
   uint8_t cid_len = this->_cid.length();
   p[0]            = cid_len;
-  p += 1;
+  p               += 1;
   QUICTypeUtil::write_QUICConnectionId(this->_cid, p, &dummy);
   p += cid_len;
 
diff --git a/iocore/net/quic/qlog/QLogEvent.h b/iocore/net/quic/qlog/QLogEvent.h
index 553a34835a4..b3025a0e3b1 100644
--- a/iocore/net/quic/qlog/QLogEvent.h
+++ b/iocore/net/quic/qlog/QLogEvent.h
@@ -53,8 +53,11 @@ class QLogEvent
 
 using QLogEventUPtr = std::unique_ptr<QLogEvent>;
 
-#define SET(field, type) \
-  void set_##field(type v) { this->_node[#field] = v; }
+#define SET(field, type)     \
+  void set_##field(type v)   \
+  {                          \
+    this->_node[#field] = v; \
+  }
 
 // enum class PacketType : uint8_t { initial, handshake, zerortt, onertt, retry, version_negotiation, unknown };
 using PacketType = std::string;
@@ -148,7 +151,7 @@ namespace Connectivity
       }
     }
 
-#define _SET(a, b) SET_FUNC(ServerListening, a, b)
+#define _SET(a, b)    SET_FUNC(ServerListening, a, b)
 #define _APPEND(a, b) APPEND_FUNC(ServerListening, a, b)
     _SET(port_v4, int)
     _SET(port_v6, int)
@@ -184,7 +187,7 @@ namespace Connectivity
       set_dst_port(dport);
     }
 
-#define _SET(a, b) SET_FUNC(ConnectionStarted, a, b)
+#define _SET(a, b)    SET_FUNC(ConnectionStarted, a, b)
 #define _APPEND(a, b) APPEND_FUNC(ConnectionStarted, a, b)
     _SET(quic_version, std::string);
     _SET(src_cid, std::string);
@@ -223,7 +226,7 @@ namespace Connectivity
       }
     }
 
-#define _SET(a, b) SET_FUNC(ConnectionIdUpdated, a, b)
+#define _SET(a, b)    SET_FUNC(ConnectionIdUpdated, a, b)
 #define _APPEND(a, b) APPEND_FUNC(ConnectionIdUpdated, a, b)
 
     _SET(src_old, std::string);
@@ -501,7 +504,7 @@ namespace Transport
       set_packet_type(type).set_header(h).set_trigger(tr);
     }
 
-#define _SET(a, b) SET_FUNC(PacketEvent, a, b)
+#define _SET(a, b)    SET_FUNC(PacketEvent, a, b)
 #define _APPEND(a, b) APPEND_FUNC(PacketEvent, a, b)
     _SET(packet_type, PacketType)
     _SET(header, PacketHeader)
diff --git a/iocore/utils/I_OneWayTunnel.h b/iocore/utils/I_OneWayTunnel.h
index d74401a88ab..e60828c122d 100644
--- a/iocore/utils/I_OneWayTunnel.h
+++ b/iocore/utils/I_OneWayTunnel.h
@@ -206,6 +206,6 @@ struct OneWayTunnel : public Continuation {
   bool free_vcs             = true;
 
   // noncopyable
-  OneWayTunnel(const OneWayTunnel &) = delete;
+  OneWayTunnel(const OneWayTunnel &)            = delete;
   OneWayTunnel &operator=(const OneWayTunnel &) = delete;
 };
diff --git a/mgmt/DerivativeMetrics.cc b/mgmt/DerivativeMetrics.cc
index 3a3987517bc..eab5c3b6566 100644
--- a/mgmt/DerivativeMetrics.cc
+++ b/mgmt/DerivativeMetrics.cc
@@ -35,58 +35,48 @@
 static const std::vector<DerivativeSum> sum_metrics = {
   // Total bytes of client request body + headers
   {"proxy.process.http.user_agent_total_request_bytes",
-   RECD_INT,
-   {"proxy.process.http.user_agent_request_document_total_size", "proxy.process.http.user_agent_request_header_total_size"}},
-  // Total bytes of client response body + headers
+   RECD_INT,                                                              {"proxy.process.http.user_agent_request_document_total_size", "proxy.process.http.user_agent_request_header_total_size"}      },
+ // Total bytes of client response body + headers
   {"proxy.process.http.user_agent_total_response_bytes",
-   RECD_INT,
-   {"proxy.process.http.user_agent_response_document_total_size", "proxy.process.http.user_agent_response_header_total_size"}},
-  // Total bytes of origin server request body + headers
+   RECD_INT,                                                              {"proxy.process.http.user_agent_response_document_total_size", "proxy.process.http.user_agent_response_header_total_size"}    },
+ // Total bytes of origin server request body + headers
   {"proxy.process.http.origin_server_total_request_bytes",
-   RECD_INT,
-   {"proxy.process.http.origin_server_request_document_total_size", "proxy.process.http.origin_server_request_header_total_size"}},
-  // Total bytes of origin server response body + headers
+   RECD_INT,                                                              {"proxy.process.http.origin_server_request_document_total_size", "proxy.process.http.origin_server_request_header_total_size"}},
+ // Total bytes of origin server response body + headers
   {"proxy.process.http.origin_server_total_response_bytes",
-   RECD_INT,
-   {"proxy.process.http.origin_server_response_document_total_size",
-    "proxy.process.http.origin_server_response_header_total_size"}},
-  // Total bytes of client request and response (total traffic to and from clients)
+   RECD_INT,                                                              {"proxy.process.http.origin_server_response_document_total_size",
+    "proxy.process.http.origin_server_response_header_total_size"}                                                                                                                          },
+ // Total bytes of client request and response (total traffic to and from clients)
   {"proxy.process.user_agent_total_bytes",
-   RECD_INT,
-   {"proxy.process.http.user_agent_total_request_bytes", "proxy.process.http.user_agent_total_response_bytes"}},
-  // Total bytes of origin/parent request and response
+   RECD_INT,                                                              {"proxy.process.http.user_agent_total_request_bytes", "proxy.process.http.user_agent_total_response_bytes"}                   },
+ // Total bytes of origin/parent request and response
   {"proxy.process.origin_server_total_bytes",
-   RECD_INT,
-   {"proxy.process.http.origin_server_total_request_bytes", "proxy.process.http.origin_server_total_response_bytes",
-    "proxy.process.http.parent_proxy_request_total_bytes", "proxy.process.http.parent_proxy_response_total_bytes"}},
-  // Total requests which are cache hits
+   RECD_INT,                                                              {"proxy.process.http.origin_server_total_request_bytes", "proxy.process.http.origin_server_total_response_bytes",
+    "proxy.process.http.parent_proxy_request_total_bytes", "proxy.process.http.parent_proxy_response_total_bytes"}                                                                          },
+ // Total requests which are cache hits
   {"proxy.process.cache_total_hits",
-   RECD_COUNTER,
-   {"proxy.process.http.cache_hit_fresh", "proxy.process.http.cache_hit_revalidated", "proxy.process.http.cache_hit_ims",
-    "proxy.process.http.cache_hit_stale_served"}},
-  // Total requests which are cache misses
+   RECD_COUNTER,                                                          {"proxy.process.http.cache_hit_fresh", "proxy.process.http.cache_hit_revalidated", "proxy.process.http.cache_hit_ims",
+    "proxy.process.http.cache_hit_stale_served"}                                                                                                                                        },
+ // Total requests which are cache misses
   {"proxy.process.cache_total_misses",
-   RECD_COUNTER,
-   {"proxy.process.http.cache_miss_cold", "proxy.process.http.cache_miss_changed", "proxy.process.http.cache_miss_client_no_cache",
-    "proxy.process.http.cache_miss_ims", "proxy.process.http.cache_miss_client_not_cacheable"}},
-  // Total requests, both hits and misses (this is slightly superfluous, but assures correct percentage calculations)
-  {"proxy.process.cache_total_requests", RECD_COUNTER, {"proxy.process.cache_total_hits", "proxy.process.cache_total_misses"}},
-  // Total cache requests bytes which are cache hits
+   RECD_COUNTER,                                                          {"proxy.process.http.cache_miss_cold", "proxy.process.http.cache_miss_changed", "proxy.process.http.cache_miss_client_no_cache",
+    "proxy.process.http.cache_miss_ims", "proxy.process.http.cache_miss_client_not_cacheable"}                                                                                          },
+ // Total requests, both hits and misses (this is slightly superfluous, but assures correct percentage calculations)
+  {"proxy.process.cache_total_requests",                    RECD_COUNTER, {"proxy.process.cache_total_hits", "proxy.process.cache_total_misses"}                                                        },
+ // Total cache requests bytes which are cache hits
   {"proxy.process.cache_total_hits_bytes",
-   RECD_INT,
-   {"proxy.process.http.tcp_hit_user_agent_bytes_stat", "proxy.process.http.tcp_refresh_hit_user_agent_bytes_stat",
-    "proxy.process.http.tcp_ims_hit_user_agent_bytes_stat"}},
-  // Total cache requests bytes which are cache misses
+   RECD_INT,                                                              {"proxy.process.http.tcp_hit_user_agent_bytes_stat", "proxy.process.http.tcp_refresh_hit_user_agent_bytes_stat",
+    "proxy.process.http.tcp_ims_hit_user_agent_bytes_stat"}                                                                                                                                 },
+ // Total cache requests bytes which are cache misses
   {"proxy.process.cache_total_misses_bytes",
-   RECD_INT,
-   {"proxy.process.http.tcp_miss_user_agent_bytes_stat", "proxy.process.http.tcp_expired_miss_user_agent_bytes_stat",
-    "proxy.process.http.tcp_refresh_miss_user_agent_bytes_stat", "proxy.process.http.tcp_ims_miss_user_agent_bytes_stat"}},
-  // Total request bytes, both hits and misses
-  {"proxy.process.cache_total_bytes", RECD_INT, {"proxy.process.cache_total_hits_bytes", "proxy.process.cache_total_misses_bytes"}},
-  // Total of all server connections (sum of origins and parent connections)
+   RECD_INT,                                                              {"proxy.process.http.tcp_miss_user_agent_bytes_stat", "proxy.process.http.tcp_expired_miss_user_agent_bytes_stat",
+    "proxy.process.http.tcp_refresh_miss_user_agent_bytes_stat", "proxy.process.http.tcp_ims_miss_user_agent_bytes_stat"}                                                                   },
+ // Total request bytes, both hits and misses
+  {"proxy.process.cache_total_bytes",                       RECD_INT,     {"proxy.process.cache_total_hits_bytes", "proxy.process.cache_total_misses_bytes"}                                            },
+ // Total of all server connections (sum of origins and parent connections)
   {"proxy.process.current_server_connections",
-   RECD_INT,
-   {"proxy.process.http.current_server_connections", "proxy.process.http.current_parent_proxy_connections"}}};
+   RECD_INT,                                                              {"proxy.process.http.current_server_connections", "proxy.process.http.current_parent_proxy_connections"}                      }
+};
 
 // The constructor is responsible for registering the new metrics. ToDo: At some point we could
 // in theory expand this to support some sort of configuration, and then replace the hardcoded metrics
@@ -125,11 +115,11 @@ DerivativeMetrics::Update()
     for (auto &&metric : metric_parts) {
       switch (type) {
       case RECD_INT:
-        error = RecGetRecordInt(metric, &int_val);
+        error       = RecGetRecordInt(metric, &int_val);
         sum.rec_int += int_val;
         break;
       case RECD_COUNTER:
-        error = RecGetRecordCounter(metric, &counter_val);
+        error           = RecGetRecordCounter(metric, &counter_val);
         sum.rec_counter += counter_val;
         break;
       default:
diff --git a/mgmt/DerivativeMetrics.h b/mgmt/DerivativeMetrics.h
index cc8db1bdc27..6a99a225cbc 100644
--- a/mgmt/DerivativeMetrics.h
+++ b/mgmt/DerivativeMetrics.h
@@ -35,6 +35,6 @@ class DerivativeMetrics
   void Update();
 
   // Don't allow copy and assign
-  DerivativeMetrics(DerivativeMetrics const &) = delete;
+  DerivativeMetrics(DerivativeMetrics const &)            = delete;
   DerivativeMetrics &operator=(DerivativeMetrics const &) = delete;
 };
diff --git a/mgmt/WebMgmtUtils.cc b/mgmt/WebMgmtUtils.cc
index d616b262b5d..3dc2bdad1db 100644
--- a/mgmt/WebMgmtUtils.cc
+++ b/mgmt/WebMgmtUtils.cc
@@ -412,7 +412,7 @@ substituteForHTMLChars(const char *buffer)
       break;
     default:
       *safeCurrent = *inCurrent;
-      safeCurrent += 1;
+      safeCurrent  += 1;
       break;
     }
 
diff --git a/mgmt/YamlCfg.cc b/mgmt/YamlCfg.cc
index 292ae38cff6..da267eed7e6 100644
--- a/mgmt/YamlCfg.cc
+++ b/mgmt/YamlCfg.cc
@@ -72,7 +72,7 @@ namespace Yaml
             msg += ", ";
           }
           first = false;
-          msg += key;
+          msg   += key;
         }
       }
       throw YAML::ParserException(_map.Mark(), msg + " invalid in this map");
diff --git a/mgmt/YamlCfg.h b/mgmt/YamlCfg.h
index 25d7e99f466..51ca003afca 100644
--- a/mgmt/YamlCfg.h
+++ b/mgmt/YamlCfg.h
@@ -64,7 +64,7 @@ namespace Yaml
 
     // No copy/move.
     //
-    Map(Map const &) = delete;
+    Map(Map const &)            = delete;
     Map &operator=(Map const &) = delete;
 
   private:
diff --git a/mgmt/api/CoreAPIShared.h b/mgmt/api/CoreAPIShared.h
index 6e1e8d77b9f..a17a98d0e54 100644
--- a/mgmt/api/CoreAPIShared.h
+++ b/mgmt/api/CoreAPIShared.h
@@ -36,10 +36,10 @@
 
 // used by TSReadFromUrl
 #define HTTP_DIVIDER "\r\n\r\n"
-#define URL_BUFSIZE 65536 // the max. length of URL obtainable (in bytes)
-#define URL_TIMEOUT 5000  // the timeout value for send/recv HTTP in ms
-#define HTTP_PORT 80
-#define BUFSIZE 1024
+#define URL_BUFSIZE  65536 // the max. length of URL obtainable (in bytes)
+#define URL_TIMEOUT  5000  // the timeout value for send/recv HTTP in ms
+#define HTTP_PORT    80
+#define BUFSIZE      1024
 
 // used by TSReadFromUrl
 TSMgmtError parseHTTPResponse(char *buffer, char **header, int *hdr_size, char **body, int *bdy_size);
diff --git a/mgmt/api/INKMgmtAPI.cc b/mgmt/api/INKMgmtAPI.cc
index 38e38928c6d..775f41fe103 100644
--- a/mgmt/api/INKMgmtAPI.cc
+++ b/mgmt/api/INKMgmtAPI.cc
@@ -472,8 +472,8 @@ TSReadFromUrlEx(const char *url, char **header, int *headerSize, char **body, in
   char *host_and_port;
   if (tempPath) {
     host_and_port = ats_strndup(url, strlen(url) - strlen(tempPath));
-    tempPath += 1; // advance one position to get rid of leading '/'
-    httpPath = ats_strdup(tempPath);
+    tempPath      += 1; // advance one position to get rid of leading '/'
+    httpPath      = ats_strdup(tempPath);
   } else {
     host_and_port = ats_strdup(url);
     httpPath      = ats_strdup("");
@@ -483,7 +483,7 @@ TSReadFromUrlEx(const char *url, char **header, int *headerSize, char **body, in
   char *colon = strstr(host_and_port, ":");
   if (colon) {
     httpHost = ats_strndup(host_and_port, strlen(host_and_port) - strlen(colon));
-    colon += 1; // advance one position to get rid of leading ':'
+    colon    += 1; // advance one position to get rid of leading ':'
     httpPort = ink_atoi(colon);
     if (httpPort <= 0) {
       httpPort = HTTP_PORT;
diff --git a/mgmt/api/include/mgmtapi.h b/mgmt/api/include/mgmtapi.h
index d36181cbec7..99406a2e910 100644
--- a/mgmt/api/include/mgmtapi.h
+++ b/mgmt/api/include/mgmtapi.h
@@ -44,9 +44,9 @@ extern "C" {
 
 #ifndef TS_RES_MEM_PATH
 #define __TS_RES_PATH(x) #x
-#define _TS_RES_PATH(x) __TS_RES_PATH(x)
-#define TS_RES_PATH(x) x __FILE__ ":" _TS_RES_PATH(__LINE__)
-#define TS_RES_MEM_PATH TS_RES_PATH("memory/")
+#define _TS_RES_PATH(x)  __TS_RES_PATH(x)
+#define TS_RES_PATH(x)   x __FILE__ ":" _TS_RES_PATH(__LINE__)
+#define TS_RES_MEM_PATH  TS_RES_PATH("memory/")
 #endif
 
 #define TM_OPT_BIND_STDOUT "bind_stdout"
@@ -228,11 +228,11 @@ typedef void (*TSDisconnectFunc)(void *data);
 /***************************************************************************
  * API Memory Management
  ***************************************************************************/
-#define TSmalloc(s) _TSmalloc((s), TS_RES_MEM_PATH)
+#define TSmalloc(s)     _TSmalloc((s), TS_RES_MEM_PATH)
 #define TSrealloc(p, s) _TSrealloc((p), (s), TS_RES_MEM_PATH)
-#define TSstrdup(p) _TSstrdup((p), -1, TS_RES_MEM_PATH)
+#define TSstrdup(p)     _TSstrdup((p), -1, TS_RES_MEM_PATH)
 #define TSstrndup(p, n) _TSstrdup((p), (n), TS_RES_MEM_PATH)
-#define TSfree(p) _TSfree(p)
+#define TSfree(p)       _TSfree(p)
 
 tsapi void *_TSmalloc(size_t size, const char *path);
 tsapi void *_TSrealloc(void *ptr, size_t size, const char *path);
diff --git a/mgmt/config/FileManager.h b/mgmt/config/FileManager.h
index 4746e67d6a7..ce558098a8a 100644
--- a/mgmt/config/FileManager.h
+++ b/mgmt/config/FileManager.h
@@ -107,7 +107,7 @@ class FileManager
     }
 
     // noncopyable
-    ConfigManager(const ConfigManager &) = delete;
+    ConfigManager(const ConfigManager &)            = delete;
     ConfigManager &operator=(const ConfigManager &) = delete;
 
   private:
@@ -125,7 +125,7 @@ class FileManager
   using CallbackType = std::function<ts::Errata(std::string const &, std::string const &)>;
 
   ~FileManager();
-  FileManager(const FileManager &obj) = delete;
+  FileManager(const FileManager &obj)         = delete;
   FileManager &operator=(FileManager const &) = delete;
 
   void addFile(const char *fileName, const char *configName, bool root_access_needed, bool isRequired,
diff --git a/mgmt/rpc/handlers/common/ErrorUtils.h b/mgmt/rpc/handlers/common/ErrorUtils.h
index 1b17c9e4c40..4f3242a393b 100644
--- a/mgmt/rpc/handlers/common/ErrorUtils.h
+++ b/mgmt/rpc/handlers/common/ErrorUtils.h
@@ -51,7 +51,7 @@ static constexpr int ERRATA_DEFAULT_ID{1};
 
 template <typename... Args>
 static inline ts::Errata
-make_errata(int code, std::string_view fmt, Args &&... args)
+make_errata(int code, std::string_view fmt, Args &&...args)
 {
   std::string text;
   return ts::Errata{}.push(ERRATA_DEFAULT_ID, code, ts::bwprint(text, fmt, std::forward<Args>(args)...));
diff --git a/mgmt/rpc/jsonrpc/JsonRPCManager.h b/mgmt/rpc/jsonrpc/JsonRPCManager.h
index 4baeda00a35..29727ce0285 100644
--- a/mgmt/rpc/jsonrpc/JsonRPCManager.h
+++ b/mgmt/rpc/jsonrpc/JsonRPCManager.h
@@ -146,11 +146,11 @@ class JsonRPCManager
   }
 
 protected: // For unit test.
-  JsonRPCManager()                       = default;
-  JsonRPCManager(JsonRPCManager const &) = delete;
-  JsonRPCManager(JsonRPCManager &&)      = delete;
+  JsonRPCManager()                                  = default;
+  JsonRPCManager(JsonRPCManager const &)            = delete;
+  JsonRPCManager(JsonRPCManager &&)                 = delete;
   JsonRPCManager &operator=(JsonRPCManager const &) = delete;
-  JsonRPCManager &operator=(JsonRPCManager &&) = delete;
+  JsonRPCManager &operator=(JsonRPCManager &&)      = delete;
 
   ///
   /// @brief Remove handler from the registered method handlers. Test only.
diff --git a/mgmt/rpc/jsonrpc/unit_tests/test_basic_protocol.cc b/mgmt/rpc/jsonrpc/unit_tests/test_basic_protocol.cc
index 24aa1fbb158..b0d02de331e 100644
--- a/mgmt/rpc/jsonrpc/unit_tests/test_basic_protocol.cc
+++ b/mgmt/rpc/jsonrpc/unit_tests/test_basic_protocol.cc
@@ -600,7 +600,7 @@ TEST_CASE("Call method with invalid ID", "[invalid_id]")
   {
     std::string req = R"([{"id": "", "jsonrpc": "2.0", "method": "will_not_pass_the_validation"},)"
                       R"({"id": {}, "jsonrpc": "2.0", "method": "will_not_pass_the_validation"}])";
-    auto resp = rpc.handle_call(req);
+    auto resp       = rpc.handle_call(req);
     std::string expected =
       R"([{"jsonrpc": "2.0", "error": {"code": 11, "message": "Use of an empty string as id is discouraged"}}, )"
       R"({"jsonrpc": "2.0", "error": {"code": 7, "message": "Invalid id type"}}])";
diff --git a/mgmt/rpc/server/unit_tests/test_rpcserver.cc b/mgmt/rpc/server/unit_tests/test_rpcserver.cc
index 7649b3b41c0..67c400aad09 100644
--- a/mgmt/rpc/server/unit_tests/test_rpcserver.cc
+++ b/mgmt/rpc/server/unit_tests/test_rpcserver.cc
@@ -148,7 +148,7 @@ getTemporaryDir()
 {
   std::error_code ec;
   fs::path tmpDir = fs::canonical(fs::temp_directory_path(), ec);
-  tmpDir /= "sandbox_XXXXXX";
+  tmpDir          /= "sandbox_XXXXXX";
 
   char dirNameTemplate[tmpDir.string().length() + 1];
   sprintf(dirNameTemplate, "%s", tmpDir.c_str());
@@ -216,7 +216,9 @@ struct ScopedLocalSocket : shared::rpc::IPCSocketClient {
   {
     const std::size_t size = std::distance(from, to);
     if (size <= N) {
-      return {std::string{from, to}};
+      return {
+        std::string{from, to}
+      };
     }
     std::size_t index{0};
     std::array<std::string, N> ret;
@@ -293,9 +295,9 @@ std::string
 random_string(std::string::size_type length)
 {
   auto randchar = []() -> char {
-    const char charset[] = "0123456789"
-                           "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-                           "abcdefghijklmnopqrstuvwxyz";
+    const char charset[]   = "0123456789"
+                             "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+                             "abcdefghijklmnopqrstuvwxyz";
     const size_t max_index = (sizeof(charset) - 1);
     return charset[rand() % max_index];
   };
diff --git a/mgmt/utils/ExpandingArray.cc b/mgmt/utils/ExpandingArray.cc
index 0ec893f35d8..ddebeb40316 100644
--- a/mgmt/utils/ExpandingArray.cc
+++ b/mgmt/utils/ExpandingArray.cc
@@ -63,7 +63,7 @@ ExpandingArray::addEntry(void *entry)
 {
   if (numValidValues == internalArraySize) {
     // Time to increase the size of the array
-    internalArray = static_cast<void **>(ats_realloc(internalArray, 2 * sizeof(void *) * internalArraySize));
+    internalArray     = static_cast<void **>(ats_realloc(internalArray, 2 * sizeof(void *) * internalArraySize));
     internalArraySize *= 2;
   }
 
diff --git a/mgmt/utils/MgmtUtils.cc b/mgmt/utils/MgmtUtils.cc
index f073660d7c3..095b2efe69f 100644
--- a/mgmt/utils/MgmtUtils.cc
+++ b/mgmt/utils/MgmtUtils.cc
@@ -117,7 +117,7 @@ mgmt_writeline(int soc, const char *data, int nbytes)
       return nwritten;
     }
     nleft -= nwritten;
-    tmp += nwritten;
+    tmp   += nwritten;
   }
 
   while (n != 1) {
@@ -173,8 +173,8 @@ mgmt_read_pipe(int fd, char *buf, int bytes_to_read)
     }
 
     bytes_to_read -= err;
-    bytes_read += err;
-    p += err;
+    bytes_read    += err;
+    p             += err;
   }
 
   return bytes_read;
@@ -212,8 +212,8 @@ mgmt_write_pipe(int fd, char *buf, int bytes_to_write)
     }
 
     bytes_to_write -= err;
-    bytes_written += err;
-    p += err;
+    bytes_written  += err;
+    p              += err;
   }
 
   return bytes_written;
diff --git a/plugins/authproxy/authproxy.cc b/plugins/authproxy/authproxy.cc
index a8da078c1ed..83c683910b0 100644
--- a/plugins/authproxy/authproxy.cc
+++ b/plugins/authproxy/authproxy.cc
@@ -105,42 +105,49 @@ StateContinue(AuthRequestContext *, void *)
 }
 
 // State table for sending the auth proxy response to the client.
-static const StateTransition StateTableSendResponse[] = {{TS_EVENT_HTTP_SEND_RESPONSE_HDR, StateAuthProxySendResponse, nullptr},
-                                                         {TS_EVENT_NONE, nullptr, nullptr}};
+static const StateTransition StateTableSendResponse[] = {
+  {TS_EVENT_HTTP_SEND_RESPONSE_HDR, StateAuthProxySendResponse, nullptr},
+  {TS_EVENT_NONE,                   nullptr,                    nullptr}
+};
 
 // State table for reading the proxy response body content.
 static const StateTransition StateTableProxyReadContent[] = {
-  {TS_EVENT_VCONN_READ_READY, StateAuthProxyReadContent, StateTableProxyReadContent},
-  {TS_EVENT_VCONN_READ_COMPLETE, StateAuthProxyReadContent, StateTableProxyReadContent},
-  {TS_EVENT_VCONN_EOS, StateAuthProxyCompleteContent, StateTableProxyReadContent},
-  {TS_EVENT_HTTP_SEND_RESPONSE_HDR, StateContinue, StateTableSendResponse},
-  {TS_EVENT_ERROR, StateUnauthorized, nullptr},
-  {TS_EVENT_IMMEDIATE, StateAuthorized, nullptr},
-  {TS_EVENT_NONE, nullptr, nullptr}};
+  {TS_EVENT_VCONN_READ_READY,       StateAuthProxyReadContent,     StateTableProxyReadContent},
+  {TS_EVENT_VCONN_READ_COMPLETE,    StateAuthProxyReadContent,     StateTableProxyReadContent},
+  {TS_EVENT_VCONN_EOS,              StateAuthProxyCompleteContent, StateTableProxyReadContent},
+  {TS_EVENT_HTTP_SEND_RESPONSE_HDR, StateContinue,                 StateTableSendResponse    },
+  {TS_EVENT_ERROR,                  StateUnauthorized,             nullptr                   },
+  {TS_EVENT_IMMEDIATE,              StateAuthorized,               nullptr                   },
+  {TS_EVENT_NONE,                   nullptr,                       nullptr                   }
+};
 
 // State table for reading the auth proxy response header.
 static const StateTransition StateTableProxyReadHeader[] = {
-  {TS_EVENT_VCONN_READ_READY, StateAuthProxyReadHeaders, StateTableProxyReadHeader},
-  {TS_EVENT_VCONN_READ_COMPLETE, StateAuthProxyReadHeaders, StateTableProxyReadHeader},
-  {TS_EVENT_HTTP_READ_REQUEST_HDR, StateAuthProxyCompleteHeaders, StateTableProxyReadHeader},
-  {TS_EVENT_HTTP_SEND_RESPONSE_HDR, StateContinue, StateTableSendResponse},
-  {TS_EVENT_HTTP_CONTINUE, StateAuthProxyReadContent, StateTableProxyReadContent},
-  {TS_EVENT_VCONN_EOS, StateUnauthorized, nullptr}, // XXX Should we check headers on EOS?
-  {TS_EVENT_ERROR, StateUnauthorized, nullptr},
-  {TS_EVENT_IMMEDIATE, StateAuthorized, nullptr},
-  {TS_EVENT_NONE, nullptr, nullptr}};
+  {TS_EVENT_VCONN_READ_READY,       StateAuthProxyReadHeaders,     StateTableProxyReadHeader },
+  {TS_EVENT_VCONN_READ_COMPLETE,    StateAuthProxyReadHeaders,     StateTableProxyReadHeader },
+  {TS_EVENT_HTTP_READ_REQUEST_HDR,  StateAuthProxyCompleteHeaders, StateTableProxyReadHeader },
+  {TS_EVENT_HTTP_SEND_RESPONSE_HDR, StateContinue,                 StateTableSendResponse    },
+  {TS_EVENT_HTTP_CONTINUE,          StateAuthProxyReadContent,     StateTableProxyReadContent},
+  {TS_EVENT_VCONN_EOS,              StateUnauthorized,             nullptr                   }, // XXX Should we check headers on EOS?
+  {TS_EVENT_ERROR,                  StateUnauthorized,             nullptr                   },
+  {TS_EVENT_IMMEDIATE,              StateAuthorized,               nullptr                   },
+  {TS_EVENT_NONE,                   nullptr,                       nullptr                   }
+};
 
 // State table for sending the request to the auth proxy.
 static const StateTransition StateTableProxyRequest[] = {
-  {TS_EVENT_VCONN_WRITE_READY, StateAuthProxyWriteReady, StateTableProxyRequest},
+  {TS_EVENT_VCONN_WRITE_READY,    StateAuthProxyWriteReady,    StateTableProxyRequest   },
   {TS_EVENT_VCONN_WRITE_COMPLETE, StateAuthProxyWriteComplete, StateTableProxyReadHeader},
-  {TS_EVENT_ERROR, StateUnauthorized, nullptr},
-  {TS_EVENT_NONE, nullptr, nullptr}};
+  {TS_EVENT_ERROR,                StateUnauthorized,           nullptr                  },
+  {TS_EVENT_NONE,                 nullptr,                     nullptr                  }
+};
 
 // Initial state table.
-static const StateTransition StateTableInit[] = {{TS_EVENT_HTTP_POST_REMAP, StateAuthProxyConnect, StateTableProxyRequest},
-                                                 {TS_EVENT_ERROR, StateUnauthorized, nullptr},
-                                                 {TS_EVENT_NONE, nullptr, nullptr}};
+static const StateTransition StateTableInit[] = {
+  {TS_EVENT_HTTP_POST_REMAP, StateAuthProxyConnect, StateTableProxyRequest},
+  {TS_EVENT_ERROR,           StateUnauthorized,     nullptr               },
+  {TS_EVENT_NONE,            nullptr,               nullptr               }
+};
 
 struct AuthRequestContext {
   TSHttpTxn txn = nullptr; // Original client transaction we are authorizing.
@@ -723,13 +730,13 @@ AuthParseOptions(int argc, const char **argv)
   // on some platforms (e.g. Solaris / Illumos). On sane platforms (e.g. linux), it'll get
   // automatically casted back to the const char*, as the struct is defined in <getopt.h>.
   static const struct option longopt[] = {
-    {const_cast<char *>("auth-host"), required_argument, nullptr, 'h'},
-    {const_cast<char *>("auth-port"), required_argument, nullptr, 'p'},
-    {const_cast<char *>("auth-transform"), required_argument, nullptr, 't'},
-    {const_cast<char *>("force-cacheability"), no_argument, nullptr, 'c'},
-    {const_cast<char *>("cache-internal"), no_argument, nullptr, 'i'},
+    {const_cast<char *>("auth-host"),             required_argument, nullptr, 'h'},
+    {const_cast<char *>("auth-port"),             required_argument, nullptr, 'p'},
+    {const_cast<char *>("auth-transform"),        required_argument, nullptr, 't'},
+    {const_cast<char *>("force-cacheability"),    no_argument,       nullptr, 'c'},
+    {const_cast<char *>("cache-internal"),        no_argument,       nullptr, 'i'},
     {const_cast<char *>("forward-header-prefix"), required_argument, nullptr, 'f'},
-    {nullptr, 0, nullptr, 0},
+    {nullptr,                                     0,                 nullptr, 0  },
   };
 
   AuthOptions *options = AuthNew<AuthOptions>();
diff --git a/plugins/authproxy/utils.h b/plugins/authproxy/utils.h
index bd672ee729b..a7224a1802a 100644
--- a/plugins/authproxy/utils.h
+++ b/plugins/authproxy/utils.h
@@ -73,7 +73,7 @@ struct HttpIoBuffer {
   }
 
   // noncopyable
-  HttpIoBuffer(const HttpIoBuffer &) = delete;            // delete
+  HttpIoBuffer(const HttpIoBuffer &)            = delete; // delete
   HttpIoBuffer &operator=(const HttpIoBuffer &) = delete; // delete
 };
 
@@ -91,7 +91,7 @@ struct HttpHeader {
   TSMLoc header;
 
   // noncopyable
-  HttpHeader(const HttpHeader &) = delete;            // delete
+  HttpHeader(const HttpHeader &)            = delete; // delete
   HttpHeader &operator=(const HttpHeader &) = delete; // delete
 };
 
diff --git a/plugins/background_fetch/background_fetch.cc b/plugins/background_fetch/background_fetch.cc
index ba6837265e2..0e1efc33e63 100644
--- a/plugins/background_fetch/background_fetch.cc
+++ b/plugins/background_fetch/background_fetch.cc
@@ -49,7 +49,8 @@ static const std::array<const std::string_view, 6> FILTER_HEADERS{
    {TS_MIME_FIELD_IF_MODIFIED_SINCE, static_cast<size_t>(TS_MIME_LEN_IF_MODIFIED_SINCE)},
    {TS_MIME_FIELD_IF_NONE_MATCH, static_cast<size_t>(TS_MIME_LEN_IF_NONE_MATCH)},
    {TS_MIME_FIELD_IF_RANGE, static_cast<size_t>(TS_MIME_LEN_IF_RANGE)},
-   {TS_MIME_FIELD_IF_UNMODIFIED_SINCE, static_cast<size_t>(TS_MIME_LEN_IF_UNMODIFIED_SINCE)}}};
+   {TS_MIME_FIELD_IF_UNMODIFIED_SINCE, static_cast<size_t>(TS_MIME_LEN_IF_UNMODIFIED_SINCE)}}
+};
 
 ///////////////////////////////////////////////////////////////////////////
 // Hold the global background fetch state. This is currently shared across all
@@ -60,8 +61,8 @@ using OutstandingRequests = std::unordered_map<std::string, bool>;
 class BgFetchState
 {
 public:
-  BgFetchState()                     = default;
-  BgFetchState(BgFetchState const &) = delete;
+  BgFetchState()                       = default;
+  BgFetchState(BgFetchState const &)   = delete;
   void operator=(BgFetchState const &) = delete;
 
   static BgFetchState &
diff --git a/plugins/background_fetch/configs.cc b/plugins/background_fetch/configs.cc
index 92d589b0e7c..d6eace2f8a5 100644
--- a/plugins/background_fetch/configs.cc
+++ b/plugins/background_fetch/configs.cc
@@ -34,10 +34,12 @@
 bool
 BgFetchConfig::parseOptions(int argc, const char *argv[])
 {
-  static const struct option longopt[] = {{const_cast<char *>("log"), required_argument, nullptr, 'l'},
-                                          {const_cast<char *>("config"), required_argument, nullptr, 'c'},
-                                          {const_cast<char *>("allow-304"), no_argument, nullptr, 'a'},
-                                          {nullptr, no_argument, nullptr, '\0'}};
+  static const struct option longopt[] = {
+    {const_cast<char *>("log"),       required_argument, nullptr, 'l' },
+    {const_cast<char *>("config"),    required_argument, nullptr, 'c' },
+    {const_cast<char *>("allow-304"), no_argument,       nullptr, 'a' },
+    {nullptr,                         no_argument,       nullptr, '\0'}
+  };
 
   while (true) {
     int opt = getopt_long(argc, const_cast<char *const *>(argv), "lc", longopt, nullptr);
diff --git a/plugins/cache_promote/chance_policy.h b/plugins/cache_promote/chance_policy.h
index 8c43f454cf3..fb74ab88fad 100644
--- a/plugins/cache_promote/chance_policy.h
+++ b/plugins/cache_promote/chance_policy.h
@@ -26,7 +26,8 @@
 class ChancePolicy : public PromotionPolicy
 {
 public:
-  bool doPromote(TSHttpTxn /* txnp ATS_UNUSED */) override
+  bool
+  doPromote(TSHttpTxn /* txnp ATS_UNUSED */) override
   {
     TSDebug(PLUGIN_NAME, "ChancePolicy::doPromote(%f)", getSample());
     incrementStat(_promoted_id, 1);
@@ -51,8 +52,8 @@ class ChancePolicy : public PromotionPolicy
   {
     std::string_view remap_identifier                 = remap_id;
     const std::tuple<std::string_view, int *> stats[] = {
-      {"cache_hits", &_cache_hits_id},
-      {"promoted", &_promoted_id},
+      {"cache_hits",     &_cache_hits_id    },
+      {"promoted",       &_promoted_id      },
       {"total_requests", &_total_requests_id},
     };
 
diff --git a/plugins/cache_promote/configs.cc b/plugins/cache_promote/configs.cc
index d38d963db89..980fcea080f 100644
--- a/plugins/cache_promote/configs.cc
+++ b/plugins/cache_promote/configs.cc
@@ -25,18 +25,18 @@
 // ToDo: It's ugly that this is a "global" options list, clearly each policy should be able
 // to add to this list, making them more modular.
 static const struct option longopt[] = {
-  {const_cast<char *>("policy"), required_argument, nullptr, 'p'},
-  {const_cast<char *>("stats-enable-with-id"), required_argument, nullptr, 'e'},
-  // This is for both Chance and LRU (optional) policy
-  {const_cast<char *>("sample"), required_argument, nullptr, 's'},
-  // For the LRU policy
-  {const_cast<char *>("buckets"), required_argument, nullptr, 'b'},
-  {const_cast<char *>("hits"), required_argument, nullptr, 'h'},
-  {const_cast<char *>("bytes"), required_argument, nullptr, 'B'},
-  {const_cast<char *>("label"), required_argument, nullptr, 'l'},
-  {const_cast<char *>("internal-enabled"), no_argument, nullptr, 'i'},
-  // EOF
-  {nullptr, no_argument, nullptr, '\0'},
+  {const_cast<char *>("policy"),               required_argument, nullptr, 'p' },
+  {const_cast<char *>("stats-enable-with-id"), required_argument, nullptr, 'e' },
+ // This is for both Chance and LRU (optional) policy
+  {const_cast<char *>("sample"),               required_argument, nullptr, 's' },
+ // For the LRU policy
+  {const_cast<char *>("buckets"),              required_argument, nullptr, 'b' },
+  {const_cast<char *>("hits"),                 required_argument, nullptr, 'h' },
+  {const_cast<char *>("bytes"),                required_argument, nullptr, 'B' },
+  {const_cast<char *>("label"),                required_argument, nullptr, 'l' },
+  {const_cast<char *>("internal-enabled"),     no_argument,       nullptr, 'i' },
+ // EOF
+  {nullptr,                                    no_argument,       nullptr, '\0'},
 };
 
 // The destructor is responsible for returning the policy to the PolicyManager.
diff --git a/plugins/cache_promote/lru_policy.cc b/plugins/cache_promote/lru_policy.cc
index f5254093830..dfba26ed971 100644
--- a/plugins/cache_promote/lru_policy.cc
+++ b/plugins/cache_promote/lru_policy.cc
@@ -259,10 +259,14 @@ LRUPolicy::stats_add(const char *remap_id)
 {
   std::string_view remap_identifier                 = remap_id;
   const std::tuple<std::string_view, int *> stats[] = {
-    {"cache_hits", &_cache_hits_id}, {"freelist_size", &_freelist_size_id},
-    {"lru_size", &_lru_size_id},     {"lru_hit", &_lru_hit_id},
-    {"lru_miss", &_lru_miss_id},     {"lru_vacated", &_lru_vacated_id},
-    {"promoted", &_promoted_id},     {"total_requests", &_total_requests_id},
+    {"cache_hits",     &_cache_hits_id    },
+    {"freelist_size",  &_freelist_size_id },
+    {"lru_size",       &_lru_size_id      },
+    {"lru_hit",        &_lru_hit_id       },
+    {"lru_miss",       &_lru_miss_id      },
+    {"lru_vacated",    &_lru_vacated_id   },
+    {"promoted",       &_promoted_id      },
+    {"total_requests", &_total_requests_id},
   };
 
   if (nullptr == remap_id) {
diff --git a/plugins/cache_promote/policy_manager.h b/plugins/cache_promote/policy_manager.h
index bdf7bfba1f1..bd4d9574505 100644
--- a/plugins/cache_promote/policy_manager.h
+++ b/plugins/cache_promote/policy_manager.h
@@ -41,7 +41,7 @@ class PolicyManager
   void releasePolicy(PromotionPolicy *policy);
 
   // Don't allow copy-constructors.
-  PolicyManager(PolicyManager const &) = delete;
+  PolicyManager(PolicyManager const &)  = delete;
   void operator=(PolicyManager const &) = delete;
 
 private:
diff --git a/plugins/cache_range_requests/cache_range_requests.cc b/plugins/cache_range_requests/cache_range_requests.cc
index 46539f370ad..fc979c97693 100644
--- a/plugins/cache_range_requests/cache_range_requests.cc
+++ b/plugins/cache_range_requests/cache_range_requests.cc
@@ -36,7 +36,7 @@
 #include <string>
 #include <string_view>
 
-#define PLUGIN_NAME "cache_range_requests"
+#define PLUGIN_NAME         "cache_range_requests"
 #define DEBUG_LOG(fmt, ...) TSDebug(PLUGIN_NAME, "[%s:%d] %s(): " fmt, __FILE__, __LINE__, __func__, ##__VA_ARGS__)
 #define ERROR_LOG(fmt, ...) TSError("[%s:%d] %s(): " fmt, __FILE__, __LINE__, __func__, ##__VA_ARGS__)
 
@@ -105,13 +105,13 @@ create_pluginconfig(int argc, char *const argv[])
   }
 
   static const struct option longopts[] = {
-    {const_cast<char *>("consider-ims"), no_argument, nullptr, 'c'},
-    {const_cast<char *>("ims-header"), required_argument, nullptr, 'i'},
-    {const_cast<char *>("no-modify-cachekey"), no_argument, nullptr, 'n'},
-    {const_cast<char *>("ps-cachekey"), no_argument, nullptr, 'p'},
-    {const_cast<char *>("verify-cacheability"), no_argument, nullptr, 'v'},
-    {const_cast<char *>("cache-complete-responses"), no_argument, nullptr, 'r'},
-    {nullptr, 0, nullptr, 0},
+    {const_cast<char *>("consider-ims"),             no_argument,       nullptr, 'c'},
+    {const_cast<char *>("ims-header"),               required_argument, nullptr, 'i'},
+    {const_cast<char *>("no-modify-cachekey"),       no_argument,       nullptr, 'n'},
+    {const_cast<char *>("ps-cachekey"),              no_argument,       nullptr, 'p'},
+    {const_cast<char *>("verify-cacheability"),      no_argument,       nullptr, 'v'},
+    {const_cast<char *>("cache-complete-responses"), no_argument,       nullptr, 'r'},
+    {nullptr,                                        0,                 nullptr, 0  },
   };
 
   // getopt assumes args start at '1'
diff --git a/plugins/cachekey/cachekey.h b/plugins/cachekey/cachekey.h
index 0b47e85984d..5dea72fecf3 100644
--- a/plugins/cachekey/cachekey.h
+++ b/plugins/cachekey/cachekey.h
@@ -69,7 +69,7 @@ class CacheKey
   bool finalize() const;
 
   // noncopyable
-  CacheKey(const CacheKey &) = delete;            // disallow
+  CacheKey(const CacheKey &)            = delete; // disallow
   CacheKey &operator=(const CacheKey &) = delete; // disallow
 
 private:
diff --git a/plugins/cachekey/configs.cc b/plugins/cachekey/configs.cc
index b2bc42d5e70..01a81fcd5a6 100644
--- a/plugins/cachekey/configs.cc
+++ b/plugins/cachekey/configs.cc
@@ -376,31 +376,31 @@ bool
 Configs::init(int argc, const char *argv[], bool perRemapConfig)
 {
   static const struct option longopt[] = {
-    {const_cast<char *>("exclude-params"), optional_argument, nullptr, 'a'},
-    {const_cast<char *>("include-params"), optional_argument, nullptr, 'b'},
+    {const_cast<char *>("exclude-params"),       optional_argument, nullptr, 'a'},
+    {const_cast<char *>("include-params"),       optional_argument, nullptr, 'b'},
     {const_cast<char *>("include-match-params"), optional_argument, nullptr, 'c'},
     {const_cast<char *>("exclude-match-params"), optional_argument, nullptr, 'd'},
-    {const_cast<char *>("sort-params"), optional_argument, nullptr, 'e'},
-    {const_cast<char *>("remove-all-params"), optional_argument, nullptr, 'f'},
-    {const_cast<char *>("include-headers"), optional_argument, nullptr, 'g'},
-    {const_cast<char *>("include-cookies"), optional_argument, nullptr, 'h'},
-    {const_cast<char *>("ua-capture"), optional_argument, nullptr, 'i'},
-    {const_cast<char *>("ua-allowlist"), optional_argument, nullptr, 'j'},
-    {const_cast<char *>("ua-denylist"), optional_argument, nullptr, 'k'},
-    {const_cast<char *>("static-prefix"), optional_argument, nullptr, 'l'},
-    {const_cast<char *>("capture-prefix"), optional_argument, nullptr, 'm'},
-    {const_cast<char *>("capture-prefix-uri"), optional_argument, nullptr, 'n'},
-    {const_cast<char *>("capture-path"), optional_argument, nullptr, 'o'},
-    {const_cast<char *>("capture-path-uri"), optional_argument, nullptr, 'p'},
-    {const_cast<char *>("remove-prefix"), optional_argument, nullptr, 'q'},
-    {const_cast<char *>("remove-path"), optional_argument, nullptr, 'r'},
-    {const_cast<char *>("separator"), optional_argument, nullptr, 's'},
-    {const_cast<char *>("uri-type"), optional_argument, nullptr, 't'},
-    {const_cast<char *>("key-type"), optional_argument, nullptr, 'u'},
-    {const_cast<char *>("capture-header"), optional_argument, nullptr, 'v'},
-    {const_cast<char *>("canonical-prefix"), optional_argument, nullptr, 'w'},
-    /* reserve 'z' for 'config' files */
-    {nullptr, 0, nullptr, 0},
+    {const_cast<char *>("sort-params"),          optional_argument, nullptr, 'e'},
+    {const_cast<char *>("remove-all-params"),    optional_argument, nullptr, 'f'},
+    {const_cast<char *>("include-headers"),      optional_argument, nullptr, 'g'},
+    {const_cast<char *>("include-cookies"),      optional_argument, nullptr, 'h'},
+    {const_cast<char *>("ua-capture"),           optional_argument, nullptr, 'i'},
+    {const_cast<char *>("ua-allowlist"),         optional_argument, nullptr, 'j'},
+    {const_cast<char *>("ua-denylist"),          optional_argument, nullptr, 'k'},
+    {const_cast<char *>("static-prefix"),        optional_argument, nullptr, 'l'},
+    {const_cast<char *>("capture-prefix"),       optional_argument, nullptr, 'm'},
+    {const_cast<char *>("capture-prefix-uri"),   optional_argument, nullptr, 'n'},
+    {const_cast<char *>("capture-path"),         optional_argument, nullptr, 'o'},
+    {const_cast<char *>("capture-path-uri"),     optional_argument, nullptr, 'p'},
+    {const_cast<char *>("remove-prefix"),        optional_argument, nullptr, 'q'},
+    {const_cast<char *>("remove-path"),          optional_argument, nullptr, 'r'},
+    {const_cast<char *>("separator"),            optional_argument, nullptr, 's'},
+    {const_cast<char *>("uri-type"),             optional_argument, nullptr, 't'},
+    {const_cast<char *>("key-type"),             optional_argument, nullptr, 'u'},
+    {const_cast<char *>("capture-header"),       optional_argument, nullptr, 'v'},
+    {const_cast<char *>("canonical-prefix"),     optional_argument, nullptr, 'w'},
+ /* reserve 'z' for 'config' files */
+    {nullptr,                                    0,                 nullptr, 0  },
   };
 
   bool status = true;
diff --git a/plugins/cachekey/pattern.h b/plugins/cachekey/pattern.h
index 2b36fd70884..2415f47040f 100644
--- a/plugins/cachekey/pattern.h
+++ b/plugins/cachekey/pattern.h
@@ -92,7 +92,7 @@ class MultiPattern
   String _name;                 /**< @brief multi-pattern name */
 
   // noncopyable
-  MultiPattern(const MultiPattern &) = delete;            // disallow
+  MultiPattern(const MultiPattern &)            = delete; // disallow
   MultiPattern &operator=(const MultiPattern &) = delete; // disallow
 };
 
@@ -115,7 +115,7 @@ class NonMatchingMultiPattern : public MultiPattern
   }
 
   // noncopyable
-  NonMatchingMultiPattern(const NonMatchingMultiPattern &) = delete;            // disallow
+  NonMatchingMultiPattern(const NonMatchingMultiPattern &)            = delete; // disallow
   NonMatchingMultiPattern &operator=(const NonMatchingMultiPattern &) = delete; // disallow
 };
 
@@ -132,7 +132,7 @@ class Classifier
   void add(MultiPattern *pattern);
 
   // noncopyable
-  Classifier(const Classifier &) = delete;            // disallow
+  Classifier(const Classifier &)            = delete; // disallow
   Classifier &operator=(const Classifier &) = delete; // disallow
 
 private:
diff --git a/plugins/certifier/certifier.cc b/plugins/certifier/certifier.cc
index 49b6bea420f..4becb75dcbb 100644
--- a/plugins/certifier/certifier.cc
+++ b/plugins/certifier/certifier.cc
@@ -251,7 +251,7 @@ class SslLRUList
         }
         data->prev = nullptr;
         data->next = nullptr;
-        size -= 1;
+        size       -= 1;
       }
     }
     TSMutexUnlock(list_mutex);
@@ -569,9 +569,13 @@ TSPluginInit(int argc, const char *argv[])
 
   // Read options from plugin.config
   static const struct option longopts[] = {
-    {"sign-cert", required_argument, nullptr, 'c'},   {"sign-key", required_argument, nullptr, 'k'},
-    {"sign-serial", required_argument, nullptr, 'r'}, {"max", required_argument, nullptr, 'm'},
-    {"store", required_argument, nullptr, 's'},       {nullptr, no_argument, nullptr, 0}};
+    {"sign-cert",   required_argument, nullptr, 'c'},
+    {"sign-key",    required_argument, nullptr, 'k'},
+    {"sign-serial", required_argument, nullptr, 'r'},
+    {"max",         required_argument, nullptr, 'm'},
+    {"store",       required_argument, nullptr, 's'},
+    {nullptr,       no_argument,       nullptr, 0  }
+  };
 
   int opt = 0;
   while (opt >= 0) {
diff --git a/plugins/esi/combo_handler.cc b/plugins/esi/combo_handler.cc
index d8b9ec09900..9096bd2e77e 100644
--- a/plugins/esi/combo_handler.cc
+++ b/plugins/esi/combo_handler.cc
@@ -267,7 +267,7 @@ CacheControlHeader::update(TSMBuffer bufp, TSMLoc hdr_loc)
         if (strncasecmp(val, TS_HTTP_VALUE_MAX_AGE, TS_HTTP_LEN_MAX_AGE) == 0) {
           unsigned int max_age = 0;
           char *ptr            = const_cast<char *>(val);
-          ptr += TS_HTTP_LEN_MAX_AGE;
+          ptr                  += TS_HTTP_LEN_MAX_AGE;
           while ((*ptr == ' ') || (*ptr == '\t')) {
             ptr++;
           }
@@ -356,7 +356,7 @@ TSPluginInit(int argc, const char *argv[])
     int c;
     static const struct option longopts[] = {
       {"max-files", required_argument, nullptr, 'f'},
-      {nullptr, 0, nullptr, 0},
+      {nullptr,     0,                 nullptr, 0  },
     };
 
     int longindex = 0;
@@ -652,7 +652,7 @@ parseQueryParameters(const char *query, int query_len, ClientRequest &creq)
                 common_prefix_path      = common_prefix;
                 common_prefix_path_size = i;
                 ++i; // go beyond the ':'
-                common_prefix += i;
+                common_prefix      += i;
                 common_prefix_size -= i;
                 break;
               }
@@ -866,7 +866,7 @@ readInterceptRequest(InterceptData &int_data)
         int_data.read_complete = true;
       }
       consumed += data_len;
-      block = TSIOBufferBlockNext(block);
+      block    = TSIOBufferBlockNext(block);
     }
   }
   LOG_DEBUG("Consumed %d bytes from input vio", consumed);
diff --git a/plugins/esi/esi.cc b/plugins/esi/esi.cc
index e1ec1c4f1c5..8993a808876 100644
--- a/plugins/esi/esi.cc
+++ b/plugins/esi/esi.cc
@@ -61,21 +61,21 @@ struct OptionInfo {
 static HandlerManager *gHandlerManager = nullptr;
 static Utils::HeaderValueList gAllowlistCookies;
 
-#define DEBUG_TAG "plugin_esi"
-#define PROCESSOR_DEBUG_TAG "plugin_esi_processor"
-#define GZIP_DEBUG_TAG "plugin_esi_gzip"
-#define GUNZIP_DEBUG_TAG "plugin_esi_gunzip"
-#define PARSER_DEBUG_TAG "plugin_esi_parser"
-#define FETCHER_DEBUG_TAG "plugin_esi_fetcher"
-#define VARS_DEBUG_TAG "plugin_esi_vars"
+#define DEBUG_TAG             "plugin_esi"
+#define PROCESSOR_DEBUG_TAG   "plugin_esi_processor"
+#define GZIP_DEBUG_TAG        "plugin_esi_gzip"
+#define GUNZIP_DEBUG_TAG      "plugin_esi_gunzip"
+#define PARSER_DEBUG_TAG      "plugin_esi_parser"
+#define FETCHER_DEBUG_TAG     "plugin_esi_fetcher"
+#define VARS_DEBUG_TAG        "plugin_esi_vars"
 #define HANDLER_MGR_DEBUG_TAG "plugin_esi_handler_mgr"
-#define EXPR_DEBUG_TAG VARS_DEBUG_TAG
+#define EXPR_DEBUG_TAG        VARS_DEBUG_TAG
 
-#define MIME_FIELD_XESI "X-Esi"
+#define MIME_FIELD_XESI     "X-Esi"
 #define MIME_FIELD_XESI_LEN 5
 
 #define HTTP_VALUE_PRIVATE_EXPIRES "-1"
-#define HTTP_VALUE_PRIVATE_CC "max-age=0, private"
+#define HTTP_VALUE_PRIVATE_CC      "max-age=0, private"
 
 enum DataType {
   DATA_TYPE_RAW_ESI     = 0,
@@ -1595,12 +1595,12 @@ esiPluginInit(int argc, const char *argv[], struct OptionInfo *pOptionInfo)
   if (argc > 1) {
     int c;
     static const struct option longopts[] = {
-      {const_cast<char *>("packed-node-support"), no_argument, nullptr, 'n'},
-      {const_cast<char *>("private-response"), no_argument, nullptr, 'p'},
-      {const_cast<char *>("disable-gzip-output"), no_argument, nullptr, 'z'},
-      {const_cast<char *>("first-byte-flush"), no_argument, nullptr, 'b'},
-      {const_cast<char *>("handler-filename"), required_argument, nullptr, 'f'},
-      {nullptr, 0, nullptr, 0},
+      {const_cast<char *>("packed-node-support"), no_argument,       nullptr, 'n'},
+      {const_cast<char *>("private-response"),    no_argument,       nullptr, 'p'},
+      {const_cast<char *>("disable-gzip-output"), no_argument,       nullptr, 'z'},
+      {const_cast<char *>("first-byte-flush"),    no_argument,       nullptr, 'b'},
+      {const_cast<char *>("handler-filename"),    required_argument, nullptr, 'f'},
+      {nullptr,                                   0,                 nullptr, 0  },
     };
 
     int longindex = 0;
diff --git a/plugins/esi/fetcher/HttpDataFetcherImpl.cc b/plugins/esi/fetcher/HttpDataFetcherImpl.cc
index 70e4334c24d..9d467c4c42b 100644
--- a/plugins/esi/fetcher/HttpDataFetcherImpl.cc
+++ b/plugins/esi/fetcher/HttpDataFetcherImpl.cc
@@ -112,7 +112,7 @@ HttpDataFetcherImpl::addFetchRequest(const string &url, FetchedDataProcessor *ca
   event_ids.success_event_id = _curr_event_id_base;
   event_ids.failure_event_id = _curr_event_id_base + 1;
   event_ids.timeout_event_id = _curr_event_id_base + 2;
-  _curr_event_id_base += 3;
+  _curr_event_id_base        += 3;
 
   TSFetchUrl(http_req, length, reinterpret_cast<sockaddr *>(&_client_addr), _contp, AFTER_BODY, event_ids);
   if (http_req != buff) {
diff --git a/plugins/esi/lib/DocNode.cc b/plugins/esi/lib/DocNode.cc
index 030304a7822..7053fa0ce9c 100644
--- a/plugins/esi/lib/DocNode.cc
+++ b/plugins/esi/lib/DocNode.cc
@@ -44,9 +44,9 @@ packString(const char *str, int32_t str_len, string &buffer)
 inline void
 unpackString(const char *&packed_data, const char *&item, int32_t &item_len)
 {
-  item_len = *(reinterpret_cast<const int32_t *>(packed_data));
+  item_len    = *(reinterpret_cast<const int32_t *>(packed_data));
   packed_data += sizeof(int32_t);
-  item = item_len ? packed_data : nullptr;
+  item        = item_len ? packed_data : nullptr;
   packed_data += item_len;
 }
 
@@ -54,7 +54,7 @@ template <typename T>
 inline void
 unpackItem(const char *&packed_data, T &item)
 {
-  item = *(reinterpret_cast<const T *>(packed_data));
+  item        = *(reinterpret_cast<const T *>(packed_data));
   packed_data += sizeof(T);
 }
 
@@ -62,7 +62,7 @@ void
 DocNode::pack(string &buffer) const
 {
   int32_t orig_buf_size = buffer.size();
-  buffer += DOCNODE_VERSION;
+  buffer                += DOCNODE_VERSION;
   buffer.append(sizeof(int32_t), ' '); // reserve space for length
   buffer.append(reinterpret_cast<const char *>(&type), sizeof(type));
   packString(data, data_len, buffer);
diff --git a/plugins/esi/lib/EsiGzip.cc b/plugins/esi/lib/EsiGzip.cc
index 2687bd875bb..01f0a80c61c 100644
--- a/plugins/esi/lib/EsiGzip.cc
+++ b/plugins/esi/lib/EsiGzip.cc
@@ -42,7 +42,7 @@ inline void
 append(string &out, T data)
 {
   for (unsigned int i = 0; i < sizeof(data); ++i) {
-    out += static_cast<char>(data & 0xff);
+    out  += static_cast<char>(data & 0xff);
     data = data >> 8;
   }
 }
@@ -102,7 +102,7 @@ EsiGzip::stream_encode(const char *data, int data_len, std::string &cdata)
 
       return false;
     }
-    _crc = crc32(_crc, reinterpret_cast<const Bytef *>(data), data_len);
+    _crc               = crc32(_crc, reinterpret_cast<const Bytef *>(data), data_len);
     _total_data_length += data_len;
   }
   _downstream_length += cdata.size() - initial_cdata_size;
@@ -148,7 +148,7 @@ EsiGzip::stream_finish(std::string &cdata, int &downstream_length)
   append(cdata, static_cast<uint32_t>(_crc));
   append(cdata, static_cast<int32_t>(_total_data_length));
   _downstream_length += cdata.size() - initial_cdata_size;
-  downstream_length = _downstream_length;
+  downstream_length  = _downstream_length;
   return true;
 }
 
diff --git a/plugins/esi/lib/EsiParser.cc b/plugins/esi/lib/EsiParser.cc
index 95080aa413e..e995c27877f 100644
--- a/plugins/esi/lib/EsiParser.cc
+++ b/plugins/esi/lib/EsiParser.cc
@@ -138,7 +138,7 @@ EsiParser::_searchData(const string &data, size_t start_pos, const char *str, in
       }
     } else {
       i_data -= i_str;
-      i_str = 0;
+      i_str  = 0;
     }
     ++i_data;
   }
@@ -334,7 +334,7 @@ EsiParser::_parse(const string &data, int &parse_start_pos, DocNodeList &node_li
       }
     }
 
-    curr_pos += node_info->tag_suffix_len;
+    curr_pos      += node_info->tag_suffix_len;
     search_result = _searchData(data, curr_pos, node_info->closing_tag, node_info->closing_tag_len, end_pos);
 
     if ((search_result == NO_MATCH) || (search_result == PARTIAL_MATCH)) {
diff --git a/plugins/esi/lib/Expression.cc b/plugins/esi/lib/Expression.cc
index 0bb72702da5..e07feda1d67 100644
--- a/plugins/esi/lib/Expression.cc
+++ b/plugins/esi/lib/Expression.cc
@@ -90,7 +90,7 @@ Expression::expand(const char *expr, int expr_len /* = -1 */)
         _debugLog(_debug_tag, "[%s] Got value [%.*s] for variable [%.*s]", __FUNCTION__, var_value.size(), var_value.data(),
                   var_size, expr + var_start_index);
         last_variable_expanded = (var_value.size() > 0);
-        _value += var_value;
+        _value                 += var_value;
       } else {
         _debugLog(_debug_tag, "[%s] Parsing out empty variable", __FUNCTION__);
       }
diff --git a/plugins/esi/lib/Utils.h b/plugins/esi/lib/Utils.h
index c093441f4e6..544a1923676 100644
--- a/plugins/esi/lib/Utils.h
+++ b/plugins/esi/lib/Utils.h
@@ -71,7 +71,7 @@ namespace Utils
         ;
       for (j = (data_len - 1); ((j > i) && isspace(data[j])); --j)
         ;
-      data += i;
+      data     += i;
       data_len = j - i + 1;
     }
   }
diff --git a/plugins/esi/lib/Variables.h b/plugins/esi/lib/Variables.h
index c747ba9d216..0764b131f8a 100644
--- a/plugins/esi/lib/Variables.h
+++ b/plugins/esi/lib/Variables.h
@@ -98,7 +98,7 @@ class Variables : private ComponentBase
   ~Variables() override { _releaseCookieJar(); };
 
   // noncopyable
-  Variables(const Variables &) = delete;            // non-copyable
+  Variables(const Variables &)            = delete; // non-copyable
   Variables &operator=(const Variables &) = delete; // non-copyable
 
 private:
diff --git a/plugins/esi/lib/gzip.cc b/plugins/esi/lib/gzip.cc
index d87cb77d631..d623f817e1c 100644
--- a/plugins/esi/lib/gzip.cc
+++ b/plugins/esi/lib/gzip.cc
@@ -36,7 +36,7 @@ inline void
 append(string &out, T data)
 {
   for (unsigned int i = 0; i < sizeof(data); ++i) {
-    out += static_cast<char>(data & 0xff);
+    out  += static_cast<char>(data & 0xff);
     data = data >> 8;
   }
 }
@@ -94,12 +94,12 @@ EsiLib::gzip(const ByteBlockList &blocks, std::string &cdata)
     if (block.data && (block.data_len > 0)) {
       zstrm.next_in  = reinterpret_cast<Bytef *>(const_cast<char *>(block.data));
       zstrm.avail_in = block.data_len;
-      in_data_size += block.data_len;
+      in_data_size   += block.data_len;
       deflate_result = runDeflateLoop(zstrm, 0, cdata);
       if (deflate_result != Z_OK) {
         break; // break out of the blocks iteration
       }
-      crc = crc32(crc, reinterpret_cast<const Bytef *>(block.data), block.data_len);
+      crc            = crc32(crc, reinterpret_cast<const Bytef *>(block.data), block.data_len);
       total_data_len += block.data_len;
     }
   }
@@ -134,7 +134,7 @@ EsiLib::gunzip(const char *data, int data_len, BufferList &buf_list)
     Utils::ERROR_LOG("[%s] Header check failed!", __FUNCTION__);
     return false;
   }
-  data += GZIP_HEADER_SIZE;
+  data     += GZIP_HEADER_SIZE;
   data_len -= (GZIP_HEADER_SIZE + GZIP_TRAILER_SIZE);
   buf_list.clear();
   z_stream zstrm;
@@ -173,7 +173,7 @@ EsiLib::gunzip(const char *data, int data_len, BufferList &buf_list)
       break;
     }
     unzipped_data_size += curr_buf_size;
-    crc = crc32(crc, reinterpret_cast<const Bytef *>(raw_buf), curr_buf_size);
+    crc                = crc32(crc, reinterpret_cast<const Bytef *>(raw_buf), curr_buf_size);
 
     // push empty object onto list and add data to in-list object to
     // avoid data copy for temporary
diff --git a/plugins/esi/serverIntercept.cc b/plugins/esi/serverIntercept.cc
index 8c4db893a4d..b6ac7863554 100644
--- a/plugins/esi/serverIntercept.cc
+++ b/plugins/esi/serverIntercept.cc
@@ -183,7 +183,7 @@ handleRead(SContData *cont_data, bool &read_complete)
         cont_data->body.append(data, data_len);
       }
       consumed += data_len;
-      block = TSIOBufferBlockNext(block);
+      block    = TSIOBufferBlockNext(block);
     }
   }
 
diff --git a/plugins/esi/test/gzip_test.cc b/plugins/esi/test/gzip_test.cc
index 2d8ea6ec2e1..cbfe7b6b989 100644
--- a/plugins/esi/test/gzip_test.cc
+++ b/plugins/esi/test/gzip_test.cc
@@ -45,7 +45,7 @@ main()
     cout << endl << "===================== Test 1" << endl;
     const char expected_cdata[] = "\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\x03\xf3\x48\xcd\xc9\xc9\x57\x08\xcf\x2f\xca\x49\x51\x04\x00"
                                   "\xa3\x1c\x29\x1c\x0c\x00\x00\x00";
-    const char expected_data[] = "Hello World!";
+    const char expected_data[]  = "Hello World!";
 
     string cdata;
     // check output of gzip
@@ -75,7 +75,7 @@ main()
     // OS_TYPE (byte[9]) is 0
     const char expected_cdata[] = "\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\x00\xf3\x48\xcd\xc9\xc9\x57\x08\xcf\x2f\xca\x49\x51\x04\x00"
                                   "\xa3\x1c\x29\x1c\x0c\x00\x00\x00";
-    const char expected_data[] = "Hello World!";
+    const char expected_data[]  = "Hello World!";
 
     BufferList buf_list;
     string data;
diff --git a/plugins/experimental/access_control/access_control.cc b/plugins/experimental/access_control/access_control.cc
index 9cb949579bc..18cbdb2a821 100644
--- a/plugins/experimental/access_control/access_control.cc
+++ b/plugins/experimental/access_control/access_control.cc
@@ -236,7 +236,7 @@ KvpAccessToken::parse(const StringView token)
 
   /* Now identify the pay-load which was signed */
   payloadSize += _tokenConfig.messageDigestName.size() + _tokenConfig.kvDelimiter.size();
-  _payload = _token.substr(0, payloadSize);
+  _payload    = _token.substr(0, payloadSize);
 
   DEBUG_OUT("payload:'" << _payload << "'");
 
diff --git a/plugins/experimental/access_control/access_control.h b/plugins/experimental/access_control/access_control.h
index 7d860083507..7aefefc5bd2 100644
--- a/plugins/experimental/access_control/access_control.h
+++ b/plugins/experimental/access_control/access_control.h
@@ -291,4 +291,4 @@ class AccessTokenFactory
 /* Define user friendly names for supported hash functions and cryptographic signature schemes */
 #define WDN_HASH_SHA256 "HMAC-SHA-256"
 #define WDN_HASH_SHA512 "HMAC-SHA-512"
-#define WDN_RSA_PSS "RSA_PSS"
+#define WDN_RSA_PSS     "RSA_PSS"
diff --git a/plugins/experimental/access_control/config.cc b/plugins/experimental/access_control/config.cc
index b401e6fc838..a3cff02b226 100644
--- a/plugins/experimental/access_control/config.cc
+++ b/plugins/experimental/access_control/config.cc
@@ -169,23 +169,25 @@ load(T &container, const String &filename)
 bool
 AccessControlConfig::init(int argc, char *argv[])
 {
-  static const struct option longopt[] = {{const_cast<char *>("invalid-syntax-status-code"), optional_argument, nullptr, 'a'},
-                                          {const_cast<char *>("invalid-signature-status-code"), optional_argument, nullptr, 'b'},
-                                          {const_cast<char *>("invalid-timing-status-code"), optional_argument, nullptr, 'c'},
-                                          {const_cast<char *>("invalid-scope-status-code"), optional_argument, nullptr, 'd'},
-                                          {const_cast<char *>("invalid-origin-response"), optional_argument, nullptr, 'e'},
-                                          {const_cast<char *>("internal-error-status-code"), optional_argument, nullptr, 'f'},
-                                          {const_cast<char *>("check-cookie"), optional_argument, nullptr, 'g'},
-                                          {const_cast<char *>("symmetric-keys-map"), optional_argument, nullptr, 'h'},
-                                          {const_cast<char *>("reject-invalid-token-requests"), optional_argument, nullptr, 'i'},
-                                          {const_cast<char *>("extract-subject-to-header"), optional_argument, nullptr, 'j'},
-                                          {const_cast<char *>("extract-tokenid-to-header"), optional_argument, nullptr, 'k'},
-                                          {const_cast<char *>("extract-status-to-header"), optional_argument, nullptr, 'l'},
-                                          {const_cast<char *>("token-response-header"), optional_argument, nullptr, 'm'},
-                                          {const_cast<char *>("use-redirects"), optional_argument, nullptr, 'n'},
-                                          {const_cast<char *>("include-uri-paths-file"), optional_argument, nullptr, 'o'},
-                                          {const_cast<char *>("exclude-uri-paths-file"), optional_argument, nullptr, 'p'},
-                                          {nullptr, 0, nullptr, 0}};
+  static const struct option longopt[] = {
+    {const_cast<char *>("invalid-syntax-status-code"),    optional_argument, nullptr, 'a'},
+    {const_cast<char *>("invalid-signature-status-code"), optional_argument, nullptr, 'b'},
+    {const_cast<char *>("invalid-timing-status-code"),    optional_argument, nullptr, 'c'},
+    {const_cast<char *>("invalid-scope-status-code"),     optional_argument, nullptr, 'd'},
+    {const_cast<char *>("invalid-origin-response"),       optional_argument, nullptr, 'e'},
+    {const_cast<char *>("internal-error-status-code"),    optional_argument, nullptr, 'f'},
+    {const_cast<char *>("check-cookie"),                  optional_argument, nullptr, 'g'},
+    {const_cast<char *>("symmetric-keys-map"),            optional_argument, nullptr, 'h'},
+    {const_cast<char *>("reject-invalid-token-requests"), optional_argument, nullptr, 'i'},
+    {const_cast<char *>("extract-subject-to-header"),     optional_argument, nullptr, 'j'},
+    {const_cast<char *>("extract-tokenid-to-header"),     optional_argument, nullptr, 'k'},
+    {const_cast<char *>("extract-status-to-header"),      optional_argument, nullptr, 'l'},
+    {const_cast<char *>("token-response-header"),         optional_argument, nullptr, 'm'},
+    {const_cast<char *>("use-redirects"),                 optional_argument, nullptr, 'n'},
+    {const_cast<char *>("include-uri-paths-file"),        optional_argument, nullptr, 'o'},
+    {const_cast<char *>("exclude-uri-paths-file"),        optional_argument, nullptr, 'p'},
+    {nullptr,                                             0,                 nullptr, 0  }
+  };
 
   bool status = true;
   optind      = 0;
diff --git a/plugins/experimental/access_control/pattern.h b/plugins/experimental/access_control/pattern.h
index f4f37a7a600..e002d409086 100644
--- a/plugins/experimental/access_control/pattern.h
+++ b/plugins/experimental/access_control/pattern.h
@@ -90,7 +90,7 @@ class MultiPattern
   String _name;                 /**< @brief multi-pattern name */
 
   // noncopyable
-  MultiPattern(const MultiPattern &) = delete;            // disallow
+  MultiPattern(const MultiPattern &)            = delete; // disallow
   MultiPattern &operator=(const MultiPattern &) = delete; // disallow
 };
 
@@ -119,7 +119,7 @@ class NonMatchingMultiPattern : public MultiPattern
   }
 
   // noncopyable
-  NonMatchingMultiPattern(const NonMatchingMultiPattern &) = delete;            // disallow
+  NonMatchingMultiPattern(const NonMatchingMultiPattern &)            = delete; // disallow
   NonMatchingMultiPattern &operator=(const NonMatchingMultiPattern &) = delete; // disallow
 };
 
@@ -140,7 +140,7 @@ class Classifier
   bool empty();
 
   // noncopyable
-  Classifier(const Classifier &) = delete;            // disallow
+  Classifier(const Classifier &)            = delete; // disallow
   Classifier &operator=(const Classifier &) = delete; // disallow
 
 private:
diff --git a/plugins/experimental/access_control/unit_tests/test_access_control.cc b/plugins/experimental/access_control/unit_tests/test_access_control.cc
index 5bbd6c58919..6b5f1e21845 100644
--- a/plugins/experimental/access_control/unit_tests/test_access_control.cc
+++ b/plugins/experimental/access_control/unit_tests/test_access_control.cc
@@ -27,7 +27,9 @@
 
 /* AccessToken ***************************************************************************************************************** */
 
-StringMap secrets = {{"1", "1234567890"}};
+StringMap secrets = {
+  {"1", "1234567890"}
+};
 
 bool enableDebug = true;
 
diff --git a/plugins/experimental/access_control/utils.cc b/plugins/experimental/access_control/utils.cc
index 5c7af1e2662..775c15b3590 100644
--- a/plugins/experimental/access_control/utils.cc
+++ b/plugins/experimental/access_control/utils.cc
@@ -98,7 +98,7 @@ hexDecode(const char *in, size_t inLen, char *out, size_t outLen)
 
   while (src < (srcEnd - 1) && dst < dstEnd) {
     *dst++ = hex2uchar(*src) << 4 | hex2uchar(*(src + 1));
-    src += 2;
+    src    += 2;
   }
   return dst - out;
 }
@@ -151,7 +151,7 @@ urlDecode(const char *in, size_t inLen, char *out, size_t outLen)
       if (src[1] && src[2]) {
         int u  = hex2uchar(*(src + 1)) << 4 | hex2uchar(*(src + 2));
         *dst++ = static_cast<char>(u);
-        src += 2;
+        src    += 2;
       }
     } else if (*src == '+') {
       *dst++ = ' ';
diff --git a/plugins/experimental/acme/acme.c b/plugins/experimental/acme/acme.c
index 2a01c4f87a7..b1d1dc2df36 100644
--- a/plugins/experimental/acme/acme.c
+++ b/plugins/experimental/acme/acme.c
@@ -202,7 +202,7 @@ acme_process_write(TSCont contp, TSEvent event, AcmeState *my_state)
     char buf[64]; /* Plenty of space for CL: header */
     int len;
 
-    len = snprintf(buf, sizeof(buf), "Content-Length: %zd\r\n\r\n", (size_t)my_state->stat_buf.st_size);
+    len                    = snprintf(buf, sizeof(buf), "Content-Length: %zd\r\n\r\n", (size_t)my_state->stat_buf.st_size);
     my_state->output_bytes += add_data_to_resp(buf, len, my_state);
     my_state->output_bytes += add_file_to_resp(my_state);
 
@@ -303,8 +303,8 @@ TSPluginInit(int argc, const char *argv[])
   const char *proof = "acme";
 
   static const struct option longopt[] = {
-    {(char *)"proof-directory", optional_argument, NULL, 'p'},
-    {NULL, no_argument, NULL, '\0'},
+    {(char *)"proof-directory", optional_argument, NULL, 'p' },
+    {NULL,                      no_argument,       NULL, '\0'},
   };
 
   memset(&gConfig, 0, sizeof(gConfig));
diff --git a/plugins/experimental/cache_fill/background_fetch.h b/plugins/experimental/cache_fill/background_fetch.h
index 1a70ec95e9b..64b7e72234d 100644
--- a/plugins/experimental/cache_fill/background_fetch.h
+++ b/plugins/experimental/cache_fill/background_fetch.h
@@ -46,8 +46,8 @@ const char PLUGIN_NAME[] = "cache_fill";
 class BgFetchState
 {
 public:
-  BgFetchState()                     = default;
-  BgFetchState(BgFetchState const &) = delete;
+  BgFetchState()                       = default;
+  BgFetchState(BgFetchState const &)   = delete;
   void operator=(BgFetchState const &) = delete;
 
   static BgFetchState &
diff --git a/plugins/experimental/cookie_remap/cookie_remap.cc b/plugins/experimental/cookie_remap/cookie_remap.cc
index b87258732d4..3ac75d0be19 100644
--- a/plugins/experimental/cookie_remap/cookie_remap.cc
+++ b/plugins/experimental/cookie_remap/cookie_remap.cc
@@ -98,7 +98,7 @@ class UrlComponents
 
   // No copying/moving.
   //
-  UrlComponents(UrlComponents const &) = delete;
+  UrlComponents(UrlComponents const &)            = delete;
   UrlComponents &operator=(UrlComponents const &) = delete;
 
   ~UrlComponents()
@@ -1053,9 +1053,9 @@ sub_lookup(char const *targ, int targ_len)
     if (count <= 0) {
       break;
     }
-    targ += opt->comp.size();
+    targ     += opt->comp.size();
     targ_len -= opt->comp.size();
-    opt = reinterpret_cast<CompNext const *>(reinterpret_cast<char const *>(opt->next) + offsetof(decltype(sub), o1));
+    opt      = reinterpret_cast<CompNext const *>(reinterpret_cast<char const *>(opt->next) + offsetof(decltype(sub), o1));
   }
   return count;
 }
diff --git a/plugins/experimental/cookie_remap/cookiejar.h b/plugins/experimental/cookie_remap/cookiejar.h
index 25475817f2e..0eff29146cf 100644
--- a/plugins/experimental/cookie_remap/cookiejar.h
+++ b/plugins/experimental/cookie_remap/cookiejar.h
@@ -32,7 +32,7 @@ class CookieJar
 
   bool create(const string &strCookie);
 
-  CookieJar(const CookieJar &) = delete;
+  CookieJar(const CookieJar &)            = delete;
   CookieJar &operator=(const CookieJar &) = delete;
 
   bool get_full(const string &cookie_name, string &val);
diff --git a/plugins/experimental/cookie_remap/strip.cc b/plugins/experimental/cookie_remap/strip.cc
index 0b0b9ad1a94..68fc64225ab 100644
--- a/plugins/experimental/cookie_remap/strip.cc
+++ b/plugins/experimental/cookie_remap/strip.cc
@@ -72,7 +72,7 @@ write_spaces_if_room(char **p, const char *maxp, int &slen)
     memset(*p, ' ', slen);
   }
 
-  *p += slen;
+  *p   += slen;
   slen = 0;
 }
 
diff --git a/plugins/experimental/cookie_remap/strip.h b/plugins/experimental/cookie_remap/strip.h
index 4c3ba3a77fb..9a0a739ed61 100644
--- a/plugins/experimental/cookie_remap/strip.h
+++ b/plugins/experimental/cookie_remap/strip.h
@@ -25,19 +25,19 @@ extern "C" {
 #endif
 
 /* return codes */
-#define STRIP_RESULT_OK 0            /**< success */
-#define STRIP_RESULT_BAD_PARAM -1    /**< one or more invalid arguments */
+#define STRIP_RESULT_OK           0  /**< success */
+#define STRIP_RESULT_BAD_PARAM    -1 /**< one or more invalid arguments */
 #define STRIP_RESULT_OUTLEN_SMALL -2 /**< output buffer not large enough */
-#define STRIP_RESULT_EMPTY_IN -3     /**< in consists solely of whitespace */
+#define STRIP_RESULT_EMPTY_IN     -3 /**< in consists solely of whitespace */
 
 /* defined flags */
-#define STRIP_FLAG_NONE 0x0            /**< no flags */
-#define STRIP_FLAG_STRIP_LOW 0x1       /**< stripped, html: strip low */
-#define STRIP_FLAG_STRIP_HIGH 0x2      /**< stripped, html: strip high */
-#define STRIP_FLAG_LEAVE_WHITESP 0x4   /**< all: avoid trimming spaces */
-#define STRIP_FLAG_UNSAFE_QUOTES 0x8   /**< html: dont encode quotes */
+#define STRIP_FLAG_NONE           0x0  /**< no flags */
+#define STRIP_FLAG_STRIP_LOW      0x1  /**< stripped, html: strip low */
+#define STRIP_FLAG_STRIP_HIGH     0x2  /**< stripped, html: strip high */
+#define STRIP_FLAG_LEAVE_WHITESP  0x4  /**< all: avoid trimming spaces */
+#define STRIP_FLAG_UNSAFE_QUOTES  0x8  /**< html: dont encode quotes */
 #define STRIP_FLAG_UNSAFE_SLASHES 0x10 /**< all: dont encode backslashes */
-#define STRIP_FLAG_UNSAFE_SPACES 0x20  /**< html: stripped tag isn't space */
+#define STRIP_FLAG_UNSAFE_SPACES  0x20 /**< html: stripped tag isn't space */
 
 /** Output the input after stripping all characters that are
  *  unsafe in an HTML context.
diff --git a/plugins/experimental/fastcgi/src/ats_fastcgi.h b/plugins/experimental/fastcgi/src/ats_fastcgi.h
index 708b982b7de..67163193277 100644
--- a/plugins/experimental/fastcgi/src/ats_fastcgi.h
+++ b/plugins/experimental/fastcgi/src/ats_fastcgi.h
@@ -18,12 +18,12 @@
 
 #pragma once
 
-#define PLUGIN_VENDOR "Apache Software Foundation"
+#define PLUGIN_VENDOR  "Apache Software Foundation"
 #define PLUGIN_SUPPORT "dev@trafficserver.apache.org"
 
 #define ATS_MODULE_FCGI_NAME "ats_fastcgi"
 #define ATS_MOD_FCGI_VERSION "ats_fastcgi"
-#define ATS_FCGI_PROFILER true
+#define ATS_FCGI_PROFILER    true
 
 #include "fcgi_config.h"
 #include <atscppapi/GlobalPlugin.h>
diff --git a/plugins/experimental/fastcgi/src/ats_fcgi_client.cc b/plugins/experimental/fastcgi/src/ats_fcgi_client.cc
index 0ac436e6553..d6d39e1e5ca 100644
--- a/plugins/experimental/fastcgi/src/ats_fcgi_client.cc
+++ b/plugins/experimental/fastcgi/src/ats_fcgi_client.cc
@@ -149,7 +149,7 @@ FCGIClientRequest::GenerateFcgiRequestHeaders()
   if (endsWith(requestScript, "/")) {
     ats_plugin::FcgiPluginConfig *gConfig = InterceptGlobal::plugin_data->getGlobalConfigObj();
     index                                 = gConfig->getHtml();
-    requestScript += index;
+    requestScript                         += index;
   }
 
   fcgiReqHeader["DOCUMENT_ROOT"]     = InterceptGlobal::plugin_data->getGlobalConfigObj()->getDocumentRootDir();
@@ -233,7 +233,7 @@ FCGIClientRequest::createBeginRequest()
   int len = 0, nb = 0;
 
   for (const auto &it : state_->requestHeaders) {
-    nb = serializeNameValue(state_->pBuffInc, it);
+    nb  = serializeNameValue(state_->pBuffInc, it);
     len += nb;
   }
 
@@ -245,7 +245,7 @@ FCGIClientRequest::createBeginRequest()
   state_->pBuffInc += sizeof(FCGI_Header);
 
   for (const auto &it : state_->requestHeaders) {
-    nb = serializeNameValue(state_->pBuffInc, it);
+    nb               = serializeNameValue(state_->pBuffInc, it);
     state_->pBuffInc += nb;
   }
 
@@ -402,7 +402,7 @@ FCGIClientRequest::fcgiProcessContent(uchar **beg_buf, uchar *end_buf, FCGIRecor
   offset            = rec->offset;
 
   if (*state == fcgi_state_padding) {
-    *state = fcgi_state_done;
+    *state   = fcgi_state_done;
     *beg_buf += (size_t)((int)rec->length - (int)offset + (int)h->paddingLength);
     return FCGI_PROCESS_DONE;
   }
@@ -420,18 +420,18 @@ FCGIClientRequest::fcgiProcessContent(uchar **beg_buf, uchar *end_buf, FCGIRecor
 
   if (tot_len <= nb) {
     rec->offset += tot_len;
-    *state = fcgi_state_done;
-    *beg_buf += tot_len;
+    *state      = fcgi_state_done;
+    *beg_buf    += tot_len;
     return FCGI_PROCESS_DONE;
   } else if (con_len <= nb) {
     /* Have to still skip all or some of padding */
-    *state = fcgi_state_padding;
+    *state      = fcgi_state_padding;
     rec->offset += nb;
-    *beg_buf += nb;
+    *beg_buf    += nb;
     return FCGI_PROCESS_AGAIN;
   } else {
     rec->offset += nb;
-    *beg_buf += nb;
+    *beg_buf    += nb;
     return FCGI_PROCESS_AGAIN;
   }
 
diff --git a/plugins/experimental/fastcgi/src/ats_fcgi_client.h b/plugins/experimental/fastcgi/src/ats_fcgi_client.h
index 9da6aa209b6..cd99e83ab99 100644
--- a/plugins/experimental/fastcgi/src/ats_fcgi_client.h
+++ b/plugins/experimental/fastcgi/src/ats_fcgi_client.h
@@ -40,8 +40,8 @@ typedef unsigned char uchar;
 #define PRINT_OPAQUE_STRUCT(p) print_mem((p), sizeof(*(p)))
 
 #define FCGI_PROCESS_AGAIN 1
-#define FCGI_PROCESS_DONE 2
-#define FCGI_PROCESS_ERR 3
+#define FCGI_PROCESS_DONE  2
+#define FCGI_PROCESS_ERR   3
 
 namespace ats_plugin
 {
diff --git a/plugins/experimental/fastcgi/src/fcgi_config.h b/plugins/experimental/fastcgi/src/fcgi_config.h
index fbf0c63cd19..dff2bdb84aa 100644
--- a/plugins/experimental/fastcgi/src/fcgi_config.h
+++ b/plugins/experimental/fastcgi/src/fcgi_config.h
@@ -25,8 +25,8 @@
 #include <ts/ts.h>
 #include <utility>
 
-#define PLUGIN_NAME "ats_fastcgi"
-#define PLUGIN_VENDOR "Apache Software Foundation"
+#define PLUGIN_NAME    "ats_fastcgi"
+#define PLUGIN_VENDOR  "Apache Software Foundation"
 #define PLUGIN_SUPPORT "dev@trafficserver.apache.org"
 #pragma once
 namespace ats_plugin
diff --git a/plugins/experimental/fastcgi/src/fcgi_protocol.h b/plugins/experimental/fastcgi/src/fcgi_protocol.h
index 96a1158349b..9de04e36587 100644
--- a/plugins/experimental/fastcgi/src/fcgi_protocol.h
+++ b/plugins/experimental/fastcgi/src/fcgi_protocol.h
@@ -52,18 +52,18 @@ typedef struct {
 /*
  * Values for type component of FCGI_Header
  */
-#define FCGI_BEGIN_REQUEST 1
-#define FCGI_ABORT_REQUEST 2
-#define FCGI_END_REQUEST 3
-#define FCGI_PARAMS 4
-#define FCGI_STDIN 5
-#define FCGI_STDOUT 6
-#define FCGI_STDERR 7
-#define FCGI_DATA 8
-#define FCGI_GET_VALUES 9
+#define FCGI_BEGIN_REQUEST     1
+#define FCGI_ABORT_REQUEST     2
+#define FCGI_END_REQUEST       3
+#define FCGI_PARAMS            4
+#define FCGI_STDIN             5
+#define FCGI_STDOUT            6
+#define FCGI_STDERR            7
+#define FCGI_DATA              8
+#define FCGI_GET_VALUES        9
 #define FCGI_GET_VALUES_RESULT 10
-#define FCGI_UNKNOWN_TYPE 11
-#define FCGI_MAXTYPE (FCGI_UNKNOWN_TYPE)
+#define FCGI_UNKNOWN_TYPE      11
+#define FCGI_MAXTYPE           (FCGI_UNKNOWN_TYPE)
 
 /*
  * Value for requestId component of FCGI_Header
@@ -90,9 +90,9 @@ typedef struct {
 /*
  * Values for role component of FCGI_BeginRequestBody
  */
-#define FCGI_RESPONDER 1
+#define FCGI_RESPONDER  1
 #define FCGI_AUTHORIZER 2
-#define FCGI_FILTER 3
+#define FCGI_FILTER     3
 
 typedef struct {
   unsigned char appStatusB3;
@@ -112,15 +112,15 @@ typedef struct {
  * Values for protocolStatus component of FCGI_EndRequestBody
  */
 #define FCGI_REQUEST_COMPLETE 0
-#define FCGI_CANT_MPX_CONN 1
-#define FCGI_OVERLOADED 2
-#define FCGI_UNKNOWN_ROLE 3
+#define FCGI_CANT_MPX_CONN    1
+#define FCGI_OVERLOADED       2
+#define FCGI_UNKNOWN_ROLE     3
 
 /*
  * Variable names for FCGI_GET_VALUES / FCGI_GET_VALUES_RESULT records
  */
-#define FCGI_MAX_CONNS "FCGI_MAX_CONNS"
-#define FCGI_MAX_REQS "FCGI_MAX_REQS"
+#define FCGI_MAX_CONNS  "FCGI_MAX_CONNS"
+#define FCGI_MAX_REQS   "FCGI_MAX_REQS"
 #define FCGI_MPXS_CONNS "FCGI_MPXS_CONNS"
 
 typedef struct {
diff --git a/plugins/experimental/fastcgi/src/server.h b/plugins/experimental/fastcgi/src/server.h
index b7b54de8b90..184cf58388d 100644
--- a/plugins/experimental/fastcgi/src/server.h
+++ b/plugins/experimental/fastcgi/src/server.h
@@ -54,7 +54,7 @@ struct ServerConnectionInfo {
 class ThreadData
 {
 public:
-  ThreadData(ThreadData const &) = delete;
+  ThreadData(ThreadData const &)     = delete;
   void operator=(ThreadData const &) = delete;
 
   ThreadData(Server *server) : _server(server)
@@ -93,7 +93,7 @@ class Server
 {
 public:
   static Server *server();
-  Server(Server const &) = delete;
+  Server(Server const &)         = delete;
   void operator=(Server const &) = delete;
 
   Server();
diff --git a/plugins/experimental/fastcgi/src/server_intercept.cc b/plugins/experimental/fastcgi/src/server_intercept.cc
index 9a6587bcef5..c9e73bc1e98 100644
--- a/plugins/experimental/fastcgi/src/server_intercept.cc
+++ b/plugins/experimental/fastcgi/src/server_intercept.cc
@@ -76,7 +76,7 @@ ServerIntercept::streamReqBody(const string &data)
   TSDebug(PLUGIN_NAME, "[ServerIntercept:%s] bodyCount: %d", __FUNCTION__, bodyCount++);
   if (!Server::server()->writeRequestBody(_request_id, data)) {
     dataBuffered = true;
-    clientBody += data;
+    clientBody   += data;
   }
 }
 
diff --git a/plugins/experimental/fq_pacing/fq_pacing.c b/plugins/experimental/fq_pacing/fq_pacing.c
index ecbe8c7901e..c86ee858379 100644
--- a/plugins/experimental/fq_pacing/fq_pacing.c
+++ b/plugins/experimental/fq_pacing/fq_pacing.c
@@ -132,7 +132,10 @@ TSRemapNewInstance(int argc, char *argv[], void **ih, char *errbuf, int errbuf_s
 
   if (argc > 1) {
     int c;
-    static const struct option longopts[] = {{"rate", required_argument, NULL, 'r'}, {NULL, 0, NULL, 0}};
+    static const struct option longopts[] = {
+      {"rate", required_argument, NULL, 'r'},
+      {NULL,   0,                 NULL, 0  }
+    };
 
     // The "-" in optstring is required to prevent permutation of argv, which
     // makes the plugin loader crashy
diff --git a/plugins/experimental/http_stats/http_stats.cc b/plugins/experimental/http_stats/http_stats.cc
index d4b4ea0f2a4..c453ea8320f 100644
--- a/plugins/experimental/http_stats/http_stats.cc
+++ b/plugins/experimental/http_stats/http_stats.cc
@@ -595,11 +595,13 @@ TSRemapDoRemap(void *ih, TSHttpTxn rh, TSRemapRequestInfo *rri)
 TSReturnCode
 TSRemapNewInstance(int argc, char *argv[], void **ih, char * /* errbuf ATS_UNUSED */, int /* errbuf_size ATS_UNUSED */)
 {
-  static const struct option longopt[] = {{"csv", no_argument, nullptr, 'c'},
-                                          {"integer-counters", no_argument, NULL, 'i'},
-                                          {"wrap-counters", no_argument, NULL, 'w'},
-                                          {"max-age", required_argument, nullptr, 'a'},
-                                          {nullptr, no_argument, nullptr, '\0'}};
+  static const struct option longopt[] = {
+    {"csv",              no_argument,       nullptr, 'c' },
+    {"integer-counters", no_argument,       NULL,    'i' },
+    {"wrap-counters",    no_argument,       NULL,    'w' },
+    {"max-age",          required_argument, nullptr, 'a' },
+    {nullptr,            no_argument,       nullptr, '\0'}
+  };
 
   HTTPStatsConfig *cfg = new HTTPStatsConfig;
 
diff --git a/plugins/experimental/icap/icap_plugin.cc b/plugins/experimental/icap/icap_plugin.cc
index 092f257ab8b..b5da5633078 100644
--- a/plugins/experimental/icap/icap_plugin.cc
+++ b/plugins/experimental/icap/icap_plugin.cc
@@ -54,7 +54,7 @@ enum class State {
 };
 
 #define ICAP_SERVICE_URL "icap://127.0.0.1/avscan"
-#define ICAP_VERSION "1.0"
+#define ICAP_VERSION     "1.0"
 
 struct TransformData {
   State state = State::BEGIN;
@@ -360,7 +360,7 @@ handle_read_http_body(TSCont contp, TransformData *data)
           int64_t pos          = sm.position(0);
           int64_t token_length = sm[0].length();
 
-          data->http_body_chunk_length = std::stoi(sm[2].str().c_str(), nullptr, 16);
+          data->http_body_chunk_length         = std::stoi(sm[2].str().c_str(), nullptr, 16);
           data->http_body_total_length_written += data->http_body_chunk_length;
           TSIOBufferReaderConsume(data->icap_resp_reader, pos + token_length - consumed);
           break;
@@ -368,7 +368,7 @@ handle_read_http_body(TSCont contp, TransformData *data)
 
         TSIOBufferReaderConsume(data->icap_resp_reader, data_len);
         consumed += data_len;
-        blk = TSIOBufferBlockNext(blk);
+        blk      = TSIOBufferBlockNext(blk);
       }
       if (blk == nullptr) {
         return 0;
@@ -378,8 +378,8 @@ handle_read_http_body(TSCont contp, TransformData *data)
     /* Write the chunk to downstream */
     int64_t towrite;
 
-    avail   = TSIOBufferReaderAvail(data->icap_resp_reader);
-    towrite = data->http_body_chunk_length < avail ? data->http_body_chunk_length : avail;
+    avail                        = TSIOBufferReaderAvail(data->icap_resp_reader);
+    towrite                      = data->http_body_chunk_length < avail ? data->http_body_chunk_length : avail;
     data->http_body_chunk_length -= towrite;
     TSIOBufferCopy(TSVIOBufferGet(data->output_vio), data->icap_resp_reader, towrite, 0);
     TSIOBufferReaderConsume(data->icap_resp_reader, towrite);
diff --git a/plugins/experimental/inliner/cache-handler.h b/plugins/experimental/inliner/cache-handler.h
index 88544639609..c6e01fefaad 100644
--- a/plugins/experimental/inliner/cache-handler.h
+++ b/plugins/experimental/inliner/cache-handler.h
@@ -93,7 +93,7 @@ namespace inliner
           size = std::min(size, l);
           std::copy(pointer, pointer + size, std::back_inserter(content_));
           length += size;
-          l -= size;
+          l      -= size;
         }
       }
 
@@ -198,7 +198,7 @@ namespace inliner
         size = std::min(size, l);
         o.append(pointer, size);
         length += size;
-        l -= size;
+        l      -= size;
       }
     }
 
@@ -244,7 +244,7 @@ namespace inliner
       h.reader_ = nullptr;
     }
 
-    CacheHandler(const CacheHandler &) = delete;
+    CacheHandler(const CacheHandler &)            = delete;
     CacheHandler &operator=(const CacheHandler &) = delete;
 
     void
@@ -320,11 +320,11 @@ namespace inliner
       const std::string::const_iterator b1 = b.begin(), b2 = b.end(), i = std::find(b1, b2, '/');
 
       std::string request = "GET ";
-      request += std::string(i, b2);
-      request += " HTTP/1.1\r\n";
-      request += "Host: ";
-      request += std::string(b1, i);
-      request += "\r\n\r\n";
+      request             += std::string(i, b2);
+      request             += " HTTP/1.1\r\n";
+      request             += "Host: ";
+      request             += std::string(b1, i);
+      request             += "\r\n\r\n";
 
       ats::io::IO *const io = new io::IO();
 
diff --git a/plugins/experimental/inliner/cache.h b/plugins/experimental/inliner/cache.h
index 38b80762ab6..d036d140858 100644
--- a/plugins/experimental/inliner/cache.h
+++ b/plugins/experimental/inliner/cache.h
@@ -41,7 +41,7 @@ namespace cache
     }
 
     Key() : key_(TSCacheKeyCreate()) { assert(key_ != nullptr); }
-    Key(const Key &) = delete;
+    Key(const Key &)            = delete;
     Key &operator=(const Key &) = delete;
 
     explicit Key(const std::string &s) : key_(TSCacheKeyCreate())
@@ -64,7 +64,7 @@ namespace cache
 
     T t_;
 
-    template <class... A> Read(A &&... a) : t_(std::forward<A>(a)...) {}
+    template <class... A> Read(A &&...a) : t_(std::forward<A>(a)...) {}
     static int
     handle(TSCont c, TSEvent e, void *d)
     {
@@ -91,7 +91,7 @@ namespace cache
 
   template <class T, class... A>
   void
-  fetch(const std::string &k, A &&... a)
+  fetch(const std::string &k, A &&...a)
   {
     const Key key(k);
     const TSCont continuation = TSContCreate(Read<T>::handle, TSMutexCreate());
diff --git a/plugins/experimental/inliner/chunk-decoder.cc b/plugins/experimental/inliner/chunk-decoder.cc
index 455fa168575..40149549bac 100644
--- a/plugins/experimental/inliner/chunk-decoder.cc
+++ b/plugins/experimental/inliner/chunk-decoder.cc
@@ -142,7 +142,7 @@ ChunkDecoder::decode(const TSIOBufferReader &r)
       const char *p = TSIOBufferBlockReadStart(block, r, &size);
       assert(p != nullptr);
       const int i = parseSize(p, size);
-      size -= i;
+      size        -= i;
       TSIOBufferReaderConsume(r, i);
       if (state_ == State::kEnd) {
         assert(size_ == 0);
@@ -167,7 +167,7 @@ ChunkDecoder::decode(const TSIOBufferReader &r)
         break;
       } else {
         length += size;
-        size_ -= size;
+        size_  -= size;
       }
     }
     block = TSIOBufferBlockNext(block);
diff --git a/plugins/experimental/inliner/html-parser.cc b/plugins/experimental/inliner/html-parser.cc
index d4097f6968d..5854316a0d1 100644
--- a/plugins/experimental/inliner/html-parser.cc
+++ b/plugins/experimental/inliner/html-parser.cc
@@ -225,7 +225,7 @@ namespace inliner
       } else if (c == '/' || c == '>') {
         return true;
       } else if (isValidValue(c)) {
-        state_ = Attribute::kUnquotedValue;
+        state_                   = Attribute::kUnquotedValue;
         attributes.back().second += c;
       }
       break;
@@ -293,9 +293,9 @@ namespace inliner
           const size_t p = c - b;
           if (p > 0 && tag_ == Tag::kTagIMG) {
             done += bypass(p, o);
-            o += p;
-            l -= p;
-            b = c;
+            o    += p;
+            l    -= p;
+            b    = c;
           }
         } else if (tag_ == Tag::kTagInvalid) {
           state_ = State::kTagBypass;
diff --git a/plugins/experimental/inliner/inliner-handler.h b/plugins/experimental/inliner/inliner-handler.h
index c8733d3c838..a2478e24cad 100644
--- a/plugins/experimental/inliner/inliner-handler.h
+++ b/plugins/experimental/inliner/inliner-handler.h
@@ -54,7 +54,7 @@ namespace inliner
 
     Handler(const TSIOBufferReader, ats::io::IOSinkPointer &&);
 
-    Handler(const Handler &) = delete;
+    Handler(const Handler &)            = delete;
     Handler &operator=(const Handler &) = delete;
 
     void parse();
diff --git a/plugins/experimental/inliner/ts.cc b/plugins/experimental/inliner/ts.cc
index f8b05649594..5ed527b915a 100644
--- a/plugins/experimental/inliner/ts.cc
+++ b/plugins/experimental/inliner/ts.cc
@@ -300,7 +300,7 @@ namespace io
 
     assert(operation->buffer_ != nullptr);
     const Node::Result result = data_->process(operation->buffer_);
-    operation->bytes_ += result.first;
+    operation->bytes_         += result.first;
     operation->process();
     if (result.second && data_.unique()) {
       data_.reset();
@@ -446,7 +446,7 @@ namespace io
     for (; it != end; ++it) {
       assert(*it != nullptr);
       const Node::Result result = (*it)->process(b);
-      length += result.first;
+      length                    += result.first;
       if (!result.second || !it->unique()) {
         break;
       }
diff --git a/plugins/experimental/inliner/ts.h b/plugins/experimental/inliner/ts.h
index 9ab8bdd25fc..77cbd21b9fc 100644
--- a/plugins/experimental/inliner/ts.h
+++ b/plugins/experimental/inliner/ts.h
@@ -93,7 +93,7 @@ namespace io
       assert(reader != nullptr);
     }
 
-    ReaderSize(const ReaderSize &) = delete;
+    ReaderSize(const ReaderSize &)            = delete;
     ReaderSize &operator=(const ReaderSize &) = delete;
     void *operator new(const std::size_t)     = delete;
   };
@@ -103,7 +103,7 @@ namespace io
     const size_t offset;
 
     ReaderOffset(const TSIOBufferReader r, const size_t o) : reader(r), offset(o) { assert(reader != nullptr); }
-    ReaderOffset(const ReaderOffset &) = delete;
+    ReaderOffset(const ReaderOffset &)            = delete;
     ReaderOffset &operator=(const ReaderOffset &) = delete;
     void *operator new(const std::size_t)         = delete;
   };
@@ -156,7 +156,7 @@ namespace io
     ~WriteOperation();
 
     // noncopyable
-    WriteOperation(const WriteOperation &) = delete;
+    WriteOperation(const WriteOperation &)            = delete;
     WriteOperation &operator=(const WriteOperation &) = delete;
 
     WriteOperation &operator<<(const TSIOBufferReader);
@@ -193,7 +193,7 @@ namespace io
     ~IOSink();
 
     // noncopyable
-    IOSink(const IOSink &) = delete;
+    IOSink(const IOSink &)            = delete;
     IOSink &operator=(const IOSink &) = delete;
 
     template <class T>
@@ -210,7 +210,7 @@ namespace io
 
     template <class... A>
     static IOSinkPointer
-    Create(A &&... a)
+    Create(A &&...a)
     {
       return IOSinkPointer(new IOSink(WriteOperation::Create(std::forward<A>(a)...)));
     }
@@ -256,7 +256,7 @@ namespace io
     }
 
     // noncopyable
-    BufferNode(const BufferNode &) = delete;
+    BufferNode(const BufferNode &)            = delete;
     BufferNode &operator=(const BufferNode &) = delete;
     BufferNode &operator<<(const TSIOBufferReader);
     BufferNode &operator<<(const ReaderSize &);
@@ -273,7 +273,7 @@ namespace io
 
     template <class T> Data(T &&t) : root_(std::forward<T>(t)), first_(false) {}
     // noncopyable
-    Data(const Data &) = delete;
+    Data(const Data &)            = delete;
     Data &operator=(const Data &) = delete;
 
     Node::Result process(const TSIOBuffer) override;
@@ -284,9 +284,9 @@ namespace io
 
     ~Sink();
 
-    template <class... A> Sink(A &&... a) : data_(std::forward<A>(a)...) {}
+    template <class... A> Sink(A &&...a) : data_(std::forward<A>(a)...) {}
     // noncopyable
-    Sink(const Sink &) = delete;
+    Sink(const Sink &)            = delete;
     Sink &operator=(const Sink &) = delete;
 
     SinkPointer branch();
diff --git a/plugins/experimental/ja3_fingerprint/ja3_fingerprint.cc b/plugins/experimental/ja3_fingerprint/ja3_fingerprint.cc
index 3229e6b080a..7fa3f1298dd 100644
--- a/plugins/experimental/ja3_fingerprint/ja3_fingerprint.cc
+++ b/plugins/experimental/ja3_fingerprint/ja3_fingerprint.cc
@@ -97,7 +97,7 @@ custom_get_ja3_prefixed(int unit, const unsigned char *&data, int len, std::stri
       if (!first) {
         result += '-';
       }
-      first = false;
+      first  = false;
       result += std::to_string(tmp);
     }
   }
@@ -147,8 +147,8 @@ custom_get_ja3(SSL *s)
 
   // Get version
   int version = (((int)p[0]) << 8) | (int)p[1];
-  ja3 += std::to_string(version) + ',';
-  p += 2;
+  ja3         += std::to_string(version) + ',';
+  p           += 2;
 
   // Skip client random
   p += SSL3_RANDOM_SIZE;
@@ -174,7 +174,7 @@ custom_get_ja3(SSL *s)
   std::string eclist, ecpflist;
 
   // Skip length blob
-  p += 2;
+  p          += 2;
   bool first = true;
   while (p < d + n) {
     // Each extension blob is comprised of [2bytes] type + [2bytes] size + [size bytes] data
@@ -203,7 +203,7 @@ custom_get_ja3(SSL *s)
         ja3 += '-';
       }
       first = false;
-      ja3 += std::to_string(type);
+      ja3   += std::to_string(type);
     }
   }
 
@@ -222,7 +222,7 @@ custom_get_ja3(SSL *s)
 
   // Get version
   unsigned int version = SSL_client_hello_get0_legacy_version(s);
-  ja3 += std::to_string(version) + ',';
+  ja3                  += std::to_string(version) + ',';
 
   // Get cipher suites
   len = SSL_client_hello_get0_ciphers(s, &p);
@@ -234,7 +234,7 @@ custom_get_ja3(SSL *s)
   std::string eclist, ecpflist;
   if (SSL_client_hello_get0_ext(s, 0x0a, &p, &len) == 1) {
     // Skip first 2 bytes since we already have length
-    p += 2;
+    p   += 2;
     len -= 2;
     custom_get_ja3_prefixed(2, p, len, eclist);
   }
@@ -253,7 +253,7 @@ custom_get_ja3(SSL *s)
           ja3 += '-';
         }
         first = false;
-        ja3 += std::to_string(type);
+        ja3   += std::to_string(type);
       }
     }
     OPENSSL_free(o);
@@ -400,7 +400,11 @@ req_hdr_ja3_handler(TSCont contp, TSEvent event, void *edata)
 static bool
 read_config_option(int argc, const char *argv[], int &raw, int &log)
 {
-  const struct option longopts[] = {{"ja3raw", no_argument, &raw, 1}, {"ja3log", no_argument, &log, 1}, {nullptr, 0, nullptr, 0}};
+  const struct option longopts[] = {
+    {"ja3raw", no_argument, &raw,    1},
+    {"ja3log", no_argument, &log,    1},
+    {nullptr,  0,           nullptr, 0}
+  };
 
   int opt = 0;
   while ((opt = getopt_long(argc, const_cast<char *const *>(argv), "", longopts, nullptr)) >= 0) {
diff --git a/plugins/experimental/maxmind_acl/mmdb.h b/plugins/experimental/maxmind_acl/mmdb.h
index 372cfdacd86..6cfa374ab34 100644
--- a/plugins/experimental/maxmind_acl/mmdb.h
+++ b/plugins/experimental/maxmind_acl/mmdb.h
@@ -44,7 +44,7 @@
 #include <pcre.h>
 #endif
 
-#define PLUGIN_NAME "maxmind_acl"
+#define PLUGIN_NAME  "maxmind_acl"
 #define CONFIG_TMOUT 60000
 
 typedef struct {
diff --git a/plugins/experimental/memcache/tsmemcache.cc b/plugins/experimental/memcache/tsmemcache.cc
index cb1b32f6652..97ae58ff7dc 100644
--- a/plugins/experimental/memcache/tsmemcache.cc
+++ b/plugins/experimental/memcache/tsmemcache.cc
@@ -34,7 +34,7 @@
   - cleanup creader dependency in stream_event
  */
 
-#define REALTIME_MAXDELTA 60 * 60 * 24 * 30
+#define REALTIME_MAXDELTA       60 * 60 * 24 * 30
 #define STRCMP_REST(_c, _s, _e) (((_e) - (_s)) < (int)sizeof(_c) || STRCMP(_s, _c) || !isspace((_s)[sizeof(_c) - 1]))
 
 ClassAllocator<MC> theMCAllocator("MC");
@@ -1132,7 +1132,7 @@ MC::ascii_set(char *s, char *e)
   SKIP_SPACE;
   if (*s == 'n' && !STRCMP_REST("oreply", s + 1, e)) {
     f.noreply = 1;
-    s += 7;
+    s         += 7;
     if (s >= e) {
       return ASCII_CLIENT_ERROR("bad command line");
     }
@@ -1165,7 +1165,7 @@ MC::ascii_delete(char *s, char *e)
   SKIP_SPACE;
   if (*s == 'n' && !STRCMP_REST("oreply", s + 1, e)) {
     f.noreply = 1;
-    s += 7;
+    s         += 7;
     if (s >= e) {
       return ASCII_CLIENT_ERROR("bad command line");
     }
@@ -1199,7 +1199,7 @@ MC::ascii_incr_decr(char *s, char *e)
   SKIP_SPACE;
   if (*s == 'n' && !STRCMP_REST("oreply", s + 1, e)) {
     f.noreply = 1;
-    s += 7;
+    s         += 7;
     if (s >= e) {
       return ASCII_CLIENT_ERROR("bad command line");
     }
diff --git a/plugins/experimental/memcache/tsmemcache.h b/plugins/experimental/memcache/tsmemcache.h
index 69a78819be4..14994b16286 100644
--- a/plugins/experimental/memcache/tsmemcache.h
+++ b/plugins/experimental/memcache/tsmemcache.h
@@ -34,19 +34,19 @@
 #include "tscore/ink_hrtime.h"
 #include "tscore/CryptoHash.h"
 
-#define TSMEMCACHE_VERSION "1.0.0"
-#define TSMEMCACHE_MAX_CMD_SIZE (128 * 1024 * 1024) // silly large
-#define TSMEMCACHE_MAX_KEY_LEN 250
-#define TSMEMCACHE_TMP_CMD_BUFFER_SIZE 320
-#define TSMEMCACHE_HEADER_MAGIC 0x8765ACDC
+#define TSMEMCACHE_VERSION              "1.0.0"
+#define TSMEMCACHE_MAX_CMD_SIZE         (128 * 1024 * 1024) // silly large
+#define TSMEMCACHE_MAX_KEY_LEN          250
+#define TSMEMCACHE_TMP_CMD_BUFFER_SIZE  320
+#define TSMEMCACHE_HEADER_MAGIC         0x8765ACDC
 #define TSMEMCACHE_RETRY_WRITE_INTERVAL HRTIME_MSECONDS(20)
 
 #define TSMEMCACHE_WRITE_SYNC 0 // not yet
 
 #define TSMEMCACHE_EVENT_GOT_ITEM 100000
-#define TSMEMCACHE_EVENT_GOT_KEY 100001
-#define TSMEMCACHE_STREAM_DONE 100002
-#define TSMEMCACHE_TUNNEL_DONE 100003
+#define TSMEMCACHE_EVENT_GOT_KEY  100001
+#define TSMEMCACHE_STREAM_DONE    100002
+#define TSMEMCACHE_TUNNEL_DONE    100003
 
 #define CHECK_RET(_e, _r) \
   do {                    \
@@ -54,7 +54,7 @@
     if (ret != _r)        \
       return _r;          \
   } while (0)
-#define WRITE(_s) write(_s "", sizeof(_s "") - 1)
+#define WRITE(_s)  write(_s "", sizeof(_s "") - 1)
 #define STRLEN(_s) (sizeof(_s "") - 1)
 
 class NetVConnection;
@@ -62,7 +62,7 @@ class NetVConnection;
 struct MCCacheHeader {
   uint32_t magic;
   uint32_t flags;
-  uint32_t nkey : 8;
+  uint32_t nkey     : 8;
   uint32_t reserved : 24;
   uint32_t exptime; // seconds offset from settime
   uint64_t settime;
@@ -104,14 +104,14 @@ struct MCAccept : public Continuation {
     SET_HANDLER(_h);                           \
   } while (0)
 
-#define TS_POP_HANDLER handler = handler_stack[--ihandler_stack]
-#define TS_POP_CALL(_event, _data) handleEvent((TS_POP_HANDLER, _event), _data)
+#define TS_POP_HANDLER                 handler = handler_stack[--ihandler_stack]
+#define TS_POP_CALL(_event, _data)     handleEvent((TS_POP_HANDLER, _event), _data)
 #define TS_SET_CALL(_h, _event, _data) handleEvent((SET_HANDLER(_h), _event), _data)
-#define ASCII_RESPONSE(_s) ascii_response((_s "\r\n"), sizeof(_s "\r\n") - 1)
-#define ASCII_ERROR() ascii_response(("ERROR\r\n"), sizeof("ERROR\r\n") - 1)
-#define ASCII_CLIENT_ERROR(_s) ascii_response(("CLIENT_ERROR: " _s "\r\n"), sizeof("CLIENT_ERROR: " _s "\r\n") - 1)
-#define ASCII_SERVER_ERROR(_s) ascii_response(("SERVER_ERROR: " _s "\r\n"), sizeof("SERVER_ERROR: " _s "\r\n") - 1)
-#define STRCMP(_s, _const_string) strncmp(_s, _const_string "", sizeof(_const_string) - 1)
+#define ASCII_RESPONSE(_s)             ascii_response((_s "\r\n"), sizeof(_s "\r\n") - 1)
+#define ASCII_ERROR()                  ascii_response(("ERROR\r\n"), sizeof("ERROR\r\n") - 1)
+#define ASCII_CLIENT_ERROR(_s)         ascii_response(("CLIENT_ERROR: " _s "\r\n"), sizeof("CLIENT_ERROR: " _s "\r\n") - 1)
+#define ASCII_SERVER_ERROR(_s)         ascii_response(("SERVER_ERROR: " _s "\r\n"), sizeof("SERVER_ERROR: " _s "\r\n") - 1)
+#define STRCMP(_s, _const_string)      strncmp(_s, _const_string "", sizeof(_const_string) - 1)
 
 struct MC : Continuation {
   Action *pending_action;
@@ -140,15 +140,15 @@ struct MC : Continuation {
   char tmp_cmd_buffer[TSMEMCACHE_TMP_CMD_BUFFER_SIZE];
   union {
     struct {
-      unsigned int noreply : 1;
-      unsigned int return_cas : 1;
-      unsigned int set_add : 1;
-      unsigned int set_cas : 1;
-      unsigned int set_append : 1;
+      unsigned int noreply     : 1;
+      unsigned int return_cas  : 1;
+      unsigned int set_add     : 1;
+      unsigned int set_cas     : 1;
+      unsigned int set_append  : 1;
       unsigned int set_prepend : 1;
       unsigned int set_replace : 1;
-      unsigned int set_incr : 1;
-      unsigned int set_decr : 1;
+      unsigned int set_incr    : 1;
+      unsigned int set_decr    : 1;
     } f;
     unsigned int ff;
   };
diff --git a/plugins/experimental/money_trace/money_trace.cc b/plugins/experimental/money_trace/money_trace.cc
index 69d3252685c..4e8f9ee6d49 100644
--- a/plugins/experimental/money_trace/money_trace.cc
+++ b/plugins/experimental/money_trace/money_trace.cc
@@ -46,12 +46,12 @@ config_from_args(int const argc, char const *argv[], PluginType const ptype)
   Config *const conf = new Config;
 
   static const struct option longopt[] = {
-    {const_cast<char *>("passthru"), required_argument, nullptr, 'a'},
-    {const_cast<char *>("create-if-none"), required_argument, nullptr, 'c'},
+    {const_cast<char *>("passthru"),           required_argument, nullptr, 'a'},
+    {const_cast<char *>("create-if-none"),     required_argument, nullptr, 'c'},
     {const_cast<char *>("global-skip-header"), required_argument, nullptr, 'g'},
-    {const_cast<char *>("header"), required_argument, nullptr, 'h'},
-    {const_cast<char *>("pregen-header"), required_argument, nullptr, 'p'},
-    {nullptr, 0, nullptr, 0},
+    {const_cast<char *>("header"),             required_argument, nullptr, 'h'},
+    {const_cast<char *>("pregen-header"),      required_argument, nullptr, 'p'},
+    {nullptr,                                  0,                 nullptr, 0  },
   };
 
   // getopt assumes args start at '1' so this hack is needed
diff --git a/plugins/experimental/mp4/mp4.cc b/plugins/experimental/mp4/mp4.cc
index 0791d5d7c5e..014a2d49419 100644
--- a/plugins/experimental/mp4/mp4.cc
+++ b/plugins/experimental/mp4/mp4.cc
@@ -412,7 +412,7 @@ mp4_transform_handler(TSCont contp, Mp4Context *mc)
         TSIOBufferCopy(mtc->output.buffer, mtc->res_reader, avail, 0);
         TSIOBufferReaderConsume(mtc->res_reader, avail);
 
-        mtc->pos += avail;
+        mtc->pos   += avail;
         mtc->total += avail;
         write_down = true;
       }
diff --git a/plugins/experimental/mp4/mp4_meta.cc b/plugins/experimental/mp4/mp4_meta.cc
index 873f5a0c5d5..bbec129f603 100644
--- a/plugins/experimental/mp4/mp4_meta.cc
+++ b/plugins/experimental/mp4/mp4_meta.cc
@@ -18,35 +18,52 @@
 
 #include "mp4_meta.h"
 
-static mp4_atom_handler mp4_atoms[] = {{"ftyp", &Mp4Meta::mp4_read_ftyp_atom},
-                                       {"moov", &Mp4Meta::mp4_read_moov_atom},
-                                       {"mdat", &Mp4Meta::mp4_read_mdat_atom},
-                                       {nullptr, nullptr}};
-
-static mp4_atom_handler mp4_moov_atoms[] = {{"mvhd", &Mp4Meta::mp4_read_mvhd_atom},
-                                            {"trak", &Mp4Meta::mp4_read_trak_atom},
-                                            {"cmov", &Mp4Meta::mp4_read_cmov_atom},
-                                            {nullptr, nullptr}};
-
-static mp4_atom_handler mp4_trak_atoms[] = {{"tkhd", &Mp4Meta::mp4_read_tkhd_atom},
-                                            {"mdia", &Mp4Meta::mp4_read_mdia_atom},
-                                            {nullptr, nullptr}};
-
-static mp4_atom_handler mp4_mdia_atoms[] = {{"mdhd", &Mp4Meta::mp4_read_mdhd_atom},
-                                            {"hdlr", &Mp4Meta::mp4_read_hdlr_atom},
-                                            {"minf", &Mp4Meta::mp4_read_minf_atom},
-                                            {nullptr, nullptr}};
-
-static mp4_atom_handler mp4_minf_atoms[] = {{"vmhd", &Mp4Meta::mp4_read_vmhd_atom},
-                                            {"smhd", &Mp4Meta::mp4_read_smhd_atom},
-                                            {"dinf", &Mp4Meta::mp4_read_dinf_atom},
-                                            {"stbl", &Mp4Meta::mp4_read_stbl_atom},
-                                            {nullptr, nullptr}};
+static mp4_atom_handler mp4_atoms[] = {
+  {"ftyp",  &Mp4Meta::mp4_read_ftyp_atom},
+  {"moov",  &Mp4Meta::mp4_read_moov_atom},
+  {"mdat",  &Mp4Meta::mp4_read_mdat_atom},
+  {nullptr, nullptr                     }
+};
+
+static mp4_atom_handler mp4_moov_atoms[] = {
+  {"mvhd",  &Mp4Meta::mp4_read_mvhd_atom},
+  {"trak",  &Mp4Meta::mp4_read_trak_atom},
+  {"cmov",  &Mp4Meta::mp4_read_cmov_atom},
+  {nullptr, nullptr                     }
+};
+
+static mp4_atom_handler mp4_trak_atoms[] = {
+  {"tkhd",  &Mp4Meta::mp4_read_tkhd_atom},
+  {"mdia",  &Mp4Meta::mp4_read_mdia_atom},
+  {nullptr, nullptr                     }
+};
+
+static mp4_atom_handler mp4_mdia_atoms[] = {
+  {"mdhd",  &Mp4Meta::mp4_read_mdhd_atom},
+  {"hdlr",  &Mp4Meta::mp4_read_hdlr_atom},
+  {"minf",  &Mp4Meta::mp4_read_minf_atom},
+  {nullptr, nullptr                     }
+};
+
+static mp4_atom_handler mp4_minf_atoms[] = {
+  {"vmhd",  &Mp4Meta::mp4_read_vmhd_atom},
+  {"smhd",  &Mp4Meta::mp4_read_smhd_atom},
+  {"dinf",  &Mp4Meta::mp4_read_dinf_atom},
+  {"stbl",  &Mp4Meta::mp4_read_stbl_atom},
+  {nullptr, nullptr                     }
+};
 
 static mp4_atom_handler mp4_stbl_atoms[] = {
-  {"stsd", &Mp4Meta::mp4_read_stsd_atom}, {"stts", &Mp4Meta::mp4_read_stts_atom}, {"stss", &Mp4Meta::mp4_read_stss_atom},
-  {"ctts", &Mp4Meta::mp4_read_ctts_atom}, {"stsc", &Mp4Meta::mp4_read_stsc_atom}, {"stsz", &Mp4Meta::mp4_read_stsz_atom},
-  {"stco", &Mp4Meta::mp4_read_stco_atom}, {"co64", &Mp4Meta::mp4_read_co64_atom}, {nullptr, nullptr}};
+  {"stsd",  &Mp4Meta::mp4_read_stsd_atom},
+  {"stts",  &Mp4Meta::mp4_read_stts_atom},
+  {"stss",  &Mp4Meta::mp4_read_stss_atom},
+  {"ctts",  &Mp4Meta::mp4_read_ctts_atom},
+  {"stsc",  &Mp4Meta::mp4_read_stsc_atom},
+  {"stsz",  &Mp4Meta::mp4_read_stsz_atom},
+  {"stco",  &Mp4Meta::mp4_read_stco_atom},
+  {"co64",  &Mp4Meta::mp4_read_co64_atom},
+  {nullptr, nullptr                     }
+};
 
 static void mp4_reader_set_32value(TSIOBufferReader readerp, int64_t offset, uint32_t n);
 static void mp4_reader_set_64value(TSIOBufferReader readerp, int64_t offset, uint64_t n);
@@ -98,7 +115,7 @@ Mp4Meta::mp4_meta_consume(int64_t size)
 {
   TSIOBufferReaderConsume(meta_reader, size);
   meta_avail -= size;
-  passed += size;
+  passed     += size;
 }
 
 int
@@ -522,7 +539,8 @@ Mp4Meta::mp4_read_trak_atom(int64_t atom_header_size, int64_t atom_data_size)
   return rc;
 }
 
-int Mp4Meta::mp4_read_cmov_atom(int64_t /*atom_header_size ATS_UNUSED */, int64_t /* atom_data_size ATS_UNUSED */)
+int
+Mp4Meta::mp4_read_cmov_atom(int64_t /*atom_header_size ATS_UNUSED */, int64_t /* atom_data_size ATS_UNUSED */)
 {
   return -1;
 }
@@ -649,7 +667,7 @@ Mp4Meta::mp4_read_vmhd_atom(int64_t atom_header_size, int64_t atom_data_size)
 
   atom_size = atom_data_size + atom_header_size;
 
-  trak = trak_vec[trak_num - 1];
+  trak            = trak_vec[trak_num - 1];
   trak->vmhd_size += atom_size;
 
   trak->atoms[MP4_VMHD_ATOM].buffer = TSIOBufferCreate();
@@ -669,7 +687,7 @@ Mp4Meta::mp4_read_smhd_atom(int64_t atom_header_size, int64_t atom_data_size)
 
   atom_size = atom_data_size + atom_header_size;
 
-  trak = trak_vec[trak_num - 1];
+  trak            = trak_vec[trak_num - 1];
   trak->smhd_size += atom_size;
 
   trak->atoms[MP4_SMHD_ATOM].buffer = TSIOBufferCreate();
@@ -689,7 +707,7 @@ Mp4Meta::mp4_read_dinf_atom(int64_t atom_header_size, int64_t atom_data_size)
 
   atom_size = atom_data_size + atom_header_size;
 
-  trak = trak_vec[trak_num - 1];
+  trak            = trak_vec[trak_num - 1];
   trak->dinf_size += atom_size;
 
   trak->atoms[MP4_DINF_ATOM].buffer = TSIOBufferCreate();
@@ -725,7 +743,7 @@ Mp4Meta::mp4_read_stsd_atom(int64_t atom_header_size, int64_t atom_data_size)
 
   atom_size = atom_data_size + atom_header_size;
 
-  trak = trak_vec[trak_num - 1];
+  trak       = trak_vec[trak_num - 1];
   trak->size += atom_size;
 
   trak->atoms[MP4_STSD_ATOM].buffer = TSIOBufferCreate();
@@ -917,7 +935,7 @@ Mp4Meta::mp4_read_stsz_atom(int64_t atom_header_size, int64_t atom_data_size)
     TSIOBufferCopy(trak->atoms[MP4_STSZ_DATA].buffer, meta_reader, esize, sizeof(mp4_stsz_atom));
 
   } else {
-    atom_size = atom_header_size + atom_data_size;
+    atom_size  = atom_header_size + atom_data_size;
     trak->size += atom_size;
     mp4_reader_set_32value(trak->atoms[MP4_STSZ_ATOM].reader, 0, atom_size);
   }
@@ -999,7 +1017,8 @@ Mp4Meta::mp4_read_co64_atom(int64_t atom_header_size, int64_t atom_data_size)
   return 1;
 }
 
-int Mp4Meta::mp4_read_mdat_atom(int64_t /* atom_header_size ATS_UNUSED */, int64_t /* atom_data_size ATS_UNUSED */)
+int
+Mp4Meta::mp4_read_mdat_atom(int64_t /* atom_header_size ATS_UNUSED */, int64_t /* atom_data_size ATS_UNUSED */)
 {
   mdat_atom.buffer = TSIOBufferCreate();
   mdat_atom.reader = TSIOBufferReaderAlloc(mdat_atom.buffer);
@@ -1038,14 +1057,14 @@ Mp4Meta::mp4_update_stts_atom(Mp4Trak *trak)
     count    = mp4_reader_get_32value(readerp, offsetof(mp4_stts_entry, count));
 
     if (start_time < static_cast<uint64_t>(count) * duration) {
-      pass = static_cast<uint32_t>(start_time / duration);
+      pass         = static_cast<uint32_t>(start_time / duration);
       start_sample += pass;
 
       goto found;
     }
 
     start_sample += count;
-    start_time -= static_cast<uint64_t>(count) * duration;
+    start_time   -= static_cast<uint64_t>(count) * duration;
     TSIOBufferReaderConsume(readerp, sizeof(mp4_stts_entry));
   }
 
@@ -1077,7 +1096,7 @@ Mp4Meta::mp4_update_stts_atom(Mp4Trak *trak)
     }
 
     start_sample -= count;
-    sum += static_cast<uint64_t>(count) * duration;
+    sum          += static_cast<uint64_t>(count) * duration;
 
     TSIOBufferReaderConsume(readerp, sizeof(mp4_stts_entry));
   }
@@ -1088,7 +1107,7 @@ Mp4Meta::mp4_update_stts_atom(Mp4Trak *trak)
 
   left = entries - i;
 
-  atom_size = sizeof(mp4_stts_atom) + left * sizeof(mp4_stts_entry);
+  atom_size  = sizeof(mp4_stts_atom) + left * sizeof(mp4_stts_entry);
   trak->size += atom_size;
 
   mp4_reader_set_32value(trak->atoms[MP4_STTS_ATOM].reader, offsetof(mp4_stts_atom, size), atom_size);
@@ -1141,7 +1160,7 @@ Mp4Meta::mp4_update_stss_atom(Mp4Trak *trak)
     TSIOBufferReaderConsume(readerp, sizeof(uint32_t));
   }
 
-  atom_size = sizeof(mp4_stss_atom) + left * sizeof(uint32_t);
+  atom_size  = sizeof(mp4_stss_atom) + left * sizeof(uint32_t);
   trak->size += atom_size;
 
   mp4_reader_set_32value(trak->atoms[MP4_STSS_ATOM].reader, offsetof(mp4_stss_atom, size), atom_size);
@@ -1203,8 +1222,8 @@ Mp4Meta::mp4_update_ctts_atom(Mp4Trak *trak)
 
 found:
 
-  left      = entries - i;
-  atom_size = sizeof(mp4_ctts_atom) + left * sizeof(mp4_ctts_entry);
+  left       = entries - i;
+  atom_size  = sizeof(mp4_ctts_atom) + left * sizeof(mp4_ctts_entry);
   trak->size += atom_size;
 
   mp4_reader_set_32value(trak->atoms[MP4_CTTS_ATOM].reader, offsetof(mp4_ctts_atom, size), atom_size);
@@ -1281,8 +1300,8 @@ Mp4Meta::mp4_update_stsc_atom(Mp4Trak *trak)
   readerp = TSIOBufferReaderClone(trak->atoms[MP4_STSC_DATA].reader);
   TSIOBufferReaderConsume(readerp, sizeof(mp4_stsc_entry) * (i - 1));
 
-  trak->start_chunk = chunk - 1;
-  trak->start_chunk += start_sample / samples;
+  trak->start_chunk   = chunk - 1;
+  trak->start_chunk   += start_sample / samples;
   trak->chunk_samples = start_sample % samples;
 
   atom_size = sizeof(mp4_stsc_atom) + entries * sizeof(mp4_stsc_entry);
@@ -1356,7 +1375,7 @@ Mp4Meta::mp4_update_stsz_atom(Mp4Trak *trak)
     TSIOBufferReaderConsume(readerp, sizeof(uint32_t));
   }
 
-  atom_size = sizeof(mp4_stsz_atom) + avail - pass;
+  atom_size  = sizeof(mp4_stsz_atom) + avail - pass;
   trak->size += atom_size;
 
   mp4_reader_set_32value(trak->atoms[MP4_STSZ_ATOM].reader, offsetof(mp4_stsz_atom, size), atom_size);
@@ -1386,8 +1405,8 @@ Mp4Meta::mp4_update_co64_atom(Mp4Trak *trak)
   readerp = trak->atoms[MP4_CO64_DATA].reader;
   avail   = TSIOBufferReaderAvail(readerp);
 
-  pass      = trak->start_chunk * sizeof(uint64_t);
-  atom_size = sizeof(mp4_co64_atom) + avail - pass;
+  pass       = trak->start_chunk * sizeof(uint64_t);
+  atom_size  = sizeof(mp4_co64_atom) + avail - pass;
   trak->size += atom_size;
 
   TSIOBufferReaderConsume(readerp, pass);
@@ -1419,8 +1438,8 @@ Mp4Meta::mp4_update_stco_atom(Mp4Trak *trak)
   readerp = trak->atoms[MP4_STCO_DATA].reader;
   avail   = TSIOBufferReaderAvail(readerp);
 
-  pass      = trak->start_chunk * sizeof(uint32_t);
-  atom_size = sizeof(mp4_stco_atom) + avail - pass;
+  pass       = trak->start_chunk * sizeof(uint32_t);
+  atom_size  = sizeof(mp4_stco_atom) + avail - pass;
   trak->size += atom_size;
 
   TSIOBufferReaderConsume(readerp, pass);
@@ -1871,7 +1890,7 @@ IOBufferReaderCopy(TSIOBufferReader readerp, void *buf, int64_t length)
     if (need > 0) {
       memcpy(static_cast<char *>(buf) + n, start, need);
       length -= need;
-      n += need;
+      n      += need;
     }
 
     if (length == 0) {
diff --git a/plugins/experimental/mp4/mp4_meta.h b/plugins/experimental/mp4/mp4_meta.h
index d4a11293af1..10d823ed509 100644
--- a/plugins/experimental/mp4/mp4_meta.h
+++ b/plugins/experimental/mp4/mp4_meta.h
@@ -28,7 +28,7 @@
 
 #include <ts/ts.h>
 
-#define MP4_MAX_TRAK_NUM 6
+#define MP4_MAX_TRAK_NUM    6
 #define MP4_MAX_BUFFER_SIZE (10 * 1024 * 1024)
 #define MP4_MIN_BUFFER_SIZE 1024
 
diff --git a/plugins/experimental/otel_tracer/otel_tracer.cc b/plugins/experimental/otel_tracer/otel_tracer.cc
index 30b0324bbfe..02d2bf00c23 100644
--- a/plugins/experimental/otel_tracer/otel_tracer.cc
+++ b/plugins/experimental/otel_tracer/otel_tracer.cc
@@ -336,10 +336,10 @@ TSPluginInit(int argc, const char *argv[])
   if (argc > 1) {
     int c;
     static const struct option longopts[] = {
-      {const_cast<char *>("url"), required_argument, nullptr, 'u'},
-      {const_cast<char *>("service-name"), required_argument, nullptr, 's'},
+      {const_cast<char *>("url"),           required_argument, nullptr, 'u'},
+      {const_cast<char *>("service-name"),  required_argument, nullptr, 's'},
       {const_cast<char *>("sampling-rate"), required_argument, nullptr, 'r'},
-      {nullptr, 0, nullptr, 0},
+      {nullptr,                             0,                 nullptr, 0  },
     };
 
     int longindex = 0;
diff --git a/plugins/experimental/otel_tracer/tracer_common.h b/plugins/experimental/otel_tracer/tracer_common.h
index d4caf573c6d..8d24a9e2253 100644
--- a/plugins/experimental/otel_tracer/tracer_common.h
+++ b/plugins/experimental/otel_tracer/tracer_common.h
@@ -127,8 +127,11 @@ InitTracer(std::string url, std::string service_name, double rate)
   processors.push_back(std::move(processor));
 
   // Set service name
-  opentelemetry::sdk::resource::ResourceAttributes attributes = {{"service.name", service_name}, {"version", (uint32_t)1}};
-  auto resource                                               = opentelemetry::sdk::resource::Resource::Create(attributes);
+  opentelemetry::sdk::resource::ResourceAttributes attributes = {
+    {"service.name", service_name},
+    {"version",      (uint32_t)1 }
+  };
+  auto resource = opentelemetry::sdk::resource::Resource::Create(attributes);
 
   auto context  = std::make_shared<sdktrace::TracerContext>(std::move(processors), resource,
                                                            std::unique_ptr<sdktrace::Sampler>(new sdktrace::ParentBasedSampler(
diff --git a/plugins/experimental/parent_select/strategy.h b/plugins/experimental/parent_select/strategy.h
index eab0e6bd0f0..aaadfba70ad 100644
--- a/plugins/experimental/parent_select/strategy.h
+++ b/plugins/experimental/parent_select/strategy.h
@@ -48,8 +48,8 @@ extern const std::string_view active_health_check;
 extern const std::string_view passive_health_check;
 
 #define PL_NH_Debug(tag, fmt, ...) TSDebug(tag, "[%s:%d]: " fmt, __FILE__, __LINE__, ##__VA_ARGS__)
-#define PL_NH_Error(fmt, ...) TSError("(%s) [%s:%d]: " fmt, PLUGIN_NAME, __FILE__, __LINE__, ##__VA_ARGS__)
-#define PL_NH_Note(fmt, ...) TSDebug(PL_NH_DEBUG_TAG, "[%s:%d]: " fmt, __FILE__, __LINE__, ##__VA_ARGS__)
+#define PL_NH_Error(fmt, ...)      TSError("(%s) [%s:%d]: " fmt, PLUGIN_NAME, __FILE__, __LINE__, ##__VA_ARGS__)
+#define PL_NH_Note(fmt, ...)       TSDebug(PL_NH_DEBUG_TAG, "[%s:%d]: " fmt, __FILE__, __LINE__, ##__VA_ARGS__)
 
 constexpr const char *policy_strings[] = {"PL_NH_UNDEFINED", "PL_NH_FIRST_LIVE", "PL_NH_RR_STRICT",
                                           "PL_NH_RR_IP",     "PL_NH_RR_LATCHED", "PL_NH_CONSISTENT_HASH"};
diff --git a/plugins/experimental/rate_limit/ip_reputation.cc b/plugins/experimental/rate_limit/ip_reputation.cc
index 129cd9584a1..d05cadf4705 100644
--- a/plugins/experimental/rate_limit/ip_reputation.cc
+++ b/plugins/experimental/rate_limit/ip_reputation.cc
@@ -100,7 +100,7 @@ SieveLru::initialize(uint32_t num_buckets, uint32_t size)
   // Create the other buckets, in smaller and smaller sizes (power of 2)
   for (uint32_t i = lastBucket(); i <= entryBucket(); ++i) {
     _buckets[i] = new SieveBucket(cur_size);
-    cur_size *= 2;
+    cur_size    *= 2;
   }
 
   _buckets[blockBucket()] = new SieveBucket(cur_size / 2); // Block LRU, same size as entry bucket
@@ -151,7 +151,7 @@ SieveLru::increment(KeyClass key)
         (std::chrono::duration_cast<std::chrono::seconds>(SystemClock::now() - added) > max_age)) {
       auto last_lru = _buckets[entryBucket()];
 
-      count >>= 3; // Age the count by a factor of 1/8th
+      count  >>= 3; // Age the count by a factor of 1/8th
       bucket = entryBucket();
       last_lru->moveTop(lru, map_item);
     } else {
diff --git a/plugins/experimental/rate_limit/iprep_simu.cc b/plugins/experimental/rate_limit/iprep_simu.cc
index 887df68b861..9509346e2a5 100644
--- a/plugins/experimental/rate_limit/iprep_simu.cc
+++ b/plugins/experimental/rate_limit/iprep_simu.cc
@@ -83,8 +83,13 @@ parseArgs(int argc, char **argv)
   CmdConfigs options;
   int c;
   constexpr struct option long_options[] = {
-    {"help", no_argument, NULL, 'h'},       {"buckets", required_argument, NULL, 'b'},   {"perma", required_argument, NULL, 'p'},
-    {"size", required_argument, NULL, 's'}, {"threshold", required_argument, NULL, 't'}, {NULL, 0, NULL, 0}};
+    {"help",      no_argument,       NULL, 'h'},
+    {"buckets",   required_argument, NULL, 'b'},
+    {"perma",     required_argument, NULL, 'p'},
+    {"size",      required_argument, NULL, 's'},
+    {"threshold", required_argument, NULL, 't'},
+    {NULL,        0,                 NULL, 0  }
+  };
 
   // Make sure the optional values have been set
 
@@ -208,9 +213,9 @@ main(int argc, char *argv[])
     for (uint32_t size = options.start_size; size <= options.end_size; size += options.incr_size) {
       for (uint32_t buckets = options.start_buckets; buckets <= options.end_buckets; buckets += options.incr_buckets) {
         for (uint32_t threshold = options.start_threshold; threshold <= options.end_threshold;
-             threshold += options.incr_threshold) {
+             threshold          += options.incr_threshold) {
           for (uint32_t permablock = options.start_permablock; permablock <= options.end_permablock;
-               permablock += options.incr_permablock) {
+               permablock          += options.incr_permablock) {
             // Setup the buckets and metrics for this loop
             IpReputation::SieveLru ipt(buckets, size);
 
diff --git a/plugins/experimental/rate_limit/sni_limiter.cc b/plugins/experimental/rate_limit/sni_limiter.cc
index fcc8fb838f4..3d652fbc44c 100644
--- a/plugins/experimental/rate_limit/sni_limiter.cc
+++ b/plugins/experimental/rate_limit/sni_limiter.cc
@@ -142,20 +142,20 @@ bool
 SniRateLimiter::initialize(int argc, const char *argv[])
 {
   static const struct option longopt[] = {
-    {const_cast<char *>("limit"), required_argument, nullptr, 'l'},
-    {const_cast<char *>("queue"), required_argument, nullptr, 'q'},
-    {const_cast<char *>("maxage"), required_argument, nullptr, 'm'},
-    {const_cast<char *>("prefix"), required_argument, nullptr, 'p'},
-    {const_cast<char *>("tag"), required_argument, nullptr, 't'},
-    // These are all for the IP reputation system. ToDo: These should be global rather than per SNI ?
-    {const_cast<char *>("iprep_maxage"), required_argument, nullptr, 'a'},
-    {const_cast<char *>("iprep_buckets"), required_argument, nullptr, 'B'},
-    {const_cast<char *>("iprep_bucketsize"), required_argument, nullptr, 'S'},
-    {const_cast<char *>("iprep_permablock_limit"), required_argument, nullptr, 'L'},
-    {const_cast<char *>("iprep_permablock_pressure"), required_argument, nullptr, 'P'},
-    {const_cast<char *>("iprep_permablock_maxage"), required_argument, nullptr, 'A'},
-    // EOF
-    {nullptr, no_argument, nullptr, '\0'},
+    {const_cast<char *>("limit"),                     required_argument, nullptr, 'l' },
+    {const_cast<char *>("queue"),                     required_argument, nullptr, 'q' },
+    {const_cast<char *>("maxage"),                    required_argument, nullptr, 'm' },
+    {const_cast<char *>("prefix"),                    required_argument, nullptr, 'p' },
+    {const_cast<char *>("tag"),                       required_argument, nullptr, 't' },
+ // These are all for the IP reputation system. ToDo: These should be global rather than per SNI ?
+    {const_cast<char *>("iprep_maxage"),              required_argument, nullptr, 'a' },
+    {const_cast<char *>("iprep_buckets"),             required_argument, nullptr, 'B' },
+    {const_cast<char *>("iprep_bucketsize"),          required_argument, nullptr, 'S' },
+    {const_cast<char *>("iprep_permablock_limit"),    required_argument, nullptr, 'L' },
+    {const_cast<char *>("iprep_permablock_pressure"), required_argument, nullptr, 'P' },
+    {const_cast<char *>("iprep_permablock_maxage"),   required_argument, nullptr, 'A' },
+ // EOF
+    {nullptr,                                         no_argument,       nullptr, '\0'},
   };
 
   TSDebug(PLUGIN_NAME, "Initializing an SNI Rate Limiter");
diff --git a/plugins/experimental/rate_limit/txn_limiter.cc b/plugins/experimental/rate_limit/txn_limiter.cc
index 6e336658886..335b419fa6e 100644
--- a/plugins/experimental/rate_limit/txn_limiter.cc
+++ b/plugins/experimental/rate_limit/txn_limiter.cc
@@ -107,16 +107,16 @@ bool
 TxnRateLimiter::initialize(int argc, const char *argv[])
 {
   static const struct option longopt[] = {
-    {const_cast<char *>("limit"), required_argument, nullptr, 'l'},
-    {const_cast<char *>("queue"), required_argument, nullptr, 'q'},
-    {const_cast<char *>("error"), required_argument, nullptr, 'e'},
-    {const_cast<char *>("retry"), required_argument, nullptr, 'r'},
-    {const_cast<char *>("header"), required_argument, nullptr, 'h'},
-    {const_cast<char *>("maxage"), required_argument, nullptr, 'm'},
-    {const_cast<char *>("prefix"), required_argument, nullptr, 'p'},
-    {const_cast<char *>("tag"), required_argument, nullptr, 't'},
-    // EOF
-    {nullptr, no_argument, nullptr, '\0'},
+    {const_cast<char *>("limit"),  required_argument, nullptr, 'l' },
+    {const_cast<char *>("queue"),  required_argument, nullptr, 'q' },
+    {const_cast<char *>("error"),  required_argument, nullptr, 'e' },
+    {const_cast<char *>("retry"),  required_argument, nullptr, 'r' },
+    {const_cast<char *>("header"), required_argument, nullptr, 'h' },
+    {const_cast<char *>("maxage"), required_argument, nullptr, 'm' },
+    {const_cast<char *>("prefix"), required_argument, nullptr, 'p' },
+    {const_cast<char *>("tag"),    required_argument, nullptr, 't' },
+ // EOF
+    {nullptr,                      no_argument,       nullptr, '\0'},
   };
 
   while (true) {
diff --git a/plugins/experimental/redo_cache_lookup/redo_cache_lookup.cc b/plugins/experimental/redo_cache_lookup/redo_cache_lookup.cc
index 6b6c496c77c..e7b65fb2f59 100644
--- a/plugins/experimental/redo_cache_lookup/redo_cache_lookup.cc
+++ b/plugins/experimental/redo_cache_lookup/redo_cache_lookup.cc
@@ -81,7 +81,9 @@ TSPluginInit(int argc, const char *argv[])
   const char *fallback = nullptr;
 
   // Read options from plugin.config
-  static const struct option longopts[] = {{"fallback", required_argument, nullptr, 'f'}};
+  static const struct option longopts[] = {
+    {"fallback", required_argument, nullptr, 'f'}
+  };
 
   int opt = 0;
 
diff --git a/plugins/experimental/remap_stats/remap_stats.cc b/plugins/experimental/remap_stats/remap_stats.cc
index 39db77accf1..20de2553948 100644
--- a/plugins/experimental/remap_stats/remap_stats.cc
+++ b/plugins/experimental/remap_stats/remap_stats.cc
@@ -30,7 +30,7 @@
 #include <unordered_map>
 
 #define PLUGIN_NAME "remap_stats"
-#define DEBUG_TAG PLUGIN_NAME
+#define DEBUG_TAG   PLUGIN_NAME
 
 #define MAX_STAT_LENGTH (1 << 8)
 
@@ -169,7 +169,7 @@ handle_txn_close(TSCont cont, TSEvent event ATS_UNUSED, void *edata)
     }
 
     uint64_t in_bytes = TSHttpTxnClientReqHdrBytesGet(txn);
-    in_bytes += TSHttpTxnClientReqBodyBytesGet(txn);
+    in_bytes          += TSHttpTxnClientReqBodyBytesGet(txn);
 
     ts::LocalBufferWriter<MAX_STAT_LENGTH> stat_name;
 
@@ -177,7 +177,7 @@ handle_txn_close(TSCont cont, TSEvent event ATS_UNUSED, void *edata)
     stat_add(stat_name.data(), static_cast<TSMgmtInt>(in_bytes), config->persist_type, config->stat_creation_mutex);
 
     uint64_t out_bytes = TSHttpTxnClientRespHdrBytesGet(txn);
-    out_bytes += TSHttpTxnClientRespBodyBytesGet(txn);
+    out_bytes          += TSHttpTxnClientRespBodyBytesGet(txn);
 
     create_stat_name(stat_name, hostsv, "out_bytes");
     stat_add(stat_name.data(), static_cast<TSMgmtInt>(out_bytes), config->persist_type, config->stat_creation_mutex);
diff --git a/plugins/experimental/slice/Config.cc b/plugins/experimental/slice/Config.cc
index 65ca648ba8f..ee2a6c777a3 100644
--- a/plugins/experimental/slice/Config.cc
+++ b/plugins/experimental/slice/Config.cc
@@ -113,19 +113,19 @@ Config::fromArgs(int const argc, char const *const argv[])
 
   // standard parsing
   constexpr struct option longopts[] = {
-    {const_cast<char *>("blockbytes"), required_argument, nullptr, 'b'},
-    {const_cast<char *>("crr-ims-header"), required_argument, nullptr, 'c'},
-    {const_cast<char *>("disable-errorlog"), no_argument, nullptr, 'd'},
-    {const_cast<char *>("exclude-regex"), required_argument, nullptr, 'e'},
-    {const_cast<char *>("include-regex"), required_argument, nullptr, 'i'},
-    {const_cast<char *>("ref-relative"), no_argument, nullptr, 'l'},
-    {const_cast<char *>("pace-errorlog"), required_argument, nullptr, 'p'},
-    {const_cast<char *>("remap-host"), required_argument, nullptr, 'r'},
-    {const_cast<char *>("skip-header"), required_argument, nullptr, 's'},
-    {const_cast<char *>("blockbytes-test"), required_argument, nullptr, 't'},
-    {const_cast<char *>("prefetch-count"), required_argument, nullptr, 'f'},
-    {const_cast<char *>("strip-range-for-head"), no_argument, nullptr, 'h'},
-    {nullptr, 0, nullptr, 0},
+    {const_cast<char *>("blockbytes"),           required_argument, nullptr, 'b'},
+    {const_cast<char *>("crr-ims-header"),       required_argument, nullptr, 'c'},
+    {const_cast<char *>("disable-errorlog"),     no_argument,       nullptr, 'd'},
+    {const_cast<char *>("exclude-regex"),        required_argument, nullptr, 'e'},
+    {const_cast<char *>("include-regex"),        required_argument, nullptr, 'i'},
+    {const_cast<char *>("ref-relative"),         no_argument,       nullptr, 'l'},
+    {const_cast<char *>("pace-errorlog"),        required_argument, nullptr, 'p'},
+    {const_cast<char *>("remap-host"),           required_argument, nullptr, 'r'},
+    {const_cast<char *>("skip-header"),          required_argument, nullptr, 's'},
+    {const_cast<char *>("blockbytes-test"),      required_argument, nullptr, 't'},
+    {const_cast<char *>("prefetch-count"),       required_argument, nullptr, 'f'},
+    {const_cast<char *>("strip-range-for-head"), no_argument,       nullptr, 'h'},
+    {nullptr,                                    0,                 nullptr, 0  },
   };
 
   // getopt assumes args start at '1' so this hack is needed
diff --git a/plugins/experimental/slice/Data.h b/plugins/experimental/slice/Data.h
index 8e654a69bc4..175171aed90 100644
--- a/plugins/experimental/slice/Data.h
+++ b/plugins/experimental/slice/Data.h
@@ -42,7 +42,7 @@ enum BlockState {
 };
 
 struct Data {
-  Data(Data const &) = delete;
+  Data(Data const &)            = delete;
   Data &operator=(Data const &) = delete;
 
   Config *const m_config;
diff --git a/plugins/experimental/slice/HttpHeader.cc b/plugins/experimental/slice/HttpHeader.cc
index d98d112a3f7..50fcc35ddc5 100644
--- a/plugins/experimental/slice/HttpHeader.cc
+++ b/plugins/experimental/slice/HttpHeader.cc
@@ -354,7 +354,7 @@ HdrMgr::populateFrom(TSHttpParser const http_parser, TSIOBufferReader const read
       int64_t const bytes_parsed(ptr - bstart);
 
       consumed += bytes_parsed;
-      avail -= bytes_parsed;
+      avail    -= bytes_parsed;
 
       if (TS_PARSE_CONT == parse_res) {
         block = TSIOBufferBlockNext(block);
diff --git a/plugins/experimental/slice/HttpHeader.h b/plugins/experimental/slice/HttpHeader.h
index 81f1817fb73..060a00504d2 100644
--- a/plugins/experimental/slice/HttpHeader.h
+++ b/plugins/experimental/slice/HttpHeader.h
@@ -149,7 +149,7 @@ struct HttpHeader {
 };
 
 struct TxnHdrMgr {
-  TxnHdrMgr(TxnHdrMgr const &) = delete;
+  TxnHdrMgr(TxnHdrMgr const &)            = delete;
   TxnHdrMgr &operator=(TxnHdrMgr const &) = delete;
 
   TSMBuffer m_buffer{nullptr};
@@ -187,7 +187,7 @@ struct TxnHdrMgr {
 };
 
 struct HdrMgr {
-  HdrMgr(HdrMgr const &) = delete;
+  HdrMgr(HdrMgr const &)            = delete;
   HdrMgr &operator=(HdrMgr const &) = delete;
 
   TSMBuffer m_buffer{nullptr};
diff --git a/plugins/experimental/slice/Stage.h b/plugins/experimental/slice/Stage.h
index 47ae28a96df..5f88e0d33dc 100644
--- a/plugins/experimental/slice/Stage.h
+++ b/plugins/experimental/slice/Stage.h
@@ -115,7 +115,7 @@ struct Channel {
 
 struct Stage // upstream or downstream (server or client)
 {
-  Stage(Stage const &) = delete;
+  Stage(Stage const &)            = delete;
   Stage &operator=(Stage const &) = delete;
 
   TSVConn m_vc{nullptr};
diff --git a/plugins/experimental/slice/client.cc b/plugins/experimental/slice/client.cc
index 3d19372440a..bfb036ccb87 100644
--- a/plugins/experimental/slice/client.cc
+++ b/plugins/experimental/slice/client.cc
@@ -59,7 +59,7 @@ handle_client_req(TSCont contp, TSEvent event, Data *const data)
     char rangestr[1024];
     int rangelen             = sizeof(rangestr);
     bool const hasRange      = header.valueForKey(TS_MIME_FIELD_RANGE, TS_MIME_LEN_RANGE, rangestr, &rangelen,
-                                             0); // <-- first range only
+                                                  0); // <-- first range only
     Config const *const conf = data->m_config;
     if (hasRange) {
       // write parsed header into slicer meta tag
diff --git a/plugins/experimental/slice/slice.h b/plugins/experimental/slice/slice.h
index 4f9df58a382..d2b6a404cf7 100644
--- a/plugins/experimental/slice/slice.h
+++ b/plugins/experimental/slice/slice.h
@@ -34,7 +34,7 @@
 
 #if !defined(UNITTEST)
 
-#define __FILENAME__ (strrchr(__FILE__, '/') ? strrchr(__FILE__, '/') + 1 : __FILE__)
+#define __FILENAME__        (strrchr(__FILE__, '/') ? strrchr(__FILE__, '/') + 1 : __FILE__)
 #define DEBUG_LOG(fmt, ...) TSDebug(PLUGIN_NAME, "[%s:% 4d] %s(): " fmt, __FILENAME__, __LINE__, __func__, ##__VA_ARGS__)
 
 #define ERROR_LOG(fmt, ...)                                                                         \
diff --git a/plugins/experimental/slice/slice_test.cc b/plugins/experimental/slice/slice_test.cc
index 4fcbc5be7bd..27814d66299 100644
--- a/plugins/experimental/slice/slice_test.cc
+++ b/plugins/experimental/slice/slice_test.cc
@@ -117,10 +117,23 @@ testParseRange()
     "bytes 0-1023/146515" // this should be rejected (Content-range)
   };                      // invalid
 
-  std::vector<Range> const exps = {Range{0, 1023 + 1}, Range{1, 1024 + 1}, Range{11, 11 + 1}, Range{1, Range::maxval},
-                                   Range{-1, -1},      Range{3, 17 + 1},   Range{3, 17 + 1},  Range{3, 17 + 1},
-                                   Range{3, 11 + 1},   Range{3, 11 + 1},   Range{0, 1},       Range{-20, 0},
-                                   Range{-1, -1},      Range{-1, -1},      Range{-1, -1}};
+  std::vector<Range> const exps = {
+    Range{0,   1023 + 1     },
+    Range{1,   1024 + 1     },
+    Range{11,  11 + 1       },
+    Range{1,   Range::maxval},
+    Range{-1,  -1           },
+    Range{3,   17 + 1       },
+    Range{3,   17 + 1       },
+    Range{3,   17 + 1       },
+    Range{3,   11 + 1       },
+    Range{3,   11 + 1       },
+    Range{0,   1            },
+    Range{-20, 0            },
+    Range{-1,  -1           },
+    Range{-1,  -1           },
+    Range{-1,  -1           }
+  };
 
   std::vector<bool> const expsres = {true, true, true, true, false, true, true, true, true, true, true, true, false, false, false};
 
diff --git a/plugins/experimental/slice/transfer.cc b/plugins/experimental/slice/transfer.cc
index ce31b754031..cb6a33c79cc 100644
--- a/plugins/experimental/slice/transfer.cc
+++ b/plugins/experimental/slice/transfer.cc
@@ -39,8 +39,8 @@ transfer_content_bytes(Data *const data)
     if (0 < toskip) {
       TSIOBufferReaderConsume(reader, toskip);
       data->m_blockskip -= toskip;
-      avail -= toskip;
-      consumed += toskip;
+      avail             -= toskip;
+      consumed          += toskip;
     }
   }
 
@@ -55,7 +55,7 @@ transfer_content_bytes(Data *const data)
       data->m_bytessent += copied;
       TSIOBufferReaderConsume(reader, copied);
 
-      avail -= copied;
+      avail    -= copied;
       consumed += copied;
     }
   }
diff --git a/plugins/experimental/slice/unit-tests/slice_test.cc b/plugins/experimental/slice/unit-tests/slice_test.cc
index 6f15ce0c48e..d6d43f91e11 100644
--- a/plugins/experimental/slice/unit-tests/slice_test.cc
+++ b/plugins/experimental/slice/unit-tests/slice_test.cc
@@ -103,10 +103,23 @@ testParseRange()
     "bytes 0-1023/146515" // this should be rejected (Content-range)
   };                      // invalid
 
-  std::vector<Range> const exps = {Range{0, 1023 + 1}, Range{1, 1024 + 1}, Range{11, 11 + 1}, Range{1, Range::maxval},
-                                   Range{-1, -1},      Range{3, 17 + 1},   Range{3, 17 + 1},  Range{3, 17 + 1},
-                                   Range{3, 11 + 1},   Range{3, 11 + 1},   Range{0, 1},       Range{-20, 0},
-                                   Range{-1, -1},      Range{-1, -1},      Range{-1, -1}};
+  std::vector<Range> const exps = {
+    Range{0,   1023 + 1     },
+    Range{1,   1024 + 1     },
+    Range{11,  11 + 1       },
+    Range{1,   Range::maxval},
+    Range{-1,  -1           },
+    Range{3,   17 + 1       },
+    Range{3,   17 + 1       },
+    Range{3,   17 + 1       },
+    Range{3,   11 + 1       },
+    Range{3,   11 + 1       },
+    Range{0,   1            },
+    Range{-20, 0            },
+    Range{-1,  -1           },
+    Range{-1,  -1           },
+    Range{-1,  -1           }
+  };
 
   std::vector<bool> const expsres = {true, true, true, true, false, true, true, true, true, true, true, true, false, false, false};
 
diff --git a/plugins/experimental/slice/unit-tests/test_config.cc b/plugins/experimental/slice/unit-tests/test_config.cc
index a085fb73700..753ab8936d8 100644
--- a/plugins/experimental/slice/unit-tests/test_config.cc
+++ b/plugins/experimental/slice/unit-tests/test_config.cc
@@ -41,14 +41,14 @@ TEST_CASE("config bytesfrom valid parsing", "[AWS][slice][utility]")
     "1000", "1m", "5g", "2k", "3kb", "1z",
   };
 
-  constexpr std::array<int64_t, 6> const expvals = {{
-    1000,
-    1024 * 1024,
-    int64_t(1024) * 1024 * 1024 * 5,
-    1024 * 2,
-    1024 * 3,
-    1,
-  }};
+  constexpr std::array<int64_t, 6> const expvals = {
+    {
+     1000, 1024 * 1024,
+     int64_t(1024) * 1024 * 1024 * 5,
+     1024 * 2,
+     1024 * 3,
+     1, }
+  };
 
   for (size_t index = 0; index < teststrings.size(); ++index) {
     std::string const &teststr = teststrings[index];
@@ -90,19 +90,21 @@ TEST_CASE("config fromargs validate sizes", "[AWS][slice][utility]")
   CHECK(blockBytesMin == Config::blockbytesmin);
 
   std::vector<std::string> const argkws                 = {"-b ", "--blockbytes=", "blockbytes:"};
-  std::vector<std::pair<std::string, bool>> const tests = {{"4m", true},
-                                                           {"1", false},
-                                                           {"32m", true},
-                                                           {"64m", true},
-                                                           {"256k", true},
-                                                           {"128m", true},
-                                                           {"10m", true},
-                                                           {std::to_string(blockBytesMax), true},
-                                                           {std::to_string(blockBytesMax + 1), false},
-                                                           {std::to_string(blockBytesMax - 1), true},
-                                                           {std::to_string(blockBytesMin), true},
-                                                           {std::to_string(blockBytesMin + 1), true},
-                                                           {std::to_string(blockBytesMin - 1), false}};
+  std::vector<std::pair<std::string, bool>> const tests = {
+    {"4m",                              true },
+    {"1",                               false},
+    {"32m",                             true },
+    {"64m",                             true },
+    {"256k",                            true },
+    {"128m",                            true },
+    {"10m",                             true },
+    {std::to_string(blockBytesMax),     true },
+    {std::to_string(blockBytesMax + 1), false},
+    {std::to_string(blockBytesMax - 1), true },
+    {std::to_string(blockBytesMin),     true },
+    {std::to_string(blockBytesMin + 1), true },
+    {std::to_string(blockBytesMin - 1), false}
+  };
 
   for (std::string const &kw : argkws) { // test each argument keyword with each test pair
     for (std::pair<std::string, bool> const &test : tests) {
diff --git a/plugins/experimental/slice/unit-tests/test_range.cc b/plugins/experimental/slice/unit-tests/test_range.cc
index d2b1813fe3f..c43f2956fdc 100644
--- a/plugins/experimental/slice/unit-tests/test_range.cc
+++ b/plugins/experimental/slice/unit-tests/test_range.cc
@@ -49,17 +49,17 @@ TEST_CASE("range to/from string - valid", "[AWS][slice][utility]")
   };
 
   std::vector<Range> const exps = {
-    Range{0, 1023 + 1},      //
-    Range{1, 1024 + 1},      //
-    Range{11, 11 + 1},       //
-    Range{1, Range::maxval}, //
-    Range{3, 17 + 1},        //
-    Range{3, 17 + 1},        //
-    Range{3, 17 + 1},        //
-    Range{3, 11 + 1},        //
-    Range{3, 11 + 1},        //
-    Range{0, 1},             //
-    Range{-20, 0}            //
+    Range{0,   1023 + 1     }, //
+    Range{1,   1024 + 1     }, //
+    Range{11,  11 + 1       }, //
+    Range{1,   Range::maxval}, //
+    Range{3,   17 + 1       }, //
+    Range{3,   17 + 1       }, //
+    Range{3,   17 + 1       }, //
+    Range{3,   11 + 1       }, //
+    Range{3,   11 + 1       }, //
+    Range{0,   1            }, //
+    Range{-20, 0            }  //
   };
 
   for (size_t index = 0; index < teststrings.size(); ++index) {
diff --git a/plugins/experimental/ssl_session_reuse/src/session_process.cc b/plugins/experimental/ssl_session_reuse/src/session_process.cc
index 47660f65ec1..7cdeb4cd7ef 100644
--- a/plugins/experimental/ssl_session_reuse/src/session_process.cc
+++ b/plugins/experimental/ssl_session_reuse/src/session_process.cc
@@ -112,7 +112,7 @@ decrypt_session(const std::string &encrypted_data, const unsigned char *key, int
     ssl_sess_ptr += sizeof(int64_t);
 
     // Length
-    ret = *reinterpret_cast<int32_t *>(ssl_sess_ptr);
+    ret          = *reinterpret_cast<int32_t *>(ssl_sess_ptr);
     ssl_sess_ptr += sizeof(int32_t);
 
     len_all = ret + sizeof(int64_t) + sizeof(int32_t);
diff --git a/plugins/experimental/ssl_session_reuse/src/ssl_key_utils.cc b/plugins/experimental/ssl_session_reuse/src/ssl_key_utils.cc
index 282bc339211..f413a27eecb 100644
--- a/plugins/experimental/ssl_session_reuse/src/ssl_key_utils.cc
+++ b/plugins/experimental/ssl_session_reuse/src/ssl_key_utils.cc
@@ -35,7 +35,7 @@
 #include "stek.h"
 #include "common.h"
 
-#define SSL_AES_KEY_SUFFIX "_aes_key"
+#define SSL_AES_KEY_SUFFIX  "_aes_key"
 #define SSL_HMAC_KEY_SUFFIX "_hmac_key"
 
 #define STEK_MAX_ENC_SIZE 512
diff --git a/plugins/experimental/ssl_session_reuse/src/stek.h b/plugins/experimental/ssl_session_reuse/src/stek.h
index f1f9725bb1b..d7a6c07282e 100644
--- a/plugins/experimental/ssl_session_reuse/src/stek.h
+++ b/plugins/experimental/ssl_session_reuse/src/stek.h
@@ -25,8 +25,8 @@
 
 /* STEK - Session Ticket Encryption Key stuff */
 
-#define STEK_ID_NAME "@stek@" // ACTUALLY it is redis channel minus cluster_name prefix, aka mdbm keyname
-#define STEK_ID_RESEND "@resendstek@"
+#define STEK_ID_NAME      "@stek@" // ACTUALLY it is redis channel minus cluster_name prefix, aka mdbm keyname
+#define STEK_ID_RESEND    "@resendstek@"
 #define STEK_MAX_LIFETIME 86400 // 24 hours max - should rotate STEK
 
 #define STEK_NOT_CHANGED_WARNING_INTERVAL (2 * STEK_MAX_LIFETIME) // warn on non-stek rotate every X secs.
diff --git a/plugins/experimental/sslheaders/expand.cc b/plugins/experimental/sslheaders/expand.cc
index 76ea91804e9..146540f28b2 100644
--- a/plugins/experimental/sslheaders/expand.cc
+++ b/plugins/experimental/sslheaders/expand.cc
@@ -41,7 +41,7 @@ x509_expand_certificate(X509 *x509, BIO *bio)
   // The PEM format has newlines in it. mod_ssl replaces those with spaces.
   remain = BIO_get_mem_data(bio, &ptr);
   for (char *nl; (nl = static_cast<char *>(memchr(ptr, '\n', remain))); ptr = nl) {
-    *nl = ' ';
+    *nl    = ' ';
     remain -= nl - ptr;
   }
 }
diff --git a/plugins/experimental/sslheaders/sslheaders.cc b/plugins/experimental/sslheaders/sslheaders.cc
index 933131b0ac2..f5b493d0fc7 100644
--- a/plugins/experimental/sslheaders/sslheaders.cc
+++ b/plugins/experimental/sslheaders/sslheaders.cc
@@ -212,7 +212,7 @@ SslHdrParseOptions(int argc, const char **argv)
 {
   static const struct option longopt[] = {
     {const_cast<char *>("attach"), required_argument, nullptr, 'a'},
-    {nullptr, 0, nullptr, 0},
+    {nullptr,                      0,                 nullptr, 0  },
   };
 
   std::unique_ptr<SslHdrInstance> hdr(new SslHdrInstance());
diff --git a/plugins/experimental/sslheaders/sslheaders.h b/plugins/experimental/sslheaders/sslheaders.h
index c3134aae9cf..a1f1ad377ec 100644
--- a/plugins/experimental/sslheaders/sslheaders.h
+++ b/plugins/experimental/sslheaders/sslheaders.h
@@ -70,10 +70,10 @@ struct SslHdrExpansion {
   ExpansionField field = SSL_HEADERS_FIELD_NONE;
 
   // noncopyable but movable
-  SslHdrExpansion(const SslHdrExpansion &) = delete;
+  SslHdrExpansion(const SslHdrExpansion &)            = delete;
   SslHdrExpansion &operator=(const SslHdrExpansion &) = delete;
   SslHdrExpansion(SslHdrExpansion &&)                 = default;
-  SslHdrExpansion &operator=(SslHdrExpansion &&) = default;
+  SslHdrExpansion &operator=(SslHdrExpansion &&)      = default;
 };
 
 struct SslHdrInstance {
@@ -87,7 +87,7 @@ struct SslHdrInstance {
   TSCont cont;
 
   // noncopyable
-  SslHdrInstance(const SslHdrInstance &) = delete;
+  SslHdrInstance(const SslHdrInstance &)            = delete;
   SslHdrInstance &operator=(const SslHdrInstance &) = delete;
 };
 
diff --git a/plugins/experimental/sslheaders/unit_tests/test_sslheaders.cc b/plugins/experimental/sslheaders/unit_tests/test_sslheaders.cc
index 221adf843af..c6330def0b8 100644
--- a/plugins/experimental/sslheaders/unit_tests/test_sslheaders.cc
+++ b/plugins/experimental/sslheaders/unit_tests/test_sslheaders.cc
@@ -79,7 +79,7 @@ make_pem_header(const char *pem)
   remain    = strlen(hdr);
 
   for (char *nl; (nl = static_cast<char *>(memchr(ptr, '\n', remain))); ptr = nl) {
-    *nl = ' ';
+    *nl    = ' ';
     remain -= nl - ptr;
   }
 
diff --git a/plugins/experimental/sslheaders/util.cc b/plugins/experimental/sslheaders/util.cc
index 14e215ffb1c..66f29aaee7e 100644
--- a/plugins/experimental/sslheaders/util.cc
+++ b/plugins/experimental/sslheaders/util.cc
@@ -29,15 +29,17 @@ struct _f {
   const char *name;
   ExpansionField field;
 };
-const std::array<_f, SSL_HEADERS_FIELD_MAX - 1> fields = {{
-  {"certificate", SSL_HEADERS_FIELD_CERTIFICATE},
-  {"subject", SSL_HEADERS_FIELD_SUBJECT},
-  {"issuer", SSL_HEADERS_FIELD_ISSUER},
-  {"serial", SSL_HEADERS_FIELD_SERIAL},
-  {"signature", SSL_HEADERS_FIELD_SIGNATURE},
-  {"notbefore", SSL_HEADERS_FIELD_NOTBEFORE},
-  {"notafter", SSL_HEADERS_FIELD_NOTAFTER},
-}};
+const std::array<_f, SSL_HEADERS_FIELD_MAX - 1> fields = {
+  {
+   {"certificate", SSL_HEADERS_FIELD_CERTIFICATE},
+   {"subject", SSL_HEADERS_FIELD_SUBJECT},
+   {"issuer", SSL_HEADERS_FIELD_ISSUER},
+   {"serial", SSL_HEADERS_FIELD_SERIAL},
+   {"signature", SSL_HEADERS_FIELD_SIGNATURE},
+   {"notbefore", SSL_HEADERS_FIELD_NOTBEFORE},
+   {"notafter", SSL_HEADERS_FIELD_NOTAFTER},
+   }
+};
 } // namespace
 
 bool
diff --git a/plugins/experimental/statichit/statichit.cc b/plugins/experimental/statichit/statichit.cc
index 7b2824f5547..ddb2f8aa158 100644
--- a/plugins/experimental/statichit/statichit.cc
+++ b/plugins/experimental/statichit/statichit.cc
@@ -660,13 +660,15 @@ TSRemapDoRemap(void *ih, TSHttpTxn rh, TSRemapRequestInfo *rri)
 TSReturnCode
 TSRemapNewInstance(int argc, char *argv[], void **ih, char * /* errbuf ATS_UNUSED */, int /* errbuf_size ATS_UNUSED */)
 {
-  static const struct option longopt[] = {{"file-path", required_argument, nullptr, 'f'},
-                                          {"mime-type", required_argument, nullptr, 'm'},
-                                          {"max-age", required_argument, nullptr, 'a'},
-                                          {"failure-code", required_argument, nullptr, 'c'},
-                                          {"success-code", required_argument, nullptr, 's'},
-                                          {"disable-exact", no_argument, nullptr, 'd'},
-                                          {nullptr, no_argument, nullptr, '\0'}};
+  static const struct option longopt[] = {
+    {"file-path",     required_argument, nullptr, 'f' },
+    {"mime-type",     required_argument, nullptr, 'm' },
+    {"max-age",       required_argument, nullptr, 'a' },
+    {"failure-code",  required_argument, nullptr, 'c' },
+    {"success-code",  required_argument, nullptr, 's' },
+    {"disable-exact", no_argument,       nullptr, 'd' },
+    {nullptr,         no_argument,       nullptr, '\0'}
+  };
 
   std::string filePath;
   std::string mimeType = "text/plain";
diff --git a/plugins/experimental/stek_share/log_store.cc b/plugins/experimental/stek_share/log_store.cc
index 0bd31673a1f..135930d1a91 100644
--- a/plugins/experimental/stek_share/log_store.cc
+++ b/plugins/experimental/stek_share/log_store.cc
@@ -190,7 +190,7 @@ STEKShareLogStore::pack(uint64_t index, int32_t cnt)
     }
     assert(le.get());
     nuraft::ptr<nuraft::buffer> buf = le->serialize();
-    size_total += buf->size();
+    size_total                      += buf->size();
     logs.push_back(buf);
   }
 
diff --git a/plugins/experimental/stek_share/stek_share.cc b/plugins/experimental/stek_share/stek_share.cc
index 810c4f75ba9..669b54d4583 100644
--- a/plugins/experimental/stek_share/stek_share.cc
+++ b/plugins/experimental/stek_share/stek_share.cc
@@ -198,7 +198,7 @@ set_server_info(int argc, const char *argv[])
     }
 
     std::string cluster_list_str = "";
-    cluster_list_str += "\nSTEK Share Cluster Server List:";
+    cluster_list_str             += "\nSTEK Share Cluster Server List:";
     for (auto it = server_list.begin(); it != server_list.end(); ++it) {
       YAML::Node server_info = it->as<YAML::Node>();
       if (server_info["server_id"] && server_info["address"] && server_info["port"]) {
@@ -207,7 +207,7 @@ set_server_info(int argc, const char *argv[])
         int port                                  = server_info["port"].as<int>();
         std::string endpoint                      = address + ":" + std::to_string(port);
         stek_share_server.server_list_[server_id] = endpoint;
-        cluster_list_str += "\n  " + std::to_string(server_id) + ", " + endpoint;
+        cluster_list_str                          += "\n  " + std::to_string(server_id) + ", " + endpoint;
       } else {
         TSDebug(PLUGIN, "Wrong server list format.");
         return -1;
@@ -302,8 +302,8 @@ print_status()
   // For debugging
   nuraft::ptr<nuraft::log_store> ls = stek_share_server.smgr_->load_log_store();
   std::string status_str            = "";
-  status_str += "\n  Server ID: " + std::to_string(stek_share_server.server_id_);
-  status_str += "\n  Leader ID: " + std::to_string(stek_share_server.raft_instance_->get_leader());
+  status_str                        += "\n  Server ID: " + std::to_string(stek_share_server.server_id_);
+  status_str                        += "\n  Leader ID: " + std::to_string(stek_share_server.raft_instance_->get_leader());
   status_str += "\n  Raft log range: " + std::to_string(ls->start_index()) + " - " + std::to_string((ls->next_slot() - 1));
   status_str += "\n  Last committed index: " + std::to_string(stek_share_server.raft_instance_->get_committed_log_idx());
   TSDebug(PLUGIN, "%s", status_str.c_str());
diff --git a/plugins/experimental/stek_share/stek_utils.h b/plugins/experimental/stek_share/stek_utils.h
index c51a73bbbd8..96cb05364d7 100644
--- a/plugins/experimental/stek_share/stek_utils.h
+++ b/plugins/experimental/stek_share/stek_utils.h
@@ -25,9 +25,9 @@
 #pragma once
 
 /* STEK - Session Ticket Encryption Key stuff */
-#define STEK_MAX_LIFETIME 86400                                   // 24 hours max - should rotate STEK
+#define STEK_MAX_LIFETIME                 86400                   // 24 hours max - should rotate STEK
 #define STEK_NOT_CHANGED_WARNING_INTERVAL (2 * STEK_MAX_LIFETIME) // warn on non-stek rotate every X secs.
-#define STEK_MAX_ENC_SIZE 512
+#define STEK_MAX_ENC_SIZE                 512
 
 #define SSL_KEY_LEN 16
 
diff --git a/plugins/experimental/stream_editor/stream_editor.cc b/plugins/experimental/stream_editor/stream_editor.cc
index e6e524e95cc..2436bf6a424 100644
--- a/plugins/experimental/stream_editor/stream_editor.cc
+++ b/plugins/experimental/stream_editor/stream_editor.cc
@@ -85,8 +85,8 @@
  *   The double-colons delimit flags, of which none are used in this example.
  */
 #define MAX_CONFIG_LINE 1024
-#define MAX_RX_MATCH 10
-#define WHITESPACE " \t\r\n"
+#define MAX_RX_MATCH    10
+#define WHITESPACE      " \t\r\n"
 
 #include <cstdint>
 
@@ -408,7 +408,7 @@ class rule_t
 
     if (len_spec) {
       match_len = 0;
-      len_spec += 4;
+      len_spec  += 4;
       while (isdigit(*len_spec)) {
         match_len = 10 * match_len + (*len_spec++ - '0');
       }
@@ -479,7 +479,7 @@ class rule_t
     }
 
     to_spec += 3;
-    delim = *to_spec;
+    delim   = *to_spec;
     if (isalnum(delim)) {
       len = strcspn(to_spec, WHITESPACE);
     } else {
@@ -635,9 +635,9 @@ process_block(contdata_t *contdata, TSIOBufferReader reader)
       //        so we could use TSIOBufferCopy ?
       n = TSIOBufferWrite(contdata->out_buf, buf + bytes_read, start);
       assert(n > 0); // FIXME - handle error
-      bytes_read += n;
+      bytes_read          += n;
       contdata->bytes_out += n;
-      start -= n;
+      start               -= n;
     }
 
     /* omit deleted bytes */
@@ -654,10 +654,10 @@ process_block(contdata_t *contdata, TSIOBufferReader reader)
 
   /* data after the last edit */
   if (bytes_read < buflen - keep) {
-    n = TSIOBufferWrite(contdata->out_buf, buf + bytes_read, buflen - bytes_read - keep);
-    contdata->bytes_in += n;
+    n                   = TSIOBufferWrite(contdata->out_buf, buf + bytes_read, buflen - bytes_read - keep);
+    contdata->bytes_in  += n;
     contdata->bytes_out += n;
-    bytes_read += n;
+    bytes_read          += n;
   }
   /* reset buf to what we've not processed */
   contdata->contbuf = buf + bytes_read;
diff --git a/plugins/experimental/system_stats/system_stats.c b/plugins/experimental/system_stats/system_stats.c
index f15cc8751a1..347e75e866f 100644
--- a/plugins/experimental/system_stats/system_stats.c
+++ b/plugins/experimental/system_stats/system_stats.c
@@ -41,14 +41,14 @@
 #include <limits.h>
 
 #define PLUGIN_NAME "system_stats"
-#define DEBUG_TAG PLUGIN_NAME
+#define DEBUG_TAG   PLUGIN_NAME
 
 // Time in MS to grab the system stats
 #define SYSTEM_STATS_TIMEOUT 5000
 
 // Load Average Strings
-#define LOAD_AVG_ONE_MIN "plugin." PLUGIN_NAME ".loadavg.one"
-#define LOAD_AVG_FIVE_MIN "plugin." PLUGIN_NAME ".loadavg.five"
+#define LOAD_AVG_ONE_MIN     "plugin." PLUGIN_NAME ".loadavg.one"
+#define LOAD_AVG_FIVE_MIN    "plugin." PLUGIN_NAME ".loadavg.five"
 #define LOAD_AVG_FIFTEEN_MIN "plugin." PLUGIN_NAME ".loadavg.fifteen"
 
 // Process Strings
@@ -58,7 +58,7 @@
 // with NET_STATS.infname.RX/TX.standard_net_stats field
 #define NET_STATS "plugin." PLUGIN_NAME ".net."
 
-#define NET_STATS_DIR "/sys/class/net"
+#define NET_STATS_DIR  "/sys/class/net"
 #define STATISTICS_DIR "statistics"
 
 // Used for matching to slave (old name) and lower (new name) symlinks
diff --git a/plugins/experimental/traffic_dump/session_data.cc b/plugins/experimental/traffic_dump/session_data.cc
index eceb9d4ccc9..3cbac0f619c 100644
--- a/plugins/experimental/traffic_dump/session_data.cc
+++ b/plugins/experimental/traffic_dump/session_data.cc
@@ -47,31 +47,35 @@ char const constexpr *const json_closing = "]}]}";
  * A mapping from IP_PROTO_TAG to the string describing the JSON protocol node.
  */
 std::unordered_map<std::string_view, std::string> tag_to_node = {
-  {IP_PROTO_TAG_IPV4, R"("name":"ip","version":"4")"},
-  {IP_PROTO_TAG_IPV6, R"("name":"ip","version":"6")"},
+  {IP_PROTO_TAG_IPV4,      R"("name":"ip","version":"4")"    },
+  {IP_PROTO_TAG_IPV6,      R"("name":"ip","version":"6")"    },
 
-  {IP_PROTO_TAG_TCP, R"("name":"tcp")"},
-  {IP_PROTO_TAG_UDP, R"("name":"udp")"},
+  {IP_PROTO_TAG_TCP,       R"("name":"tcp")"                 },
+  {IP_PROTO_TAG_UDP,       R"("name":"udp")"                 },
 
-  {IP_PROTO_TAG_QUIC, R"("name:":"quic")"},
+  {IP_PROTO_TAG_QUIC,      R"("name:":"quic")"               },
 
-  {IP_PROTO_TAG_TLS_1_0, R"("name":"tls","version":"1.0")"},
-  {IP_PROTO_TAG_TLS_1_1, R"("name":"tls","version":"1.1")"},
-  {IP_PROTO_TAG_TLS_1_2, R"("name":"tls","version":"1.2")"},
-  {IP_PROTO_TAG_TLS_1_3, R"("name":"tls","version":"1.3")"},
+  {IP_PROTO_TAG_TLS_1_0,   R"("name":"tls","version":"1.0")" },
+  {IP_PROTO_TAG_TLS_1_1,   R"("name":"tls","version":"1.1")" },
+  {IP_PROTO_TAG_TLS_1_2,   R"("name":"tls","version":"1.2")" },
+  {IP_PROTO_TAG_TLS_1_3,   R"("name":"tls","version":"1.3")" },
 
-  {IP_PROTO_TAG_HTTP_0_9, R"("name":"http","version":"0.9")"},
-  {IP_PROTO_TAG_HTTP_1_0, R"("name":"http","version":"1.0")"},
-  {IP_PROTO_TAG_HTTP_1_1, R"("name":"http","version":"1.1")"},
-  {IP_PROTO_TAG_HTTP_2_0, R"("name":"http","version":"2")"},
+  {IP_PROTO_TAG_HTTP_0_9,  R"("name":"http","version":"0.9")"},
+  {IP_PROTO_TAG_HTTP_1_0,  R"("name":"http","version":"1.0")"},
+  {IP_PROTO_TAG_HTTP_1_1,  R"("name":"http","version":"1.1")"},
+  {IP_PROTO_TAG_HTTP_2_0,  R"("name":"http","version":"2")"  },
 
   {IP_PROTO_TAG_HTTP_QUIC, R"("name":"http","version":"0.9")"},
-  {IP_PROTO_TAG_HTTP_3, R"("name":"http","version":"3")"},
+  {IP_PROTO_TAG_HTTP_3,    R"("name":"http","version":"3")"  },
 };
 
 std::unordered_map<std::string_view, std::string> http_tag_to_version = {
-  {IP_PROTO_TAG_HTTP_0_9, "0.9"}, {IP_PROTO_TAG_HTTP_1_0, "1.0"},  {IP_PROTO_TAG_HTTP_1_1, "1.1"},
-  {IP_PROTO_TAG_HTTP_2_0, "2"},   {IP_PROTO_TAG_HTTP_QUIC, "0.9"}, {IP_PROTO_TAG_HTTP_3, "3"},
+  {IP_PROTO_TAG_HTTP_0_9,  "0.9"},
+  {IP_PROTO_TAG_HTTP_1_0,  "1.0"},
+  {IP_PROTO_TAG_HTTP_1_1,  "1.1"},
+  {IP_PROTO_TAG_HTTP_2_0,  "2"  },
+  {IP_PROTO_TAG_HTTP_QUIC, "0.9"},
+  {IP_PROTO_TAG_HTTP_3,    "3"  },
 };
 
 /** Create a TLS characteristics node.
@@ -334,7 +338,7 @@ SessionData::write_to_disk_no_lock(std::string_view content)
     if (TS_SUCCESS == TSAIOWrite(log_fd, write_offset, pBuf, content.size(), aio_cont)) {
       // Update offset within file and aio events count
       write_offset += content.size();
-      aio_count += 1;
+      aio_count    += 1;
 
       return TS_SUCCESS;
     }
diff --git a/plugins/experimental/traffic_dump/traffic_dump.cc b/plugins/experimental/traffic_dump/traffic_dump.cc
index 3a392f65b4c..11d01929682 100644
--- a/plugins/experimental/traffic_dump/traffic_dump.cc
+++ b/plugins/experimental/traffic_dump/traffic_dump.cc
@@ -95,16 +95,18 @@ TSPluginInit(int argc, char const *argv[])
   std::string client_ip_filter;
 
   /// Commandline options
-  static const struct option longopts[] = {{"dump_body", no_argument, nullptr, 'b'},
-                                           {"logdir", required_argument, nullptr, 'l'},
-                                           {"sample", required_argument, nullptr, 's'},
-                                           {"limit", required_argument, nullptr, 'm'},
-                                           {"sensitive-fields", required_argument, nullptr, 'f'},
-                                           {"sni-filter", required_argument, nullptr, 'n'},
-                                           {"client_ipv4", required_argument, nullptr, '4'},
-                                           {"client_ipv6", required_argument, nullptr, '6'},
-                                           {nullptr, no_argument, nullptr, 0}};
-  int opt                               = 0;
+  static const struct option longopts[] = {
+    {"dump_body",        no_argument,       nullptr, 'b'},
+    {"logdir",           required_argument, nullptr, 'l'},
+    {"sample",           required_argument, nullptr, 's'},
+    {"limit",            required_argument, nullptr, 'm'},
+    {"sensitive-fields", required_argument, nullptr, 'f'},
+    {"sni-filter",       required_argument, nullptr, 'n'},
+    {"client_ipv4",      required_argument, nullptr, '4'},
+    {"client_ipv6",      required_argument, nullptr, '6'},
+    {nullptr,            no_argument,       nullptr, 0  }
+  };
+  int opt = 0;
   while (opt >= 0) {
     opt = getopt_long(argc, const_cast<char *const *>(argv), "bf:l:s:m:n:4:6", longopts, nullptr);
     switch (opt) {
diff --git a/plugins/experimental/traffic_dump/transaction_data.cc b/plugins/experimental/traffic_dump/transaction_data.cc
index 5c4cbf5e453..a0f0d89149f 100644
--- a/plugins/experimental/traffic_dump/transaction_data.cc
+++ b/plugins/experimental/traffic_dump/transaction_data.cc
@@ -129,7 +129,7 @@ TransactionData::get_sensitive_field_description()
     if (!is_first) {
       sensitive_fields_string += ", ";
     }
-    is_first = false;
+    is_first                = false;
     sensitive_fields_string += field;
   }
   return sensitive_fields_string;
@@ -201,7 +201,7 @@ TransactionData::write_message_node_no_content(TSMBuffer &buffer, TSMLoc &hdr_lo
   result += R"("version":")";
   if (http_version.empty()) {
     int version = TSHttpHdrVersionGet(buffer, hdr_loc);
-    result += std::to_string(TS_HTTP_MAJOR(version)) + "." + std::to_string(TS_HTTP_MINOR(version));
+    result      += std::to_string(TS_HTTP_MAJOR(version)) + "." + std::to_string(TS_HTTP_MINOR(version));
   } else {
     result += http_version;
   }
@@ -244,12 +244,12 @@ TransactionData::write_message_node_no_content(TSMBuffer &buffer, TSMLoc &hdr_lo
     // 2. "status":(string)
     result += R"("status":)" + std::to_string(TSHttpHdrStatusGet(buffer, hdr_loc));
     // 3. "reason":(string)
-    cp = TSHttpHdrReasonGet(buffer, hdr_loc, &len);
+    cp     = TSHttpHdrReasonGet(buffer, hdr_loc, &len);
     result += ',' + traffic_dump::json_entry("reason", cp, len);
   }
 
   // "headers": [[name(string), value(string)]]
-  result += R"(,"headers":{"encoding":"esc_json", "fields": [)";
+  result           += R"(,"headers":{"encoding":"esc_json", "fields": [)";
   TSMLoc field_loc = TSMimeHdrFieldGet(buffer, hdr_loc, 0);
   while (field_loc) {
     TSMLoc next_field_loc;
@@ -262,7 +262,7 @@ TransactionData::write_message_node_no_content(TSMBuffer &buffer, TSMLoc &hdr_lo
       value = TSMimeHdrFieldValueStringGet(buffer, hdr_loc, field_loc, -1, &value_len);
       std::string_view value_view{value, static_cast<size_t>(value_len)};
       std::string_view new_value = replace_sensitive_fields(name_view, value_view);
-      result += traffic_dump::json_entry_array(name_view, new_value);
+      result                     += traffic_dump::json_entry_array(name_view, new_value);
     }
 
     next_field_loc = TSMimeHdrFieldNext(buffer, hdr_loc, field_loc);
@@ -278,7 +278,7 @@ std::string
 TransactionData::write_message_node(TSMBuffer &buffer, TSMLoc &hdr_loc, int64_t num_body_bytes, std::string_view http_version)
 {
   std::string result = write_message_node_no_content(buffer, hdr_loc, http_version);
-  result += write_content_node(num_body_bytes);
+  result             += write_content_node(num_body_bytes);
   return result + "}";
 }
 
@@ -286,7 +286,7 @@ std::string
 TransactionData::write_message_node(TSMBuffer &buffer, TSMLoc &hdr_loc, std::string_view body, std::string_view http_version)
 {
   std::string result = write_message_node_no_content(buffer, hdr_loc, http_version);
-  result += write_content_node(body);
+  result             += write_content_node(body);
   return result + "}";
 }
 
@@ -437,8 +437,8 @@ TransactionData::global_transaction_handler(TSCont contp, TSEvent event, void *e
     // The uuid is a header field for each message in the transaction. Use the
     // "all" node to apply to each message.
     std::string_view name = "uuid";
-    txnData->_txn_json += R"(,"all":{"headers":{"fields":[)" + json_entry_array(name, uuid_view);
-    txnData->_txn_json += "]}}";
+    txnData->_txn_json    += R"(,"all":{"headers":{"fields":[)" + json_entry_array(name, uuid_view);
+    txnData->_txn_json    += "]}}";
     break;
   }
 
diff --git a/plugins/experimental/uri_signing/common.h b/plugins/experimental/uri_signing/common.h
index 9a51bb61b97..abc87f7fbde 100644
--- a/plugins/experimental/uri_signing/common.h
+++ b/plugins/experimental/uri_signing/common.h
@@ -26,14 +26,14 @@
 
 #define PluginDebug(fmt, ...) PrintToStdErr("(%s) %s:%d:%s() " fmt "\n", PLUGIN_NAME, __FILE__, __LINE__, __func__, ##__VA_ARGS__)
 #define PluginError(fmt, ...) PrintToStdErr("(%s) %s:%d:%s() " fmt "\n", PLUGIN_NAME, __FILE__, __LINE__, __func__, ##__VA_ARGS__)
-#define TSmalloc(x) malloc(x)
-#define TSfree(p) free(p)
+#define TSmalloc(x)           malloc(x)
+#define TSfree(p)             free(p)
 void PrintToStdErr(const char *fmt, ...);
 
 #else
 
 #include "ts/ts.h"
-#define __FILENAME__ (strrchr(__FILE__, '/') ? strrchr(__FILE__, '/') + 1 : __FILE__)
+#define __FILENAME__          (strrchr(__FILE__, '/') ? strrchr(__FILE__, '/') + 1 : __FILE__)
 #define PluginDebug(fmt, ...) TSDebug(PLUGIN_NAME, "[%s:% 4d] %s(): " fmt, __FILENAME__, __LINE__, __func__, ##__VA_ARGS__);
 #define PluginError(fmt, ...)      \
   PluginDebug(fmt, ##__VA_ARGS__); \
diff --git a/plugins/experimental/uri_signing/config.c b/plugins/experimental/uri_signing/config.c
index 31891b20af9..64deda64c92 100644
--- a/plugins/experimental/uri_signing/config.c
+++ b/plugins/experimental/uri_signing/config.c
@@ -30,7 +30,7 @@
 
 #define JSONError(err) PluginError("json-err: %s:%d:%d: %s", (err).source, (err).line, (err).column, (err).text)
 
-#define AUTH_DENY 0
+#define AUTH_DENY  0
 #define AUTH_ALLOW 1
 struct auth_directive {
   char auth;
diff --git a/plugins/experimental/uri_signing/unit_tests/uri_signing_test.cc b/plugins/experimental/uri_signing/unit_tests/uri_signing_test.cc
index 9c78ed6426e..d57136f4cb5 100644
--- a/plugins/experimental/uri_signing/unit_tests/uri_signing_test.cc
+++ b/plugins/experimental/uri_signing/unit_tests/uri_signing_test.cc
@@ -362,7 +362,10 @@ TEST_CASE("2", "[JWSFromURLTest]")
                                 "URISigningPackage", NULL));
   }
 
-  SECTION("Empty string as URL") { REQUIRE(!jws_parsing_helper("", "URISigningPackage", NULL)); }
+  SECTION("Empty string as URL")
+  {
+    REQUIRE(!jws_parsing_helper("", "URISigningPackage", NULL));
+  }
 
   SECTION("Empty package name to parser")
   {
@@ -432,41 +435,95 @@ TEST_CASE("3", "[RemoveDotSegmentsTest]")
 {
   INFO("TEST 3, Test Removal of Dot Segments From Paths");
 
-  SECTION("../bar test") { REQUIRE(remove_dot_helper("../bar", "bar")); }
+  SECTION("../bar test")
+  {
+    REQUIRE(remove_dot_helper("../bar", "bar"));
+  }
 
-  SECTION("./bar test") { REQUIRE(remove_dot_helper("./bar", "bar")); }
+  SECTION("./bar test")
+  {
+    REQUIRE(remove_dot_helper("./bar", "bar"));
+  }
 
-  SECTION(".././bar test") { REQUIRE(remove_dot_helper(".././bar", "bar")); }
+  SECTION(".././bar test")
+  {
+    REQUIRE(remove_dot_helper(".././bar", "bar"));
+  }
 
-  SECTION("./../bar test") { REQUIRE(remove_dot_helper("./../bar", "bar")); }
+  SECTION("./../bar test")
+  {
+    REQUIRE(remove_dot_helper("./../bar", "bar"));
+  }
 
-  SECTION("/foo/./bar test") { REQUIRE(remove_dot_helper("/foo/./bar", "/foo/bar")); }
+  SECTION("/foo/./bar test")
+  {
+    REQUIRE(remove_dot_helper("/foo/./bar", "/foo/bar"));
+  }
 
-  SECTION("/bar/./ test") { REQUIRE(remove_dot_helper("/bar/./", "/bar/")); }
+  SECTION("/bar/./ test")
+  {
+    REQUIRE(remove_dot_helper("/bar/./", "/bar/"));
+  }
 
-  SECTION("/. test") { REQUIRE(remove_dot_helper("/.", "/")); }
+  SECTION("/. test")
+  {
+    REQUIRE(remove_dot_helper("/.", "/"));
+  }
 
-  SECTION("/bar/. test") { REQUIRE(remove_dot_helper("/bar/.", "/bar/")); }
+  SECTION("/bar/. test")
+  {
+    REQUIRE(remove_dot_helper("/bar/.", "/bar/"));
+  }
 
-  SECTION("/foo/../bar test") { REQUIRE(remove_dot_helper("/foo/../bar", "/bar")); }
+  SECTION("/foo/../bar test")
+  {
+    REQUIRE(remove_dot_helper("/foo/../bar", "/bar"));
+  }
 
-  SECTION("/bar/../ test") { REQUIRE(remove_dot_helper("/bar/../", "/")); }
+  SECTION("/bar/../ test")
+  {
+    REQUIRE(remove_dot_helper("/bar/../", "/"));
+  }
 
-  SECTION("/.. test") { REQUIRE(remove_dot_helper("/..", "/")); }
+  SECTION("/.. test")
+  {
+    REQUIRE(remove_dot_helper("/..", "/"));
+  }
 
-  SECTION("/bar/.. test") { REQUIRE(remove_dot_helper("/bar/..", "/")); }
+  SECTION("/bar/.. test")
+  {
+    REQUIRE(remove_dot_helper("/bar/..", "/"));
+  }
 
-  SECTION("/foo/bar/.. test") { REQUIRE(remove_dot_helper("/foo/bar/..", "/foo/")); }
+  SECTION("/foo/bar/.. test")
+  {
+    REQUIRE(remove_dot_helper("/foo/bar/..", "/foo/"));
+  }
 
-  SECTION("Single . test") { REQUIRE(remove_dot_helper(".", "")); }
+  SECTION("Single . test")
+  {
+    REQUIRE(remove_dot_helper(".", ""));
+  }
 
-  SECTION("Single .. test") { REQUIRE(remove_dot_helper("..", "")); }
+  SECTION("Single .. test")
+  {
+    REQUIRE(remove_dot_helper("..", ""));
+  }
 
-  SECTION("Test foo/bar/.. test") { REQUIRE(remove_dot_helper("foo/bar/..", "foo/")); }
+  SECTION("Test foo/bar/.. test")
+  {
+    REQUIRE(remove_dot_helper("foo/bar/..", "foo/"));
+  }
 
-  SECTION("Test Empty Path Segment") { REQUIRE(remove_dot_helper("", "")); }
+  SECTION("Test Empty Path Segment")
+  {
+    REQUIRE(remove_dot_helper("", ""));
+  }
 
-  SECTION("Test mixed operations") { REQUIRE(remove_dot_helper("/foo/bar/././something/../foobar", "/foo/bar/foobar")); }
+  SECTION("Test mixed operations")
+  {
+    REQUIRE(remove_dot_helper("/foo/bar/././something/../foobar", "/foo/bar/foobar"));
+  }
   fprintf(stderr, "\n");
 }
 
@@ -474,11 +531,20 @@ TEST_CASE("4", "[NormalizeTest]")
 {
   INFO("TEST 4, Test Normalization of URIs");
 
-  SECTION("Testing passing too small of a URI to normalize") { REQUIRE(!normalize_uri_helper("ht", NULL)); }
+  SECTION("Testing passing too small of a URI to normalize")
+  {
+    REQUIRE(!normalize_uri_helper("ht", NULL));
+  }
 
-  SECTION("Testing passing non http/https protocol") { REQUIRE(!normalize_uri_helper("ht:", NULL)); }
+  SECTION("Testing passing non http/https protocol")
+  {
+    REQUIRE(!normalize_uri_helper("ht:", NULL));
+  }
 
-  SECTION("Passing a uri with half encoded value at end") { REQUIRE(!normalize_uri_helper("http://www.foobar.co%4", NULL)); }
+  SECTION("Passing a uri with half encoded value at end")
+  {
+    REQUIRE(!normalize_uri_helper("http://www.foobar.co%4", NULL));
+  }
 
   SECTION("Passing a uri with half encoded value in the middle")
   {
@@ -555,13 +621,25 @@ TEST_CASE("4", "[NormalizeTest]")
                                  "https://foo:something@kellogstester.com/here"));
   }
 
-  SECTION("Testing empty hostname with userinfon") { REQUIRE(!normalize_uri_helper("https://foo:something@", NULL)); }
+  SECTION("Testing empty hostname with userinfon")
+  {
+    REQUIRE(!normalize_uri_helper("https://foo:something@", NULL));
+  }
 
-  SECTION("Testing empty uri after http://") { REQUIRE(!normalize_uri_helper("http://", NULL)); }
+  SECTION("Testing empty uri after http://")
+  {
+    REQUIRE(!normalize_uri_helper("http://", NULL));
+  }
 
-  SECTION("Testing http:///////") { REQUIRE(!normalize_uri_helper("http:///////", NULL)); }
+  SECTION("Testing http:///////")
+  {
+    REQUIRE(!normalize_uri_helper("http:///////", NULL));
+  }
 
-  SECTION("Testing empty uri after http://?/") { REQUIRE(!normalize_uri_helper("http://?/", NULL)); }
+  SECTION("Testing empty uri after http://?/")
+  {
+    REQUIRE(!normalize_uri_helper("http://?/", NULL));
+  }
   fprintf(stderr, "\n");
 }
 
@@ -575,9 +653,15 @@ TEST_CASE("5", "[RegexTests]")
                         "http://kelloggsTester.souza.local/KellogsDir/some_manifest.m3u8"));
   }
 
-  SECTION("Back references are not supported") { REQUIRE(!match_regex("(b*a)\\1$", "bbbbba")); }
+  SECTION("Back references are not supported")
+  {
+    REQUIRE(!match_regex("(b*a)\\1$", "bbbbba"));
+  }
 
-  SECTION("Escape a special character") { REQUIRE(match_regex("money\\$", "money$bags")); }
+  SECTION("Escape a special character")
+  {
+    REQUIRE(match_regex("money\\$", "money$bags"));
+  }
 
   SECTION("Dollar sign")
   {
@@ -591,7 +675,10 @@ TEST_CASE("5", "[RegexTests]")
     REQUIRE(!match_regex("(abab){2}", "abab"));
   }
 
-  SECTION("Alternation") { REQUIRE(match_regex("cat|dog", "dog")); }
+  SECTION("Alternation")
+  {
+    REQUIRE(match_regex("cat|dog", "dog"));
+  }
   fprintf(stderr, "\n");
 }
 
diff --git a/plugins/experimental/url_sig/url_sig.c b/plugins/experimental/url_sig/url_sig.c
index 892c95ffcae..a8262fbe248 100644
--- a/plugins/experimental/url_sig/url_sig.c
+++ b/plugins/experimental/url_sig/url_sig.c
@@ -642,7 +642,7 @@ TSRemapDoRemap(void *ih, TSHttpTxn txnp, TSRemapRequestInfo *rri)
   const char *cp = strstr(query, CIP_QSTRING "=");
   const char *pp = NULL;
   if (cp != NULL) {
-    cp += (strlen(CIP_QSTRING) + 1);
+    cp                        += (strlen(CIP_QSTRING) + 1);
     struct sockaddr const *ip = TSHttpTxnClientAddrGet(txnp);
     if (ip == NULL) {
       TSError("Can't get client ip address.");
@@ -709,7 +709,7 @@ TSRemapDoRemap(void *ih, TSHttpTxn txnp, TSRemapRequestInfo *rri)
   // Algorithm
   cp = strstr(query, ALG_QSTRING "=");
   if (cp != NULL) {
-    cp += strlen(ALG_QSTRING) + 1;
+    cp        += strlen(ALG_QSTRING) + 1;
     algorithm = atoi(cp);
     // The check for a valid algorithm is later.
     TSDebug(PLUGIN_NAME, "Algorithm: %d", algorithm);
@@ -720,7 +720,7 @@ TSRemapDoRemap(void *ih, TSHttpTxn txnp, TSRemapRequestInfo *rri)
   // Key index
   cp = strstr(query, KIN_QSTRING "=");
   if (cp != NULL) {
-    cp += strlen(KIN_QSTRING) + 1;
+    cp       += strlen(KIN_QSTRING) + 1;
     keyindex = atoi(cp);
     if (keyindex < 0 || keyindex >= MAX_KEY_NUM || 0 == cfg->keys[keyindex][0]) {
       err_log(url, "Invalid key index");
@@ -735,7 +735,7 @@ TSRemapDoRemap(void *ih, TSHttpTxn txnp, TSRemapRequestInfo *rri)
   const char *parts = NULL;
   cp                = strstr(query, PAR_QSTRING "=");
   if (cp != NULL) {
-    cp += strlen(PAR_QSTRING) + 1;
+    cp    += strlen(PAR_QSTRING) + 1;
     parts = cp; // NOTE parts is not NULL terminated it is terminated by "&" of next param
     has_path_params == false ? (cp = strstr(parts, "&")) : (cp = strstr(parts, ";"));
     if (cp) {
@@ -751,7 +751,7 @@ TSRemapDoRemap(void *ih, TSHttpTxn txnp, TSRemapRequestInfo *rri)
   const char *signature = NULL;
   cp                    = strstr(query, SIG_QSTRING "=");
   if (cp != NULL) {
-    cp += strlen(SIG_QSTRING) + 1;
+    cp        += strlen(SIG_QSTRING) + 1;
     signature = cp;
     if ((algorithm == USIG_HMAC_SHA1 && strlen(signature) < SHA1_SIG_SIZE) ||
         (algorithm == USIG_HMAC_MD5 && strlen(signature) < MD5_SIG_SIZE)) {
diff --git a/plugins/experimental/url_sig/url_sig.h b/plugins/experimental/url_sig/url_sig.h
index a5e99619737..d5b8630eb93 100644
--- a/plugins/experimental/url_sig/url_sig.h
+++ b/plugins/experimental/url_sig/url_sig.h
@@ -30,22 +30,22 @@
   "S" /* S=9e2828d570a4bee3c964f698b0985ee58b9f6b64 means 9e2828d570a4bee3c964f698b0985ee58b9f6b64 is the sig \
          This one has to be the last one of the string */
 
-#define CIP_STRLEN 20
-#define EXP_STRLEN 16
-#define PAR_STRLEN 16
-#define MAX_PARTS 32
+#define CIP_STRLEN   20
+#define EXP_STRLEN   16
+#define PAR_STRLEN   16
+#define MAX_PARTS    32
 #define MAX_SEGMENTS 64
 
 #define MAX_HTTP_REQUEST_SIZE 8192 //
 
-#define MAX_SIG_SIZE 20
+#define MAX_SIG_SIZE  20
 #define SHA1_SIG_SIZE 20
-#define MD5_SIG_SIZE 16
+#define MD5_SIG_SIZE  16
 
-#define MAX_REQ_LEN 8192
-#define MAX_KEY_LEN 256
-#define MAX_KEY_NUM 16
+#define MAX_REQ_LEN   8192
+#define MAX_KEY_LEN   256
+#define MAX_KEY_NUM   16
 #define MAX_QUERY_LEN 4096
 
 #define USIG_HMAC_SHA1 1
-#define USIG_HMAC_MD5 2
+#define USIG_HMAC_MD5  2
diff --git a/plugins/experimental/wasm/examples/cpp/myproject.cc b/plugins/experimental/wasm/examples/cpp/myproject.cc
index ab2e6d08d96..b6ba42c32f7 100644
--- a/plugins/experimental/wasm/examples/cpp/myproject.cc
+++ b/plugins/experimental/wasm/examples/cpp/myproject.cc
@@ -40,7 +40,8 @@ class ExampleContext : public Context
 static RegisterContextFactory register_ExampleContext(CONTEXT_FACTORY(ExampleContext), ROOT_FACTORY(ExampleRootContext),
                                                       "myproject");
 
-bool ExampleRootContext::onStart(size_t)
+bool
+ExampleRootContext::onStart(size_t)
 {
   logInfo(std::string("onStart"));
 
diff --git a/plugins/header_rewrite/condition.h b/plugins/header_rewrite/condition.h
index 88f9917dc7a..1e06b2c8e44 100644
--- a/plugins/header_rewrite/condition.h
+++ b/plugins/header_rewrite/condition.h
@@ -56,7 +56,7 @@ class Condition : public Statement
   }
 
   // noncopyable
-  Condition(const Condition &) = delete;
+  Condition(const Condition &)      = delete;
   void operator=(const Condition &) = delete;
 
   // Inline this, it's critical for speed (and only used twice)
diff --git a/plugins/header_rewrite/conditions.h b/plugins/header_rewrite/conditions.h
index aedac2168d3..01c9bd92882 100644
--- a/plugins/header_rewrite/conditions.h
+++ b/plugins/header_rewrite/conditions.h
@@ -31,7 +31,7 @@
 #include "matcher.h"
 #include "value.h"
 #include "lulu.h"
-//#include <mdbm.h>
+// #include <mdbm.h>
 
 ///////////////////////////////////////////////////////////////////////////////
 // Condition declarations.
@@ -44,7 +44,7 @@ class ConditionTrue : public Condition
   ConditionTrue() { TSDebug(PLUGIN_NAME_DBG, "Calling CTOR for ConditionTrue"); }
 
   // noncopyable
-  ConditionTrue(const ConditionTrue &) = delete;
+  ConditionTrue(const ConditionTrue &)  = delete;
   void operator=(const ConditionTrue &) = delete;
 
   void
@@ -97,7 +97,7 @@ class ConditionStatus : public Condition
 
   // noncopyable
   ConditionStatus(const ConditionStatus &) = delete;
-  void operator=(const ConditionStatus &) = delete;
+  void operator=(const ConditionStatus &)  = delete;
 
   void initialize(Parser &p) override;
   void append_value(std::string &s, const Resources &res) override;
@@ -117,7 +117,7 @@ class ConditionMethod : public Condition
 
   // noncopyable
   ConditionMethod(const ConditionMethod &) = delete;
-  void operator=(const ConditionMethod &) = delete;
+  void operator=(const ConditionMethod &)  = delete;
 
   void initialize(Parser &p) override;
   void append_value(std::string &s, const Resources &res) override;
@@ -136,7 +136,7 @@ class ConditionRandom : public Condition
 
   // noncopyable
   ConditionRandom(const ConditionRandom &) = delete;
-  void operator=(const ConditionRandom &) = delete;
+  void operator=(const ConditionRandom &)  = delete;
 
   void initialize(Parser &p) override;
   void append_value(std::string &s, const Resources &res) override;
@@ -157,7 +157,7 @@ class ConditionAccess : public Condition
 
   // noncopyable
   ConditionAccess(const ConditionAccess &) = delete;
-  void operator=(const ConditionAccess &) = delete;
+  void operator=(const ConditionAccess &)  = delete;
 
   void initialize(Parser &p) override;
   void append_value(std::string &s, const Resources &res) override;
@@ -180,7 +180,7 @@ class ConditionCookie : public Condition
 
   // noncopyable
   ConditionCookie(const ConditionCookie &) = delete;
-  void operator=(const ConditionCookie &) = delete;
+  void operator=(const ConditionCookie &)  = delete;
 
   void initialize(Parser &p) override;
   void append_value(std::string &s, const Resources &res) override;
@@ -254,7 +254,7 @@ class ConditionHeader : public Condition
 
   // noncopyable
   ConditionHeader(const ConditionHeader &) = delete;
-  void operator=(const ConditionHeader &) = delete;
+  void operator=(const ConditionHeader &)  = delete;
 
   void initialize(Parser &p) override;
   void append_value(std::string &s, const Resources &res) override;
@@ -277,7 +277,7 @@ class ConditionUrl : public Condition
   explicit ConditionUrl(const UrlType type) : _type(type) { TSDebug(PLUGIN_NAME_DBG, "Calling CTOR for ConditionUrl"); }
 
   // noncopyable
-  ConditionUrl(const ConditionUrl &) = delete;
+  ConditionUrl(const ConditionUrl &)   = delete;
   void operator=(const ConditionUrl &) = delete;
 
   void initialize(Parser &p) override;
@@ -315,7 +315,7 @@ class ConditionDBM : public Condition
   }
 
   // noncopyable
-  ConditionDBM(const ConditionDBM &) = delete;
+  ConditionDBM(const ConditionDBM &)   = delete;
   void operator=(const ConditionDBM &) = delete;
 
   void initialize(Parser &p) override;
@@ -354,7 +354,7 @@ class ConditionIp : public Condition
   explicit ConditionIp() { TSDebug(PLUGIN_NAME_DBG, "Calling CTOR for ConditionIp"); };
 
   // noncopyable
-  ConditionIp(const ConditionIp &) = delete;
+  ConditionIp(const ConditionIp &)    = delete;
   void operator=(const ConditionIp &) = delete;
 
   void initialize(Parser &p) override;
@@ -378,7 +378,7 @@ class ConditionTransactCount : public Condition
 
   // noncopyable
   ConditionTransactCount(const ConditionTransactCount &) = delete;
-  void operator=(const ConditionTransactCount &) = delete;
+  void operator=(const ConditionTransactCount &)         = delete;
 
   void initialize(Parser &p) override;
   void append_value(std::string &s, const Resources &res) override;
@@ -396,7 +396,7 @@ class ConditionNow : public Condition
   explicit ConditionNow() { TSDebug(PLUGIN_NAME_DBG, "Calling CTOR for ConditionNow"); }
 
   // noncopyable
-  ConditionNow(const ConditionNow &) = delete;
+  ConditionNow(const ConditionNow &)   = delete;
   void operator=(const ConditionNow &) = delete;
 
   void initialize(Parser &p) override;
@@ -418,7 +418,7 @@ class ConditionGeo : public Condition
   explicit ConditionGeo() { TSDebug(PLUGIN_NAME_DBG, "Calling CTOR for ConditionGeo"); }
 
   // noncopyable
-  ConditionGeo(const ConditionGeo &) = delete;
+  ConditionGeo(const ConditionGeo &)   = delete;
   void operator=(const ConditionGeo &) = delete;
 
   void initialize(Parser &p) override;
@@ -455,7 +455,7 @@ class ConditionId : public Condition
   explicit ConditionId() { TSDebug(PLUGIN_NAME_DBG, "Calling CTOR for ConditionId"); };
 
   // noncopyable
-  ConditionId(const ConditionId &) = delete;
+  ConditionId(const ConditionId &)    = delete;
   void operator=(const ConditionId &) = delete;
 
   void initialize(Parser &p) override;
@@ -482,7 +482,7 @@ class ConditionCidr : public Condition
     TSDebug(PLUGIN_NAME_DBG, "Calling CTOR for ConditionCidr");
   };
 
-  ConditionCidr(self &) = delete;
+  ConditionCidr(self &)   = delete;
   self &operator=(self &) = delete;
 
   void initialize(Parser &p) override;
@@ -511,7 +511,7 @@ class ConditionInbound : public Condition
 public:
   explicit ConditionInbound() { TSDebug(PLUGIN_NAME_DBG, "Calling CTOR for ConditionInbound"); };
   ConditionInbound(self &) = delete;
-  self &operator=(self &) = delete;
+  self &operator=(self &)  = delete;
 
   void initialize(Parser &p) override;
   void set_qualifier(const std::string &q) override;
@@ -536,7 +536,7 @@ class ConditionStringLiteral : public Condition
 
   // noncopyable
   ConditionStringLiteral(const ConditionStringLiteral &) = delete;
-  void operator=(const ConditionStringLiteral &) = delete;
+  void operator=(const ConditionStringLiteral &)         = delete;
 
   void append_value(std::string &s, const Resources & /* res ATS_UNUSED */) override;
 
@@ -557,7 +557,7 @@ class ConditionSessionTransactCount : public Condition
 
   // noncopyable
   ConditionSessionTransactCount(const ConditionSessionTransactCount &) = delete;
-  void operator=(const ConditionSessionTransactCount &) = delete;
+  void operator=(const ConditionSessionTransactCount &)                = delete;
 
   void initialize(Parser &p) override;
   void append_value(std::string &s, const Resources &res) override;
@@ -576,7 +576,7 @@ class ConditionTcpInfo : public Condition
 
   // noncopyable
   ConditionTcpInfo(const ConditionTcpInfo &) = delete;
-  void operator=(const ConditionTcpInfo &) = delete;
+  void operator=(const ConditionTcpInfo &)   = delete;
 
   void initialize(Parser &p) override;
   void append_value(std::string &s, const Resources &res) override;
diff --git a/plugins/header_rewrite/header_rewrite.cc b/plugins/header_rewrite/header_rewrite.cc
index e9924c55ba1..589bac70402 100644
--- a/plugins/header_rewrite/header_rewrite.cc
+++ b/plugins/header_rewrite/header_rewrite.cc
@@ -302,7 +302,10 @@ cont_rewrite_headers(TSCont contp, TSEvent event, void *edata)
   return 0;
 }
 
-static const struct option longopt[] = {{"geo-db-path", required_argument, nullptr, 'm'}, {nullptr, no_argument, nullptr, '\0'}};
+static const struct option longopt[] = {
+  {"geo-db-path", required_argument, nullptr, 'm' },
+  {nullptr,       no_argument,       nullptr, '\0'}
+};
 
 ///////////////////////////////////////////////////////////////////////////////
 // Initialize the InkAPI plugin for the global hooks we support.
diff --git a/plugins/header_rewrite/matcher.h b/plugins/header_rewrite/matcher.h
index 45787b18ad7..61ac3479973 100644
--- a/plugins/header_rewrite/matcher.h
+++ b/plugins/header_rewrite/matcher.h
@@ -50,7 +50,7 @@ class Matcher
   virtual ~Matcher() { TSDebug(PLUGIN_NAME_DBG, "Calling DTOR for Matcher"); }
 
   // noncopyable
-  Matcher(const Matcher &) = delete;
+  Matcher(const Matcher &)        = delete;
   void operator=(const Matcher &) = delete;
 
   MatcherOps
diff --git a/plugins/header_rewrite/operator.h b/plugins/header_rewrite/operator.h
index 04821fcd330..e014914f99c 100644
--- a/plugins/header_rewrite/operator.h
+++ b/plugins/header_rewrite/operator.h
@@ -46,7 +46,7 @@ class Operator : public Statement
   Operator() { TSDebug(PLUGIN_NAME_DBG, "Calling CTOR for Operator"); }
 
   // noncopyable
-  Operator(const Operator &) = delete;
+  Operator(const Operator &)       = delete;
   void operator=(const Operator &) = delete;
 
   OperModifiers get_oper_modifiers() const;
@@ -79,7 +79,7 @@ class OperatorHeaders : public Operator
 
   // noncopyable
   OperatorHeaders(const OperatorHeaders &) = delete;
-  void operator=(const OperatorHeaders &) = delete;
+  void operator=(const OperatorHeaders &)  = delete;
 
   void initialize(Parser &p) override;
 
@@ -98,7 +98,7 @@ class OperatorCookies : public Operator
 
   // noncopyable
   OperatorCookies(const OperatorCookies &) = delete;
-  void operator=(const OperatorCookies &) = delete;
+  void operator=(const OperatorCookies &)  = delete;
 
   void initialize(Parser &p) override;
 
diff --git a/plugins/header_rewrite/operators.h b/plugins/header_rewrite/operators.h
index 5d0ae09b359..ba9256e91e4 100644
--- a/plugins/header_rewrite/operators.h
+++ b/plugins/header_rewrite/operators.h
@@ -39,7 +39,7 @@ class OperatorSetConfig : public Operator
 
   // noncopyable
   OperatorSetConfig(const OperatorSetConfig &) = delete;
-  void operator=(const OperatorSetConfig &) = delete;
+  void operator=(const OperatorSetConfig &)    = delete;
 
   void initialize(Parser &p) override;
 
@@ -61,7 +61,7 @@ class OperatorSetStatus : public Operator
 
   // noncopyable
   OperatorSetStatus(const OperatorSetStatus &) = delete;
-  void operator=(const OperatorSetStatus &) = delete;
+  void operator=(const OperatorSetStatus &)    = delete;
 
   void initialize(Parser &p) override;
 
@@ -82,7 +82,7 @@ class OperatorSetStatusReason : public Operator
 
   // noncopyable
   OperatorSetStatusReason(const OperatorSetStatusReason &) = delete;
-  void operator=(const OperatorSetStatusReason &) = delete;
+  void operator=(const OperatorSetStatusReason &)          = delete;
 
   void initialize(Parser &p) override;
 
@@ -101,7 +101,7 @@ class OperatorSetDestination : public Operator
 
   // noncopyable
   OperatorSetDestination(const OperatorSetDestination &) = delete;
-  void operator=(const OperatorSetDestination &) = delete;
+  void operator=(const OperatorSetDestination &)         = delete;
 
   void initialize(Parser &p) override;
 
@@ -121,7 +121,7 @@ class OperatorRMDestination : public Operator
 
   // noncopyable
   OperatorRMDestination(const OperatorRMDestination &) = delete;
-  void operator=(const OperatorRMDestination &) = delete;
+  void operator=(const OperatorRMDestination &)        = delete;
 
   void initialize(Parser &p) override;
 
@@ -139,7 +139,7 @@ class OperatorSetRedirect : public Operator
 
   // noncopyable
   OperatorSetRedirect(const OperatorSetRedirect &) = delete;
-  void operator=(const OperatorSetRedirect &) = delete;
+  void operator=(const OperatorSetRedirect &)      = delete;
 
   void initialize(Parser &p) override;
 
@@ -169,7 +169,7 @@ class OperatorNoOp : public Operator
   OperatorNoOp() { TSDebug(PLUGIN_NAME_DBG, "Calling CTOR for OperatorNoOp"); }
 
   // noncopyable
-  OperatorNoOp(const OperatorNoOp &) = delete;
+  OperatorNoOp(const OperatorNoOp &)   = delete;
   void operator=(const OperatorNoOp &) = delete;
 
 protected:
@@ -183,7 +183,7 @@ class OperatorSetTimeoutOut : public Operator
 
   // noncopyable
   OperatorSetTimeoutOut(const OperatorSetTimeoutOut &) = delete;
-  void operator=(const OperatorSetTimeoutOut &) = delete;
+  void operator=(const OperatorSetTimeoutOut &)        = delete;
 
   void initialize(Parser &p) override;
 
@@ -210,7 +210,7 @@ class OperatorSkipRemap : public Operator
 
   // noncopyable
   OperatorSkipRemap(const OperatorSkipRemap &) = delete;
-  void operator=(const OperatorSkipRemap &) = delete;
+  void operator=(const OperatorSkipRemap &)    = delete;
 
   void initialize(Parser &p) override;
 
@@ -229,7 +229,7 @@ class OperatorRMHeader : public OperatorHeaders
 
   // noncopyable
   OperatorRMHeader(const OperatorRMHeader &) = delete;
-  void operator=(const OperatorRMHeader &) = delete;
+  void operator=(const OperatorRMHeader &)   = delete;
 
 protected:
   void exec(const Resources &res) const override;
@@ -242,7 +242,7 @@ class OperatorAddHeader : public OperatorHeaders
 
   // noncopyable
   OperatorAddHeader(const OperatorAddHeader &) = delete;
-  void operator=(const OperatorAddHeader &) = delete;
+  void operator=(const OperatorAddHeader &)    = delete;
 
   void initialize(Parser &p) override;
 
@@ -260,7 +260,7 @@ class OperatorSetHeader : public OperatorHeaders
 
   // noncopyable
   OperatorSetHeader(const OperatorSetHeader &) = delete;
-  void operator=(const OperatorSetHeader &) = delete;
+  void operator=(const OperatorSetHeader &)    = delete;
 
   void initialize(Parser &p) override;
 
@@ -278,7 +278,7 @@ class OperatorCounter : public Operator
 
   // noncopyable
   OperatorCounter(const OperatorCounter &) = delete;
-  void operator=(const OperatorCounter &) = delete;
+  void operator=(const OperatorCounter &)  = delete;
 
   void initialize(Parser &p) override;
 
@@ -297,7 +297,7 @@ class OperatorRMCookie : public OperatorCookies
 
   // noncopyable
   OperatorRMCookie(const OperatorRMCookie &) = delete;
-  void operator=(const OperatorRMCookie &) = delete;
+  void operator=(const OperatorRMCookie &)   = delete;
 
 protected:
   void exec(const Resources &res) const override;
@@ -310,7 +310,7 @@ class OperatorAddCookie : public OperatorCookies
 
   // noncopyable
   OperatorAddCookie(const OperatorAddCookie &) = delete;
-  void operator=(const OperatorAddCookie &) = delete;
+  void operator=(const OperatorAddCookie &)    = delete;
 
   void initialize(Parser &p) override;
 
@@ -328,7 +328,7 @@ class OperatorSetCookie : public OperatorCookies
 
   // noncopyable
   OperatorSetCookie(const OperatorSetCookie &) = delete;
-  void operator=(const OperatorSetCookie &) = delete;
+  void operator=(const OperatorSetCookie &)    = delete;
 
   void initialize(Parser &p) override;
 
@@ -358,7 +358,7 @@ class OperatorSetConnDSCP : public Operator
 
   // noncopyable
   OperatorSetConnDSCP(const OperatorSetConnDSCP &) = delete;
-  void operator=(const OperatorSetConnDSCP &) = delete;
+  void operator=(const OperatorSetConnDSCP &)      = delete;
 
   void initialize(Parser &p) override;
 
@@ -377,7 +377,7 @@ class OperatorSetConnMark : public Operator
 
   // noncopyable
   OperatorSetConnMark(const OperatorSetConnMark &) = delete;
-  void operator=(const OperatorSetConnMark &) = delete;
+  void operator=(const OperatorSetConnMark &)      = delete;
 
   void initialize(Parser &p) override;
 
@@ -396,7 +396,7 @@ class OperatorSetDebug : public Operator
 
   // noncopyable
   OperatorSetDebug(const OperatorSetDebug &) = delete;
-  void operator=(const OperatorSetDebug &) = delete;
+  void operator=(const OperatorSetDebug &)   = delete;
 
   void initialize(Parser &p) override;
 
@@ -412,7 +412,7 @@ class OperatorSetBody : public Operator
 
   // noncopyable
   OperatorSetBody(const OperatorSetBody &) = delete;
-  void operator=(const OperatorSetBody &) = delete;
+  void operator=(const OperatorSetBody &)  = delete;
 
   void initialize(Parser &p) override;
 
@@ -431,7 +431,7 @@ class OperatorSetHttpCntl : public Operator
 
   // noncopyable
   OperatorSetHttpCntl(const OperatorSetHttpCntl &) = delete;
-  void operator=(const OperatorSetHttpCntl &) = delete;
+  void operator=(const OperatorSetHttpCntl &)      = delete;
 
   void initialize(Parser &p) override;
 
diff --git a/plugins/header_rewrite/parser.h b/plugins/header_rewrite/parser.h
index feeb1c3d7a7..be632163285 100644
--- a/plugins/header_rewrite/parser.h
+++ b/plugins/header_rewrite/parser.h
@@ -36,7 +36,7 @@ class Parser
   Parser(){};
 
   // noncopyable
-  Parser(const Parser &) = delete;
+  Parser(const Parser &)         = delete;
   void operator=(const Parser &) = delete;
 
   bool
@@ -113,7 +113,7 @@ class HRWSimpleTokenizer
 
   // noncopyable
   HRWSimpleTokenizer(const HRWSimpleTokenizer &) = delete;
-  void operator=(const HRWSimpleTokenizer &) = delete;
+  void operator=(const HRWSimpleTokenizer &)     = delete;
 
   const std::vector<std::string> &
   get_tokens() const
diff --git a/plugins/header_rewrite/resources.h b/plugins/header_rewrite/resources.h
index c3ddfa0a675..3ef49d96df2 100644
--- a/plugins/header_rewrite/resources.h
+++ b/plugins/header_rewrite/resources.h
@@ -56,7 +56,7 @@ class Resources
   ~Resources() { destroy(); }
 
   // noncopyable
-  Resources(const Resources &) = delete;
+  Resources(const Resources &)      = delete;
   void operator=(const Resources &) = delete;
 
   void gather(const ResourceIDs ids, TSHttpHookID hook);
diff --git a/plugins/header_rewrite/ruleset.cc b/plugins/header_rewrite/ruleset.cc
index c172051024c..797d03f951a 100644
--- a/plugins/header_rewrite/ruleset.cc
+++ b/plugins/header_rewrite/ruleset.cc
@@ -62,7 +62,7 @@ RuleSet::add_condition(Parser &p, const char *filename, int lineno)
 
     // Update some ruleset state based on this new condition
     _last |= c->last();
-    _ids = static_cast<ResourceIDs>(_ids | _cond->get_resource_ids());
+    _ids  = static_cast<ResourceIDs>(_ids | _cond->get_resource_ids());
 
     return true;
   }
diff --git a/plugins/header_rewrite/ruleset.h b/plugins/header_rewrite/ruleset.h
index b7d2bd2b96c..278d958eaf3 100644
--- a/plugins/header_rewrite/ruleset.h
+++ b/plugins/header_rewrite/ruleset.h
@@ -46,7 +46,7 @@ class RuleSet
   }
 
   // noncopyable
-  RuleSet(const RuleSet &) = delete;
+  RuleSet(const RuleSet &)        = delete;
   void operator=(const RuleSet &) = delete;
 
   // No reason to inline these
diff --git a/plugins/header_rewrite/statement.h b/plugins/header_rewrite/statement.h
index 7a006ba9455..f8368f07da1 100644
--- a/plugins/header_rewrite/statement.h
+++ b/plugins/header_rewrite/statement.h
@@ -105,7 +105,7 @@ class Statement
   }
 
   // noncopyable
-  Statement(const Statement &) = delete;
+  Statement(const Statement &)      = delete;
   void operator=(const Statement &) = delete;
 
   // Which hook are we adding this statement to?
diff --git a/plugins/header_rewrite/value.h b/plugins/header_rewrite/value.h
index c237abba4ff..ac90d30f79c 100644
--- a/plugins/header_rewrite/value.h
+++ b/plugins/header_rewrite/value.h
@@ -44,7 +44,7 @@ class Value : Statement
   ~Value() override;
 
   // noncopyable
-  Value(const Value &) = delete;
+  Value(const Value &)          = delete;
   void operator=(const Value &) = delete;
 
   void set_value(const std::string &val);
diff --git a/plugins/healthchecks/healthchecks.c b/plugins/healthchecks/healthchecks.c
index 6f73b0df9b9..d3e86ef3ae0 100644
--- a/plugins/healthchecks/healthchecks.c
+++ b/plugins/healthchecks/healthchecks.c
@@ -39,8 +39,8 @@ limitations under the License.
 static const char PLUGIN_NAME[] = "healthchecks";
 static const char SEPARATORS[]  = " \t\n";
 
-#define MAX_PATH_LEN 4096
-#define MAX_BODY_LEN 16384
+#define MAX_PATH_LEN     4096
+#define MAX_BODY_LEN     16384
 #define FREELIST_TIMEOUT 300
 
 static inline void *
@@ -272,10 +272,10 @@ gen_header(char *status_str, char *mime, int *header_len)
     int len = sizeof(HEADER_TEMPLATE) + 3 + 1;
 
     status_reason = TSHttpHdrReasonLookup(status);
-    len += strlen(status_reason);
-    len += strlen(mime);
-    buf         = TSmalloc(len);
-    *header_len = snprintf(buf, len, HEADER_TEMPLATE, status, status_reason, mime);
+    len           += strlen(status_reason);
+    len           += strlen(mime);
+    buf           = TSmalloc(len);
+    *header_len   = snprintf(buf, len, HEADER_TEMPLATE, status, status_reason, mime);
   } else {
     *header_len = 0;
   }
@@ -438,7 +438,7 @@ hc_process_write(TSCont contp, TSEvent event, HCState *my_state)
     char buf[48];
     int len;
 
-    len = snprintf(buf, sizeof(buf), "Content-Length: %d\r\n\r\n", my_state->data->b_len);
+    len                    = snprintf(buf, sizeof(buf), "Content-Length: %d\r\n\r\n", my_state->data->b_len);
     my_state->output_bytes += add_data_to_resp(buf, len, my_state);
     if (my_state->data->b_len > 0) {
       my_state->output_bytes += add_data_to_resp(my_state->data->body, my_state->data->b_len, my_state);
diff --git a/plugins/lua/ts_lua.c b/plugins/lua/ts_lua.c
index 52d7c2b8afb..400b8bfef4d 100644
--- a/plugins/lua/ts_lua.c
+++ b/plugins/lua/ts_lua.c
@@ -28,13 +28,13 @@
 
 #define TS_LUA_MAX_STATE_COUNT 256
 
-#define TS_LUA_STATS_TIMEOUT 5000   // 5s -- convert to configurable
-#define TS_LUA_STATS_BUFFER_SIZE 10 // stats buffer
+#define TS_LUA_STATS_TIMEOUT     5000 // 5s -- convert to configurable
+#define TS_LUA_STATS_BUFFER_SIZE 10   // stats buffer
 
-#define TS_LUA_IND_STATE 0
+#define TS_LUA_IND_STATE    0
 #define TS_LUA_IND_GC_BYTES 1
-#define TS_LUA_IND_THREADS 2
-#define TS_LUA_IND_SIZE 3
+#define TS_LUA_IND_THREADS  2
+#define TS_LUA_IND_SIZE     3
 
 static uint64_t ts_lua_http_next_id   = 0;
 static uint64_t ts_lua_g_http_next_id = 0;
@@ -184,7 +184,7 @@ collectStats(ts_lua_plugin_stats *const plugin_stats)
       ts_lua_ctx_stats *const stats = main_ctx->stats;
 
       TSMutexLock(stats->mutexp);
-      gc_kb_total += stats->gc_kb;
+      gc_kb_total   += stats->gc_kb;
       threads_total += stats->threads;
       TSMutexUnlock(stats->mutexp);
     }
@@ -347,8 +347,8 @@ TSRemapNewInstance(int argc, char *argv[], void **ih, char *errbuf, int errbuf_s
   static const struct option longopt[] = {
     {"states", required_argument, 0, 's'},
     {"inline", required_argument, 0, 'i'},
-    {"ljgc", required_argument, 0, 'g'},
-    {0, 0, 0, 0},
+    {"ljgc",   required_argument, 0, 'g'},
+    {0,        0,                 0, 0  },
   };
 
   argc--;
@@ -779,10 +779,10 @@ TSPluginInit(int argc, const char *argv[])
   int jit                              = 1;
   int reload                           = 0;
   static const struct option longopt[] = {
-    {"states", required_argument, 0, 's'},
-    {"jit", required_argument, 0, 'j'},
-    {"enable-reload", no_argument, 0, 'r'},
-    {0, 0, 0, 0},
+    {"states",        required_argument, 0, 's'},
+    {"jit",           required_argument, 0, 'j'},
+    {"enable-reload", no_argument,       0, 'r'},
+    {0,               0,                 0, 0  },
   };
 
   for (;;) {
diff --git a/plugins/lua/ts_lua_common.h b/plugins/lua/ts_lua_common.h
index a499b79f75a..0a16d1157b4 100644
--- a/plugins/lua/ts_lua_common.h
+++ b/plugins/lua/ts_lua_common.h
@@ -32,47 +32,47 @@
 #include <ts/remap.h>
 #include "ts_lua_coroutine.h"
 
-#define TS_LUA_FUNCTION_REMAP "do_remap"
-#define TS_LUA_FUNCTION_OS_RESPONSE "do_os_response"
+#define TS_LUA_FUNCTION_REMAP                 "do_remap"
+#define TS_LUA_FUNCTION_OS_RESPONSE           "do_os_response"
 #define TS_LUA_FUNCTION_CACHE_LOOKUP_COMPLETE "do_cache_lookup_complete"
-#define TS_LUA_FUNCTION_SEND_REQUEST "do_send_request"
-#define TS_LUA_FUNCTION_READ_RESPONSE "do_read_response"
-#define TS_LUA_FUNCTION_SEND_RESPONSE "do_send_response"
-#define TS_LUA_FUNCTION_READ_REQUEST "do_read_request"
-#define TS_LUA_FUNCTION_TXN_START "do_txn_start"
-#define TS_LUA_FUNCTION_PRE_REMAP "do_pre_remap"
-#define TS_LUA_FUNCTION_POST_REMAP "do_post_remap"
-#define TS_LUA_FUNCTION_OS_DNS "do_os_dns"
-#define TS_LUA_FUNCTION_READ_CACHE "do_read_cache"
-#define TS_LUA_FUNCTION_TXN_CLOSE "do_txn_close"
-
-#define TS_LUA_FUNCTION_G_SEND_REQUEST "do_global_send_request"
-#define TS_LUA_FUNCTION_G_READ_REQUEST "do_global_read_request"
-#define TS_LUA_FUNCTION_G_SEND_RESPONSE "do_global_send_response"
-#define TS_LUA_FUNCTION_G_READ_RESPONSE "do_global_read_response"
+#define TS_LUA_FUNCTION_SEND_REQUEST          "do_send_request"
+#define TS_LUA_FUNCTION_READ_RESPONSE         "do_read_response"
+#define TS_LUA_FUNCTION_SEND_RESPONSE         "do_send_response"
+#define TS_LUA_FUNCTION_READ_REQUEST          "do_read_request"
+#define TS_LUA_FUNCTION_TXN_START             "do_txn_start"
+#define TS_LUA_FUNCTION_PRE_REMAP             "do_pre_remap"
+#define TS_LUA_FUNCTION_POST_REMAP            "do_post_remap"
+#define TS_LUA_FUNCTION_OS_DNS                "do_os_dns"
+#define TS_LUA_FUNCTION_READ_CACHE            "do_read_cache"
+#define TS_LUA_FUNCTION_TXN_CLOSE             "do_txn_close"
+
+#define TS_LUA_FUNCTION_G_SEND_REQUEST          "do_global_send_request"
+#define TS_LUA_FUNCTION_G_READ_REQUEST          "do_global_read_request"
+#define TS_LUA_FUNCTION_G_SEND_RESPONSE         "do_global_send_response"
+#define TS_LUA_FUNCTION_G_READ_RESPONSE         "do_global_read_response"
 #define TS_LUA_FUNCTION_G_CACHE_LOOKUP_COMPLETE "do_global_cache_lookup_complete"
-#define TS_LUA_FUNCTION_G_TXN_START "do_global_txn_start"
-#define TS_LUA_FUNCTION_G_PRE_REMAP "do_global_pre_remap"
-#define TS_LUA_FUNCTION_G_POST_REMAP "do_global_post_remap"
-#define TS_LUA_FUNCTION_G_OS_DNS "do_global_os_dns"
-#define TS_LUA_FUNCTION_G_READ_CACHE "do_global_read_cache"
-#define TS_LUA_FUNCTION_G_TXN_CLOSE "do_global_txn_close"
+#define TS_LUA_FUNCTION_G_TXN_START             "do_global_txn_start"
+#define TS_LUA_FUNCTION_G_PRE_REMAP             "do_global_pre_remap"
+#define TS_LUA_FUNCTION_G_POST_REMAP            "do_global_post_remap"
+#define TS_LUA_FUNCTION_G_OS_DNS                "do_global_os_dns"
+#define TS_LUA_FUNCTION_G_READ_CACHE            "do_global_read_cache"
+#define TS_LUA_FUNCTION_G_TXN_CLOSE             "do_global_txn_close"
 
 #define TS_LUA_DEBUG_TAG "ts_lua"
 
 #define TS_LUA_EVENT_COROUTINE_CONT 20000
 
-#define TS_LUA_MAX_SCRIPT_FNAME_LENGTH 1024
-#define TS_LUA_MAX_CONFIG_VARS_COUNT 256
+#define TS_LUA_MAX_SCRIPT_FNAME_LENGTH     1024
+#define TS_LUA_MAX_CONFIG_VARS_COUNT       256
 #define TS_LUA_MAX_SHARED_DICT_NAME_LENGTH 128
-#define TS_LUA_MAX_SHARED_DICT_COUNT 32
-#define TS_LUA_MAX_URL_LENGTH 32768
-#define TS_LUA_MAX_OVEC_SIZE (3 * 32)
-#define TS_LUA_MAX_RESIDENT_PCRE 64
-#define TS_LUA_MAX_STR_LENGTH 32768
-
-#define TS_LUA_MIN_ALIGN sizeof(void *)
-#define TS_LUA_MEM_ALIGN(size) (((size) + ((TS_LUA_MIN_ALIGN)-1)) & ~((TS_LUA_MIN_ALIGN)-1))
+#define TS_LUA_MAX_SHARED_DICT_COUNT       32
+#define TS_LUA_MAX_URL_LENGTH              32768
+#define TS_LUA_MAX_OVEC_SIZE               (3 * 32)
+#define TS_LUA_MAX_RESIDENT_PCRE           64
+#define TS_LUA_MAX_STR_LENGTH              32768
+
+#define TS_LUA_MIN_ALIGN         sizeof(void *)
+#define TS_LUA_MEM_ALIGN(size)   (((size) + ((TS_LUA_MIN_ALIGN)-1)) & ~((TS_LUA_MIN_ALIGN)-1))
 #define TS_LUA_ALIGN_COUNT(size) (size / TS_LUA_MIN_ALIGN)
 
 #define TS_LUA_MAKE_VAR_ITEM(X) \
@@ -92,7 +92,7 @@ typedef struct {
   void *conf_vars[TS_LUA_MAX_CONFIG_VARS_COUNT];
 
   unsigned int _first : 1; // create current instance for 1st ts_lua_main_ctx
-  unsigned int _last : 1;  // create current instance for the last ts_lua_main_ctx
+  unsigned int _last  : 1; // create current instance for the last ts_lua_main_ctx
 
   int remap;
   int states;
@@ -162,10 +162,10 @@ typedef struct {
   ts_lua_http_ctx *hctx;
 
   int64_t to_flush;
-  unsigned int reuse : 1;
+  unsigned int reuse         : 1;
   unsigned int recv_complete : 1;
   unsigned int send_complete : 1;
-  unsigned int all_ready : 1;
+  unsigned int all_ready     : 1;
 } ts_lua_http_intercept_ctx;
 
 #define TS_LUA_RELEASE_IO_HANDLE(ih)    \
diff --git a/plugins/lua/ts_lua_crypto.c b/plugins/lua/ts_lua_crypto.c
index b1e02d7ac3f..279c57f8e08 100644
--- a/plugins/lua/ts_lua_crypto.c
+++ b/plugins/lua/ts_lua_crypto.c
@@ -22,8 +22,8 @@
 #include "ts_lua_string.h"
 #include "ts_lua_util.h"
 
-#define TS_LUA_MD5_DIGEST_LENGTH 16
-#define TS_LUA_SHA1_DIGEST_LENGTH 20
+#define TS_LUA_MD5_DIGEST_LENGTH    16
+#define TS_LUA_SHA1_DIGEST_LENGTH   20
 #define TS_LUA_SHA256_DIGEST_LENGTH 32
 
 static int ts_lua_md5(lua_State *L);
diff --git a/plugins/lua/ts_lua_fetch.c b/plugins/lua/ts_lua_fetch.c
index 1e49f0f3bde..494aeae4cb1 100644
--- a/plugins/lua/ts_lua_fetch.c
+++ b/plugins/lua/ts_lua_fetch.c
@@ -20,10 +20,10 @@
 #include "ts_lua_io.h"
 #include "ts_lua_fetch.h"
 
-#define TS_LUA_EVENT_FETCH_OVER 20010
-#define TS_LUA_FETCH_CLIENT_ADDRPORT "127.0.0.1:33333"
+#define TS_LUA_EVENT_FETCH_OVER          20010
+#define TS_LUA_FETCH_CLIENT_ADDRPORT     "127.0.0.1:33333"
 #define TS_LUA_FETCH_CLIENT_ADDRPORT_LEN 15
-#define TS_LUA_FETCH_USER_AGENT "TS Fetcher/1.0"
+#define TS_LUA_FETCH_USER_AGENT          "TS Fetcher/1.0"
 
 static int ts_lua_fetch(lua_State *L);
 static int ts_lua_fetch_multi(lua_State *L);
diff --git a/plugins/lua/ts_lua_fetch.h b/plugins/lua/ts_lua_fetch.h
index c4b600cc4d8..3843be5d6c6 100644
--- a/plugins/lua/ts_lua_fetch.h
+++ b/plugins/lua/ts_lua_fetch.h
@@ -30,7 +30,7 @@ typedef struct {
   TSIOBufferReader reader;
   TSFetchSM fch;
 
-  unsigned int over : 1;
+  unsigned int over   : 1;
   unsigned int failed : 1;
 } ts_lua_fetch_info;
 
diff --git a/plugins/lua/ts_lua_io.c b/plugins/lua/ts_lua_io.c
index 2b4748d5329..bff81b91592 100644
--- a/plugins/lua/ts_lua_io.c
+++ b/plugins/lua/ts_lua_io.c
@@ -35,7 +35,7 @@ IOBufferReaderCopy(TSIOBufferReader readerp, void *buf, int64_t length)
     if (need > 0) {
       memcpy((char *)buf + n, start, need);
       length -= need;
-      n += need;
+      n      += need;
     }
 
     if (length == 0) {
diff --git a/plugins/lua/ts_lua_package.c b/plugins/lua/ts_lua_package.c
index 33ff3f1eea2..1ea6a874c78 100644
--- a/plugins/lua/ts_lua_package.c
+++ b/plugins/lua/ts_lua_package.c
@@ -19,7 +19,7 @@
 #include "ts_lua_util.h"
 
 #define TS_LUA_MAX_PACKAGE_PATH_LEN 256
-#define TS_LUA_MAX_PACKAGE_NUM 64
+#define TS_LUA_MAX_PACKAGE_NUM      64
 
 typedef struct {
   size_t len;
diff --git a/plugins/lua/ts_lua_transform.c b/plugins/lua/ts_lua_transform.c
index 5e8d75bcf32..e529fdf01a5 100644
--- a/plugins/lua/ts_lua_transform.c
+++ b/plugins/lua/ts_lua_transform.c
@@ -244,7 +244,7 @@ ts_lua_transform_handler(TSCont contp, ts_lua_http_transform_ctx *transform_ctx,
 
       TSIOBufferWrite(transform_ctx->output.buffer, res, res_len);
       transform_ctx->total += res_len;
-      write_down = 1;
+      write_down           = 1;
     }
 
     lua_pop(L, top);
diff --git a/plugins/multiplexer/chunk-decoder.cc b/plugins/multiplexer/chunk-decoder.cc
index e976ac4857f..3d9e4248aab 100644
--- a/plugins/multiplexer/chunk-decoder.cc
+++ b/plugins/multiplexer/chunk-decoder.cc
@@ -124,7 +124,7 @@ ChunkDecoder::decode(const TSIOBufferReader &r)
       const char *p = TSIOBufferBlockReadStart(block, r, &size);
       assert(p != nullptr);
       const int i = parseSize(p, size);
-      size -= i;
+      size        -= i;
       TSIOBufferReaderConsume(r, i);
       if (state_ == State::kEnd) {
         assert(size_ == 0);
@@ -150,7 +150,7 @@ ChunkDecoder::decode(const TSIOBufferReader &r)
         break;
       } else {
         length += size;
-        size_ -= size;
+        size_  -= size;
       }
     }
     block = TSIOBufferBlockNext(block);
diff --git a/plugins/multiplexer/dispatch.cc b/plugins/multiplexer/dispatch.cc
index 849204b8b8b..9f3308a09cf 100644
--- a/plugins/multiplexer/dispatch.cc
+++ b/plugins/multiplexer/dispatch.cc
@@ -120,7 +120,7 @@ read(const TSIOBufferReader &r, std::string &o, int64_t l = 0)
       size = std::min(size, l);
       o.append(pointer, size);
       length += size;
-      l -= size;
+      l      -= size;
     }
   }
 
@@ -186,7 +186,7 @@ class Handler
     if (TSIsDebugTagSet(PLUGIN_TAG) > 0) {
       std::string buffer;
       const uint64_t length = read(r, buffer, l);
-      response += buffer;
+      response              += buffer;
       TSDebug(PLUGIN_TAG, "Receiving response chunk \"%s\" of %" PRIu64 " bytes", buffer.c_str(), length);
     }
   }
diff --git a/plugins/prefetch/configs.cc b/plugins/prefetch/configs.cc
index cb91e4d5880..21c2ffa811d 100644
--- a/plugins/prefetch/configs.cc
+++ b/plugins/prefetch/configs.cc
@@ -54,20 +54,22 @@ isTrue(const char *arg)
 bool
 PrefetchConfig::init(int argc, char *argv[])
 {
-  static const struct option longopt[] = {{const_cast<char *>("front"), optional_argument, nullptr, 'f'},
-                                          {const_cast<char *>("api-header"), optional_argument, nullptr, 'h'},
-                                          {const_cast<char *>("next-header"), optional_argument, nullptr, 'n'},
-                                          {const_cast<char *>("fetch-policy"), optional_argument, nullptr, 'p'},
-                                          {const_cast<char *>("fetch-count"), optional_argument, nullptr, 'c'},
-                                          {const_cast<char *>("fetch-path-pattern"), optional_argument, nullptr, 'e'},
-                                          {const_cast<char *>("fetch-query"), optional_argument, nullptr, 'q'},
-                                          {const_cast<char *>("fetch-max"), optional_argument, nullptr, 'x'},
-                                          {const_cast<char *>("replace-host"), optional_argument, nullptr, 'r'},
-                                          {const_cast<char *>("name-space"), optional_argument, nullptr, 's'},
-                                          {const_cast<char *>("metrics-prefix"), optional_argument, nullptr, 'm'},
-                                          {const_cast<char *>("exact-match"), optional_argument, nullptr, 'y'},
-                                          {const_cast<char *>("log-name"), optional_argument, nullptr, 'l'},
-                                          {nullptr, 0, nullptr, 0}};
+  static const struct option longopt[] = {
+    {const_cast<char *>("front"),              optional_argument, nullptr, 'f'},
+    {const_cast<char *>("api-header"),         optional_argument, nullptr, 'h'},
+    {const_cast<char *>("next-header"),        optional_argument, nullptr, 'n'},
+    {const_cast<char *>("fetch-policy"),       optional_argument, nullptr, 'p'},
+    {const_cast<char *>("fetch-count"),        optional_argument, nullptr, 'c'},
+    {const_cast<char *>("fetch-path-pattern"), optional_argument, nullptr, 'e'},
+    {const_cast<char *>("fetch-query"),        optional_argument, nullptr, 'q'},
+    {const_cast<char *>("fetch-max"),          optional_argument, nullptr, 'x'},
+    {const_cast<char *>("replace-host"),       optional_argument, nullptr, 'r'},
+    {const_cast<char *>("name-space"),         optional_argument, nullptr, 's'},
+    {const_cast<char *>("metrics-prefix"),     optional_argument, nullptr, 'm'},
+    {const_cast<char *>("exact-match"),        optional_argument, nullptr, 'y'},
+    {const_cast<char *>("log-name"),           optional_argument, nullptr, 'l'},
+    {nullptr,                                  0,                 nullptr, 0  }
+  };
 
   bool status = true;
   optind      = 0;
diff --git a/plugins/prefetch/fetch.h b/plugins/prefetch/fetch.h
index 7c2a1dd7563..0471e1e718f 100644
--- a/plugins/prefetch/fetch.h
+++ b/plugins/prefetch/fetch.h
@@ -98,14 +98,22 @@ class BgFetchState
   size_t _concurrentFetches                        = 0;
   size_t _concurrentFetchesMax                     = 0;
   PrefetchMetricInfo _metrics[FETCHES_MAX_METRICS] = {
-    {FETCH_ACTIVE, TS_RECORDDATATYPE_INT, -1},        {FETCH_COMPLETED, TS_RECORDDATATYPE_COUNTER, -1},
-    {FETCH_ERRORS, TS_RECORDDATATYPE_COUNTER, -1},    {FETCH_TIMEOOUTS, TS_RECORDDATATYPE_COUNTER, -1},
-    {FETCH_THROTTLED, TS_RECORDDATATYPE_COUNTER, -1}, {FETCH_ALREADY_CACHED, TS_RECORDDATATYPE_COUNTER, -1},
-    {FETCH_TOTAL, TS_RECORDDATATYPE_COUNTER, -1},     {FETCH_UNIQUE_YES, TS_RECORDDATATYPE_COUNTER, -1},
-    {FETCH_UNIQUE_NO, TS_RECORDDATATYPE_COUNTER, -1}, {FETCH_MATCH_YES, TS_RECORDDATATYPE_COUNTER, -1},
-    {FETCH_MATCH_NO, TS_RECORDDATATYPE_COUNTER, -1},  {FETCH_POLICY_YES, TS_RECORDDATATYPE_COUNTER, -1},
-    {FETCH_POLICY_NO, TS_RECORDDATATYPE_COUNTER, -1}, {FETCH_POLICY_SIZE, TS_RECORDDATATYPE_INT, -1},
-    {FETCH_POLICY_MAXSIZE, TS_RECORDDATATYPE_INT, -1}};
+    {FETCH_ACTIVE,         TS_RECORDDATATYPE_INT,     -1},
+    {FETCH_COMPLETED,      TS_RECORDDATATYPE_COUNTER, -1},
+    {FETCH_ERRORS,         TS_RECORDDATATYPE_COUNTER, -1},
+    {FETCH_TIMEOOUTS,      TS_RECORDDATATYPE_COUNTER, -1},
+    {FETCH_THROTTLED,      TS_RECORDDATATYPE_COUNTER, -1},
+    {FETCH_ALREADY_CACHED, TS_RECORDDATATYPE_COUNTER, -1},
+    {FETCH_TOTAL,          TS_RECORDDATATYPE_COUNTER, -1},
+    {FETCH_UNIQUE_YES,     TS_RECORDDATATYPE_COUNTER, -1},
+    {FETCH_UNIQUE_NO,      TS_RECORDDATATYPE_COUNTER, -1},
+    {FETCH_MATCH_YES,      TS_RECORDDATATYPE_COUNTER, -1},
+    {FETCH_MATCH_NO,       TS_RECORDDATATYPE_COUNTER, -1},
+    {FETCH_POLICY_YES,     TS_RECORDDATATYPE_COUNTER, -1},
+    {FETCH_POLICY_NO,      TS_RECORDDATATYPE_COUNTER, -1},
+    {FETCH_POLICY_SIZE,    TS_RECORDDATATYPE_INT,     -1},
+    {FETCH_POLICY_MAXSIZE, TS_RECORDDATATYPE_INT,     -1}
+  };
 
   /* plugin specific fetch logging */
   TSTextLogObject _log = nullptr;
diff --git a/plugins/regex_remap/regex_remap.cc b/plugins/regex_remap/regex_remap.cc
index aa488127b7f..bc9930987b8 100644
--- a/plugins/regex_remap/regex_remap.cc
+++ b/plugins/regex_remap/regex_remap.cc
@@ -396,7 +396,7 @@ RemapRegex::compile(const char *&error, int &erroffset)
 
   // POOMA - also dependent on actual stack size. Crashes with previous value of 2047,
   _extra->match_limit_recursion = 1750;
-  _extra->flags |= PCRE_EXTRA_MATCH_LIMIT_RECURSION;
+  _extra->flags                 |= PCRE_EXTRA_MATCH_LIMIT_RECURSION;
 
   if (pcre_fullinfo(_rex, _extra, PCRE_INFO_CAPTURECOUNT, &ccount) != 0) {
     error = "call to pcre_fullinfo() failed";
@@ -458,7 +458,7 @@ RemapRegex::compile(const char *&error, int &erroffset)
 
         _sub_ix[_num_subs]  = ix;
         _sub_pos[_num_subs] = (str - _subst);
-        str += 2;
+        str                 += 2;
         ++_num_subs;
       } else { // Not a valid substitution character, so just ignore it
         ++str;
@@ -483,7 +483,7 @@ RemapRegex::get_lengths(const int ovector[], int lengths[], TSRemapRequestInfo *
 
     if (ix < 10) {
       lengths[ix] = ovector[2 * ix + 1] - ovector[2 * ix]; // -1 - -1 == 0
-      len += lengths[ix];
+      len         += lengths[ix];
     } else {
       int tmp_len;
 
@@ -597,7 +597,7 @@ RemapRegex::substitute(char dest[], const char *src, const int ovector[], const
           p1 += len;
         }
       }
-      p2 += (_sub_pos[i] - prev + 2);
+      p2   += (_sub_pos[i] - prev + 2);
       prev = _sub_pos[i] + 2;
 
       if (lowercase_substitutions == true || ix == SUB_LOWER_PATH) {
@@ -609,7 +609,7 @@ RemapRegex::substitute(char dest[], const char *src, const int ovector[], const
     }
 
     memcpy(p1, p2, _subst_len - (p2 - _subst));
-    p1 += _subst_len - (p2 - _subst);
+    p1  += _subst_len - (p2 - _subst);
     *p1 = 0; // Make sure it's NULL terminated (for safety).
     return p1 - dest;
   } else {
diff --git a/plugins/regex_revalidate/regex_revalidate.c b/plugins/regex_revalidate/regex_revalidate.c
index 7710ad0d4db..a3e92d886c4 100644
--- a/plugins/regex_revalidate/regex_revalidate.c
+++ b/plugins/regex_revalidate/regex_revalidate.c
@@ -38,11 +38,11 @@
 #include <pcre.h>
 #endif
 
-#define CONFIG_TMOUT 60000
-#define FREE_TMOUT 300000
-#define OVECTOR_SIZE 30
+#define CONFIG_TMOUT      60000
+#define FREE_TMOUT        300000
+#define OVECTOR_SIZE      30
 #define LOG_ROLL_INTERVAL 86400
-#define LOG_ROLL_OFFSET 0
+#define LOG_ROLL_OFFSET   0
 
 static const char *const PLUGIN_NAME = "regex_revalidate";
 static const char *const DEFAULT_DIR = "var/trafficserver"; /* Not perfect, but no better API) */
@@ -682,11 +682,13 @@ TSPluginInit(int argc, const char *argv[])
   init_plugin_state_t(pstate);
 
   int c;
-  static const struct option longopts[] = {{"config", required_argument, NULL, 'c'},
-                                           {"log", required_argument, NULL, 'l'},
-                                           {"disable-timed-reload", no_argument, NULL, 'd'},
-                                           {"state-file", required_argument, NULL, 'f'},
-                                           {NULL, 0, NULL, 0}};
+  static const struct option longopts[] = {
+    {"config",               required_argument, NULL, 'c'},
+    {"log",                  required_argument, NULL, 'l'},
+    {"disable-timed-reload", no_argument,       NULL, 'd'},
+    {"state-file",           required_argument, NULL, 'f'},
+    {NULL,                   0,                 NULL, 0  }
+  };
 
   while ((c = getopt_long(argc, (char *const *)argv, "c:l:f:", longopts, NULL)) != -1) {
     switch (c) {
diff --git a/plugins/remap_purge/remap_purge.c b/plugins/remap_purge/remap_purge.c
index 3027543563e..46fa41a3b86 100644
--- a/plugins/remap_purge/remap_purge.c
+++ b/plugins/remap_purge/remap_purge.c
@@ -257,9 +257,12 @@ TSRemapNewInstance(int argc, char *argv[], void **ih, char *errbuf, int errbuf_s
   char *id                             = argv[0]; /* The ID is default to the "from" URL, so save it */
   PurgeInstance *purge                 = TSmalloc(sizeof(PurgeInstance));
   static const struct option longopt[] = {
-    {(char *)"id", required_argument, NULL, 'i'},     {(char *)"secret", required_argument, NULL, 's'},
-    {(char *)"header", required_argument, NULL, 'h'}, {(char *)"state-file", required_argument, NULL, 'f'},
-    {(char *)"allow-get", no_argument, NULL, 'a'},    {NULL, no_argument, NULL, '\0'},
+    {(char *)"id",         required_argument, NULL, 'i' },
+    {(char *)"secret",     required_argument, NULL, 's' },
+    {(char *)"header",     required_argument, NULL, 'h' },
+    {(char *)"state-file", required_argument, NULL, 'f' },
+    {(char *)"allow-get",  no_argument,       NULL, 'a' },
+    {NULL,                 no_argument,       NULL, '\0'},
   };
 
   memset(purge, 0, sizeof(PurgeInstance));
diff --git a/plugins/s3_auth/s3_auth.cc b/plugins/s3_auth/s3_auth.cc
index b67c8cad110..746a2cfdb13 100644
--- a/plugins/s3_auth/s3_auth.cc
+++ b/plugins/s3_auth/s3_auth.cc
@@ -1115,16 +1115,16 @@ TSReturnCode
 TSRemapNewInstance(int argc, char *argv[], void **ih, char * /* errbuf ATS_UNUSED */, int /* errbuf_size ATS_UNUSED */)
 {
   static const struct option longopt[] = {
-    {const_cast<char *>("access_key"), required_argument, nullptr, 'a'},
-    {const_cast<char *>("config"), required_argument, nullptr, 'c'},
-    {const_cast<char *>("secret_key"), required_argument, nullptr, 's'},
-    {const_cast<char *>("version"), required_argument, nullptr, 'v'},
-    {const_cast<char *>("virtual_host"), no_argument, nullptr, 'h'},
-    {const_cast<char *>("v4-include-headers"), required_argument, nullptr, 'i'},
-    {const_cast<char *>("v4-exclude-headers"), required_argument, nullptr, 'e'},
-    {const_cast<char *>("v4-region-map"), required_argument, nullptr, 'm'},
-    {const_cast<char *>("session_token"), required_argument, nullptr, 't'},
-    {nullptr, no_argument, nullptr, '\0'},
+    {const_cast<char *>("access_key"),         required_argument, nullptr, 'a' },
+    {const_cast<char *>("config"),             required_argument, nullptr, 'c' },
+    {const_cast<char *>("secret_key"),         required_argument, nullptr, 's' },
+    {const_cast<char *>("version"),            required_argument, nullptr, 'v' },
+    {const_cast<char *>("virtual_host"),       no_argument,       nullptr, 'h' },
+    {const_cast<char *>("v4-include-headers"), required_argument, nullptr, 'i' },
+    {const_cast<char *>("v4-exclude-headers"), required_argument, nullptr, 'e' },
+    {const_cast<char *>("v4-region-map"),      required_argument, nullptr, 'm' },
+    {const_cast<char *>("session_token"),      required_argument, nullptr, 't' },
+    {nullptr,                                  no_argument,       nullptr, '\0'},
   };
 
   S3Config *s3          = new S3Config(true); // true == this config gets the continuation
diff --git a/plugins/s3_auth/unit_tests/test_aws_auth_v4.cc b/plugins/s3_auth/unit_tests/test_aws_auth_v4.cc
index b3866ba4699..a36365f5a2f 100644
--- a/plugins/s3_auth/unit_tests/test_aws_auth_v4.cc
+++ b/plugins/s3_auth/unit_tests/test_aws_auth_v4.cc
@@ -42,7 +42,7 @@ TEST_CASE("uriEncode(): encode unreserved chars", "[s3_auth]")
                     "abcdefghijklmnopqrstuvwxyz"
                     "0123456789"
                     "-._~";
-  String encoded = uriEncode(in, /* isObjectName */ false);
+  String encoded  = uriEncode(in, /* isObjectName */ false);
 
   CHECK(in.length() == encoded.length());
   CHECK_FALSE(encoded.compare("ABCDEFGHIJKLMNOPQRSTUVWXYZ"
diff --git a/plugins/server_push_preload/server_push_preload.cc b/plugins/server_push_preload/server_push_preload.cc
index 68c44101200..fcfa143f8af 100644
--- a/plugins/server_push_preload/server_push_preload.cc
+++ b/plugins/server_push_preload/server_push_preload.cc
@@ -30,7 +30,7 @@
 #include "tscpp/api/RemapPlugin.h"
 #include "tscpp/api/TransactionPlugin.h"
 
-#define PLUGIN_NAME "server_push_preload"
+#define PLUGIN_NAME   "server_push_preload"
 #define PRELOAD_PARAM "rel=preload"
 #define NOPUSH_OPTION "nopush"
 
diff --git a/plugins/stats_over_http/stats_over_http.cc b/plugins/stats_over_http/stats_over_http.cc
index 303d170c72a..255f8cf0161 100644
--- a/plugins/stats_over_http/stats_over_http.cc
+++ b/plugins/stats_over_http/stats_over_http.cc
@@ -49,11 +49,11 @@
 #include <brotli/encode.h>
 #endif
 
-#define PLUGIN_NAME "stats_over_http"
-#define FREE_TMOUT 300000
+#define PLUGIN_NAME     "stats_over_http"
+#define FREE_TMOUT      300000
 #define STR_BUFFER_SIZE 1024
 
-#define SYSTEM_RECORD_TYPE (0x100)
+#define SYSTEM_RECORD_TYPE   (0x100)
 #define DEFAULT_RECORD_TYPES (SYSTEM_RECORD_TYPE | TS_RECORDTYPE_PROCESS | TS_RECORDTYPE_PLUGIN)
 
 static const swoc::IP4Range DEFAULT_IP{swoc::IP4Addr::MIN, swoc::IP4Addr::MAX};
@@ -77,7 +77,7 @@ static const int ZLIB_MEMLEVEL = 9; // min=1 (optimize for memory),max=9 (optimi
 static const int WINDOW_BITS_DEFLATE = 15;
 static const int WINDOW_BITS_GZIP    = 16;
 #define DEFLATE_MODE WINDOW_BITS_DEFLATE
-#define GZIP_MODE (WINDOW_BITS_DEFLATE | WINDOW_BITS_GZIP)
+#define GZIP_MODE    (WINDOW_BITS_DEFLATE | WINDOW_BITS_GZIP)
 
 // brotli compression quality 1-11. Testing proved level '6'
 #if HAVE_BROTLI_ENCODE_H
@@ -466,7 +466,7 @@ gzip_out_stats(stats_state *my_state)
   int64_t toconsume = TSIOBufferReaderAvail(my_state->resp_reader);
   TSIOBufferReaderConsume(my_state->resp_reader, toconsume);
 
-  my_state->output_bytes -= toconsume;
+  my_state->output_bytes    -= toconsume;
   my_state->zstrm.avail_in  = inputbytes;
   my_state->zstrm.avail_out = sizeof(outputbuf);
   my_state->zstrm.next_in   = (Bytef *)inputbuf;
@@ -665,9 +665,11 @@ TSPluginInit(int argc, const char *argv[])
   TSPluginRegistrationInfo info;
 
   static const char usage[]             = PLUGIN_NAME ".so [--integer-counters] [PATH]";
-  static const struct option longopts[] = {{(char *)("integer-counters"), no_argument, nullptr, 'i'},
-                                           {(char *)("wrap-counters"), no_argument, nullptr, 'w'},
-                                           {nullptr, 0, nullptr, 0}};
+  static const struct option longopts[] = {
+    {(char *)("integer-counters"), no_argument, nullptr, 'i'},
+    {(char *)("wrap-counters"),    no_argument, nullptr, 'w'},
+    {nullptr,                      0,           nullptr, 0  }
+  };
   TSCont main_cont, config_cont;
   config_holder_t *config_holder;
 
diff --git a/plugins/tcpinfo/tcpinfo.cc b/plugins/tcpinfo/tcpinfo.cc
index ca73cb07a00..b73515ca2bf 100644
--- a/plugins/tcpinfo/tcpinfo.cc
+++ b/plugins/tcpinfo/tcpinfo.cc
@@ -51,10 +51,10 @@
 #define TCPI_PLUGIN_SUPPORTED 1
 #endif
 
-#define TCPI_HOOK_SSN_START 0x01u
-#define TCPI_HOOK_TXN_START 0x02u
+#define TCPI_HOOK_SSN_START     0x01u
+#define TCPI_HOOK_TXN_START     0x02u
 #define TCPI_HOOK_SEND_RESPONSE 0x04u
-#define TCPI_HOOK_TXN_CLOSE 0x10u
+#define TCPI_HOOK_TXN_CLOSE     0x10u
 
 // Log format headers. These are emitted once at the start of a log file. Note that we
 // carefully order the fields so the field ordering is compatible. This lets you change
@@ -286,11 +286,13 @@ parse_hook_list(const char *hook_list)
   const struct hookmask {
     const char *name;
     unsigned mask;
-  } hooks[] = {{"ssn_start", TCPI_HOOK_SSN_START},
-               {"txn_start", TCPI_HOOK_TXN_START},
-               {"send_resp_hdr", TCPI_HOOK_SEND_RESPONSE},
-               {"txn_close", TCPI_HOOK_TXN_CLOSE},
-               {nullptr, 0u}};
+  } hooks[] = {
+    {"ssn_start",     TCPI_HOOK_SSN_START    },
+    {"txn_start",     TCPI_HOOK_TXN_START    },
+    {"send_resp_hdr", TCPI_HOOK_SEND_RESPONSE},
+    {"txn_close",     TCPI_HOOK_TXN_CLOSE    },
+    {nullptr,         0u                     }
+  };
 
   str = TSstrdup(hook_list);
 
@@ -299,7 +301,7 @@ parse_hook_list(const char *hook_list)
 
     for (const struct hookmask *m = hooks; m->name != nullptr; ++m) {
       if (strcmp(m->name, tok) == 0) {
-        mask |= m->mask;
+        mask  |= m->mask;
         match = true;
         break;
       }
@@ -317,19 +319,19 @@ parse_hook_list(const char *hook_list)
 void
 TSPluginInit(int argc, const char *argv[])
 {
-  static const char usage[] = "tcpinfo.so [--log-file=PATH] [--log-level=LEVEL] [--hooks=LIST] [--sample-rate=COUNT] "
-                              "[--rolling-enabled=VALUE] [--rolling-offset-hr=HOUR] [--rolling-interval-sec=SECONDS] "
-                              "[--rolling-size=MB]";
+  static const char usage[]             = "tcpinfo.so [--log-file=PATH] [--log-level=LEVEL] [--hooks=LIST] [--sample-rate=COUNT] "
+                                          "[--rolling-enabled=VALUE] [--rolling-offset-hr=HOUR] [--rolling-interval-sec=SECONDS] "
+                                          "[--rolling-size=MB]";
   static const struct option longopts[] = {
-    {const_cast<char *>("sample-rate"), required_argument, nullptr, 'r'},
-    {const_cast<char *>("log-file"), required_argument, nullptr, 'f'},
-    {const_cast<char *>("log-level"), required_argument, nullptr, 'l'},
-    {const_cast<char *>("hooks"), required_argument, nullptr, 'h'},
-    {const_cast<char *>("rolling-enabled"), required_argument, nullptr, 'e'},
-    {const_cast<char *>("rolling-offset-hr"), required_argument, nullptr, 'H'},
+    {const_cast<char *>("sample-rate"),          required_argument, nullptr, 'r'},
+    {const_cast<char *>("log-file"),             required_argument, nullptr, 'f'},
+    {const_cast<char *>("log-level"),            required_argument, nullptr, 'l'},
+    {const_cast<char *>("hooks"),                required_argument, nullptr, 'h'},
+    {const_cast<char *>("rolling-enabled"),      required_argument, nullptr, 'e'},
+    {const_cast<char *>("rolling-offset-hr"),    required_argument, nullptr, 'H'},
     {const_cast<char *>("rolling-interval-sec"), required_argument, nullptr, 'S'},
-    {const_cast<char *>("rolling-size"), required_argument, nullptr, 'M'},
-    {nullptr, 0, nullptr, 0},
+    {const_cast<char *>("rolling-size"),         required_argument, nullptr, 'M'},
+    {nullptr,                                    0,                 nullptr, 0  },
   };
 
   TSPluginRegistrationInfo info;
diff --git a/plugins/xdebug/xdebug.cc b/plugins/xdebug/xdebug.cc
index afb4065523a..a2420ceafc8 100644
--- a/plugins/xdebug/xdebug.cc
+++ b/plugins/xdebug/xdebug.cc
@@ -111,20 +111,20 @@ constexpr struct XHeader {
   std::string_view name;
   unsigned int flag;
 } header_flags[] = {
-  {HEADER_NAME_X_CACHE_KEY, XHEADER_X_CACHE_KEY},
-  {HEADER_NAME_X_MILESTONES, XHEADER_X_MILESTONES},
-  {HEADER_NAME_X_CACHE, XHEADER_X_CACHE},
-  {HEADER_NAME_X_GENERATION, XHEADER_X_GENERATION},
+  {HEADER_NAME_X_CACHE_KEY,      XHEADER_X_CACHE_KEY     },
+  {HEADER_NAME_X_MILESTONES,     XHEADER_X_MILESTONES    },
+  {HEADER_NAME_X_CACHE,          XHEADER_X_CACHE         },
+  {HEADER_NAME_X_GENERATION,     XHEADER_X_GENERATION    },
   {HEADER_NAME_X_TRANSACTION_ID, XHEADER_X_TRANSACTION_ID},
-  {HEADER_NAME_X_DUMP_HEADERS, XHEADER_X_DUMP_HEADERS},
-  {HEADER_NAME_X_REMAP, XHEADER_X_REMAP},
-  {HEADER_NAME_X_PROBE_HEADERS, XHEADER_X_PROBE_HEADERS},
-  {HEADER_NAME_X_PSELECT_KEY, XHEADER_X_PSELECT_KEY},
-  {HEADER_NAME_X_CACHE_INFO, XHEADER_X_CACHE_INFO},
-  {HEADER_NAME_X_EFFECTIVE_URL, XHEADER_X_EFFECTIVE_URL},
-  {HEADER_NAME_VIA, XHEADER_VIA},
-  {HEADER_NAME_DIAGS, XHEADER_DIAGS},
-  {HEADER_NAME_ALL, XHEADER_ALL},
+  {HEADER_NAME_X_DUMP_HEADERS,   XHEADER_X_DUMP_HEADERS  },
+  {HEADER_NAME_X_REMAP,          XHEADER_X_REMAP         },
+  {HEADER_NAME_X_PROBE_HEADERS,  XHEADER_X_PROBE_HEADERS },
+  {HEADER_NAME_X_PSELECT_KEY,    XHEADER_X_PSELECT_KEY   },
+  {HEADER_NAME_X_CACHE_INFO,     XHEADER_X_CACHE_INFO    },
+  {HEADER_NAME_X_EFFECTIVE_URL,  XHEADER_X_EFFECTIVE_URL },
+  {HEADER_NAME_VIA,              XHEADER_VIA             },
+  {HEADER_NAME_DIAGS,            XHEADER_DIAGS           },
+  {HEADER_NAME_ALL,              XHEADER_ALL             },
 };
 
 static TSCont XInjectHeadersCont  = nullptr;
@@ -300,29 +300,29 @@ InjectMilestonesHeader(TSHttpTxn txn, TSMBuffer buffer, TSMLoc hdr)
   // The set of milestones we can publish. Some milestones happen after
   // this hook, so we skip those ...
   static const milestone milestones[] = {
-    {TS_MILESTONE_UA_BEGIN, "UA-BEGIN"},
-    {TS_MILESTONE_UA_FIRST_READ, "UA-FIRST-READ"},
-    {TS_MILESTONE_UA_READ_HEADER_DONE, "UA-READ-HEADER-DONE"},
-    {TS_MILESTONE_UA_BEGIN_WRITE, "UA-BEGIN-WRITE"},
-    {TS_MILESTONE_UA_CLOSE, "UA-CLOSE"},
-    {TS_MILESTONE_SERVER_FIRST_CONNECT, "SERVER-FIRST-CONNECT"},
-    {TS_MILESTONE_SERVER_CONNECT, "SERVER-CONNECT"},
-    {TS_MILESTONE_SERVER_CONNECT_END, "SERVER-CONNECT-END"},
-    {TS_MILESTONE_SERVER_BEGIN_WRITE, "SERVER-BEGIN-WRITE"},
-    {TS_MILESTONE_SERVER_FIRST_READ, "SERVER-FIRST-READ"},
+    {TS_MILESTONE_UA_BEGIN,                "UA-BEGIN"               },
+    {TS_MILESTONE_UA_FIRST_READ,           "UA-FIRST-READ"          },
+    {TS_MILESTONE_UA_READ_HEADER_DONE,     "UA-READ-HEADER-DONE"    },
+    {TS_MILESTONE_UA_BEGIN_WRITE,          "UA-BEGIN-WRITE"         },
+    {TS_MILESTONE_UA_CLOSE,                "UA-CLOSE"               },
+    {TS_MILESTONE_SERVER_FIRST_CONNECT,    "SERVER-FIRST-CONNECT"   },
+    {TS_MILESTONE_SERVER_CONNECT,          "SERVER-CONNECT"         },
+    {TS_MILESTONE_SERVER_CONNECT_END,      "SERVER-CONNECT-END"     },
+    {TS_MILESTONE_SERVER_BEGIN_WRITE,      "SERVER-BEGIN-WRITE"     },
+    {TS_MILESTONE_SERVER_FIRST_READ,       "SERVER-FIRST-READ"      },
     {TS_MILESTONE_SERVER_READ_HEADER_DONE, "SERVER-READ-HEADER-DONE"},
-    {TS_MILESTONE_SERVER_CLOSE, "SERVER-CLOSE"},
-    {TS_MILESTONE_CACHE_OPEN_READ_BEGIN, "CACHE-OPEN-READ-BEGIN"},
-    {TS_MILESTONE_CACHE_OPEN_READ_END, "CACHE-OPEN-READ-END"},
-    {TS_MILESTONE_CACHE_OPEN_WRITE_BEGIN, "CACHE-OPEN-WRITE-BEGIN"},
-    {TS_MILESTONE_CACHE_OPEN_WRITE_END, "CACHE-OPEN-WRITE-END"},
-    {TS_MILESTONE_DNS_LOOKUP_BEGIN, "DNS-LOOKUP-BEGIN"},
-    {TS_MILESTONE_DNS_LOOKUP_END, "DNS-LOOKUP-END"},
-    // SM_START is deliberately excluded because as all the times are printed relative to it
-    // it would always be zero.
-    {TS_MILESTONE_SM_FINISH, "SM-FINISH"},
-    {TS_MILESTONE_PLUGIN_ACTIVE, "PLUGIN-ACTIVE"},
-    {TS_MILESTONE_PLUGIN_TOTAL, "PLUGIN-TOTAL"},
+    {TS_MILESTONE_SERVER_CLOSE,            "SERVER-CLOSE"           },
+    {TS_MILESTONE_CACHE_OPEN_READ_BEGIN,   "CACHE-OPEN-READ-BEGIN"  },
+    {TS_MILESTONE_CACHE_OPEN_READ_END,     "CACHE-OPEN-READ-END"    },
+    {TS_MILESTONE_CACHE_OPEN_WRITE_BEGIN,  "CACHE-OPEN-WRITE-BEGIN" },
+    {TS_MILESTONE_CACHE_OPEN_WRITE_END,    "CACHE-OPEN-WRITE-END"   },
+    {TS_MILESTONE_DNS_LOOKUP_BEGIN,        "DNS-LOOKUP-BEGIN"       },
+    {TS_MILESTONE_DNS_LOOKUP_END,          "DNS-LOOKUP-END"         },
+ // SM_START is deliberately excluded because as all the times are printed relative to it
+  // it would always be zero.
+    {TS_MILESTONE_SM_FINISH,               "SM-FINISH"              },
+    {TS_MILESTONE_PLUGIN_ACTIVE,           "PLUGIN-ACTIVE"          },
+    {TS_MILESTONE_PLUGIN_TOTAL,            "PLUGIN-TOTAL"           },
   };
 
   TSMLoc dst = TS_NULL_MLOC;
@@ -833,9 +833,11 @@ updateAllowedHeaders(const char *optarg)
 void
 TSPluginInit(int argc, const char *argv[])
 {
-  static const struct option longopt[] = {{const_cast<char *>("header"), required_argument, nullptr, 'h'},
-                                          {const_cast<char *>("enable"), required_argument, nullptr, 'e'},
-                                          {nullptr, no_argument, nullptr, '\0'}};
+  static const struct option longopt[] = {
+    {const_cast<char *>("header"), required_argument, nullptr, 'h' },
+    {const_cast<char *>("enable"), required_argument, nullptr, 'e' },
+    {nullptr,                      no_argument,       nullptr, '\0'}
+  };
   TSPluginRegistrationInfo info;
 
   info.plugin_name   = (char *)"xdebug";
diff --git a/plugins/xdebug/xdebug_transforms.cc b/plugins/xdebug/xdebug_transforms.cc
index e1019e726ec..84a9fea806a 100644
--- a/plugins/xdebug/xdebug_transforms.cc
+++ b/plugins/xdebug/xdebug_transforms.cc
@@ -103,7 +103,7 @@ body_transform(TSCont contp, TSEvent event, void *edata)
       std::string prebody = getPreBody(txn);
       TSIOBufferWrite(data->output_buffer.get(), prebody.data(), prebody.length()); // write prebody
       data->wrote_prebody = true;
-      data->nbytes += prebody.length();
+      data->nbytes        += prebody.length();
     }
 
     TSIOBuffer src_buf = TSVIOBufferGet(src_vio);
@@ -133,7 +133,7 @@ body_transform(TSCont contp, TSEvent event, void *edata)
       // End of src vio
       // Write post body content and update output VIO
       data->wrote_body = true;
-      data->nbytes += TSVIONDoneGet(src_vio);
+      data->nbytes     += TSVIONDoneGet(src_vio);
       writePostBody(txn, data);
       TSContCall(TSVIOContGet(src_vio), TS_EVENT_VCONN_WRITE_COMPLETE, src_vio);
     }
diff --git a/proxy/CacheControl.h b/proxy/CacheControl.h
index 963ff9c5713..0d1f88ee5a1 100644
--- a/proxy/CacheControl.h
+++ b/proxy/CacheControl.h
@@ -42,7 +42,7 @@ const int CC_UNSET_TIME = -1;
 
 //   Use 10 second time for purify testing under low
 //     load to verify memory allocation
-//#define CACHE_CONTROL_TIMEOUT            (HRTIME_SECOND*10)
+// #define CACHE_CONTROL_TIMEOUT            (HRTIME_SECOND*10)
 
 enum CacheControlType {
   CC_INVALID = 0,
diff --git a/proxy/ControlMatcher.h b/proxy/ControlMatcher.h
index 394841fdd5c..4d577c0954d 100644
--- a/proxy/ControlMatcher.h
+++ b/proxy/ControlMatcher.h
@@ -289,12 +289,12 @@ template <class Data, class MatchResult> class IpMatcher : protected BaseMatcher
   IpMap ip_map; // Data structure to do lookups
 };
 
-#define ALLOW_HOST_TABLE 1 << 0
-#define ALLOW_IP_TABLE 1 << 1
-#define ALLOW_REGEX_TABLE 1 << 2
+#define ALLOW_HOST_TABLE       1 << 0
+#define ALLOW_IP_TABLE         1 << 1
+#define ALLOW_REGEX_TABLE      1 << 2
 #define ALLOW_HOST_REGEX_TABLE 1 << 3
-#define ALLOW_URL_TABLE 1 << 4
-#define DONT_BUILD_TABLE 1 << 5 // for testing
+#define ALLOW_URL_TABLE        1 << 4
+#define DONT_BUILD_TABLE       1 << 5 // for testing
 
 template <class Data, class MatchResult> class ControlMatcher
 {
diff --git a/proxy/HostStatus.h b/proxy/HostStatus.h
index e09155c1abb..f811bb5cdea 100644
--- a/proxy/HostStatus.h
+++ b/proxy/HostStatus.h
@@ -229,7 +229,7 @@ struct HostStatus {
 
 private:
   HostStatus();
-  HostStatus(const HostStatus &obj) = delete;
+  HostStatus(const HostStatus &obj)         = delete;
   HostStatus &operator=(HostStatus const &) = delete;
 
   // next hop status, key is hostname or ip string, data is HostStatRec
diff --git a/proxy/IPAllow.h b/proxy/IPAllow.h
index 4dd9053fa92..6c584153ee3 100644
--- a/proxy/IPAllow.h
+++ b/proxy/IPAllow.h
@@ -132,7 +132,7 @@ class IpAllow : public ConfigInfo
     ~ACL();
 
     self_type &operator=(const self_type &) = delete;
-    self_type &operator                     =(self_type &&that) noexcept;
+    self_type &operator=(self_type &&that) noexcept;
 
     void clear(); ///< Drop data and config reference.
 
diff --git a/proxy/ParentSelection.cc b/proxy/ParentSelection.cc
index cc0e4b2c7d7..868a7c5e3e2 100644
--- a/proxy/ParentSelection.cc
+++ b/proxy/ParentSelection.cc
@@ -32,7 +32,7 @@
 #include "I_Machine.h"
 #include "tscore/Filenames.h"
 
-#define MAX_SIMPLE_RETRIES 5
+#define MAX_SIMPLE_RETRIES             5
 #define MAX_UNAVAILABLE_SERVER_RETRIES 5
 
 using P_table = ControlMatcher<ParentRecord, ParentResult>;
@@ -418,8 +418,8 @@ ParentRecord::PreProcessParents(const char *val, const int line_num, char *buf,
       }
     }
 
-    str += token;
-    str += ";";
+    str   += token;
+    str   += ";";
     token = strtok_r(nullptr, PARENT_DELIMITERS, &savePtr);
   }
   strncpy(buf, str.c_str(), len);
@@ -1132,7 +1132,7 @@ EXCLUSIVE_REGRESSION_TEST(PARENTSELECTION)(RegressionTest * /* t ATS_UNUSED */,
     REINIT;
     br(request, "fruit_basket.net");
     FP;
-    red += verify(result, PARENT_SPECIFIED, "red", 37412);
+    red    += verify(result, PARENT_SPECIFIED, "red", 37412);
     orange += verify(result, PARENT_SPECIFIED, "orange", 37412);
     yellow += verify(result, PARENT_SPECIFIED, "yellow", 37412);
   }
diff --git a/proxy/ParentSelection.h b/proxy/ParentSelection.h
index 3085668c74c..e2eac6a3c29 100644
--- a/proxy/ParentSelection.h
+++ b/proxy/ParentSelection.h
@@ -42,7 +42,7 @@
 #include <algorithm>
 #include <vector>
 
-#define MAX_PARENTS 64
+#define MAX_PARENTS           64
 #define DEFAULT_PARENT_WEIGHT 1.0
 
 struct RequestData;
diff --git a/proxy/PluginVC.cc b/proxy/PluginVC.cc
index d491d4d5a0d..fda776b538d 100644
--- a/proxy/PluginVC.cc
+++ b/proxy/PluginVC.cc
@@ -76,7 +76,7 @@
 #include "P_Net.h"
 #include "tscore/Regression.h"
 
-#define PVC_LOCK_RETRY_TIME HRTIME_MSECONDS(10)
+#define PVC_LOCK_RETRY_TIME      HRTIME_MSECONDS(10)
 #define MIN_BLOCK_TRANSFER_BYTES 128
 
 #define PVC_TYPE ((vc_type == PLUGIN_VC_ACTIVE) ? "Active" : "Passive")
@@ -549,7 +549,7 @@ PluginVC::process_write_side()
     return;
   }
 
-  write_state.vio.ndone += added;
+  write_state.vio.ndone            += added;
   other_side->read_state.vio.ndone += added;
 
   Debug("pvc", "[%u] %s: process_write_side and process_read_side from other side; added %" PRId64 "", core_obj->id, PVC_TYPE,
diff --git a/proxy/ProtocolProbeSessionAccept.h b/proxy/ProtocolProbeSessionAccept.h
index c58dbe31bd2..2dfd99df5a9 100644
--- a/proxy/ProtocolProbeSessionAccept.h
+++ b/proxy/ProtocolProbeSessionAccept.h
@@ -50,7 +50,7 @@ class ProtocolProbeSessionAccept : public SessionAccept, public ProtocolProbeSes
   bool accept(NetVConnection *, MIOBuffer *, IOBufferReader *) override;
 
   // noncopyable
-  ProtocolProbeSessionAccept(const ProtocolProbeSessionAccept &) = delete;            // disabled
+  ProtocolProbeSessionAccept(const ProtocolProbeSessionAccept &)            = delete; // disabled
   ProtocolProbeSessionAccept &operator=(const ProtocolProbeSessionAccept &) = delete; // disabled
 
   IpMap *proxy_protocol_ipmap = nullptr;
diff --git a/proxy/ProxySession.h b/proxy/ProxySession.h
index 941cc055fd7..f2115069d57 100644
--- a/proxy/ProxySession.h
+++ b/proxy/ProxySession.h
@@ -81,7 +81,7 @@ class ProxySession : public VConnection, public PluginUserArgs<TS_USER_ARGS_SSN>
   virtual ~ProxySession();
 
   // noncopyable
-  ProxySession(ProxySession &) = delete;
+  ProxySession(ProxySession &)                  = delete;
   ProxySession &operator=(const ProxySession &) = delete;
 
   static int64_t next_connection_id();
diff --git a/proxy/ReverseProxy.cc b/proxy/ReverseProxy.cc
index 8c0dddd7bd5..2399f228dcb 100644
--- a/proxy/ReverseProxy.cc
+++ b/proxy/ReverseProxy.cc
@@ -48,11 +48,11 @@ UrlRewrite *rewrite_table                             = nullptr;
 thread_local PluginThreadContext *pluginThreadContext = nullptr;
 
 // Tokens for the Callback function
-#define FILE_CHANGED 0
-#define REVERSE_CHANGED 1
-#define TSNAME_CHANGED 2
-#define TRANS_CHANGED 4
-#define URL_REMAP_MODE_CHANGED 8
+#define FILE_CHANGED                  0
+#define REVERSE_CHANGED               1
+#define TSNAME_CHANGED                2
+#define TRANS_CHANGED                 4
+#define URL_REMAP_MODE_CHANGED        8
 #define HTTP_DEFAULT_REDIRECT_CHANGED 9
 
 //
diff --git a/proxy/Transform.cc b/proxy/Transform.cc
index 5013d3192ac..bdb5efbdf45 100644
--- a/proxy/Transform.cc
+++ b/proxy/Transform.cc
@@ -876,7 +876,7 @@ RangeTransform::transform_to_range()
       if (toskip > 0) {
         reader->consume(toskip);
         *done_byte += toskip;
-        avail = reader->read_avail();
+        avail      = reader->read_avail();
       }
     }
 
@@ -890,7 +890,7 @@ RangeTransform::transform_to_range()
       m_output_buf->write(reader, tosend);
       reader->consume(tosend);
 
-      m_done += tosend;
+      m_done     += tosend;
       *done_byte += tosend;
     }
 
diff --git a/proxy/hdrs/HTTP.cc b/proxy/hdrs/HTTP.cc
index c5354bf6b40..a22fdef1b9a 100644
--- a/proxy/hdrs/HTTP.cc
+++ b/proxy/hdrs/HTTP.cc
@@ -443,8 +443,8 @@ http_hdr_print(HdrHeap *heap, HTTPHdrImpl *hdr, char *buf, int bufsize, int *buf
 
       p = buf + *bufindex;
       memcpy(p, hdr->u.req.m_ptr_method, hdr->u.req.m_len_method);
-      p += hdr->u.req.m_len_method;
-      *p++ = ' ';
+      p         += hdr->u.req.m_len_method;
+      *p++      = ' ';
       *bufindex += hdr->u.req.m_len_method + 1;
 
       if (hdr->u.req.m_url_impl) {
@@ -453,8 +453,8 @@ http_hdr_print(HdrHeap *heap, HTTPHdrImpl *hdr, char *buf, int bufsize, int *buf
           if (hdr->u.req.m_method_wks_idx == HTTP_WKSIDX_CONNECT) {
             *bufindex -= 1; // remove trailing slash for CONNECT request
           }
-          p    = buf + *bufindex;
-          *p++ = ' ';
+          p         = buf + *bufindex;
+          *p++      = ' ';
           *bufindex += 1;
         } else {
           return 0;
@@ -469,9 +469,9 @@ http_hdr_print(HdrHeap *heap, HTTPHdrImpl *hdr, char *buf, int bufsize, int *buf
       }
 
       if (bufsize - *bufindex >= 2) {
-        p    = buf + *bufindex;
-        *p++ = '\r';
-        *p++ = '\n';
+        p         = buf + *bufindex;
+        *p++      = '\r';
+        *p++      = '\n';
         *bufindex += 2;
       } else {
         TRY(mime_mem_print("\r\n", 2, buf, bufsize, bufindex, dumpoffset));
@@ -502,8 +502,8 @@ http_hdr_print(HdrHeap *heap, HTTPHdrImpl *hdr, char *buf, int bufsize, int *buf
 
       p = buf + *bufindex;
       http_hdr_version_to_string(hdr->m_version, p);
-      p += 8; // overwrite '\0' with space
-      *p++ = ' ';
+      p         += 8; // overwrite '\0' with space
+      *p++      = ' ';
       *bufindex += 9;
 
       hdrstat = http_hdr_status_get(hdr);
@@ -517,7 +517,7 @@ http_hdr_print(HdrHeap *heap, HTTPHdrImpl *hdr, char *buf, int bufsize, int *buf
         ink_assert(tmplen <= 6);
         p += tmplen;
       }
-      *p++ = ' ';
+      *p++      = ' ';
       *bufindex += tmplen + 1;
 
       if (hdr->u.resp.m_ptr_reason) {
@@ -525,9 +525,9 @@ http_hdr_print(HdrHeap *heap, HTTPHdrImpl *hdr, char *buf, int bufsize, int *buf
       }
 
       if (bufsize - *bufindex >= 2) {
-        p    = buf + *bufindex;
-        *p++ = '\r';
-        *p++ = '\n';
+        p         = buf + *bufindex;
+        *p++      = '\r';
+        *p++      = '\n';
         *bufindex += 2;
       } else {
         TRY(mime_mem_print("\r\n", 2, buf, bufsize, bufindex, dumpoffset));
@@ -1540,7 +1540,7 @@ http_parse_version(const char *start, const char *end)
     min = 0;
 
     while ((start != end) && isdigit(*start)) {
-      maj = (maj * 10) + (*start - '0');
+      maj   = (maj * 10) + (*start - '0');
       start += 1;
     }
 
@@ -1549,7 +1549,7 @@ http_parse_version(const char *start, const char *end)
     }
 
     while ((start != end) && isdigit(*start)) {
-      min = (min * 10) + (*start - '0');
+      min   = (min * 10) + (*start - '0');
       start += 1;
     }
 
@@ -1619,7 +1619,7 @@ http_parse_qvalue(const char *&buf, int &len)
 
         n = 0.0;
         while (len > 0 && *buf && isdigit(*buf)) {
-          n = (n * 10) + (*buf++ - '0');
+          n   = (n * 10) + (*buf++ - '0');
           len -= 1;
         }
 
@@ -1629,8 +1629,8 @@ http_parse_qvalue(const char *&buf, int &len)
 
           f = 10;
           while (len > 0 && *buf && isdigit(*buf)) {
-            n += (*buf++ - '0') / static_cast<double>(f);
-            f *= 10;
+            n   += (*buf++ - '0') / static_cast<double>(f);
+            f   *= 10;
             len -= 1;
           }
         }
@@ -2137,13 +2137,13 @@ HTTPInfo::marshal(char *buf, int len)
   marshal_alt->m_writeable     = 0;
   marshal_alt->m_unmarshal_len = -1;
   marshal_alt->m_ext_buffer    = nullptr;
-  buf += HTTP_ALT_MARSHAL_SIZE;
-  used += HTTP_ALT_MARSHAL_SIZE;
+  buf                          += HTTP_ALT_MARSHAL_SIZE;
+  used                         += HTTP_ALT_MARSHAL_SIZE;
 
   if (m_alt->m_frag_offset_count > HTTPCacheAlt::N_INTEGRAL_FRAG_OFFSETS) {
     marshal_alt->m_frag_offsets = static_cast<FragOffset *>(reinterpret_cast<void *>(used));
     memcpy(buf, m_alt->m_frag_offsets, m_alt->m_frag_offset_count * sizeof(FragOffset));
-    buf += m_alt->m_frag_offset_count * sizeof(FragOffset);
+    buf  += m_alt->m_frag_offset_count * sizeof(FragOffset);
     used += m_alt->m_frag_offset_count * sizeof(FragOffset);
   } else {
     marshal_alt->m_frag_offsets = nullptr;
@@ -2156,7 +2156,7 @@ HTTPInfo::marshal(char *buf, int len)
     tmp                               = m_alt->m_request_hdr.m_heap->marshal(buf, len - used);
     marshal_alt->m_request_hdr.m_heap = (HdrHeap *)static_cast<intptr_t>(used);
     ink_assert(((intptr_t)marshal_alt->m_request_hdr.m_heap) < len);
-    buf += tmp;
+    buf  += tmp;
     used += tmp;
   } else {
     marshal_alt->m_request_hdr.m_heap = nullptr;
@@ -2204,7 +2204,7 @@ HTTPInfo::unmarshal(char *buf, int len, RefCountObj *block_ref)
 
   if (alt->m_frag_offset_count > HTTPCacheAlt::N_INTEGRAL_FRAG_OFFSETS) {
     alt->m_frag_offsets = reinterpret_cast<FragOffset *>(buf + reinterpret_cast<intptr_t>(alt->m_frag_offsets));
-    len -= sizeof(FragOffset) * alt->m_frag_offset_count;
+    len                 -= sizeof(FragOffset) * alt->m_frag_offset_count;
     ink_assert(len >= 0);
   } else if (alt->m_frag_offset_count > 0) {
     alt->m_frag_offsets = alt->m_integral_frag_offsets;
@@ -2221,7 +2221,7 @@ HTTPInfo::unmarshal(char *buf, int len, RefCountObj *block_ref)
       ink_assert(!"HTTPInfo::request unmarshal failed");
       return -1;
     }
-    len -= tmp;
+    len                                    -= tmp;
     alt->m_request_hdr.m_heap              = heap;
     alt->m_request_hdr.m_http              = hh;
     alt->m_request_hdr.m_mime              = hh->m_fields_impl;
@@ -2302,7 +2302,7 @@ HTTPInfo::unmarshal_v24_1(char *buf, int len, RefCountObj *block_ref)
       ink_assert(!"HTTPInfo::request unmarshal failed");
       return -1;
     }
-    len -= tmp;
+    len                                    -= tmp;
     alt->m_request_hdr.m_heap              = heap;
     alt->m_request_hdr.m_http              = hh;
     alt->m_request_hdr.m_mime              = hh->m_fields_impl;
diff --git a/proxy/hdrs/HTTP.h b/proxy/hdrs/HTTP.h
index 4ba3bdbfce2..53449ea8933 100644
--- a/proxy/hdrs/HTTP.h
+++ b/proxy/hdrs/HTTP.h
@@ -673,7 +673,7 @@ class HTTPHdr : public MIMEHdr
   static Arena *const USE_HDR_HEAP_MAGIC;
 
   // No gratuitous copies!
-  HTTPHdr(const HTTPHdr &m) = delete;
+  HTTPHdr(const HTTPHdr &m)            = delete;
   HTTPHdr &operator=(const HTTPHdr &m) = delete;
 
 private:
diff --git a/proxy/hdrs/HdrHeap.cc b/proxy/hdrs/HdrHeap.cc
index 59139c311a0..060aadf76af 100644
--- a/proxy/hdrs/HdrHeap.cc
+++ b/proxy/hdrs/HdrHeap.cc
@@ -195,9 +195,9 @@ HdrHeap::allocate_obj(int nbytes, int type)
 
   while (true) {
     if (static_cast<unsigned>(nbytes) <= (h->m_free_size)) {
-      new_space = h->m_free_start;
+      new_space       = h->m_free_start;
       h->m_free_start += nbytes;
-      h->m_free_size -= nbytes;
+      h->m_free_size  -= nbytes;
 
       obj = reinterpret_cast<HdrHeapObjImpl *>(new_space);
       obj_init_header(obj, type, nbytes, 0);
@@ -564,7 +564,7 @@ HdrHeap::marshal_length()
 
   while (h) {
     len += static_cast<int>(h->m_free_start - h->m_data_start);
-    h = h->m_next;
+    h   = h->m_next;
   }
 
   // Since when we unmarshal, we won't have a writable string
@@ -592,8 +592,8 @@ compute_checksum(void *buf, int len)
 
   while (len > 4) {
     cksum += *((uint32_t *)buf);
-    buf = ((char *)buf) + 4;
-    len -= 4;
+    buf   = ((char *)buf) + 4;
+    len   -= 4;
   }
 
   if (len > 0) {
@@ -667,8 +667,8 @@ HdrHeap::marshal(char *buf, int len)
     ptr_xlation[ptr_heaps].offset = unmarshal_hdr->m_data_start - (b - buf);
 
     ptr_heap_size += copy_size;
-    b += copy_size;
-    len -= copy_size;
+    b             += copy_size;
+    len           -= copy_size;
     ptr_heaps++;
 
     unmarshal_hdr = unmarshal_hdr->m_next;
@@ -719,8 +719,8 @@ HdrHeap::marshal(char *buf, int len)
     str_xlation[str_heaps].end    = copy_start + nto_copy;
     str_xlation[str_heaps].offset = copy_start - (b - buf);
 
-    b += nto_copy;
-    len -= nto_copy;
+    b        += nto_copy;
+    len      -= nto_copy;
     str_size += nto_copy;
     str_heaps++;
   }
@@ -741,8 +741,8 @@ HdrHeap::marshal(char *buf, int len)
       ink_assert(str_xlation[str_heaps].start <= str_xlation[str_heaps].end);
 
       str_heaps++;
-      b += i.m_heap_len;
-      len -= i.m_heap_len;
+      b        += i.m_heap_len;
+      len      -= i.m_heap_len;
       str_size += i.m_heap_len;
     }
   }
@@ -1139,7 +1139,7 @@ HdrHeap::total_used_size() const
 
   while (h) {
     size += (h->m_free_start - h->m_data_start);
-    h = h->m_next;
+    h    = h->m_next;
   }
 
   return size;
@@ -1170,9 +1170,9 @@ HdrStrHeap::allocate(int nbytes)
   char *new_space;
 
   if (m_free_size >= static_cast<unsigned>(nbytes)) {
-    new_space = m_free_start;
+    new_space    = m_free_start;
     m_free_start += nbytes;
-    m_free_size -= nbytes;
+    m_free_size  -= nbytes;
     return new_space;
   } else {
     return nullptr;
@@ -1194,7 +1194,7 @@ HdrStrHeap::expand(char *ptr, int old_size, int new_size)
 
   if (ptr + old_size == m_free_start && expand_size <= m_free_size) {
     m_free_start += expand_size;
-    m_free_size -= expand_size;
+    m_free_size  -= expand_size;
     return ptr;
   } else {
     return nullptr;
diff --git a/proxy/hdrs/HdrHeap.h b/proxy/hdrs/HdrHeap.h
index 6422aa57a6e..8785265615d 100644
--- a/proxy/hdrs/HdrHeap.h
+++ b/proxy/hdrs/HdrHeap.h
@@ -66,8 +66,8 @@ enum {
 };
 
 struct HdrHeapObjImpl {
-  uint32_t m_type : 8;
-  uint32_t m_length : 20;
+  uint32_t m_type      : 8;
+  uint32_t m_length    : 20;
   uint32_t m_obj_flags : 4;
 };
 
@@ -472,7 +472,7 @@ struct HdrHeapSDKHandle {
 
   // In order to prevent gratitous refcounting,
   //  automatic C++ copies are disabled!
-  HdrHeapSDKHandle(const HdrHeapSDKHandle &r) = delete;
+  HdrHeapSDKHandle(const HdrHeapSDKHandle &r)            = delete;
   HdrHeapSDKHandle &operator=(const HdrHeapSDKHandle &r) = delete;
 };
 
diff --git a/proxy/hdrs/HdrToken.cc b/proxy/hdrs/HdrToken.cc
index fe6abf6ada7..f613fca3e8c 100644
--- a/proxy/hdrs/HdrToken.cc
+++ b/proxy/hdrs/HdrToken.cc
@@ -119,133 +119,133 @@ static const char *_hdrtoken_strs[] = {
   "br"};
 
 static HdrTokenTypeBinding _hdrtoken_strs_type_initializers[] = {
-  {"file", HDRTOKEN_TYPE_SCHEME},
-  {"ftp", HDRTOKEN_TYPE_SCHEME},
-  {"gopher", HDRTOKEN_TYPE_SCHEME},
-  {"http", HDRTOKEN_TYPE_SCHEME},
-  {"https", HDRTOKEN_TYPE_SCHEME},
-  {"mailto", HDRTOKEN_TYPE_SCHEME},
-  {"news", HDRTOKEN_TYPE_SCHEME},
-  {"nntp", HDRTOKEN_TYPE_SCHEME},
-  {"prospero", HDRTOKEN_TYPE_SCHEME},
-  {"telnet", HDRTOKEN_TYPE_SCHEME},
-  {"tunnel", HDRTOKEN_TYPE_SCHEME},
-  {"wais", HDRTOKEN_TYPE_SCHEME},
-  {"pnm", HDRTOKEN_TYPE_SCHEME},
-  {"rtsp", HDRTOKEN_TYPE_SCHEME},
-  {"rtspu", HDRTOKEN_TYPE_SCHEME},
-  {"mms", HDRTOKEN_TYPE_SCHEME},
-  {"mmsu", HDRTOKEN_TYPE_SCHEME},
-  {"mmst", HDRTOKEN_TYPE_SCHEME},
-  {"wss", HDRTOKEN_TYPE_SCHEME},
-  {"ws", HDRTOKEN_TYPE_SCHEME},
-
-  {"CONNECT", HDRTOKEN_TYPE_METHOD},
-  {"DELETE", HDRTOKEN_TYPE_METHOD},
-  {"GET", HDRTOKEN_TYPE_METHOD},
-  {"HEAD", HDRTOKEN_TYPE_METHOD},
-  {"OPTIONS", HDRTOKEN_TYPE_METHOD},
-  {"POST", HDRTOKEN_TYPE_METHOD},
-  {"PURGE", HDRTOKEN_TYPE_METHOD},
-  {"PUT", HDRTOKEN_TYPE_METHOD},
-  {"TRACE", HDRTOKEN_TYPE_METHOD},
-  {"PUSH", HDRTOKEN_TYPE_METHOD},
-
-  {"max-age", HDRTOKEN_TYPE_CACHE_CONTROL},
-  {"max-stale", HDRTOKEN_TYPE_CACHE_CONTROL},
-  {"min-fresh", HDRTOKEN_TYPE_CACHE_CONTROL},
-  {"must-revalidate", HDRTOKEN_TYPE_CACHE_CONTROL},
-  {"no-cache", HDRTOKEN_TYPE_CACHE_CONTROL},
-  {"no-store", HDRTOKEN_TYPE_CACHE_CONTROL},
-  {"no-transform", HDRTOKEN_TYPE_CACHE_CONTROL},
-  {"only-if-cached", HDRTOKEN_TYPE_CACHE_CONTROL},
-  {"private", HDRTOKEN_TYPE_CACHE_CONTROL},
-  {"proxy-revalidate", HDRTOKEN_TYPE_CACHE_CONTROL},
-  {"public", HDRTOKEN_TYPE_CACHE_CONTROL},
-  {"s-maxage", HDRTOKEN_TYPE_CACHE_CONTROL},
-  {"need-revalidate-once", HDRTOKEN_TYPE_CACHE_CONTROL},
-
-  {(char *)nullptr, static_cast<HdrTokenType>(0)},
+  {"file",                 HDRTOKEN_TYPE_SCHEME        },
+  {"ftp",                  HDRTOKEN_TYPE_SCHEME        },
+  {"gopher",               HDRTOKEN_TYPE_SCHEME        },
+  {"http",                 HDRTOKEN_TYPE_SCHEME        },
+  {"https",                HDRTOKEN_TYPE_SCHEME        },
+  {"mailto",               HDRTOKEN_TYPE_SCHEME        },
+  {"news",                 HDRTOKEN_TYPE_SCHEME        },
+  {"nntp",                 HDRTOKEN_TYPE_SCHEME        },
+  {"prospero",             HDRTOKEN_TYPE_SCHEME        },
+  {"telnet",               HDRTOKEN_TYPE_SCHEME        },
+  {"tunnel",               HDRTOKEN_TYPE_SCHEME        },
+  {"wais",                 HDRTOKEN_TYPE_SCHEME        },
+  {"pnm",                  HDRTOKEN_TYPE_SCHEME        },
+  {"rtsp",                 HDRTOKEN_TYPE_SCHEME        },
+  {"rtspu",                HDRTOKEN_TYPE_SCHEME        },
+  {"mms",                  HDRTOKEN_TYPE_SCHEME        },
+  {"mmsu",                 HDRTOKEN_TYPE_SCHEME        },
+  {"mmst",                 HDRTOKEN_TYPE_SCHEME        },
+  {"wss",                  HDRTOKEN_TYPE_SCHEME        },
+  {"ws",                   HDRTOKEN_TYPE_SCHEME        },
+
+  {"CONNECT",              HDRTOKEN_TYPE_METHOD        },
+  {"DELETE",               HDRTOKEN_TYPE_METHOD        },
+  {"GET",                  HDRTOKEN_TYPE_METHOD        },
+  {"HEAD",                 HDRTOKEN_TYPE_METHOD        },
+  {"OPTIONS",              HDRTOKEN_TYPE_METHOD        },
+  {"POST",                 HDRTOKEN_TYPE_METHOD        },
+  {"PURGE",                HDRTOKEN_TYPE_METHOD        },
+  {"PUT",                  HDRTOKEN_TYPE_METHOD        },
+  {"TRACE",                HDRTOKEN_TYPE_METHOD        },
+  {"PUSH",                 HDRTOKEN_TYPE_METHOD        },
+
+  {"max-age",              HDRTOKEN_TYPE_CACHE_CONTROL },
+  {"max-stale",            HDRTOKEN_TYPE_CACHE_CONTROL },
+  {"min-fresh",            HDRTOKEN_TYPE_CACHE_CONTROL },
+  {"must-revalidate",      HDRTOKEN_TYPE_CACHE_CONTROL },
+  {"no-cache",             HDRTOKEN_TYPE_CACHE_CONTROL },
+  {"no-store",             HDRTOKEN_TYPE_CACHE_CONTROL },
+  {"no-transform",         HDRTOKEN_TYPE_CACHE_CONTROL },
+  {"only-if-cached",       HDRTOKEN_TYPE_CACHE_CONTROL },
+  {"private",              HDRTOKEN_TYPE_CACHE_CONTROL },
+  {"proxy-revalidate",     HDRTOKEN_TYPE_CACHE_CONTROL },
+  {"public",               HDRTOKEN_TYPE_CACHE_CONTROL },
+  {"s-maxage",             HDRTOKEN_TYPE_CACHE_CONTROL },
+  {"need-revalidate-once", HDRTOKEN_TYPE_CACHE_CONTROL },
+
+  {(char *)nullptr,        static_cast<HdrTokenType>(0)},
 };
 
 static HdrTokenFieldInfo _hdrtoken_strs_field_initializers[] = {
-  {"Accept", MIME_SLOTID_ACCEPT, MIME_PRESENCE_ACCEPT, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Accept-Charset", MIME_SLOTID_ACCEPT_CHARSET, MIME_PRESENCE_ACCEPT_CHARSET, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Accept-Encoding", MIME_SLOTID_ACCEPT_ENCODING, MIME_PRESENCE_ACCEPT_ENCODING, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Accept-Language", MIME_SLOTID_ACCEPT_LANGUAGE, MIME_PRESENCE_ACCEPT_LANGUAGE, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Accept-Ranges", MIME_SLOTID_NONE, MIME_PRESENCE_ACCEPT_RANGES, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Age", MIME_SLOTID_AGE, MIME_PRESENCE_AGE, HTIF_NONE},
-  {"Allow", MIME_SLOTID_NONE, MIME_PRESENCE_ALLOW, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Approved", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, HTIF_NONE},
-  {"Authorization", MIME_SLOTID_AUTHORIZATION, MIME_PRESENCE_AUTHORIZATION, HTIF_NONE},
-  {"Bytes", MIME_SLOTID_NONE, MIME_PRESENCE_BYTES, HTIF_NONE},
-  {"Cache-Control", MIME_SLOTID_CACHE_CONTROL, MIME_PRESENCE_CACHE_CONTROL, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Client-ip", MIME_SLOTID_CLIENT_IP, MIME_PRESENCE_CLIENT_IP, HTIF_NONE},
-  {"Connection", MIME_SLOTID_CONNECTION, MIME_PRESENCE_CONNECTION, (HTIF_COMMAS | HTIF_MULTVALS | HTIF_HOPBYHOP)},
-  {"Content-Base", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, HTIF_NONE},
-  {"Content-Encoding", MIME_SLOTID_CONTENT_ENCODING, MIME_PRESENCE_CONTENT_ENCODING, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Content-Language", MIME_SLOTID_CONTENT_LANGUAGE, MIME_PRESENCE_CONTENT_LANGUAGE, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Content-Length", MIME_SLOTID_CONTENT_LENGTH, MIME_PRESENCE_CONTENT_LENGTH, HTIF_NONE},
-  {"Content-Location", MIME_SLOTID_NONE, MIME_PRESENCE_CONTENT_LOCATION, HTIF_NONE},
-  {"Content-MD5", MIME_SLOTID_NONE, MIME_PRESENCE_CONTENT_MD5, HTIF_NONE},
-  {"Content-Range", MIME_SLOTID_NONE, MIME_PRESENCE_CONTENT_RANGE, HTIF_NONE},
-  {"Content-Type", MIME_SLOTID_CONTENT_TYPE, MIME_PRESENCE_CONTENT_TYPE, HTIF_NONE},
-  {"Control", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, HTIF_NONE},
-  {"Cookie", MIME_SLOTID_COOKIE, MIME_PRESENCE_COOKIE, (HTIF_MULTVALS)},
-  {"Date", MIME_SLOTID_DATE, MIME_PRESENCE_DATE, HTIF_NONE},
-  {"Distribution", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, HTIF_NONE},
-  {"Etag", MIME_SLOTID_NONE, MIME_PRESENCE_ETAG, HTIF_NONE},
-  {"Expires", MIME_SLOTID_EXPIRES, MIME_PRESENCE_EXPIRES, HTIF_NONE},
-  {"Followup-To", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, HTIF_NONE},
-  {"From", MIME_SLOTID_NONE, MIME_PRESENCE_FROM, HTIF_NONE},
-  {"Host", MIME_SLOTID_NONE, MIME_PRESENCE_HOST, HTIF_NONE},
-  {"If-Match", MIME_SLOTID_IF_MATCH, MIME_PRESENCE_IF_MATCH, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"If-Modified-Since", MIME_SLOTID_IF_MODIFIED_SINCE, MIME_PRESENCE_IF_MODIFIED_SINCE, HTIF_NONE},
-  {"If-None-Match", MIME_SLOTID_IF_NONE_MATCH, MIME_PRESENCE_IF_NONE_MATCH, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"If-Range", MIME_SLOTID_IF_RANGE, MIME_PRESENCE_IF_RANGE, HTIF_NONE},
-  {"If-Unmodified-Since", MIME_SLOTID_IF_UNMODIFIED_SINCE, MIME_PRESENCE_IF_UNMODIFIED_SINCE, HTIF_NONE},
-  {"Keep-Alive", MIME_SLOTID_NONE, MIME_PRESENCE_KEEP_ALIVE, (HTIF_HOPBYHOP)},
-  {"Keywords", MIME_SLOTID_NONE, MIME_PRESENCE_KEYWORDS, HTIF_NONE},
-  {"Last-Modified", MIME_SLOTID_LAST_MODIFIED, MIME_PRESENCE_LAST_MODIFIED, HTIF_NONE},
-  {"Lines", MIME_SLOTID_NONE, MIME_PRESENCE_LINES, HTIF_NONE},
-  {"Location", MIME_SLOTID_NONE, MIME_PRESENCE_LOCATION, (HTIF_MULTVALS)},
-  {"Max-Forwards", MIME_SLOTID_NONE, MIME_PRESENCE_MAX_FORWARDS, HTIF_NONE},
-  {"Message-ID", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, HTIF_NONE},
-  {"Newsgroups", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, HTIF_NONE},
-  {"Organization", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, HTIF_NONE},
-  {"Path", MIME_SLOTID_NONE, MIME_PRESENCE_PATH, HTIF_NONE},
-  {"Pragma", MIME_SLOTID_PRAGMA, MIME_PRESENCE_PRAGMA, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Proxy-Authenticate", MIME_SLOTID_NONE, MIME_PRESENCE_PROXY_AUTHENTICATE, (HTIF_HOPBYHOP | HTIF_PROXYAUTH)},
-  {"Proxy-Authorization", MIME_SLOTID_NONE, MIME_PRESENCE_PROXY_AUTHORIZATION, (HTIF_HOPBYHOP | HTIF_PROXYAUTH)},
-  {"Proxy-Connection", MIME_SLOTID_PROXY_CONNECTION, MIME_PRESENCE_PROXY_CONNECTION, (HTIF_COMMAS | HTIF_MULTVALS | HTIF_HOPBYHOP)},
-  {"Public", MIME_SLOTID_NONE, MIME_PRESENCE_PUBLIC, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Range", MIME_SLOTID_RANGE, MIME_PRESENCE_RANGE, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"References", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, HTIF_NONE},
-  {"Referer", MIME_SLOTID_NONE, MIME_PRESENCE_REFERER, HTIF_NONE},
-  {"Reply-To", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, HTIF_NONE},
-  {"Retry-After", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, HTIF_NONE},
-  {"Sender", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, HTIF_NONE},
-  {"Server", MIME_SLOTID_NONE, MIME_PRESENCE_SERVER, HTIF_NONE},
-  {"Set-Cookie", MIME_SLOTID_SET_COOKIE, MIME_PRESENCE_SET_COOKIE, (HTIF_MULTVALS)},
-  {"Strict-Transport-Security", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, (HTIF_MULTVALS)},
-  {"Subject", MIME_SLOTID_NONE, MIME_PRESENCE_SUBJECT, HTIF_NONE},
-  {"Summary", MIME_SLOTID_NONE, MIME_PRESENCE_SUMMARY, HTIF_NONE},
-  {"TE", MIME_SLOTID_TE, MIME_PRESENCE_TE, (HTIF_COMMAS | HTIF_MULTVALS | HTIF_HOPBYHOP)},
-  {"Transfer-Encoding", MIME_SLOTID_TRANSFER_ENCODING, MIME_PRESENCE_TRANSFER_ENCODING,
-   (HTIF_COMMAS | HTIF_MULTVALS | HTIF_HOPBYHOP)},
-  {"Upgrade", MIME_SLOTID_NONE, MIME_PRESENCE_UPGRADE, (HTIF_COMMAS | HTIF_MULTVALS | HTIF_HOPBYHOP)},
-  {"User-Agent", MIME_SLOTID_USER_AGENT, MIME_PRESENCE_USER_AGENT, HTIF_NONE},
-  {"Vary", MIME_SLOTID_VARY, MIME_PRESENCE_VARY, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Via", MIME_SLOTID_VIA, MIME_PRESENCE_VIA, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Warning", MIME_SLOTID_NONE, MIME_PRESENCE_WARNING, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Www-Authenticate", MIME_SLOTID_WWW_AUTHENTICATE, MIME_PRESENCE_WWW_AUTHENTICATE, HTIF_NONE},
-  {"Xref", MIME_SLOTID_NONE, MIME_PRESENCE_XREF, HTIF_NONE},
-  {"X-ID", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, (HTIF_COMMAS | HTIF_MULTVALS | HTIF_HOPBYHOP)},
-  {"X-Forwarded-For", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Forwarded", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, (HTIF_COMMAS | HTIF_MULTVALS)},
-  {"Sec-WebSocket-Key", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, HTIF_NONE},
-  {"Sec-WebSocket-Version", MIME_SLOTID_NONE, MIME_PRESENCE_NONE, HTIF_NONE},
-  {nullptr, 0, 0, 0},
+  {"Accept",                    MIME_SLOTID_ACCEPT,              MIME_PRESENCE_ACCEPT,              (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Accept-Charset",            MIME_SLOTID_ACCEPT_CHARSET,      MIME_PRESENCE_ACCEPT_CHARSET,      (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Accept-Encoding",           MIME_SLOTID_ACCEPT_ENCODING,     MIME_PRESENCE_ACCEPT_ENCODING,     (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Accept-Language",           MIME_SLOTID_ACCEPT_LANGUAGE,     MIME_PRESENCE_ACCEPT_LANGUAGE,     (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Accept-Ranges",             MIME_SLOTID_NONE,                MIME_PRESENCE_ACCEPT_RANGES,       (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Age",                       MIME_SLOTID_AGE,                 MIME_PRESENCE_AGE,                 HTIF_NONE                                    },
+  {"Allow",                     MIME_SLOTID_NONE,                MIME_PRESENCE_ALLOW,               (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Approved",                  MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                HTIF_NONE                                    },
+  {"Authorization",             MIME_SLOTID_AUTHORIZATION,       MIME_PRESENCE_AUTHORIZATION,       HTIF_NONE                                    },
+  {"Bytes",                     MIME_SLOTID_NONE,                MIME_PRESENCE_BYTES,               HTIF_NONE                                    },
+  {"Cache-Control",             MIME_SLOTID_CACHE_CONTROL,       MIME_PRESENCE_CACHE_CONTROL,       (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Client-ip",                 MIME_SLOTID_CLIENT_IP,           MIME_PRESENCE_CLIENT_IP,           HTIF_NONE                                    },
+  {"Connection",                MIME_SLOTID_CONNECTION,          MIME_PRESENCE_CONNECTION,          (HTIF_COMMAS | HTIF_MULTVALS | HTIF_HOPBYHOP)},
+  {"Content-Base",              MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                HTIF_NONE                                    },
+  {"Content-Encoding",          MIME_SLOTID_CONTENT_ENCODING,    MIME_PRESENCE_CONTENT_ENCODING,    (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Content-Language",          MIME_SLOTID_CONTENT_LANGUAGE,    MIME_PRESENCE_CONTENT_LANGUAGE,    (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Content-Length",            MIME_SLOTID_CONTENT_LENGTH,      MIME_PRESENCE_CONTENT_LENGTH,      HTIF_NONE                                    },
+  {"Content-Location",          MIME_SLOTID_NONE,                MIME_PRESENCE_CONTENT_LOCATION,    HTIF_NONE                                    },
+  {"Content-MD5",               MIME_SLOTID_NONE,                MIME_PRESENCE_CONTENT_MD5,         HTIF_NONE                                    },
+  {"Content-Range",             MIME_SLOTID_NONE,                MIME_PRESENCE_CONTENT_RANGE,       HTIF_NONE                                    },
+  {"Content-Type",              MIME_SLOTID_CONTENT_TYPE,        MIME_PRESENCE_CONTENT_TYPE,        HTIF_NONE                                    },
+  {"Control",                   MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                HTIF_NONE                                    },
+  {"Cookie",                    MIME_SLOTID_COOKIE,              MIME_PRESENCE_COOKIE,              (HTIF_MULTVALS)                              },
+  {"Date",                      MIME_SLOTID_DATE,                MIME_PRESENCE_DATE,                HTIF_NONE                                    },
+  {"Distribution",              MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                HTIF_NONE                                    },
+  {"Etag",                      MIME_SLOTID_NONE,                MIME_PRESENCE_ETAG,                HTIF_NONE                                    },
+  {"Expires",                   MIME_SLOTID_EXPIRES,             MIME_PRESENCE_EXPIRES,             HTIF_NONE                                    },
+  {"Followup-To",               MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                HTIF_NONE                                    },
+  {"From",                      MIME_SLOTID_NONE,                MIME_PRESENCE_FROM,                HTIF_NONE                                    },
+  {"Host",                      MIME_SLOTID_NONE,                MIME_PRESENCE_HOST,                HTIF_NONE                                    },
+  {"If-Match",                  MIME_SLOTID_IF_MATCH,            MIME_PRESENCE_IF_MATCH,            (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"If-Modified-Since",         MIME_SLOTID_IF_MODIFIED_SINCE,   MIME_PRESENCE_IF_MODIFIED_SINCE,   HTIF_NONE                                    },
+  {"If-None-Match",             MIME_SLOTID_IF_NONE_MATCH,       MIME_PRESENCE_IF_NONE_MATCH,       (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"If-Range",                  MIME_SLOTID_IF_RANGE,            MIME_PRESENCE_IF_RANGE,            HTIF_NONE                                    },
+  {"If-Unmodified-Since",       MIME_SLOTID_IF_UNMODIFIED_SINCE, MIME_PRESENCE_IF_UNMODIFIED_SINCE, HTIF_NONE                                    },
+  {"Keep-Alive",                MIME_SLOTID_NONE,                MIME_PRESENCE_KEEP_ALIVE,          (HTIF_HOPBYHOP)                              },
+  {"Keywords",                  MIME_SLOTID_NONE,                MIME_PRESENCE_KEYWORDS,            HTIF_NONE                                    },
+  {"Last-Modified",             MIME_SLOTID_LAST_MODIFIED,       MIME_PRESENCE_LAST_MODIFIED,       HTIF_NONE                                    },
+  {"Lines",                     MIME_SLOTID_NONE,                MIME_PRESENCE_LINES,               HTIF_NONE                                    },
+  {"Location",                  MIME_SLOTID_NONE,                MIME_PRESENCE_LOCATION,            (HTIF_MULTVALS)                              },
+  {"Max-Forwards",              MIME_SLOTID_NONE,                MIME_PRESENCE_MAX_FORWARDS,        HTIF_NONE                                    },
+  {"Message-ID",                MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                HTIF_NONE                                    },
+  {"Newsgroups",                MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                HTIF_NONE                                    },
+  {"Organization",              MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                HTIF_NONE                                    },
+  {"Path",                      MIME_SLOTID_NONE,                MIME_PRESENCE_PATH,                HTIF_NONE                                    },
+  {"Pragma",                    MIME_SLOTID_PRAGMA,              MIME_PRESENCE_PRAGMA,              (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Proxy-Authenticate",        MIME_SLOTID_NONE,                MIME_PRESENCE_PROXY_AUTHENTICATE,  (HTIF_HOPBYHOP | HTIF_PROXYAUTH)             },
+  {"Proxy-Authorization",       MIME_SLOTID_NONE,                MIME_PRESENCE_PROXY_AUTHORIZATION, (HTIF_HOPBYHOP | HTIF_PROXYAUTH)             },
+  {"Proxy-Connection",          MIME_SLOTID_PROXY_CONNECTION,    MIME_PRESENCE_PROXY_CONNECTION,    (HTIF_COMMAS | HTIF_MULTVALS | HTIF_HOPBYHOP)},
+  {"Public",                    MIME_SLOTID_NONE,                MIME_PRESENCE_PUBLIC,              (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Range",                     MIME_SLOTID_RANGE,               MIME_PRESENCE_RANGE,               (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"References",                MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                HTIF_NONE                                    },
+  {"Referer",                   MIME_SLOTID_NONE,                MIME_PRESENCE_REFERER,             HTIF_NONE                                    },
+  {"Reply-To",                  MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                HTIF_NONE                                    },
+  {"Retry-After",               MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                HTIF_NONE                                    },
+  {"Sender",                    MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                HTIF_NONE                                    },
+  {"Server",                    MIME_SLOTID_NONE,                MIME_PRESENCE_SERVER,              HTIF_NONE                                    },
+  {"Set-Cookie",                MIME_SLOTID_SET_COOKIE,          MIME_PRESENCE_SET_COOKIE,          (HTIF_MULTVALS)                              },
+  {"Strict-Transport-Security", MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                (HTIF_MULTVALS)                              },
+  {"Subject",                   MIME_SLOTID_NONE,                MIME_PRESENCE_SUBJECT,             HTIF_NONE                                    },
+  {"Summary",                   MIME_SLOTID_NONE,                MIME_PRESENCE_SUMMARY,             HTIF_NONE                                    },
+  {"TE",                        MIME_SLOTID_TE,                  MIME_PRESENCE_TE,                  (HTIF_COMMAS | HTIF_MULTVALS | HTIF_HOPBYHOP)},
+  {"Transfer-Encoding",         MIME_SLOTID_TRANSFER_ENCODING,   MIME_PRESENCE_TRANSFER_ENCODING,
+   (HTIF_COMMAS | HTIF_MULTVALS | HTIF_HOPBYHOP)                                                                                                 },
+  {"Upgrade",                   MIME_SLOTID_NONE,                MIME_PRESENCE_UPGRADE,             (HTIF_COMMAS | HTIF_MULTVALS | HTIF_HOPBYHOP)},
+  {"User-Agent",                MIME_SLOTID_USER_AGENT,          MIME_PRESENCE_USER_AGENT,          HTIF_NONE                                    },
+  {"Vary",                      MIME_SLOTID_VARY,                MIME_PRESENCE_VARY,                (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Via",                       MIME_SLOTID_VIA,                 MIME_PRESENCE_VIA,                 (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Warning",                   MIME_SLOTID_NONE,                MIME_PRESENCE_WARNING,             (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Www-Authenticate",          MIME_SLOTID_WWW_AUTHENTICATE,    MIME_PRESENCE_WWW_AUTHENTICATE,    HTIF_NONE                                    },
+  {"Xref",                      MIME_SLOTID_NONE,                MIME_PRESENCE_XREF,                HTIF_NONE                                    },
+  {"X-ID",                      MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                (HTIF_COMMAS | HTIF_MULTVALS | HTIF_HOPBYHOP)},
+  {"X-Forwarded-For",           MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Forwarded",                 MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                (HTIF_COMMAS | HTIF_MULTVALS)                },
+  {"Sec-WebSocket-Key",         MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                HTIF_NONE                                    },
+  {"Sec-WebSocket-Version",     MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                HTIF_NONE                                    },
+  {nullptr,                     0,                               0,                                 0                                            },
 };
 
 const char *_hdrtoken_strs_heap_f = nullptr; // storage first byte
@@ -454,7 +454,7 @@ hdrtoken_init()
       hdrtoken_str_lengths[i]   = static_cast<int>(strlen(_hdrtoken_strs[i]));
       int sstr_len              = snap_up_to_multiple(hdrtoken_str_lengths[i] + 1, sizeof(HdrTokenHeapPrefix));
       int packed_prefix_str_len = sizeof(HdrTokenHeapPrefix) + sstr_len;
-      heap_size += packed_prefix_str_len;
+      heap_size                 += packed_prefix_str_len;
     }
 
     _hdrtoken_strs_heap_f = static_cast<const char *>(ats_malloc(heap_size));
@@ -477,13 +477,13 @@ hdrtoken_init()
 
       int sstr_len = snap_up_to_multiple(hdrtoken_str_lengths[i] + 1, sizeof(HdrTokenHeapPrefix));
 
-      *reinterpret_cast<HdrTokenHeapPrefix *>(heap_ptr) = prefix; // set string prefix
-      heap_ptr += sizeof(HdrTokenHeapPrefix);                     // advance heap ptr past index
-      hdrtoken_strs[i] = heap_ptr;                                // record string pointer
+      *reinterpret_cast<HdrTokenHeapPrefix *>(heap_ptr) = prefix;                      // set string prefix
+      heap_ptr                                          += sizeof(HdrTokenHeapPrefix); // advance heap ptr past index
+      hdrtoken_strs[i]                                  = heap_ptr;                    // record string pointer
       // coverity[secure_coding]
       ink_strlcpy(const_cast<char *>(hdrtoken_strs[i]), _hdrtoken_strs[i],
                   heap_size - sizeof(HdrTokenHeapPrefix)); // copy string into heap
-      heap_ptr += sstr_len;                                // advance heap ptr past string
+      heap_ptr  += sstr_len;                               // advance heap ptr past string
       heap_size -= sstr_len;
     }
 
diff --git a/proxy/hdrs/HdrToken.h b/proxy/hdrs/HdrToken.h
index 2532ce4d147..0c2ef0ee33a 100644
--- a/proxy/hdrs/HdrToken.h
+++ b/proxy/hdrs/HdrToken.h
@@ -250,38 +250,38 @@ hdrtoken_wks_to_flags(const char *wks)
 //
 ////////////////////////////////////////////////////////////////////////////
 
-#define MIME_SLOTID_ACCEPT 0
-#define MIME_SLOTID_ACCEPT_CHARSET 1
-#define MIME_SLOTID_ACCEPT_ENCODING 2
-#define MIME_SLOTID_ACCEPT_LANGUAGE 3
-#define MIME_SLOTID_AGE 4
-#define MIME_SLOTID_AUTHORIZATION 5
-#define MIME_SLOTID_CACHE_CONTROL 6
-#define MIME_SLOTID_CLIENT_IP 7
-#define MIME_SLOTID_CONNECTION 8
-#define MIME_SLOTID_CONTENT_ENCODING 9
-#define MIME_SLOTID_CONTENT_LANGUAGE 10
-#define MIME_SLOTID_CONTENT_LENGTH 11
-#define MIME_SLOTID_CONTENT_TYPE 12
-#define MIME_SLOTID_COOKIE 13
-#define MIME_SLOTID_DATE 14
-#define MIME_SLOTID_EXPIRES 15
-#define MIME_SLOTID_IF_MATCH 16
-#define MIME_SLOTID_IF_MODIFIED_SINCE 17
-#define MIME_SLOTID_IF_NONE_MATCH 18
-#define MIME_SLOTID_IF_RANGE 19
+#define MIME_SLOTID_ACCEPT              0
+#define MIME_SLOTID_ACCEPT_CHARSET      1
+#define MIME_SLOTID_ACCEPT_ENCODING     2
+#define MIME_SLOTID_ACCEPT_LANGUAGE     3
+#define MIME_SLOTID_AGE                 4
+#define MIME_SLOTID_AUTHORIZATION       5
+#define MIME_SLOTID_CACHE_CONTROL       6
+#define MIME_SLOTID_CLIENT_IP           7
+#define MIME_SLOTID_CONNECTION          8
+#define MIME_SLOTID_CONTENT_ENCODING    9
+#define MIME_SLOTID_CONTENT_LANGUAGE    10
+#define MIME_SLOTID_CONTENT_LENGTH      11
+#define MIME_SLOTID_CONTENT_TYPE        12
+#define MIME_SLOTID_COOKIE              13
+#define MIME_SLOTID_DATE                14
+#define MIME_SLOTID_EXPIRES             15
+#define MIME_SLOTID_IF_MATCH            16
+#define MIME_SLOTID_IF_MODIFIED_SINCE   17
+#define MIME_SLOTID_IF_NONE_MATCH       18
+#define MIME_SLOTID_IF_RANGE            19
 #define MIME_SLOTID_IF_UNMODIFIED_SINCE 20
-#define MIME_SLOTID_LAST_MODIFIED 21
-#define MIME_SLOTID_PRAGMA 22
-#define MIME_SLOTID_PROXY_CONNECTION 23
-#define MIME_SLOTID_RANGE 24
-#define MIME_SLOTID_SET_COOKIE 25
-#define MIME_SLOTID_TE 26
-#define MIME_SLOTID_TRANSFER_ENCODING 27
-#define MIME_SLOTID_USER_AGENT 28
-#define MIME_SLOTID_VARY 29
-#define MIME_SLOTID_VIA 30
-#define MIME_SLOTID_WWW_AUTHENTICATE 31
+#define MIME_SLOTID_LAST_MODIFIED       21
+#define MIME_SLOTID_PRAGMA              22
+#define MIME_SLOTID_PROXY_CONNECTION    23
+#define MIME_SLOTID_RANGE               24
+#define MIME_SLOTID_SET_COOKIE          25
+#define MIME_SLOTID_TE                  26
+#define MIME_SLOTID_TRANSFER_ENCODING   27
+#define MIME_SLOTID_USER_AGENT          28
+#define MIME_SLOTID_VARY                29
+#define MIME_SLOTID_VIA                 30
+#define MIME_SLOTID_WWW_AUTHENTICATE    31
 
 #define MIME_SLOTID_NONE -1
 
@@ -301,62 +301,62 @@ hdrtoken_wks_to_flags(const char *wks)
 //   life hard
 #define TOK_64_CONST(x) x##LL
 
-#define MIME_PRESENCE_ACCEPT (TOK_64_CONST(1) << 0)
-#define MIME_PRESENCE_ACCEPT_CHARSET (TOK_64_CONST(1) << 1)
-#define MIME_PRESENCE_ACCEPT_ENCODING (TOK_64_CONST(1) << 2)
-#define MIME_PRESENCE_ACCEPT_LANGUAGE (TOK_64_CONST(1) << 3)
-#define MIME_PRESENCE_ACCEPT_RANGES (TOK_64_CONST(1) << 4)
-#define MIME_PRESENCE_AGE (TOK_64_CONST(1) << 5)
-#define MIME_PRESENCE_ALLOW (TOK_64_CONST(1) << 6)
-#define MIME_PRESENCE_AUTHORIZATION (TOK_64_CONST(1) << 7)
-#define MIME_PRESENCE_BYTES (TOK_64_CONST(1) << 8)
-#define MIME_PRESENCE_CACHE_CONTROL (TOK_64_CONST(1) << 9)
-#define MIME_PRESENCE_CLIENT_IP (TOK_64_CONST(1) << 10)
-#define MIME_PRESENCE_CONNECTION (TOK_64_CONST(1) << 11)
-#define MIME_PRESENCE_CONTENT_ENCODING (TOK_64_CONST(1) << 12)
-#define MIME_PRESENCE_CONTENT_LANGUAGE (TOK_64_CONST(1) << 13)
-#define MIME_PRESENCE_CONTENT_LENGTH (TOK_64_CONST(1) << 14)
-#define MIME_PRESENCE_CONTENT_LOCATION (TOK_64_CONST(1) << 15)
-#define MIME_PRESENCE_CONTENT_MD5 (TOK_64_CONST(1) << 16)
-#define MIME_PRESENCE_CONTENT_RANGE (TOK_64_CONST(1) << 17)
-#define MIME_PRESENCE_CONTENT_TYPE (TOK_64_CONST(1) << 18)
-#define MIME_PRESENCE_COOKIE (TOK_64_CONST(1) << 19)
-#define MIME_PRESENCE_DATE (TOK_64_CONST(1) << 20)
-#define MIME_PRESENCE_ETAG (TOK_64_CONST(1) << 21)
-#define MIME_PRESENCE_EXPIRES (TOK_64_CONST(1) << 22)
-#define MIME_PRESENCE_FROM (TOK_64_CONST(1) << 23)
-#define MIME_PRESENCE_HOST (TOK_64_CONST(1) << 24)
-#define MIME_PRESENCE_IF_MATCH (TOK_64_CONST(1) << 25)
-#define MIME_PRESENCE_IF_MODIFIED_SINCE (TOK_64_CONST(1) << 26)
-#define MIME_PRESENCE_IF_NONE_MATCH (TOK_64_CONST(1) << 27)
-#define MIME_PRESENCE_IF_RANGE (TOK_64_CONST(1) << 28)
+#define MIME_PRESENCE_ACCEPT              (TOK_64_CONST(1) << 0)
+#define MIME_PRESENCE_ACCEPT_CHARSET      (TOK_64_CONST(1) << 1)
+#define MIME_PRESENCE_ACCEPT_ENCODING     (TOK_64_CONST(1) << 2)
+#define MIME_PRESENCE_ACCEPT_LANGUAGE     (TOK_64_CONST(1) << 3)
+#define MIME_PRESENCE_ACCEPT_RANGES       (TOK_64_CONST(1) << 4)
+#define MIME_PRESENCE_AGE                 (TOK_64_CONST(1) << 5)
+#define MIME_PRESENCE_ALLOW               (TOK_64_CONST(1) << 6)
+#define MIME_PRESENCE_AUTHORIZATION       (TOK_64_CONST(1) << 7)
+#define MIME_PRESENCE_BYTES               (TOK_64_CONST(1) << 8)
+#define MIME_PRESENCE_CACHE_CONTROL       (TOK_64_CONST(1) << 9)
+#define MIME_PRESENCE_CLIENT_IP           (TOK_64_CONST(1) << 10)
+#define MIME_PRESENCE_CONNECTION          (TOK_64_CONST(1) << 11)
+#define MIME_PRESENCE_CONTENT_ENCODING    (TOK_64_CONST(1) << 12)
+#define MIME_PRESENCE_CONTENT_LANGUAGE    (TOK_64_CONST(1) << 13)
+#define MIME_PRESENCE_CONTENT_LENGTH      (TOK_64_CONST(1) << 14)
+#define MIME_PRESENCE_CONTENT_LOCATION    (TOK_64_CONST(1) << 15)
+#define MIME_PRESENCE_CONTENT_MD5         (TOK_64_CONST(1) << 16)
+#define MIME_PRESENCE_CONTENT_RANGE       (TOK_64_CONST(1) << 17)
+#define MIME_PRESENCE_CONTENT_TYPE        (TOK_64_CONST(1) << 18)
+#define MIME_PRESENCE_COOKIE              (TOK_64_CONST(1) << 19)
+#define MIME_PRESENCE_DATE                (TOK_64_CONST(1) << 20)
+#define MIME_PRESENCE_ETAG                (TOK_64_CONST(1) << 21)
+#define MIME_PRESENCE_EXPIRES             (TOK_64_CONST(1) << 22)
+#define MIME_PRESENCE_FROM                (TOK_64_CONST(1) << 23)
+#define MIME_PRESENCE_HOST                (TOK_64_CONST(1) << 24)
+#define MIME_PRESENCE_IF_MATCH            (TOK_64_CONST(1) << 25)
+#define MIME_PRESENCE_IF_MODIFIED_SINCE   (TOK_64_CONST(1) << 26)
+#define MIME_PRESENCE_IF_NONE_MATCH       (TOK_64_CONST(1) << 27)
+#define MIME_PRESENCE_IF_RANGE            (TOK_64_CONST(1) << 28)
 #define MIME_PRESENCE_IF_UNMODIFIED_SINCE (TOK_64_CONST(1) << 29)
-#define MIME_PRESENCE_KEEP_ALIVE (TOK_64_CONST(1) << 30)
-#define MIME_PRESENCE_KEYWORDS (TOK_64_CONST(1) << 31)
-#define MIME_PRESENCE_LAST_MODIFIED (TOK_64_CONST(1) << 32)
-#define MIME_PRESENCE_LINES (TOK_64_CONST(1) << 33)
-#define MIME_PRESENCE_LOCATION (TOK_64_CONST(1) << 34)
-#define MIME_PRESENCE_MAX_FORWARDS (TOK_64_CONST(1) << 35)
-#define MIME_PRESENCE_PATH (TOK_64_CONST(1) << 36)
-#define MIME_PRESENCE_PRAGMA (TOK_64_CONST(1) << 37)
-#define MIME_PRESENCE_PROXY_AUTHENTICATE (TOK_64_CONST(1) << 38)
+#define MIME_PRESENCE_KEEP_ALIVE          (TOK_64_CONST(1) << 30)
+#define MIME_PRESENCE_KEYWORDS            (TOK_64_CONST(1) << 31)
+#define MIME_PRESENCE_LAST_MODIFIED       (TOK_64_CONST(1) << 32)
+#define MIME_PRESENCE_LINES               (TOK_64_CONST(1) << 33)
+#define MIME_PRESENCE_LOCATION            (TOK_64_CONST(1) << 34)
+#define MIME_PRESENCE_MAX_FORWARDS        (TOK_64_CONST(1) << 35)
+#define MIME_PRESENCE_PATH                (TOK_64_CONST(1) << 36)
+#define MIME_PRESENCE_PRAGMA              (TOK_64_CONST(1) << 37)
+#define MIME_PRESENCE_PROXY_AUTHENTICATE  (TOK_64_CONST(1) << 38)
 #define MIME_PRESENCE_PROXY_AUTHORIZATION (TOK_64_CONST(1) << 39)
-#define MIME_PRESENCE_PROXY_CONNECTION (TOK_64_CONST(1) << 40)
-#define MIME_PRESENCE_PUBLIC (TOK_64_CONST(1) << 41)
-#define MIME_PRESENCE_RANGE (TOK_64_CONST(1) << 42)
-#define MIME_PRESENCE_REFERER (TOK_64_CONST(1) << 43)
-#define MIME_PRESENCE_SERVER (TOK_64_CONST(1) << 44)
-#define MIME_PRESENCE_SET_COOKIE (TOK_64_CONST(1) << 45)
-#define MIME_PRESENCE_SUBJECT (TOK_64_CONST(1) << 46)
-#define MIME_PRESENCE_SUMMARY (TOK_64_CONST(1) << 47)
-#define MIME_PRESENCE_TE (TOK_64_CONST(1) << 48)
-#define MIME_PRESENCE_TRANSFER_ENCODING (TOK_64_CONST(1) << 49)
-#define MIME_PRESENCE_UPGRADE (TOK_64_CONST(1) << 50)
-#define MIME_PRESENCE_USER_AGENT (TOK_64_CONST(1) << 51)
-#define MIME_PRESENCE_VARY (TOK_64_CONST(1) << 52)
-#define MIME_PRESENCE_VIA (TOK_64_CONST(1) << 53)
-#define MIME_PRESENCE_WARNING (TOK_64_CONST(1) << 54)
-#define MIME_PRESENCE_WWW_AUTHENTICATE (TOK_64_CONST(1) << 55)
+#define MIME_PRESENCE_PROXY_CONNECTION    (TOK_64_CONST(1) << 40)
+#define MIME_PRESENCE_PUBLIC              (TOK_64_CONST(1) << 41)
+#define MIME_PRESENCE_RANGE               (TOK_64_CONST(1) << 42)
+#define MIME_PRESENCE_REFERER             (TOK_64_CONST(1) << 43)
+#define MIME_PRESENCE_SERVER              (TOK_64_CONST(1) << 44)
+#define MIME_PRESENCE_SET_COOKIE          (TOK_64_CONST(1) << 45)
+#define MIME_PRESENCE_SUBJECT             (TOK_64_CONST(1) << 46)
+#define MIME_PRESENCE_SUMMARY             (TOK_64_CONST(1) << 47)
+#define MIME_PRESENCE_TE                  (TOK_64_CONST(1) << 48)
+#define MIME_PRESENCE_TRANSFER_ENCODING   (TOK_64_CONST(1) << 49)
+#define MIME_PRESENCE_UPGRADE             (TOK_64_CONST(1) << 50)
+#define MIME_PRESENCE_USER_AGENT          (TOK_64_CONST(1) << 51)
+#define MIME_PRESENCE_VARY                (TOK_64_CONST(1) << 52)
+#define MIME_PRESENCE_VIA                 (TOK_64_CONST(1) << 53)
+#define MIME_PRESENCE_WARNING             (TOK_64_CONST(1) << 54)
+#define MIME_PRESENCE_WWW_AUTHENTICATE    (TOK_64_CONST(1) << 55)
 
 // bits 56-60 were used for a benchmark hack, but are now free to be used
 // for something else
@@ -369,7 +369,7 @@ hdrtoken_wks_to_flags(const char *wks)
 #define MIME_PRESENCE_XREF (TOK_64_CONST(1) << 61)
 
 #define MIME_PRESENCE_NONE TOK_64_CONST(0)
-#define MIME_PRESENCE_ALL ~(TOK_64_CONST(0))
+#define MIME_PRESENCE_ALL  ~(TOK_64_CONST(0))
 
 /*-------------------------------------------------------------------------
   -------------------------------------------------------------------------*/
diff --git a/proxy/hdrs/HuffmanCodec.cc b/proxy/hdrs/HuffmanCodec.cc
index a99e30306c8..520c2e93e92 100644
--- a/proxy/hdrs/HuffmanCodec.cc
+++ b/proxy/hdrs/HuffmanCodec.cc
@@ -32,43 +32,264 @@ struct huffman_entry {
 };
 
 static const huffman_entry huffman_table[] = {
-  {0x1ff8, 13},    {0x7fffd8, 23},   {0xfffffe2, 28}, {0xfffffe3, 28},  {0xfffffe4, 28}, {0xfffffe5, 28}, {0xfffffe6, 28},
-  {0xfffffe7, 28}, {0xfffffe8, 28},  {0xffffea, 24},  {0x3ffffffc, 30}, {0xfffffe9, 28}, {0xfffffea, 28}, {0x3ffffffd, 30},
-  {0xfffffeb, 28}, {0xfffffec, 28},  {0xfffffed, 28}, {0xfffffee, 28},  {0xfffffef, 28}, {0xffffff0, 28}, {0xffffff1, 28},
-  {0xffffff2, 28}, {0x3ffffffe, 30}, {0xffffff3, 28}, {0xffffff4, 28},  {0xffffff5, 28}, {0xffffff6, 28}, {0xffffff7, 28},
-  {0xffffff8, 28}, {0xffffff9, 28},  {0xffffffa, 28}, {0xffffffb, 28},  {0x14, 6},       {0x3f8, 10},     {0x3f9, 10},
-  {0xffa, 12},     {0x1ff9, 13},     {0x15, 6},       {0xf8, 8},        {0x7fa, 11},     {0x3fa, 10},     {0x3fb, 10},
-  {0xf9, 8},       {0x7fb, 11},      {0xfa, 8},       {0x16, 6},        {0x17, 6},       {0x18, 6},       {0x0, 5},
-  {0x1, 5},        {0x2, 5},         {0x19, 6},       {0x1a, 6},        {0x1b, 6},       {0x1c, 6},       {0x1d, 6},
-  {0x1e, 6},       {0x1f, 6},        {0x5c, 7},       {0xfb, 8},        {0x7ffc, 15},    {0x20, 6},       {0xffb, 12},
-  {0x3fc, 10},     {0x1ffa, 13},     {0x21, 6},       {0x5d, 7},        {0x5e, 7},       {0x5f, 7},       {0x60, 7},
-  {0x61, 7},       {0x62, 7},        {0x63, 7},       {0x64, 7},        {0x65, 7},       {0x66, 7},       {0x67, 7},
-  {0x68, 7},       {0x69, 7},        {0x6a, 7},       {0x6b, 7},        {0x6c, 7},       {0x6d, 7},       {0x6e, 7},
-  {0x6f, 7},       {0x70, 7},        {0x71, 7},       {0x72, 7},        {0xfc, 8},       {0x73, 7},       {0xfd, 8},
-  {0x1ffb, 13},    {0x7fff0, 19},    {0x1ffc, 13},    {0x3ffc, 14},     {0x22, 6},       {0x7ffd, 15},    {0x3, 5},
-  {0x23, 6},       {0x4, 5},         {0x24, 6},       {0x5, 5},         {0x25, 6},       {0x26, 6},       {0x27, 6},
-  {0x6, 5},        {0x74, 7},        {0x75, 7},       {0x28, 6},        {0x29, 6},       {0x2a, 6},       {0x7, 5},
-  {0x2b, 6},       {0x76, 7},        {0x2c, 6},       {0x8, 5},         {0x9, 5},        {0x2d, 6},       {0x77, 7},
-  {0x78, 7},       {0x79, 7},        {0x7a, 7},       {0x7b, 7},        {0x7ffe, 15},    {0x7fc, 11},     {0x3ffd, 14},
-  {0x1ffd, 13},    {0xffffffc, 28},  {0xfffe6, 20},   {0x3fffd2, 22},   {0xfffe7, 20},   {0xfffe8, 20},   {0x3fffd3, 22},
-  {0x3fffd4, 22},  {0x3fffd5, 22},   {0x7fffd9, 23},  {0x3fffd6, 22},   {0x7fffda, 23},  {0x7fffdb, 23},  {0x7fffdc, 23},
-  {0x7fffdd, 23},  {0x7fffde, 23},   {0xffffeb, 24},  {0x7fffdf, 23},   {0xffffec, 24},  {0xffffed, 24},  {0x3fffd7, 22},
-  {0x7fffe0, 23},  {0xffffee, 24},   {0x7fffe1, 23},  {0x7fffe2, 23},   {0x7fffe3, 23},  {0x7fffe4, 23},  {0x1fffdc, 21},
-  {0x3fffd8, 22},  {0x7fffe5, 23},   {0x3fffd9, 22},  {0x7fffe6, 23},   {0x7fffe7, 23},  {0xffffef, 24},  {0x3fffda, 22},
-  {0x1fffdd, 21},  {0xfffe9, 20},    {0x3fffdb, 22},  {0x3fffdc, 22},   {0x7fffe8, 23},  {0x7fffe9, 23},  {0x1fffde, 21},
-  {0x7fffea, 23},  {0x3fffdd, 22},   {0x3fffde, 22},  {0xfffff0, 24},   {0x1fffdf, 21},  {0x3fffdf, 22},  {0x7fffeb, 23},
-  {0x7fffec, 23},  {0x1fffe0, 21},   {0x1fffe1, 21},  {0x3fffe0, 22},   {0x1fffe2, 21},  {0x7fffed, 23},  {0x3fffe1, 22},
-  {0x7fffee, 23},  {0x7fffef, 23},   {0xfffea, 20},   {0x3fffe2, 22},   {0x3fffe3, 22},  {0x3fffe4, 22},  {0x7ffff0, 23},
-  {0x3fffe5, 22},  {0x3fffe6, 22},   {0x7ffff1, 23},  {0x3ffffe0, 26},  {0x3ffffe1, 26}, {0xfffeb, 20},   {0x7fff1, 19},
-  {0x3fffe7, 22},  {0x7ffff2, 23},   {0x3fffe8, 22},  {0x1ffffec, 25},  {0x3ffffe2, 26}, {0x3ffffe3, 26}, {0x3ffffe4, 26},
-  {0x7ffffde, 27}, {0x7ffffdf, 27},  {0x3ffffe5, 26}, {0xfffff1, 24},   {0x1ffffed, 25}, {0x7fff2, 19},   {0x1fffe3, 21},
-  {0x3ffffe6, 26}, {0x7ffffe0, 27},  {0x7ffffe1, 27}, {0x3ffffe7, 26},  {0x7ffffe2, 27}, {0xfffff2, 24},  {0x1fffe4, 21},
-  {0x1fffe5, 21},  {0x3ffffe8, 26},  {0x3ffffe9, 26}, {0xffffffd, 28},  {0x7ffffe3, 27}, {0x7ffffe4, 27}, {0x7ffffe5, 27},
-  {0xfffec, 20},   {0xfffff3, 24},   {0xfffed, 20},   {0x1fffe6, 21},   {0x3fffe9, 22},  {0x1fffe7, 21},  {0x1fffe8, 21},
-  {0x7ffff3, 23},  {0x3fffea, 22},   {0x3fffeb, 22},  {0x1ffffee, 25},  {0x1ffffef, 25}, {0xfffff4, 24},  {0xfffff5, 24},
-  {0x3ffffea, 26}, {0x7ffff4, 23},   {0x3ffffeb, 26}, {0x7ffffe6, 27},  {0x3ffffec, 26}, {0x3ffffed, 26}, {0x7ffffe7, 27},
-  {0x7ffffe8, 27}, {0x7ffffe9, 27},  {0x7ffffea, 27}, {0x7ffffeb, 27},  {0xffffffe, 28}, {0x7ffffec, 27}, {0x7ffffed, 27},
-  {0x7ffffee, 27}, {0x7ffffef, 27},  {0x7fffff0, 27}, {0x3ffffee, 26},  {0x3fffffff, 30}};
+  {0x1ff8,     13},
+  {0x7fffd8,   23},
+  {0xfffffe2,  28},
+  {0xfffffe3,  28},
+  {0xfffffe4,  28},
+  {0xfffffe5,  28},
+  {0xfffffe6,  28},
+  {0xfffffe7,  28},
+  {0xfffffe8,  28},
+  {0xffffea,   24},
+  {0x3ffffffc, 30},
+  {0xfffffe9,  28},
+  {0xfffffea,  28},
+  {0x3ffffffd, 30},
+  {0xfffffeb,  28},
+  {0xfffffec,  28},
+  {0xfffffed,  28},
+  {0xfffffee,  28},
+  {0xfffffef,  28},
+  {0xffffff0,  28},
+  {0xffffff1,  28},
+  {0xffffff2,  28},
+  {0x3ffffffe, 30},
+  {0xffffff3,  28},
+  {0xffffff4,  28},
+  {0xffffff5,  28},
+  {0xffffff6,  28},
+  {0xffffff7,  28},
+  {0xffffff8,  28},
+  {0xffffff9,  28},
+  {0xffffffa,  28},
+  {0xffffffb,  28},
+  {0x14,       6 },
+  {0x3f8,      10},
+  {0x3f9,      10},
+  {0xffa,      12},
+  {0x1ff9,     13},
+  {0x15,       6 },
+  {0xf8,       8 },
+  {0x7fa,      11},
+  {0x3fa,      10},
+  {0x3fb,      10},
+  {0xf9,       8 },
+  {0x7fb,      11},
+  {0xfa,       8 },
+  {0x16,       6 },
+  {0x17,       6 },
+  {0x18,       6 },
+  {0x0,        5 },
+  {0x1,        5 },
+  {0x2,        5 },
+  {0x19,       6 },
+  {0x1a,       6 },
+  {0x1b,       6 },
+  {0x1c,       6 },
+  {0x1d,       6 },
+  {0x1e,       6 },
+  {0x1f,       6 },
+  {0x5c,       7 },
+  {0xfb,       8 },
+  {0x7ffc,     15},
+  {0x20,       6 },
+  {0xffb,      12},
+  {0x3fc,      10},
+  {0x1ffa,     13},
+  {0x21,       6 },
+  {0x5d,       7 },
+  {0x5e,       7 },
+  {0x5f,       7 },
+  {0x60,       7 },
+  {0x61,       7 },
+  {0x62,       7 },
+  {0x63,       7 },
+  {0x64,       7 },
+  {0x65,       7 },
+  {0x66,       7 },
+  {0x67,       7 },
+  {0x68,       7 },
+  {0x69,       7 },
+  {0x6a,       7 },
+  {0x6b,       7 },
+  {0x6c,       7 },
+  {0x6d,       7 },
+  {0x6e,       7 },
+  {0x6f,       7 },
+  {0x70,       7 },
+  {0x71,       7 },
+  {0x72,       7 },
+  {0xfc,       8 },
+  {0x73,       7 },
+  {0xfd,       8 },
+  {0x1ffb,     13},
+  {0x7fff0,    19},
+  {0x1ffc,     13},
+  {0x3ffc,     14},
+  {0x22,       6 },
+  {0x7ffd,     15},
+  {0x3,        5 },
+  {0x23,       6 },
+  {0x4,        5 },
+  {0x24,       6 },
+  {0x5,        5 },
+  {0x25,       6 },
+  {0x26,       6 },
+  {0x27,       6 },
+  {0x6,        5 },
+  {0x74,       7 },
+  {0x75,       7 },
+  {0x28,       6 },
+  {0x29,       6 },
+  {0x2a,       6 },
+  {0x7,        5 },
+  {0x2b,       6 },
+  {0x76,       7 },
+  {0x2c,       6 },
+  {0x8,        5 },
+  {0x9,        5 },
+  {0x2d,       6 },
+  {0x77,       7 },
+  {0x78,       7 },
+  {0x79,       7 },
+  {0x7a,       7 },
+  {0x7b,       7 },
+  {0x7ffe,     15},
+  {0x7fc,      11},
+  {0x3ffd,     14},
+  {0x1ffd,     13},
+  {0xffffffc,  28},
+  {0xfffe6,    20},
+  {0x3fffd2,   22},
+  {0xfffe7,    20},
+  {0xfffe8,    20},
+  {0x3fffd3,   22},
+  {0x3fffd4,   22},
+  {0x3fffd5,   22},
+  {0x7fffd9,   23},
+  {0x3fffd6,   22},
+  {0x7fffda,   23},
+  {0x7fffdb,   23},
+  {0x7fffdc,   23},
+  {0x7fffdd,   23},
+  {0x7fffde,   23},
+  {0xffffeb,   24},
+  {0x7fffdf,   23},
+  {0xffffec,   24},
+  {0xffffed,   24},
+  {0x3fffd7,   22},
+  {0x7fffe0,   23},
+  {0xffffee,   24},
+  {0x7fffe1,   23},
+  {0x7fffe2,   23},
+  {0x7fffe3,   23},
+  {0x7fffe4,   23},
+  {0x1fffdc,   21},
+  {0x3fffd8,   22},
+  {0x7fffe5,   23},
+  {0x3fffd9,   22},
+  {0x7fffe6,   23},
+  {0x7fffe7,   23},
+  {0xffffef,   24},
+  {0x3fffda,   22},
+  {0x1fffdd,   21},
+  {0xfffe9,    20},
+  {0x3fffdb,   22},
+  {0x3fffdc,   22},
+  {0x7fffe8,   23},
+  {0x7fffe9,   23},
+  {0x1fffde,   21},
+  {0x7fffea,   23},
+  {0x3fffdd,   22},
+  {0x3fffde,   22},
+  {0xfffff0,   24},
+  {0x1fffdf,   21},
+  {0x3fffdf,   22},
+  {0x7fffeb,   23},
+  {0x7fffec,   23},
+  {0x1fffe0,   21},
+  {0x1fffe1,   21},
+  {0x3fffe0,   22},
+  {0x1fffe2,   21},
+  {0x7fffed,   23},
+  {0x3fffe1,   22},
+  {0x7fffee,   23},
+  {0x7fffef,   23},
+  {0xfffea,    20},
+  {0x3fffe2,   22},
+  {0x3fffe3,   22},
+  {0x3fffe4,   22},
+  {0x7ffff0,   23},
+  {0x3fffe5,   22},
+  {0x3fffe6,   22},
+  {0x7ffff1,   23},
+  {0x3ffffe0,  26},
+  {0x3ffffe1,  26},
+  {0xfffeb,    20},
+  {0x7fff1,    19},
+  {0x3fffe7,   22},
+  {0x7ffff2,   23},
+  {0x3fffe8,   22},
+  {0x1ffffec,  25},
+  {0x3ffffe2,  26},
+  {0x3ffffe3,  26},
+  {0x3ffffe4,  26},
+  {0x7ffffde,  27},
+  {0x7ffffdf,  27},
+  {0x3ffffe5,  26},
+  {0xfffff1,   24},
+  {0x1ffffed,  25},
+  {0x7fff2,    19},
+  {0x1fffe3,   21},
+  {0x3ffffe6,  26},
+  {0x7ffffe0,  27},
+  {0x7ffffe1,  27},
+  {0x3ffffe7,  26},
+  {0x7ffffe2,  27},
+  {0xfffff2,   24},
+  {0x1fffe4,   21},
+  {0x1fffe5,   21},
+  {0x3ffffe8,  26},
+  {0x3ffffe9,  26},
+  {0xffffffd,  28},
+  {0x7ffffe3,  27},
+  {0x7ffffe4,  27},
+  {0x7ffffe5,  27},
+  {0xfffec,    20},
+  {0xfffff3,   24},
+  {0xfffed,    20},
+  {0x1fffe6,   21},
+  {0x3fffe9,   22},
+  {0x1fffe7,   21},
+  {0x1fffe8,   21},
+  {0x7ffff3,   23},
+  {0x3fffea,   22},
+  {0x3fffeb,   22},
+  {0x1ffffee,  25},
+  {0x1ffffef,  25},
+  {0xfffff4,   24},
+  {0xfffff5,   24},
+  {0x3ffffea,  26},
+  {0x7ffff4,   23},
+  {0x3ffffeb,  26},
+  {0x7ffffe6,  27},
+  {0x3ffffec,  26},
+  {0x3ffffed,  26},
+  {0x7ffffe7,  27},
+  {0x7ffffe8,  27},
+  {0x7ffffe9,  27},
+  {0x7ffffea,  27},
+  {0x7ffffeb,  27},
+  {0xffffffe,  28},
+  {0x7ffffec,  27},
+  {0x7ffffed,  27},
+  {0x7ffffee,  27},
+  {0x7ffffef,  27},
+  {0x7fffff0,  27},
+  {0x3ffffee,  26},
+  {0x3fffffff, 30}
+};
 
 using Node = struct node {
   node *left, *right;
@@ -150,7 +371,7 @@ hpack_huffman_fin()
 }
 
 #define MAX_HUFFMAN_CODE_LEN 30
-#define EOS 0x3fffffff
+#define EOS                  0x3fffffff
 
 int64_t
 huffman_decode(char *dst_start, const uint8_t *src, uint32_t src_len)
@@ -167,7 +388,7 @@ huffman_decode(char *dst_start, const uint8_t *src, uint32_t src_len)
     }
     if (*src & (1 << shift)) {
       curr_bits |= 1;
-      current = current->right;
+      current   = current->right;
     } else {
       current = current->left;
     }
@@ -233,14 +454,14 @@ huffman_encode(uint8_t *dst_start, const uint8_t *src, uint32_t src_len)
 
     if (remain_bits > bit_len) {
       remain_bits = remain_bits - bit_len;
-      buf |= hex << remain_bits;
+      buf         |= hex << remain_bits;
     } else if (remain_bits == bit_len) {
-      buf |= hex;
+      buf         |= hex;
       dst         = huffman_encode_append(dst, buf);
       remain_bits = 32;
       buf         = 0;
     } else {
-      buf |= hex >> (bit_len - remain_bits);
+      buf         |= hex >> (bit_len - remain_bits);
       dst         = huffman_encode_append(dst, buf);
       remain_bits = (32 - (bit_len - remain_bits));
       buf         = hex << remain_bits;
diff --git a/proxy/hdrs/MIME.cc b/proxy/hdrs/MIME.cc
index 902fd62c4cf..a1ebec5d9ec 100644
--- a/proxy/hdrs/MIME.cc
+++ b/proxy/hdrs/MIME.cc
@@ -43,8 +43,8 @@ using ts::TextView;
  *                    C O M P I L E    O P T I O N S                   *
  *                                                                     *
  ***********************************************************************/
-#define TRACK_FIELD_FIND_CALLS 0
-#define TRACK_COOKING 0
+#define TRACK_FIELD_FIND_CALLS            0
+#define TRACK_COOKING                     0
 #define MIME_FORMAT_DATE_USE_LOOKUP_TABLE 1
 
 /***********************************************************************
@@ -612,7 +612,7 @@ mime_hdr_sanity_check(MIMEHdrImpl *mh)
           }
 
           uint64_t mask = mime_field_presence_mask(field->m_wks_idx);
-          masksum |= mask;
+          masksum       |= mask;
 
           int32_t slot_id = hdrtoken_index_to_slotid(field->m_wks_idx);
           if ((slot_id != MIME_SLOTID_NONE) && (slot_index < MIME_FIELD_SLOTNUM_UNKNOWN) &&
@@ -951,20 +951,22 @@ mime_init_cache_control_cooking_masks()
   static struct {
     const char *name;
     uint32_t mask;
-  } cc_mask_table[] = {{"max-age", MIME_COOKED_MASK_CC_MAX_AGE},
-                       {"no-cache", MIME_COOKED_MASK_CC_NO_CACHE},
-                       {"no-store", MIME_COOKED_MASK_CC_NO_STORE},
-                       {"no-transform", MIME_COOKED_MASK_CC_NO_TRANSFORM},
-                       {"max-stale", MIME_COOKED_MASK_CC_MAX_STALE},
-                       {"min-fresh", MIME_COOKED_MASK_CC_MIN_FRESH},
-                       {"only-if-cached", MIME_COOKED_MASK_CC_ONLY_IF_CACHED},
-                       {"public", MIME_COOKED_MASK_CC_PUBLIC},
-                       {"private", MIME_COOKED_MASK_CC_PRIVATE},
-                       {"must-revalidate", MIME_COOKED_MASK_CC_MUST_REVALIDATE},
-                       {"proxy-revalidate", MIME_COOKED_MASK_CC_PROXY_REVALIDATE},
-                       {"s-maxage", MIME_COOKED_MASK_CC_S_MAXAGE},
-                       {"need-revalidate-once", MIME_COOKED_MASK_CC_NEED_REVALIDATE_ONCE},
-                       {nullptr, 0}};
+  } cc_mask_table[] = {
+    {"max-age",              MIME_COOKED_MASK_CC_MAX_AGE             },
+    {"no-cache",             MIME_COOKED_MASK_CC_NO_CACHE            },
+    {"no-store",             MIME_COOKED_MASK_CC_NO_STORE            },
+    {"no-transform",         MIME_COOKED_MASK_CC_NO_TRANSFORM        },
+    {"max-stale",            MIME_COOKED_MASK_CC_MAX_STALE           },
+    {"min-fresh",            MIME_COOKED_MASK_CC_MIN_FRESH           },
+    {"only-if-cached",       MIME_COOKED_MASK_CC_ONLY_IF_CACHED      },
+    {"public",               MIME_COOKED_MASK_CC_PUBLIC              },
+    {"private",              MIME_COOKED_MASK_CC_PRIVATE             },
+    {"must-revalidate",      MIME_COOKED_MASK_CC_MUST_REVALIDATE     },
+    {"proxy-revalidate",     MIME_COOKED_MASK_CC_PROXY_REVALIDATE    },
+    {"s-maxage",             MIME_COOKED_MASK_CC_S_MAXAGE            },
+    {"need-revalidate-once", MIME_COOKED_MASK_CC_NEED_REVALIDATE_ONCE},
+    {nullptr,                0                                       }
+  };
 
   for (int i = 0; cc_mask_table[i].name != nullptr; i++) {
     const char *wks                              = hdrtoken_string_to_wks(cc_mask_table[i].name);
@@ -1925,7 +1927,7 @@ mime_field_value_str_from_strlist(HdrHeap *heap, int *new_str_len_return, StrLis
   cell = list->head;
   for (i = 0; i < list->count; i++) {
     new_value_len += cell->len;
-    cell = cell->next;
+    cell          = cell->next;
   }
   if (list->count > 1) {
     new_value_len += (2 * (list->count - 1));
@@ -2096,7 +2098,7 @@ mime_field_value_extend_comma_val(HdrHeap *heap, MIMEHdrImpl *mh, MIMEField *fie
 
   // (4) trim quotes if any
   if ((cell->len >= 2) && (cell->str[0] == '\"') && (cell->str[cell->len - 1] == '\"')) {
-    trimmed = 1;
+    trimmed   = 1;
     cell->str += 1;
     cell->len -= 2;
   } else {
@@ -2781,8 +2783,8 @@ mime_mem_print_(const char *src_d, int src_l, char *buf_start, int buf_length, i
       *buf_chars_to_skip_inout -= src_l;
       return 1;
     } else {
-      src_l -= *buf_chars_to_skip_inout;
-      src_d += *buf_chars_to_skip_inout;
+      src_l                    -= *buf_chars_to_skip_inout;
+      src_d                    += *buf_chars_to_skip_inout;
       *buf_chars_to_skip_inout = 0;
     }
   }
@@ -2854,7 +2856,7 @@ mime_field_print(MIMEField *field, char *buf_start, int buf_length, int *buf_ind
 
       buf_start[0] = ':';
       buf_start[1] = ' ';
-      buf_start += 2;
+      buf_start    += 2;
 
       memcpy(buf_start, field->m_ptr_value, field->m_len_value);
       buf_start += field->m_len_value;
@@ -2952,9 +2954,9 @@ mime_days_since_epoch_to_mdy_slowcase(unsigned int days_since_jan_1_1970, int *m
   d = dp = (year * 365) + (year / 4) - (year / 100) + (year / 100 + 3) / 4 - DAYS_OFFSET - 1;
 
   while (dp < mday) {
-    d = dp;
+    d    = dp;
     year += 1;
-    dp = (year * 365) + (year / 4) - (year / 100) + (year / 100 + 3) / 4 - DAYS_OFFSET - 1;
+    dp   = (year * 365) + (year / 4) - (year / 100) + (year / 100 + 3) / 4 - DAYS_OFFSET - 1;
   }
 
   /* convert the days */
@@ -3028,11 +3030,11 @@ mime_format_date(char *buffer, time_t value)
 
   buf = buffer;
 
-  sec = static_cast<int>(value % 60);
+  sec   = static_cast<int>(value % 60);
   value /= 60;
-  min = static_cast<int>(value % 60);
+  min   = static_cast<int>(value % 60);
   value /= 60;
-  hour = static_cast<int>(value % 24);
+  hour  = static_cast<int>(value % 24);
   value /= 24;
 
   /* Jan 1, 1970 was a Thursday */
@@ -3056,24 +3058,24 @@ mime_format_date(char *buffer, time_t value)
   buf[0]                     = three_char_day[0];
   buf[1]                     = three_char_day[1];
   buf[2]                     = three_char_day[2];
-  buf += 3;
+  buf                        += 3;
 
   buf[0] = ',';
   buf[1] = ' ';
-  buf += 2;
+  buf    += 2;
 
   /* the day of month */
   buf[0] = digitstrs[mday][0];
   buf[1] = digitstrs[mday][1];
   buf[2] = ' ';
-  buf += 3;
+  buf    += 3;
 
   /* the month string */
   const char *three_char_month = monthstrs[month];
   buf[0]                       = three_char_month[0];
   buf[1]                       = three_char_month[1];
   buf[2]                       = three_char_month[2];
-  buf += 3;
+  buf                          += 3;
 
   /* the year */
   buf[0] = ' ';
@@ -3090,40 +3092,40 @@ mime_format_date(char *buffer, time_t value)
     buf[4] = (year - 1990) + '0';
   } else {
     buf[4] = (year % 10) + '0';
-    year /= 10;
+    year   /= 10;
     buf[3] = (year % 10) + '0';
-    year /= 10;
+    year   /= 10;
     buf[2] = (year % 10) + '0';
-    year /= 10;
+    year   /= 10;
     buf[1] = (year % 10) + '0';
   }
   buf[5] = ' ';
-  buf += 6;
+  buf    += 6;
 
   /* the hour */
   buf[0] = digitstrs[hour][0];
   buf[1] = digitstrs[hour][1];
   buf[2] = ':';
-  buf += 3;
+  buf    += 3;
 
   /* the minute */
   buf[0] = digitstrs[min][0];
   buf[1] = digitstrs[min][1];
   buf[2] = ':';
-  buf += 3;
+  buf    += 3;
 
   /* the second */
   buf[0] = digitstrs[sec][0];
   buf[1] = digitstrs[sec][1];
   buf[2] = ' ';
-  buf += 3;
+  buf    += 3;
 
   /* the timezone string */
   buf[0] = 'G';
   buf[1] = 'M';
   buf[2] = 'T';
   buf[3] = '\0';
-  buf += 3;
+  buf    += 3;
 
   return buf - buffer; // not counting NUL
 }
@@ -3161,7 +3163,7 @@ mime_parse_int(const char *buf, const char *end)
 
     if ((buf != end) && (*buf == '-')) {
       negative = true;
-      buf += 1;
+      buf      += 1;
     }
     // NOTE: we first compute the value as negative then correct the
     // sign back to positive. This enables us to correctly parse MININT.
@@ -3238,7 +3240,7 @@ mime_parse_int64(const char *buf, const char *end)
 
     if ((buf != end) && (*buf == '-')) {
       negative = true;
-      buf += 1;
+      buf      += 1;
     }
     // NOTE: we first compute the value as negative then correct the
     // sign back to positive. This enables us to correctly parse MININT.
@@ -3646,7 +3648,7 @@ mime_parse_integer(const char *&buf, const char *end, int *integer)
 
     if ((buf != end) && (*buf == '-')) {
       negative = true;
-      buf += 1;
+      buf      += 1;
     }
     // NOTE: we first compute the value as negative then correct the
     // sign back to positive. This enables us to correctly parse MININT.
@@ -3865,10 +3867,10 @@ MIMEHdrImpl::recompute_cooked_stuff(MIMEField *changing_field_or_null)
       if (!field->has_dups()) {
         s = field->value_get(&len);
         if (ptr_len_casecmp(s, len, "public", 6) == 0) {
-          mask = MIME_COOKED_MASK_CC_PUBLIC;
+          mask                                  = MIME_COOKED_MASK_CC_PUBLIC;
           m_cooked_stuff.m_cache_control.m_mask |= mask;
         } else if (ptr_len_casecmp(s, len, "private,no-cache", 16) == 0) {
-          mask = MIME_COOKED_MASK_CC_PRIVATE | MIME_COOKED_MASK_CC_NO_CACHE;
+          mask                                  = MIME_COOKED_MASK_CC_PRIVATE | MIME_COOKED_MASK_CC_NO_CACHE;
           m_cooked_stuff.m_cache_control.m_mask |= mask;
         }
       }
@@ -3889,8 +3891,8 @@ MIMEHdrImpl::recompute_cooked_stuff(MIMEField *changing_field_or_null)
             Debug("http", "recompute_cooked_stuff: got field '%s'", token_wks);
 #endif
 
-            HdrTokenHeapPrefix *p = hdrtoken_wks_to_prefix(token_wks);
-            mask                  = p->wks_type_specific.u.cache_control.cc_mask;
+            HdrTokenHeapPrefix *p                 = hdrtoken_wks_to_prefix(token_wks);
+            mask                                  = p->wks_type_specific.u.cache_control.cc_mask;
             m_cooked_stuff.m_cache_control.m_mask |= mask;
 
 #if TRACK_COOKING
diff --git a/proxy/hdrs/MIME.h b/proxy/hdrs/MIME.h
index ba9501d82de..162340e75a2 100644
--- a/proxy/hdrs/MIME.h
+++ b/proxy/hdrs/MIME.h
@@ -73,19 +73,19 @@ enum MimeParseState {
 #define MIME_HDR_SANITY_CHECK (void)
 #endif
 
-#define MIME_FIELD_SLOT_READINESS_EMPTY 0
+#define MIME_FIELD_SLOT_READINESS_EMPTY    0
 #define MIME_FIELD_SLOT_READINESS_DETACHED 1
-#define MIME_FIELD_SLOT_READINESS_LIVE 2
-#define MIME_FIELD_SLOT_READINESS_DELETED 3
+#define MIME_FIELD_SLOT_READINESS_LIVE     2
+#define MIME_FIELD_SLOT_READINESS_DELETED  3
 
 #define MIME_FIELD_SLOT_FLAGS_DUP_HEAD (1 << 0)
-#define MIME_FIELD_SLOT_FLAGS_COOKED (1 << 1)
+#define MIME_FIELD_SLOT_FLAGS_COOKED   (1 << 1)
 
 #define MIME_FIELD_BLOCK_SLOTS 16
 
-#define MIME_FIELD_SLOTNUM_BITS 4
-#define MIME_FIELD_SLOTNUM_MASK ((1 << MIME_FIELD_SLOTNUM_BITS) - 1)
-#define MIME_FIELD_SLOTNUM_MAX (MIME_FIELD_SLOTNUM_MASK - 1)
+#define MIME_FIELD_SLOTNUM_BITS    4
+#define MIME_FIELD_SLOTNUM_MASK    ((1 << MIME_FIELD_SLOTNUM_BITS) - 1)
+#define MIME_FIELD_SLOTNUM_MAX     (MIME_FIELD_SLOTNUM_MASK - 1)
 #define MIME_FIELD_SLOTNUM_UNKNOWN MIME_FIELD_SLOTNUM_MAX
 
 /***********************************************************************
@@ -97,16 +97,16 @@ enum MimeParseState {
 struct MIMEHdrImpl;
 
 struct MIMEField {
-  const char *m_ptr_name;              // 4
-  const char *m_ptr_value;             // 4
-  MIMEField *m_next_dup;               // 4
-  int16_t m_wks_idx;                   // 2
-  uint16_t m_len_name;                 // 2
-  uint32_t m_len_value : 24;           // 3
-  uint8_t m_n_v_raw_printable : 1;     // 1/8
-  uint8_t m_n_v_raw_printable_pad : 3; // 3/8
-  uint8_t m_readiness : 2;             // 2/8
-  uint8_t m_flags : 2;                 // 2/8
+  const char *m_ptr_name;               // 4
+  const char *m_ptr_value;              // 4
+  MIMEField *m_next_dup;                // 4
+  int16_t m_wks_idx;                    // 2
+  uint16_t m_len_name;                  // 2
+  uint32_t m_len_value            : 24; // 3
+  uint8_t m_n_v_raw_printable     : 1;  // 1/8
+  uint8_t m_n_v_raw_printable_pad : 3;  // 3/8
+  uint8_t m_readiness             : 2;  // 2/8
+  uint8_t m_flags                 : 2;  // 2/8
 
   bool
   is_dup_head() const
@@ -1237,7 +1237,7 @@ class MIMEHdr : public HdrHeapSDKHandle
   void set_server(const char *server_id_tag, int server_id_tag_size);
 
   // No gratuitous copies & refcounts!
-  MIMEHdr(const MIMEHdr &m) = delete;
+  MIMEHdr(const MIMEHdr &m)            = delete;
   MIMEHdr &operator=(const MIMEHdr &m) = delete;
 
 private:
diff --git a/proxy/hdrs/URL.cc b/proxy/hdrs/URL.cc
index c9b2f96d6d6..b6d36516b42 100644
--- a/proxy/hdrs/URL.cc
+++ b/proxy/hdrs/URL.cc
@@ -993,8 +993,8 @@ unescape_str(char *&buf, char *buf_e, const char *&str, const char *str_e, int &
 
   first_pct = ink_memcpy_until_char(buf, const_cast<char *>(str), min_len, '%');
   copy_len  = static_cast<int>(first_pct - str);
-  str += copy_len;
-  buf += copy_len;
+  str       += copy_len;
+  buf       += copy_len;
   if (copy_len == min_len) {
     return;
   }
@@ -1003,16 +1003,16 @@ unescape_str(char *&buf, char *buf_e, const char *&str, const char *str_e, int &
     switch (state) {
     case 0:
       if (str[0] == '%') {
-        str += 1;
+        str   += 1;
         state = 1;
       } else {
         *buf++ = str[0];
-        str += 1;
+        str    += 1;
       }
       break;
     case 1:
       if (ParseRules::is_hex(str[0])) {
-        str += 1;
+        str   += 1;
         state = 2;
       } else {
         *buf++ = str[-1];
@@ -1035,8 +1035,8 @@ unescape_str(char *&buf, char *buf_e, const char *&str, const char *str_e, int &
         }
 
         *buf++ = tmp;
-        str += 1;
-        state = 0;
+        str    += 1;
+        state  = 0;
       } else {
         *buf++ = str[-2];
         state  = 3;
@@ -1060,16 +1060,16 @@ unescape_str_tolower(char *&buf, char *end, const char *&str, const char *str_e,
     switch (state) {
     case 0:
       if (str[0] == '%') {
-        str += 1;
+        str   += 1;
         state = 1;
       } else {
         *buf++ = ParseRules::ink_tolower(str[0]);
-        str += 1;
+        str    += 1;
       }
       break;
     case 1:
       if (ParseRules::is_hex(str[0])) {
-        str += 1;
+        str   += 1;
         state = 2;
       } else {
         *buf++ = ParseRules::ink_tolower(str[-1]);
@@ -1092,8 +1092,8 @@ unescape_str_tolower(char *&buf, char *end, const char *&str, const char *str_e,
         }
 
         *buf++ = tmp;
-        str += 1;
-        state = 0;
+        str    += 1;
+        state  = 0;
       } else {
         *buf++ = ParseRules::ink_tolower(str[-2]);
         state  = 3;
@@ -1770,7 +1770,7 @@ url_CryptoHash_get_fast(const URLImpl *url, CryptoContext &ctx, CryptoHash *hash
 
   p = buffer;
   memcpy_tolower(p, url->m_ptr_scheme, url->m_len_scheme);
-  p += url->m_len_scheme;
+  p    += url->m_len_scheme;
   *p++ = ':';
   *p++ = '/';
   *p++ = '/';
@@ -1779,10 +1779,10 @@ url_CryptoHash_get_fast(const URLImpl *url, CryptoContext &ctx, CryptoHash *hash
   // no password
   *p++ = '@';
   memcpy_tolower(p, url->m_ptr_host, url->m_len_host);
-  p += url->m_len_host;
+  p    += url->m_len_host;
   *p++ = '/';
   memcpy(p, url->m_ptr_path, url->m_len_path);
-  p += url->m_len_path;
+  p    += url->m_len_path;
   *p++ = ';';
   // no params
   *p++ = '?';
diff --git a/proxy/hdrs/URL.h b/proxy/hdrs/URL.h
index d91e9f1f8ce..50606bc3e16 100644
--- a/proxy/hdrs/URL.h
+++ b/proxy/hdrs/URL.h
@@ -77,7 +77,7 @@ class URLImpl : public HdrHeapObjImpl
 
   uint32_t m_clean : 1;
   /// Whether the URI had an absolutely empty path, not even an initial '/'.
-  uint32_t m_path_is_empty : 1;
+  uint32_t m_path_is_empty       : 1;
   uint32_t m_normalization_flags : 2; // Only valid if both m_clean and m_ptr_printed_sting are non-zero.
   // 8 bytes + 4 bits, will result in padding
 
@@ -346,7 +346,7 @@ class URL : public HdrHeapSDKHandle
 public:
   static char *unescapify(Arena *arena, const char *str, int length);
   // No gratuitous copies!
-  URL(const URL &u) = delete;
+  URL(const URL &u)            = delete;
   URL &operator=(const URL &u) = delete;
 
 private:
diff --git a/proxy/hdrs/VersionConverter.h b/proxy/hdrs/VersionConverter.h
index bb0e0e25d18..5ecf6c5b502 100644
--- a/proxy/hdrs/VersionConverter.h
+++ b/proxy/hdrs/VersionConverter.h
@@ -67,47 +67,42 @@ class VersionConverter
 
   static constexpr convert_function _convert_functions[2][N_VERSIONS][N_VERSIONS] = {
     {
-      // Request
+     // Request
       {
         // From 1
         &VersionConverter::_convert_nop,
         &VersionConverter::_convert_req_from_1_to_2,
         &VersionConverter::_convert_req_from_1_to_2,
-      },
-      {
+      }, {
         // From 2
         &VersionConverter::_convert_req_from_2_to_1,
         &VersionConverter::_convert_nop,
         &VersionConverter::_convert_nop,
-      },
-      {
+      }, {
         // From 3
         &VersionConverter::_convert_req_from_2_to_1,
         &VersionConverter::_convert_nop,
         &VersionConverter::_convert_nop,
-      },
-    },
+      }, },
     {
-      // Response
+     // Response
       {
         // From 1
         &VersionConverter::_convert_nop,
         &VersionConverter::_convert_res_from_1_to_2,
         &VersionConverter::_convert_res_from_1_to_2,
-      },
-      {
+      }, {
         // From 2
         &VersionConverter::_convert_res_from_2_to_1,
         &VersionConverter::_convert_nop,
         &VersionConverter::_convert_nop,
-      },
-      {
+      },        {
         // From 3
         &VersionConverter::_convert_res_from_2_to_1,
         &VersionConverter::_convert_nop,
         &VersionConverter::_convert_nop,
-      },
-    }};
+      }, }
+  };
 
   static constexpr std::string_view connection_specific_header_fields[] = {
     "Connection", "Keep-Alive", "Proxy-Connection", "Transfer-Encoding", "Upgrade",
diff --git a/proxy/hdrs/XPACK.cc b/proxy/hdrs/XPACK.cc
index 44963340c7d..3abee8742a3 100644
--- a/proxy/hdrs/XPACK.cc
+++ b/proxy/hdrs/XPACK.cc
@@ -55,7 +55,7 @@ xpack_decode_integer(uint64_t &dst, const uint8_t *buf_start, const uint8_t *buf
         return XPACK_ERROR_COMPRESSION_ERROR;
       }
       dst += added_value << m;
-      m += 7;
+      m   += 7;
     } while (*p & 0x80);
   }
 
@@ -127,7 +127,7 @@ xpack_encode_integer(uint8_t *buf_start, const uint8_t *buf_end, uint64_t value,
     *(p++) = value;
   } else {
     *(p++) = (1 << n) - 1;
-    value -= (1 << n) - 1;
+    value  -= (1 << n) - 1;
     while (value >= 128) {
       if (p >= buf_end) {
         return -1;
diff --git a/proxy/hdrs/load_http_hdr.cc b/proxy/hdrs/load_http_hdr.cc
index 0013fa8c01a..8313ec445e7 100644
--- a/proxy/hdrs/load_http_hdr.cc
+++ b/proxy/hdrs/load_http_hdr.cc
@@ -267,8 +267,8 @@ load_buffer(int fd, hdr_type h_type)
         fprintf(stderr, "Corrupted data file\n");
         exit(1);
       }
-      cur_ptr  = (int *)(hdr_heap + bytes_read);
-      *cur_ptr = el;
+      cur_ptr    = (int *)(hdr_heap + bytes_read);
+      *cur_ptr   = el;
       bytes_read += 4;
     }
     cur_line++;
diff --git a/proxy/hdrs/test_Huffmancode.cc b/proxy/hdrs/test_Huffmancode.cc
index 6f5bf7b915c..d3ce28f0fef 100644
--- a/proxy/hdrs/test_Huffmancode.cc
+++ b/proxy/hdrs/test_Huffmancode.cc
@@ -154,14 +154,15 @@ const static struct {
   uint8_t *expect;
   int64_t expect_len;
 } huffman_encode_test_data[] = {
-  {(uint8_t *)"", 0, (uint8_t *)"", 0},
-  {(uint8_t *)"0", 1, (uint8_t *)"\x07", 1},
-  {(uint8_t *)"302", 3, (uint8_t *)"\x64\x02", 2},
-  {(uint8_t *)"private", 7, (uint8_t *)"\xae\xc3\x77\x1a\x4b", 5},
+  {(uint8_t *)"",                              0,  (uint8_t *)"",                                                                     0 },
+  {(uint8_t *)"0",                             1,  (uint8_t *)"\x07",                                                                 1 },
+  {(uint8_t *)"302",                           3,  (uint8_t *)"\x64\x02",                                                             2 },
+  {(uint8_t *)"private",                       7,  (uint8_t *)"\xae\xc3\x77\x1a\x4b",                                                 5 },
   {(uint8_t *)"Mon, 21 Oct 2013 20:13:21 GMT", 29,
-   (uint8_t *)"\xd0\x7a\xbe\x94\x10\x54\xd4\x44\xa8\x20\x05\x95\x04\x0b\x81\x66\xe0\x82\xa6\x2d\x1b\xff", 22},
-  {(uint8_t *)"https://www.example.com", 23, (uint8_t *)"\x9d\x29\xad\x17\x18\x63\xc7\x8f\x0b\x97\xc8\xe9\xae\x82\xae\x43\xd3",
-   17}};
+   (uint8_t *)"\xd0\x7a\xbe\x94\x10\x54\xd4\x44\xa8\x20\x05\x95\x04\x0b\x81\x66\xe0\x82\xa6\x2d\x1b\xff",                             22},
+  {(uint8_t *)"https://www.example.com",       23, (uint8_t *)"\x9d\x29\xad\x17\x18\x63\xc7\x8f\x0b\x97\xc8\xe9\xae\x82\xae\x43\xd3",
+   17                                                                                                                                   }
+};
 
 void
 encode_test()
@@ -184,7 +185,11 @@ decode_errors_test()
     char *input;
     int input_len;
   } test_cases[] = {
-    {(char *)"\x00", 1}, {(char *)"\xff", 1}, {(char *)"\x1f\xff", 2}, {(char *)"\xff\xae", 2}, {(char *)"\xff\x9f\xff\xff\xff", 5},
+    {(char *)"\x00",                 1},
+    {(char *)"\xff",                 1},
+    {(char *)"\x1f\xff",             2},
+    {(char *)"\xff\xae",             2},
+    {(char *)"\xff\x9f\xff\xff\xff", 5},
   };
 
   for (unsigned int i = 0; i < sizeof(test_cases) / sizeof(test_cases[0]); i++) {
diff --git a/proxy/hdrs/unit_tests/test_Hdrs.cc b/proxy/hdrs/unit_tests/test_Hdrs.cc
index 38a7221b60c..2419fdd049f 100644
--- a/proxy/hdrs/unit_tests/test_Hdrs.cc
+++ b/proxy/hdrs/unit_tests/test_Hdrs.cc
@@ -46,31 +46,33 @@ TEST_CASE("HdrTestHttpParse", "[proxy][hdrtest]")
     int expected_result;
     int expected_bytes_consumed;
   };
-  static const std::array<Test, 23> tests = {{
-    {"GET /index.html HTTP/1.0\r\n", PARSE_RESULT_DONE, 26},
-    {"GET /index.html HTTP/1.0\r\n\r\n***BODY****", PARSE_RESULT_DONE, 28},
-    {"GET /index.html HTTP/1.0\r\nUser-Agent: foobar\r\n\r\n***BODY****", PARSE_RESULT_DONE, 48},
-    {"GET", PARSE_RESULT_ERROR, 3},
-    {"GET /index.html", PARSE_RESULT_ERROR, 15},
-    {"GET /index.html\r\n", PARSE_RESULT_ERROR, 17},
-    {"GET /index.html HTTP/1.0", PARSE_RESULT_ERROR, 24},
-    {"GET /index.html HTTP/1.0\r", PARSE_RESULT_ERROR, 25},
-    {"GET /index.html HTTP/1.0\n", PARSE_RESULT_DONE, 25},
-    {"GET /index.html HTTP/1.0\n\n", PARSE_RESULT_DONE, 26},
-    {"GET /index.html HTTP/1.0\r\n\r\n", PARSE_RESULT_DONE, 28},
-    {"GET /index.html HTTP/1.0\r\nUser-Agent: foobar", PARSE_RESULT_ERROR, 44},
-    {"GET /index.html HTTP/1.0\r\nUser-Agent: foobar\n", PARSE_RESULT_DONE, 45},
-    {"GET /index.html HTTP/1.0\r\nUser-Agent: foobar\r\n", PARSE_RESULT_DONE, 46},
-    {"GET /index.html HTTP/1.0\r\nUser-Agent: foobar\r\n\r\n", PARSE_RESULT_DONE, 48},
-    {"GET /index.html HTTP/1.0\nUser-Agent: foobar\n", PARSE_RESULT_DONE, 44},
-    {"GET /index.html HTTP/1.0\nUser-Agent: foobar\nBoo: foo\n", PARSE_RESULT_DONE, 53},
-    {"GET /index.html HTTP/1.0\r\nUser-Agent: foobar\r\n", PARSE_RESULT_DONE, 46},
-    {"GET /index.html HTTP/1.0\r\n", PARSE_RESULT_DONE, 26},
-    {"GET /index.html hTTP/1.0\r\n", PARSE_RESULT_ERROR, 26},
-    {"CONNECT foo.example HTTP/1.1\r\n", PARSE_RESULT_DONE, 30},
-    {"GET foo.example HTTP/1.1\r\n", PARSE_RESULT_ERROR, 26},
-    {"", PARSE_RESULT_ERROR, 0},
-  }};
+  static const std::array<Test, 23> tests = {
+    {
+     {"GET /index.html HTTP/1.0\r\n", PARSE_RESULT_DONE, 26},
+     {"GET /index.html HTTP/1.0\r\n\r\n***BODY****", PARSE_RESULT_DONE, 28},
+     {"GET /index.html HTTP/1.0\r\nUser-Agent: foobar\r\n\r\n***BODY****", PARSE_RESULT_DONE, 48},
+     {"GET", PARSE_RESULT_ERROR, 3},
+     {"GET /index.html", PARSE_RESULT_ERROR, 15},
+     {"GET /index.html\r\n", PARSE_RESULT_ERROR, 17},
+     {"GET /index.html HTTP/1.0", PARSE_RESULT_ERROR, 24},
+     {"GET /index.html HTTP/1.0\r", PARSE_RESULT_ERROR, 25},
+     {"GET /index.html HTTP/1.0\n", PARSE_RESULT_DONE, 25},
+     {"GET /index.html HTTP/1.0\n\n", PARSE_RESULT_DONE, 26},
+     {"GET /index.html HTTP/1.0\r\n\r\n", PARSE_RESULT_DONE, 28},
+     {"GET /index.html HTTP/1.0\r\nUser-Agent: foobar", PARSE_RESULT_ERROR, 44},
+     {"GET /index.html HTTP/1.0\r\nUser-Agent: foobar\n", PARSE_RESULT_DONE, 45},
+     {"GET /index.html HTTP/1.0\r\nUser-Agent: foobar\r\n", PARSE_RESULT_DONE, 46},
+     {"GET /index.html HTTP/1.0\r\nUser-Agent: foobar\r\n\r\n", PARSE_RESULT_DONE, 48},
+     {"GET /index.html HTTP/1.0\nUser-Agent: foobar\n", PARSE_RESULT_DONE, 44},
+     {"GET /index.html HTTP/1.0\nUser-Agent: foobar\nBoo: foo\n", PARSE_RESULT_DONE, 53},
+     {"GET /index.html HTTP/1.0\r\nUser-Agent: foobar\r\n", PARSE_RESULT_DONE, 46},
+     {"GET /index.html HTTP/1.0\r\n", PARSE_RESULT_DONE, 26},
+     {"GET /index.html hTTP/1.0\r\n", PARSE_RESULT_ERROR, 26},
+     {"CONNECT foo.example HTTP/1.1\r\n", PARSE_RESULT_DONE, 30},
+     {"GET foo.example HTTP/1.1\r\n", PARSE_RESULT_ERROR, 26},
+     {"", PARSE_RESULT_ERROR, 0},
+     }
+  };
 
   HTTPParser parser;
 
@@ -104,11 +106,13 @@ TEST_CASE("MIMEScanner_fragments", "[proxy][mimescanner_fragments]")
     bool shares_input;
     int expected_result;
   };
-  constexpr std::array<Fragment, 3> const fragments = {{
-    {message.substr(0, 11), true, PARSE_RESULT_CONT},
-    {message.substr(11, 11), true, PARSE_RESULT_CONT},
-    {message.substr(22), false, PARSE_RESULT_OK},
-  }};
+  constexpr std::array<Fragment, 3> const fragments = {
+    {
+     {message.substr(0, 11), true, PARSE_RESULT_CONT},
+     {message.substr(11, 11), true, PARSE_RESULT_CONT},
+     {message.substr(22), false, PARSE_RESULT_OK},
+     }
+  };
 
   MIMEScanner scanner;
   ts::TextView output; // only set on last call
@@ -539,28 +543,28 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]")
       std::string_view line;
       ParseResult expected;
     } test_cases[] = {
-      ////
-      // Field Name
-      {"Content-Length: 10\r\n", PARSE_RESULT_CONT},
+  ////
+  // Field Name
+      {"Content-Length: 10\r\n",     PARSE_RESULT_CONT },
       {"Content-Length\x0b: 10\r\n", PARSE_RESULT_ERROR},
-      ////
-      // Field Value
-      // SP
-      {"Content-Length: 10\r\n", PARSE_RESULT_CONT},
-      // HTAB
-      {"Foo: ab\td/cd\r\n", PARSE_RESULT_CONT},
-      // VCHAR
-      {"Foo: ab\x21/cd\r\n", PARSE_RESULT_CONT},
-      {"Foo: ab\x7e/cd\r\n", PARSE_RESULT_CONT},
-      // DEL
-      {"Foo: ab\x7f/cd\r\n", PARSE_RESULT_ERROR},
-      // obs-text
-      {"Foo: ab\x80/cd\r\n", PARSE_RESULT_CONT},
-      {"Foo: ab\xff/cd\r\n", PARSE_RESULT_CONT},
-      // control char
+ ////
+  // Field Value
+  // SP
+      {"Content-Length: 10\r\n",     PARSE_RESULT_CONT },
+ // HTAB
+      {"Foo: ab\td/cd\r\n",          PARSE_RESULT_CONT },
+ // VCHAR
+      {"Foo: ab\x21/cd\r\n",         PARSE_RESULT_CONT },
+      {"Foo: ab\x7e/cd\r\n",         PARSE_RESULT_CONT },
+ // DEL
+      {"Foo: ab\x7f/cd\r\n",         PARSE_RESULT_ERROR},
+ // obs-text
+      {"Foo: ab\x80/cd\r\n",         PARSE_RESULT_CONT },
+      {"Foo: ab\xff/cd\r\n",         PARSE_RESULT_CONT },
+ // control char
       {"Content-Length: 10\x0b\r\n", PARSE_RESULT_ERROR},
       {"Content-Length:\x0b 10\r\n", PARSE_RESULT_ERROR},
-      {"Foo: ab\x1d/cd\r\n", PARSE_RESULT_ERROR},
+      {"Foo: ab\x1d/cd\r\n",         PARSE_RESULT_ERROR},
     };
 
     MIMEHdr hdr;
@@ -587,26 +591,26 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]")
       const char *fast;
       const char *slow;
     } dates[] = {
-      {"Sun, 06 Nov 1994 08:49:37 GMT", "Sunday, 06-Nov-1994 08:49:37 GMT"},
-      {"Mon, 07 Nov 1994 08:49:37 GMT", "Monday, 07-Nov-1994 08:49:37 GMT"},
-      {"Tue, 08 Nov 1994 08:49:37 GMT", "Tuesday, 08-Nov-1994 08:49:37 GMT"},
+      {"Sun, 06 Nov 1994 08:49:37 GMT", "Sunday, 06-Nov-1994 08:49:37 GMT"   },
+      {"Mon, 07 Nov 1994 08:49:37 GMT", "Monday, 07-Nov-1994 08:49:37 GMT"   },
+      {"Tue, 08 Nov 1994 08:49:37 GMT", "Tuesday, 08-Nov-1994 08:49:37 GMT"  },
       {"Wed, 09 Nov 1994 08:49:37 GMT", "Wednesday, 09-Nov-1994 08:49:37 GMT"},
-      {"Thu, 10 Nov 1994 08:49:37 GMT", "Thursday, 10-Nov-1994 08:49:37 GMT"},
-      {"Fri, 11 Nov 1994 08:49:37 GMT", "Friday, 11-Nov-1994 08:49:37 GMT"},
-      {"Sat, 11 Nov 1994 08:49:37 GMT", "Saturday, 11-Nov-1994 08:49:37 GMT"},
-      {"Sun, 03 Jan 1999 08:49:37 GMT", "Sunday, 03-Jan-1999 08:49:37 GMT"},
-      {"Sun, 07 Feb 1999 08:49:37 GMT", "Sunday, 07-Feb-1999 08:49:37 GMT"},
-      {"Sun, 07 Mar 1999 08:49:37 GMT", "Sunday, 07-Mar-1999 08:49:37 GMT"},
-      {"Sun, 04 Apr 1999 08:49:37 GMT", "Sunday, 04-Apr-1999 08:49:37 GMT"},
-      {"Sun, 02 May 1999 08:49:37 GMT", "Sunday, 02-May-1999 08:49:37 GMT"},
-      {"Sun, 06 Jun 1999 08:49:37 GMT", "Sunday, 06-Jun-1999 08:49:37 GMT"},
-      {"Sun, 04 Jul 1999 08:49:37 GMT", "Sunday, 04-Jul-1999 08:49:37 GMT"},
-      {"Sun, 01 Aug 1999 08:49:37 GMT", "Sunday, 01-Aug-1999 08:49:37 GMT"},
-      {"Sun, 05 Sep 1999 08:49:37 GMT", "Sunday, 05-Sep-1999 08:49:37 GMT"},
-      {"Sun, 03 Oct 1999 08:49:37 GMT", "Sunday, 03-Oct-1999 08:49:37 GMT"},
-      {"Sun, 07 Nov 1999 08:49:37 GMT", "Sunday, 07-Nov-1999 08:49:37 GMT"},
-      {"Sun, 05 Dec 1999 08:49:37 GMT", "Sunday, 05-Dec-1999 08:49:37 GMT"},
-      {nullptr, nullptr},
+      {"Thu, 10 Nov 1994 08:49:37 GMT", "Thursday, 10-Nov-1994 08:49:37 GMT" },
+      {"Fri, 11 Nov 1994 08:49:37 GMT", "Friday, 11-Nov-1994 08:49:37 GMT"   },
+      {"Sat, 11 Nov 1994 08:49:37 GMT", "Saturday, 11-Nov-1994 08:49:37 GMT" },
+      {"Sun, 03 Jan 1999 08:49:37 GMT", "Sunday, 03-Jan-1999 08:49:37 GMT"   },
+      {"Sun, 07 Feb 1999 08:49:37 GMT", "Sunday, 07-Feb-1999 08:49:37 GMT"   },
+      {"Sun, 07 Mar 1999 08:49:37 GMT", "Sunday, 07-Mar-1999 08:49:37 GMT"   },
+      {"Sun, 04 Apr 1999 08:49:37 GMT", "Sunday, 04-Apr-1999 08:49:37 GMT"   },
+      {"Sun, 02 May 1999 08:49:37 GMT", "Sunday, 02-May-1999 08:49:37 GMT"   },
+      {"Sun, 06 Jun 1999 08:49:37 GMT", "Sunday, 06-Jun-1999 08:49:37 GMT"   },
+      {"Sun, 04 Jul 1999 08:49:37 GMT", "Sunday, 04-Jul-1999 08:49:37 GMT"   },
+      {"Sun, 01 Aug 1999 08:49:37 GMT", "Sunday, 01-Aug-1999 08:49:37 GMT"   },
+      {"Sun, 05 Sep 1999 08:49:37 GMT", "Sunday, 05-Sep-1999 08:49:37 GMT"   },
+      {"Sun, 03 Oct 1999 08:49:37 GMT", "Sunday, 03-Oct-1999 08:49:37 GMT"   },
+      {"Sun, 07 Nov 1999 08:49:37 GMT", "Sunday, 07-Nov-1999 08:49:37 GMT"   },
+      {"Sun, 05 Dec 1999 08:49:37 GMT", "Sunday, 05-Dec-1999 08:49:37 GMT"   },
+      {nullptr,                         nullptr                              },
     };
 
     int i;
@@ -1057,48 +1061,38 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]")
     } tests[] = {
       {"GET http://foo.com/bar.txt HTTP/1.0\r\n"
        "Accept-Language: fjdfjdslkf dsjkfdj flkdsfjlk sjfdlk ajfdlksa\r\n"
-       "\r\n",
-       "GET http://foo.com/bar.txt HTTP/1.0\r\n"
+       "\r\n",                           "GET http://foo.com/bar.txt HTTP/1.0\r\n"
        "Accept-Language: fjdfjdslkf dsjkfdj flkdsfjlk sjfdlk ajfdlksa\r\n"
-       "\r\n",
-       "HTTP/1.0 200 OK\r\n"
-       "\r\n",
-       "HTTP/1.0 200 OK\r\n"
-       "\r\n"},
+       "\r\n",                           "HTTP/1.0 200 OK\r\n"
+       "\r\n",                                                                          "HTTP/1.0 200 OK\r\n"
+       "\r\n"                                                                         },
       {"GET http://foo.com/bar.txt HTTP/1.0\r\n"
        "Accept-Language: fjdfjdslkf dsjkfdj flkdsfjlk sjfdlk ajfdlksa fjfj dslkfjdslk fjsdafkl dsajfkldsa jfkldsafj "
        "klsafjs lkafjdsalk fsdjakfl sdjaflkdsaj flksdjflsd ;ffd salfdjs lf;sdaf ;dsaf jdsal;fdjsaflkjsda \r\n"
-       "\r\n",
-       "GET http://foo.com/bar.txt HTTP/1.0\r\n"
+       "\r\n",                           "GET http://foo.com/bar.txt HTTP/1.0\r\n"
        "Accept-Language: fjdfjdslkf dsjkfdj flkdsfjlk sjfdlk ajfdlksa fjfj dslkfjdslk fjsdafkl dsajfkldsa jfkldsafj "
        "klsafjs lkafjdsalk fsdjakfl sdjaflkdsaj flksdjflsd ;ffd salfdjs lf;sdaf ;dsaf jdsal;fdjsaflkjsda \r\n"
-       "\r\n",
-       "HTTP/1.0 200 OK\r\n"
-       "\r\n",
-       "HTTP/1.0 200 OK\r\n"
-       "\r\n"},
+       "\r\n",                           "HTTP/1.0 200 OK\r\n"
+       "\r\n",                                                                          "HTTP/1.0 200 OK\r\n"
+       "\r\n"                                                                         },
       {"GET http://foo.com/bar.txt HTTP/1.0\r\n"
        "Accept-Language: fjdfjdslkf dsjkfdj flkdsfjlk sjfdlk ajfdlksa fjfj dslkfjdslk fjsdafkl dsajfkldsa jfkldsafj "
        "klsafjs lkafjdsalk fsdjakfl sdjaflkdsaj flksdjflsd ;ffd salfdjs lf;sdaf ;dsaf jdsal;fdjsaflkjsda kfl; fsdajfl; "
        "sdjafl;dsajlsjfl;sdafjsdal;fjds al;fdjslaf ;slajdk;f\r\n"
-       "\r\n",
-       "GET http://foo.com/bar.txt HTTP/1.0\r\n"
+       "\r\n",                           "GET http://foo.com/bar.txt HTTP/1.0\r\n"
        "Accept-Language: fjdfjdslkf dsjkfdj flkdsfjlk sjfdlk ajfdlksa fjfj dslkfjdslk fjsdafkl dsajfkldsa jfkldsafj "
        "klsafjs lkafjdsalk fsdjakfl sdjaflkdsaj flksdjflsd ;ffd salfdjs lf;sdaf ;dsaf jdsal;fdjsaflkjsda kfl; fsdajfl; "
        "sdjafl;dsajlsjfl;sdafjsdal;fjds al;fdjslaf ;slajdk;f\r\n"
-       "\r\n",
-       "HTTP/1.0 200 OK\r\n"
-       "\r\n",
-       "HTTP/1.0 200 OK\r\n"
-       "\r\n"},
+       "\r\n",                           "HTTP/1.0 200 OK\r\n"
+       "\r\n",                                                                          "HTTP/1.0 200 OK\r\n"
+       "\r\n"                                                                         },
       {"GET http://people.netscape.com/jwz/hacks-1.gif HTTP/1.0\r\n"
        "If-Modified-Since: Wednesday, 26-Feb-97 06:58:17 GMT; length=842\r\n"
        "Referer: chocolate fribble\r\n", // missing final CRLF
        "GET http://people.netscape.com/jwz/hacks-1.gif HTTP/1.0\r\n"
        "If-Modified-Since: Wednesday, 26-Feb-97 06:58:17 GMT; length=842\r\n"
        "Referer: chocolate fribble\r\n"
-       "\r\n",
-       "HTTP/1.0 200 OK\r\n"
+       "\r\n", "HTTP/1.0 200 OK\r\n"
        "MIME-Version: 1.0\r\n"
        "Server: WebSTAR/2.1 ID/30013\r\n"
        "Content-Type: text/html\r\n"
@@ -1113,25 +1107,23 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]")
        "\r\n"},
       {"GET http://people.netscape.com/jwz/hacks-1.gif HTTP/1.0\r\n"
        "If-Modified-Since: Wednesday, 26-Feb-97 06:58:17 GMT; length=842\r\n"
-       "Referer: \r\n", // missing final CRLF
+       "Referer: \r\n",                  // missing final CRLF
        "GET http://people.netscape.com/jwz/hacks-1.gif HTTP/1.0\r\n"
        "If-Modified-Since: Wednesday, 26-Feb-97 06:58:17 GMT; length=842\r\n"
        "Referer: \r\n"
-       "\r\n",
-       "HTTP/1.0 200 OK\r\n"
+       "\r\n",                  "HTTP/1.0 200 OK\r\n"
        "MIME-Version: 1.0\r\n"
        "Server: WebSTAR/2.1 ID/30013\r\n"
        "Content-Type: text/html\r\n"
        "Content-Length: 939\r\n"
        "Last-Modified: Thursday, 01-Jan-04 05:00:00 GMT\r\n"
-       "\r\n",
-       "HTTP/1.0 200 OK\r\n"
+       "\r\n",                                                                 "HTTP/1.0 200 OK\r\n"
        "MIME-Version: 1.0\r\n"
        "Server: WebSTAR/2.1 ID/30013\r\n"
        "Content-Type: text/html\r\n"
        "Content-Length: 939\r\n"
        "Last-Modified: Thursday, 01-Jan-04 05:00:00 GMT\r\n"
-       "\r\n"},
+       "\r\n"                                                                },
       {"GET http://www.news.com:80/ HTTP/1.0\r\n"
        "Proxy-Connection: Keep-Alive\r\n"
        "User-Agent: Mozilla/4.04 [en] (X11; I; Linux 2.0.33 i586)\r\n"
@@ -1142,8 +1134,7 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]")
        "Accept-Charset: iso-8859-1, *, utf-8\r\n"
        "Client-ip: D1012148\r\n"
        "Foo: abcdefghijklmnopqrtu\r\n"
-       "\r\n",
-       "GET http://www.news.com:80/ HTTP/1.0\r\n"
+       "\r\n",                           "GET http://www.news.com:80/ HTTP/1.0\r\n"
        "Proxy-Connection: Keep-Alive\r\n"
        "User-Agent: Mozilla/4.04 [en] (X11; I; Linux 2.0.33 i586)\r\n"
        "Pragma: no-cache\r\n"
@@ -1153,15 +1144,13 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]")
        "Accept-Charset: iso-8859-1, *, utf-8\r\n"
        "Client-ip: D1012148\r\n"
        "Foo: abcdefghijklmnopqrtu\r\n"
-       "\r\n",
-       "HTTP/1.0 200 OK\r\n"
+       "\r\n",                           "HTTP/1.0 200 OK\r\n"
        "Content-Length: 16428\r\n"
        "Content-Type: text/html\r\n"
-       "\r\n",
-       "HTTP/1.0 200 OK\r\n"
+       "\r\n",                                                                          "HTTP/1.0 200 OK\r\n"
        "Content-Length: 16428\r\n"
        "Content-Type: text/html\r\n"
-       "\r\n"},
+       "\r\n"                                                                         },
       {"GET http://people.netscape.com/jwz/hacks-1.gif HTTP/1.0\r\n"
        "If-Modified-Since: Wednesday, 26-Feb-97 06:58:17 GMT; length=842\r\n"
        "Referer: http://people.netscape.com/jwz/index.html\r\n"
@@ -1170,8 +1159,7 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]")
        "Pragma: no-cache\r\n"
        "Host: people.netscape.com\r\n"
        "Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*\r\n"
-       "\r\n",
-       "GET http://people.netscape.com/jwz/hacks-1.gif HTTP/1.0\r\n"
+       "\r\n",                           "GET http://people.netscape.com/jwz/hacks-1.gif HTTP/1.0\r\n"
        "If-Modified-Since: Wednesday, 26-Feb-97 06:58:17 GMT; length=842\r\n"
        "Referer: http://people.netscape.com/jwz/index.html\r\n"
        "Proxy-Connection: Keep-Alive\r\n"
@@ -1179,15 +1167,13 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]")
        "Pragma: no-cache\r\n"
        "Host: people.netscape.com\r\n"
        "Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*\r\n"
-       "\r\n",
-       "HTTP/1.0 200 OK\r\n"
+       "\r\n",                           "HTTP/1.0 200 OK\r\n"
        "Content-Length: 16428\r\n"
        "Content-Type: text/html\r\n"
-       "\r\n",
-       "HTTP/1.0 200 OK\r\n"
+       "\r\n",                                                                          "HTTP/1.0 200 OK\r\n"
        "Content-Length: 16428\r\n"
        "Content-Type: text/html\r\n"
-       "\r\n"},
+       "\r\n"                                                                         },
     };
 
     int ntests = sizeof(tests) / sizeof(tests[0]);
@@ -1418,21 +1404,23 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]")
       char const *response;
     };
 
-    RequestResponse rr[] = {{request0, response0},
-                            {request09, response09},
-                            {request1, response1},
-                            {request_no_colon, response_no_colon},
-                            {request_no_val, response_no_colon},
-                            {request_leading_space, response0},
-                            {request_multi_fblock, response0},
-                            {request_padding, response0},
-                            {request_09p, response0},
-                            {request_09ht, response0},
-                            {request_11, response0},
-                            {request_unterminated, response_unterminated},
-                            {request_blank, response_blank},
-                            {request_blank2, response_blank2},
-                            {request_blank3, response_blank3}};
+    RequestResponse rr[] = {
+      {request0,              response0            },
+      {request09,             response09           },
+      {request1,              response1            },
+      {request_no_colon,      response_no_colon    },
+      {request_no_val,        response_no_colon    },
+      {request_leading_space, response0            },
+      {request_multi_fblock,  response0            },
+      {request_padding,       response0            },
+      {request_09p,           response0            },
+      {request_09ht,          response0            },
+      {request_11,            response0            },
+      {request_unterminated,  response_unterminated},
+      {request_blank,         response_blank       },
+      {request_blank2,        response_blank2      },
+      {request_blank3,        response_blank3      }
+    };
 
     int err;
     HTTPHdr req_hdr, rsp_hdr;
@@ -1721,29 +1709,29 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]")
       int L;
       int I;
     } test_cases[] = {
-      {"en", "*", 1.0, 1, 1},
-      {"en", "fr", 0.0, 0, 0},
-      {"en", "de, fr, en;q=0.7", 0.7, 2, 3},
-      {"en-cockney", "de, fr, en;q=0.7", 0.7, 2, 3},
-      {"en-cockney", "de, fr, en-foobar;q=0.8, en;q=0.7", 0.7, 2, 4},
-      {"en-cockney", "de, fr, en-cockney;q=0.8, en;q=0.7", 0.8, 10, 3},
-      {"en-cockney", "de, fr, en;q=0.8, en;q=0.7", 0.8, 2, 3},
-      {"en-cockney", "de, fr, en;q=0.7, en;q=0.8", 0.8, 2, 4},
-      {"en-cockney", "de, fr, en;q=0.8, en;q=0.8", 0.8, 2, 3},
-      {"en-cockney", "de, fr, en-cockney;q=0.7, en;q=0.8", 0.7, 10, 3},
-      {"en-cockney", "de, fr, en;q=0.8, en-cockney;q=0.7", 0.7, 10, 4},
-      {"en-cockney", "de, fr, en-cockney;q=0.8, en;q=0.8", 0.8, 10, 3},
-      {"en-cockney", "de, fr, en-cockney;q=0.8, en;q=0.7", 0.8, 10, 3},
-      {"en-cockney", "de, fr, en-american", 0.0, 0, 0},
-      {"en-cockney", "de, fr, en;q=0.8, en;q=0.8, *", 0.8, 2, 3},
-      {"en-cockney", "de, fr, en;q=0.8, en;q=0.8, *;q=0.9", 0.8, 2, 3},
-      {"en-foobar", "de, fr, en;q=0.8, en;q=0.8, *;q=0.9", 0.8, 2, 3},
-      {"oo-foobar", "de, fr, en;q=0.8, en;q=0.8, *;q=0.9", 0.9, 1, 5},
-      {"oo-foobar", "de, fr, en;q=0.8, en;q=0.8, *;q=0.9, *", 1.0, 1, 6},
-      {"oo-foobar", "de, fr, en;q=0.8, en;q=0.8, *, *;q=0.9", 1.0, 1, 5},
-      {"fr-belgian", "de, fr;hi-there;q=0.9, fr;q=0.8, en", 0.9, 2, 2},
-      {"fr-belgian", "de, fr;q=0.8, fr;hi-there;q=0.9, en", 0.9, 2, 3},
-      {nullptr, nullptr, 0.0, 0, 0},
+      {"en",         "*",                                      1.0, 1,  1},
+      {"en",         "fr",                                     0.0, 0,  0},
+      {"en",         "de, fr, en;q=0.7",                       0.7, 2,  3},
+      {"en-cockney", "de, fr, en;q=0.7",                       0.7, 2,  3},
+      {"en-cockney", "de, fr, en-foobar;q=0.8, en;q=0.7",      0.7, 2,  4},
+      {"en-cockney", "de, fr, en-cockney;q=0.8, en;q=0.7",     0.8, 10, 3},
+      {"en-cockney", "de, fr, en;q=0.8, en;q=0.7",             0.8, 2,  3},
+      {"en-cockney", "de, fr, en;q=0.7, en;q=0.8",             0.8, 2,  4},
+      {"en-cockney", "de, fr, en;q=0.8, en;q=0.8",             0.8, 2,  3},
+      {"en-cockney", "de, fr, en-cockney;q=0.7, en;q=0.8",     0.7, 10, 3},
+      {"en-cockney", "de, fr, en;q=0.8, en-cockney;q=0.7",     0.7, 10, 4},
+      {"en-cockney", "de, fr, en-cockney;q=0.8, en;q=0.8",     0.8, 10, 3},
+      {"en-cockney", "de, fr, en-cockney;q=0.8, en;q=0.7",     0.8, 10, 3},
+      {"en-cockney", "de, fr, en-american",                    0.0, 0,  0},
+      {"en-cockney", "de, fr, en;q=0.8, en;q=0.8, *",          0.8, 2,  3},
+      {"en-cockney", "de, fr, en;q=0.8, en;q=0.8, *;q=0.9",    0.8, 2,  3},
+      {"en-foobar",  "de, fr, en;q=0.8, en;q=0.8, *;q=0.9",    0.8, 2,  3},
+      {"oo-foobar",  "de, fr, en;q=0.8, en;q=0.8, *;q=0.9",    0.9, 1,  5},
+      {"oo-foobar",  "de, fr, en;q=0.8, en;q=0.8, *;q=0.9, *", 1.0, 1,  6},
+      {"oo-foobar",  "de, fr, en;q=0.8, en;q=0.8, *, *;q=0.9", 1.0, 1,  5},
+      {"fr-belgian", "de, fr;hi-there;q=0.9, fr;q=0.8, en",    0.9, 2,  2},
+      {"fr-belgian", "de, fr;q=0.8, fr;hi-there;q=0.9, en",    0.9, 2,  3},
+      {nullptr,      nullptr,                                  0.0, 0,  0},
     };
 
     int i, I, L;
@@ -1776,33 +1764,33 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]")
       float Q;
       int I;
     } test_cases[] = {
-      {"iso-8859-1", "*", 1.0, 1},
-      {"iso-8859-1", "iso-8859-2", 0.0, 0},
-      {"iso-8859-1", "iso-8859", 0.0, 0},
-      {"iso-8859-1", "iso-8859-12", 0.0, 0},
-      {"iso-8859-1", "koi-8-r", 0.0, 0},
-      {"euc-jp", "shift_jis, iso-2022-jp, euc-jp;q=0.7", 0.7, 3},
-      {"euc-jp", "shift_jis, iso-2022-jp, euc-jp;q=0.7", 0.7, 3},
-      {"euc-jp", "shift_jis, iso-2022-jp, euc-jp;q=0.8, euc-jp;q=0.7", 0.8, 3},
-      {"euc-jp", "shift_jis, iso-2022-jp, euc-jp;q=0.7, euc-jp;q=0.8", 0.8, 4},
-      {"euc-jp", "euc-jp;q=0.9, shift_jis, iso-2022-jp, euc-jp;q=0.7, euc-jp;q=0.8", 0.9, 1},
-      {"EUC-JP", "euc-jp;q=0.9, shift_jis, iso-2022-jp, euc-jp, euc-jp;q=0.8", 1.0, 4},
-      {"euc-jp", "euc-jp;q=0.9, shift_jis, iso-2022-jp, EUC-JP, euc-jp;q=0.8", 1.0, 4},
-      {"euc-jp", "shift_jis, iso-2022-jp, euc-jp-foobar", 0.0, 0},
-      {"euc-jp", "shift_jis, iso-2022-jp, euc-jp-foobar, *", 1.0, 4},
-      {"euc-jp", "shift_jis, iso-2022-jp, euc-jp-foobar, *;q=0.543", 0.543, 4},
-      {"euc-jp", "shift_jis, iso-2022-jp, euc-jp-foobar, *;q=0.0", 0.0, 4},
-      {"euc-jp", "shift_jis, iso-2022-jp, *;q=0.0, euc-jp-foobar, *;q=0.0", 0.0, 3},
-      {"euc-jp", "shift_jis, iso-2022-jp, *;q=0.0, euc-jp-foobar, *;q=0.5", 0.5, 5},
-      {"euc-jp", "shift_jis, iso-2022-jp, *;q=0.5, euc-jp-foobar, *;q=0.0", 0.5, 3},
-      {"euc-jp", "shift_jis, iso-2022-jp, *;q=0.5, euc-jp-foobar, *, *;q=0.0", 1.0, 5},
-      {"euc-jp", "shift_jis, euc-jp;hi-there;q=0.5, iso-2022-jp", 0.5, 2},
-      {"euc-jp", "shift_jis, euc-jp;hi-there;q= 0.5, iso-2022-jp", 0.5, 2},
-      {"euc-jp", "shift_jis, euc-jp;hi-there;q = 0.5, iso-2022-jp", 0.5, 2},
-      {"euc-jp", "shift_jis, euc-jp;hi-there ; q = 0.5, iso-2022-jp", 0.5, 2},
-      {"euc-jp", "shift_jis, euc-jp;hi-there ;; q = 0.5, iso-2022-jp", 0.5, 2},
-      {"euc-jp", "shift_jis, euc-jp;hi-there ;; Q = 0.5, iso-2022-jp", 0.5, 2},
-      {nullptr, nullptr, 0.0, 0},
+      {"iso-8859-1", "*",                                                                1.0,   1},
+      {"iso-8859-1", "iso-8859-2",                                                       0.0,   0},
+      {"iso-8859-1", "iso-8859",                                                         0.0,   0},
+      {"iso-8859-1", "iso-8859-12",                                                      0.0,   0},
+      {"iso-8859-1", "koi-8-r",                                                          0.0,   0},
+      {"euc-jp",     "shift_jis, iso-2022-jp, euc-jp;q=0.7",                             0.7,   3},
+      {"euc-jp",     "shift_jis, iso-2022-jp, euc-jp;q=0.7",                             0.7,   3},
+      {"euc-jp",     "shift_jis, iso-2022-jp, euc-jp;q=0.8, euc-jp;q=0.7",               0.8,   3},
+      {"euc-jp",     "shift_jis, iso-2022-jp, euc-jp;q=0.7, euc-jp;q=0.8",               0.8,   4},
+      {"euc-jp",     "euc-jp;q=0.9, shift_jis, iso-2022-jp, euc-jp;q=0.7, euc-jp;q=0.8", 0.9,   1},
+      {"EUC-JP",     "euc-jp;q=0.9, shift_jis, iso-2022-jp, euc-jp, euc-jp;q=0.8",       1.0,   4},
+      {"euc-jp",     "euc-jp;q=0.9, shift_jis, iso-2022-jp, EUC-JP, euc-jp;q=0.8",       1.0,   4},
+      {"euc-jp",     "shift_jis, iso-2022-jp, euc-jp-foobar",                            0.0,   0},
+      {"euc-jp",     "shift_jis, iso-2022-jp, euc-jp-foobar, *",                         1.0,   4},
+      {"euc-jp",     "shift_jis, iso-2022-jp, euc-jp-foobar, *;q=0.543",                 0.543, 4},
+      {"euc-jp",     "shift_jis, iso-2022-jp, euc-jp-foobar, *;q=0.0",                   0.0,   4},
+      {"euc-jp",     "shift_jis, iso-2022-jp, *;q=0.0, euc-jp-foobar, *;q=0.0",          0.0,   3},
+      {"euc-jp",     "shift_jis, iso-2022-jp, *;q=0.0, euc-jp-foobar, *;q=0.5",          0.5,   5},
+      {"euc-jp",     "shift_jis, iso-2022-jp, *;q=0.5, euc-jp-foobar, *;q=0.0",          0.5,   3},
+      {"euc-jp",     "shift_jis, iso-2022-jp, *;q=0.5, euc-jp-foobar, *, *;q=0.0",       1.0,   5},
+      {"euc-jp",     "shift_jis, euc-jp;hi-there;q=0.5, iso-2022-jp",                    0.5,   2},
+      {"euc-jp",     "shift_jis, euc-jp;hi-there;q= 0.5, iso-2022-jp",                   0.5,   2},
+      {"euc-jp",     "shift_jis, euc-jp;hi-there;q = 0.5, iso-2022-jp",                  0.5,   2},
+      {"euc-jp",     "shift_jis, euc-jp;hi-there ; q = 0.5, iso-2022-jp",                0.5,   2},
+      {"euc-jp",     "shift_jis, euc-jp;hi-there ;; q = 0.5, iso-2022-jp",               0.5,   2},
+      {"euc-jp",     "shift_jis, euc-jp;hi-there ;; Q = 0.5, iso-2022-jp",               0.5,   2},
+      {nullptr,      nullptr,                                                            0.0,   0},
     };
 
     int i, I;
@@ -1853,10 +1841,9 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]")
       {"foo, bar,", 3, {{0, 3}, {5, 3}, {9, 0}, {-1, 0}}},
       {"foo, bar, ", 3, {{0, 3}, {5, 3}, {9, 0}, {-1, 0}}},
       {
-        ",foo,bar,",
-        4,
-        {{0, 0}, {1, 3}, {5, 3}, {9, 0}},
-      },
+       ",foo,bar,", 4,
+       {{0, 0}, {1, 3}, {5, 3}, {9, 0}},
+       },
     };
 
     HTTPHdr hdr;
@@ -1912,43 +1899,43 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]")
       const char *slice;
       const char *new_raw;
     } tests[] = {
-      {"a,b,c", 0, "fred", "fred, b, c"},
-      {"a,b,c", 1, "fred", "a, fred, c"},
-      {"a,b,c", 2, "fred", "a, b, fred"},
-      {"a,b,c", 3, "fred", "a,b,c"},
-      {"", 0, "", ""},
-      {"", 0, "foo", "foo"},
-      {"", 1, "foo", ""},
-      {" ", 0, "", ""},
-      {" ", 0, "foo", "foo"},
-      {" ", 1, "foo", " "},
-      {",", 0, "foo", "foo, "},
-      {",", 1, "foo", ", foo"},
-      {",,", 0, "foo", "foo, , "},
-      {",,", 1, "foo", ", foo, "},
-      {",,", 2, "foo", ", , foo"},
-      {"foo", 0, "abc", "abc"},
-      {"foo", 1, "abc", "foo"},
-      {"foo", 0, "abc,", "abc,"},
-      {"foo", 0, ",abc", ",abc"},
-      {",,", 1, ",,,", ", ,,,, "},
-      {" a , b , c", 0, "fred", "fred, b, c"},
-      {" a , b , c", 1, "fred", "a, fred, c"},
-      {" a , b , c", 2, "fred", "a, b, fred"},
-      {" a , b , c", 3, "fred", " a , b , c"},
-      {"    a   ,   b ", 0, "fred", "fred, b"},
-      {"    a   ,   b ", 1, "fred", "a, fred"},
-      {"    a   , b ", 1, "fred", "a, fred"},
-      {"    a   ,b ", 1, "fred", "a, fred"},
-      {"a, , , , e, , g,", 0, "fred", "fred, , , , e, , g, "},
-      {"a, , , , e, , g,", 1, "fred", "a, fred, , , e, , g, "},
-      {"a, , , , e, , g,", 2, "fred", "a, , fred, , e, , g, "},
-      {"a, , , , e, , g,", 5, "fred", "a, , , , e, fred, g, "},
-      {"a, , , , e, , g,", 7, "fred", "a, , , , e, , g, fred"},
-      {"a, , , , e, , g,", 8, "fred", "a, , , , e, , g,"},
-      {"a, \"boo,foo\", c", 0, "wawa", "wawa, \"boo,foo\", c"},
-      {"a, \"boo,foo\", c", 1, "wawa", "a, wawa, c"},
-      {"a, \"boo,foo\", c", 2, "wawa", "a, \"boo,foo\", wawa"},
+      {"a,b,c",             0, "fred", "fred, b, c"           },
+      {"a,b,c",             1, "fred", "a, fred, c"           },
+      {"a,b,c",             2, "fred", "a, b, fred"           },
+      {"a,b,c",             3, "fred", "a,b,c"                },
+      {"",                  0, "",     ""                     },
+      {"",                  0, "foo",  "foo"                  },
+      {"",                  1, "foo",  ""                     },
+      {" ",                 0, "",     ""                     },
+      {" ",                 0, "foo",  "foo"                  },
+      {" ",                 1, "foo",  " "                    },
+      {",",                 0, "foo",  "foo, "                },
+      {",",                 1, "foo",  ", foo"                },
+      {",,",                0, "foo",  "foo, , "              },
+      {",,",                1, "foo",  ", foo, "              },
+      {",,",                2, "foo",  ", , foo"              },
+      {"foo",               0, "abc",  "abc"                  },
+      {"foo",               1, "abc",  "foo"                  },
+      {"foo",               0, "abc,", "abc,"                 },
+      {"foo",               0, ",abc", ",abc"                 },
+      {",,",                1, ",,,",  ", ,,,, "              },
+      {" a , b , c",        0, "fred", "fred, b, c"           },
+      {" a , b , c",        1, "fred", "a, fred, c"           },
+      {" a , b , c",        2, "fred", "a, b, fred"           },
+      {" a , b , c",        3, "fred", " a , b , c"           },
+      {"    a   ,   b ",    0, "fred", "fred, b"              },
+      {"    a   ,   b ",    1, "fred", "a, fred"              },
+      {"    a   , b ",      1, "fred", "a, fred"              },
+      {"    a   ,b ",       1, "fred", "a, fred"              },
+      {"a, , , , e, , g,",  0, "fred", "fred, , , , e, , g, " },
+      {"a, , , , e, , g,",  1, "fred", "a, fred, , , e, , g, "},
+      {"a, , , , e, , g,",  2, "fred", "a, , fred, , e, , g, "},
+      {"a, , , , e, , g,",  5, "fred", "a, , , , e, fred, g, "},
+      {"a, , , , e, , g,",  7, "fred", "a, , , , e, , g, fred"},
+      {"a, , , , e, , g,",  8, "fred", "a, , , , e, , g,"     },
+      {"a, \"boo,foo\", c", 0, "wawa", "wawa, \"boo,foo\", c" },
+      {"a, \"boo,foo\", c", 1, "wawa", "a, wawa, c"           },
+      {"a, \"boo,foo\", c", 2, "wawa", "a, \"boo,foo\", wawa" },
     };
 
     HTTPHdr hdr;
@@ -2003,42 +1990,42 @@ TEST_CASE("HdrTest", "[proxy][hdrtest]")
         int len;
       } pieces[3];
     } tests[] = {
-      {"", 1, {{0, 0}, {-1, 0}, {-1, 0}}},
-      {",", 2, {{0, 0}, {1, 0}, {-1, 0}}},
-      {" ,", 2, {{0, 0}, {2, 0}, {-1, 0}}},
-      {", ", 2, {{0, 0}, {1, 0}, {-1, 0}}},
-      {" , ", 2, {{0, 0}, {2, 0}, {-1, 0}}},
-      {"abc,", 2, {{0, 3}, {4, 0}, {-1, 0}}},
-      {"abc, ", 2, {{0, 3}, {4, 0}, {-1, 0}}},
-      {"", 1, {{0, 0}, {-1, 0}, {-1, 0}}},
-      {" ", 1, {{0, 0}, {-1, 0}, {-1, 0}}},
-      {"  ", 1, {{0, 0}, {-1, 0}, {-1, 0}}},
-      {"a", 1, {{0, 1}, {-1, 0}, {-1, 0}}},
-      {" a", 1, {{1, 1}, {-1, 0}, {-1, 0}}},
-      {"  a  ", 1, {{2, 1}, {-1, 0}, {-1, 0}}},
-      {"abc,defg", 2, {{0, 3}, {4, 4}, {-1, 0}}},
-      {" abc,defg", 2, {{1, 3}, {5, 4}, {-1, 0}}},
-      {" abc, defg", 2, {{1, 3}, {6, 4}, {-1, 0}}},
-      {" abc , defg", 2, {{1, 3}, {7, 4}, {-1, 0}}},
-      {" abc , defg ", 2, {{1, 3}, {7, 4}, {-1, 0}}},
-      {" abc , defg, ", 3, {{1, 3}, {7, 4}, {12, 0}}},
-      {" abc , defg ,", 3, {{1, 3}, {7, 4}, {13, 0}}},
-      {", abc , defg ", 3, {{0, 0}, {2, 3}, {8, 4}}},
-      {" ,abc , defg ", 3, {{0, 0}, {2, 3}, {8, 4}}},
-      {"a,b", 2, {{0, 1}, {2, 1}, {-1, 0}}},
-      {"a,,b", 3, {{0, 1}, {2, 0}, {3, 1}}},
-      {"a, ,b", 3, {{0, 1}, {2, 0}, {4, 1}}},
-      {"a ,,b", 3, {{0, 1}, {3, 0}, {4, 1}}},
-      {",", 2, {{0, 0}, {1, 0}, {-1, 0}}},
-      {" ,", 2, {{0, 0}, {2, 0}, {-1, 0}}},
-      {", ", 2, {{0, 0}, {1, 0}, {-1, 0}}},
-      {" , ", 2, {{0, 0}, {2, 0}, {-1, 0}}},
-      {"a,b,", 3, {{0, 1}, {2, 1}, {4, 0}}},
-      {"a,b, ", 3, {{0, 1}, {2, 1}, {4, 0}}},
-      {"a,b,  ", 3, {{0, 1}, {2, 1}, {4, 0}}},
-      {"a,b,  c", 3, {{0, 1}, {2, 1}, {6, 1}}},
-      {"a,b,  c ", 3, {{0, 1}, {2, 1}, {6, 1}}},
-      {"a,\"b,c\",d", 3, {{0, 1}, {3, 3}, {8, 1}}},
+      {"",              1, {{0, 0}, {-1, 0}, {-1, 0}}},
+      {",",             2, {{0, 0}, {1, 0}, {-1, 0}} },
+      {" ,",            2, {{0, 0}, {2, 0}, {-1, 0}} },
+      {", ",            2, {{0, 0}, {1, 0}, {-1, 0}} },
+      {" , ",           2, {{0, 0}, {2, 0}, {-1, 0}} },
+      {"abc,",          2, {{0, 3}, {4, 0}, {-1, 0}} },
+      {"abc, ",         2, {{0, 3}, {4, 0}, {-1, 0}} },
+      {"",              1, {{0, 0}, {-1, 0}, {-1, 0}}},
+      {" ",             1, {{0, 0}, {-1, 0}, {-1, 0}}},
+      {"  ",            1, {{0, 0}, {-1, 0}, {-1, 0}}},
+      {"a",             1, {{0, 1}, {-1, 0}, {-1, 0}}},
+      {" a",            1, {{1, 1}, {-1, 0}, {-1, 0}}},
+      {"  a  ",         1, {{2, 1}, {-1, 0}, {-1, 0}}},
+      {"abc,defg",      2, {{0, 3}, {4, 4}, {-1, 0}} },
+      {" abc,defg",     2, {{1, 3}, {5, 4}, {-1, 0}} },
+      {" abc, defg",    2, {{1, 3}, {6, 4}, {-1, 0}} },
+      {" abc , defg",   2, {{1, 3}, {7, 4}, {-1, 0}} },
+      {" abc , defg ",  2, {{1, 3}, {7, 4}, {-1, 0}} },
+      {" abc , defg, ", 3, {{1, 3}, {7, 4}, {12, 0}} },
+      {" abc , defg ,", 3, {{1, 3}, {7, 4}, {13, 0}} },
+      {", abc , defg ", 3, {{0, 0}, {2, 3}, {8, 4}}  },
+      {" ,abc , defg ", 3, {{0, 0}, {2, 3}, {8, 4}}  },
+      {"a,b",           2, {{0, 1}, {2, 1}, {-1, 0}} },
+      {"a,,b",          3, {{0, 1}, {2, 0}, {3, 1}}  },
+      {"a, ,b",         3, {{0, 1}, {2, 0}, {4, 1}}  },
+      {"a ,,b",         3, {{0, 1}, {3, 0}, {4, 1}}  },
+      {",",             2, {{0, 0}, {1, 0}, {-1, 0}} },
+      {" ,",            2, {{0, 0}, {2, 0}, {-1, 0}} },
+      {", ",            2, {{0, 0}, {1, 0}, {-1, 0}} },
+      {" , ",           2, {{0, 0}, {2, 0}, {-1, 0}} },
+      {"a,b,",          3, {{0, 1}, {2, 1}, {4, 0}}  },
+      {"a,b, ",         3, {{0, 1}, {2, 1}, {4, 0}}  },
+      {"a,b,  ",        3, {{0, 1}, {2, 1}, {4, 0}}  },
+      {"a,b,  c",       3, {{0, 1}, {2, 1}, {6, 1}}  },
+      {"a,b,  c ",      3, {{0, 1}, {2, 1}, {6, 1}}  },
+      {"a,\"b,c\",d",   3, {{0, 1}, {3, 3}, {8, 1}}  },
     };
 
     int i, j, ntests, offset;
diff --git a/proxy/hdrs/unit_tests/test_URL.cc b/proxy/hdrs/unit_tests/test_URL.cc
index 115aeee5d85..bb1886d5800 100644
--- a/proxy/hdrs/unit_tests/test_URL.cc
+++ b/proxy/hdrs/unit_tests/test_URL.cc
@@ -29,21 +29,23 @@ TEST_CASE("ValidateURL", "[proxy][validurl]")
   static const struct {
     const char *const text;
     bool valid;
-  } http_validate_hdr_field_test_case[] = {{"yahoo", true},
-                                           {"yahoo.com", true},
-                                           {"yahoo.wow.com", true},
-                                           {"yahoo.wow.much.amaze.com", true},
-                                           {"209.131.52.50", true},
-                                           {"192.168.0.1", true},
-                                           {"localhost", true},
-                                           {"3ffe:1900:4545:3:200:f8ff:fe21:67cf", true},
-                                           {"fe80:0:0:0:200:f8ff:fe21:67cf", true},
-                                           {"fe80::200:f8ff:fe21:67cf", true},
-                                           {"<svg onload=alert(1)>", false}, // Sample host header XSS attack
-                                           {"jlads;f8-9349*(D&F*D(234jD*(FSD*(VKLJ#(*$@()#$)))))", false},
-                                           {"\"\t\n", false},
-                                           {"!@#$%^ &*(*&^%$#@#$%^&*(*&^%$#))", false},
-                                           {":):(:O!!!!!!", false}};
+  } http_validate_hdr_field_test_case[] = {
+    {"yahoo",                                               true },
+    {"yahoo.com",                                           true },
+    {"yahoo.wow.com",                                       true },
+    {"yahoo.wow.much.amaze.com",                            true },
+    {"209.131.52.50",                                       true },
+    {"192.168.0.1",                                         true },
+    {"localhost",                                           true },
+    {"3ffe:1900:4545:3:200:f8ff:fe21:67cf",                 true },
+    {"fe80:0:0:0:200:f8ff:fe21:67cf",                       true },
+    {"fe80::200:f8ff:fe21:67cf",                            true },
+    {"<svg onload=alert(1)>",                               false}, // Sample host header XSS attack
+    {"jlads;f8-9349*(D&F*D(234jD*(FSD*(VKLJ#(*$@()#$)))))", false},
+    {"\"\t\n",                                              false},
+    {"!@#$%^ &*(*&^%$#@#$%^&*(*&^%$#))",                    false},
+    {":):(:O!!!!!!",                                        false}
+  };
   for (auto i : http_validate_hdr_field_test_case) {
     const char *const txt = i.text;
     if (validate_host_name({txt}) != i.valid) {
@@ -58,9 +60,18 @@ TEST_CASE("Validate Scheme", "[proxy][validscheme]")
   static const struct {
     std::string_view text;
     bool valid;
-  } scheme_test_cases[] = {{"http", true},      {"https", true},      {"example", true},    {"example.", true},
-                           {"example++", true}, {"example--.", true}, {"++example", false}, {"--example", false},
-                           {".example", false}, {"example://", false}};
+  } scheme_test_cases[] = {
+    {"http",       true },
+    {"https",      true },
+    {"example",    true },
+    {"example.",   true },
+    {"example++",  true },
+    {"example--.", true },
+    {"++example",  false},
+    {"--example",  false},
+    {".example",   false},
+    {"example://", false}
+  };
 
   for (auto i : scheme_test_cases) {
     // it's pretty hard to debug with
@@ -86,30 +97,32 @@ TEST_CASE("ParseRulesStrictURI", "[proxy][parseuri]")
   const struct {
     const char *const uri;
     bool valid;
-  } http_strict_uri_parsing_test_case[] = {{"//index.html", true},
-                                           {"/home", true},
-                                           {"/path/data?key=value#id", true},
-                                           {"/ABCDEFGHIJKLMNOPQRSTUVWXYZ", true},
-                                           {"/abcdefghijklmnopqrstuvwxyz", true},
-                                           {"/abcde fghijklmnopqrstuvwxyz", false},
-                                           {"/abcde\tfghijklmnopqrstuvwxyz", false},
-                                           {"/abcdefghijklmnopqrstuvwxyz", false},
-                                           {"/0123456789", true},
-                                           {":/?#[]@", true},
-                                           {"!$&'()*+,;=", true},
-                                           {"-._~", true},
-                                           {"%", true},
-                                           {"\n", false},
-                                           {"\"", false},
-                                           {"<", false},
-                                           {">", false},
-                                           {"\\", false},
-                                           {"^", false},
-                                           {"`", false},
-                                           {"{", false},
-                                           {"|", false},
-                                           {"}", false},
-                                           {"é", false}};
+  } http_strict_uri_parsing_test_case[] = {
+    {"//index.html",                  true },
+    {"/home",                         true },
+    {"/path/data?key=value#id",       true },
+    {"/ABCDEFGHIJKLMNOPQRSTUVWXYZ",   true },
+    {"/abcdefghijklmnopqrstuvwxyz",   true },
+    {"/abcde fghijklmnopqrstuvwxyz",  false},
+    {"/abcde\tfghijklmnopqrstuvwxyz", false},
+    {"/abcdefghijklmnopqrstuvwxyz",  false},
+    {"/0123456789",                   true },
+    {":/?#[]@",                       true },
+    {"!$&'()*+,;=",                   true },
+    {"-._~",                          true },
+    {"%",                             true },
+    {"\n",                            false},
+    {"\"",                            false},
+    {"<",                             false},
+    {">",                             false},
+    {"\\",                            false},
+    {"^",                             false},
+    {"`",                             false},
+    {"{",                             false},
+    {"|",                             false},
+    {"}",                             false},
+    {"é",                            false}
+  };
 
   for (auto i : http_strict_uri_parsing_test_case) {
     const char *const uri = i.uri;
@@ -125,30 +138,32 @@ TEST_CASE("ParseRulesMostlyStrictURI", "[proxy][parseuri]")
   const struct {
     const char *const uri;
     bool valid;
-  } http_mostly_strict_uri_parsing_test_case[] = {{"//index.html", true},
-                                                  {"/home", true},
-                                                  {"/path/data?key=value#id", true},
-                                                  {"/ABCDEFGHIJKLMNOPQRSTUVWXYZ", true},
-                                                  {"/abcdefghijklmnopqrstuvwxyz", true},
-                                                  {"/abcde fghijklmnopqrstuvwxyz", false},
-                                                  {"/abcde\tfghijklmnopqrstuvwxyz", false},
-                                                  {"/abcdefghijklmnopqrstuvwxyz", false},
-                                                  {"/0123456789", true},
-                                                  {":/?#[]@", true},
-                                                  {"!$&'()*+,;=", true},
-                                                  {"-._~", true},
-                                                  {"%", true},
-                                                  {"\n", false},
-                                                  {"\"", true},
-                                                  {"<", true},
-                                                  {">", true},
-                                                  {"\\", true},
-                                                  {"^", true},
-                                                  {"`", true},
-                                                  {"{", true},
-                                                  {"|", true},
-                                                  {"}", true},
-                                                  {"é", false}}; // Non-printable ascii
+  } http_mostly_strict_uri_parsing_test_case[] = {
+    {"//index.html",                  true },
+    {"/home",                         true },
+    {"/path/data?key=value#id",       true },
+    {"/ABCDEFGHIJKLMNOPQRSTUVWXYZ",   true },
+    {"/abcdefghijklmnopqrstuvwxyz",   true },
+    {"/abcde fghijklmnopqrstuvwxyz",  false},
+    {"/abcde\tfghijklmnopqrstuvwxyz", false},
+    {"/abcdefghijklmnopqrstuvwxyz",  false},
+    {"/0123456789",                   true },
+    {":/?#[]@",                       true },
+    {"!$&'()*+,;=",                   true },
+    {"-._~",                          true },
+    {"%",                             true },
+    {"\n",                            false},
+    {"\"",                            true },
+    {"<",                             true },
+    {">",                             true },
+    {"\\",                            true },
+    {"^",                             true },
+    {"`",                             true },
+    {"{",                             true },
+    {"|",                             true },
+    {"}",                             true },
+    {"é",                            false}
+  }; // Non-printable ascii
 
   for (auto i : http_mostly_strict_uri_parsing_test_case) {
     const char *const uri = i.uri;
diff --git a/proxy/hdrs/unit_tests/test_XPACK.cc b/proxy/hdrs/unit_tests/test_XPACK.cc
index 3404e6b6786..335756ebbe9 100644
--- a/proxy/hdrs/unit_tests/test_XPACK.cc
+++ b/proxy/hdrs/unit_tests/test_XPACK.cc
@@ -38,7 +38,11 @@ TEST_CASE("XPACK_Integer", "[xpack]")
     uint8_t *encoded_field;
     int encoded_field_len;
     int prefix;
-  } integer_test_case[] = {{10, (uint8_t *)"\x0a", 1, 5}, {1337, (uint8_t *)"\x1F\x9A\x0A", 3, 5}, {42, (uint8_t *)R"(*)", 1, 8}};
+  } integer_test_case[] = {
+    {10,   (uint8_t *)"\x0a",         1, 5},
+    {1337, (uint8_t *)"\x1F\x9A\x0A", 3, 5},
+    {42,   (uint8_t *)R"(*)",         1, 8}
+  };
 
   SECTION("Encoding")
   {
@@ -74,26 +78,21 @@ TEST_CASE("XPACK_String", "[xpack]")
     uint8_t *encoded_field;
     int encoded_field_len;
   } string_test_case[] = {
-    {(char *)"", 0,
+    {(char *)"",                        0,
      (uint8_t *)"\x0"
-                "",
-     1},
-    {(char *)"custom-key", 10,
+                "",                                                                                     1 },
+    {(char *)"custom-key",              10,
      (uint8_t *)"\xA"
-                "custom-key",
-     11},
-    {(char *)"", 0,
+                "custom-key",                                                                           11},
+    {(char *)"",                        0,
      (uint8_t *)"\x80"
-                "",
-     1},
-    {(char *)"custom-key", 10,
+                "",                                                                                     1 },
+    {(char *)"custom-key",              10,
      (uint8_t *)"\x88"
-                "\x25\xa8\x49\xe9\x5b\xa9\x7d\x7f",
-     9},
+                "\x25\xa8\x49\xe9\x5b\xa9\x7d\x7f",                                                     9 },
     {(char *)"cw Times New Roman_σ=1", 23,
      (uint8_t *)"\x95"
-                "\x27\x85\x37\x9a\x92\xa1\x4d\x25\xf0\xa6\xd3\xd2\x3a\xa2\xff\xff\xf6\xff\xff\x44\x01",
-     22},
+                "\x27\x85\x37\x9a\x92\xa1\x4d\x25\xf0\xa6\xd3\xd2\x3a\xa2\xff\xff\xf6\xff\xff\x44\x01", 22},
   };
 
   SECTION("Encoding")
diff --git a/proxy/hdrs/unit_tests/test_mime.cc b/proxy/hdrs/unit_tests/test_mime.cc
index 0ad70384ac9..4db2ebdb609 100644
--- a/proxy/hdrs/unit_tests/test_mime.cc
+++ b/proxy/hdrs/unit_tests/test_mime.cc
@@ -203,17 +203,19 @@ TEST_CASE("MimeParsers", "[proxy][mimeparsers]")
   const char *end;
   int value;
 
-  static const std::vector<std::pair<const char *, int>> tests = {{"0", 0},
-                                                                  {"1234", 1234},
-                                                                  {"-1234", -1234},
-                                                                  {"2147483647", 2147483647},
-                                                                  {"-2147483648", 2147483648},
-                                                                  {"2147483648", INT_MAX},
-                                                                  {"-2147483649", INT_MIN},
-                                                                  {"2147483647", INT_MAX},
-                                                                  {"-2147483648", INT_MIN},
-                                                                  {"999999999999", INT_MAX},
-                                                                  {"-999999999999", INT_MIN}};
+  static const std::vector<std::pair<const char *, int>> tests = {
+    {"0",             0         },
+    {"1234",          1234      },
+    {"-1234",         -1234     },
+    {"2147483647",    2147483647},
+    {"-2147483648",   2147483648},
+    {"2147483648",    INT_MAX   },
+    {"-2147483649",   INT_MIN   },
+    {"2147483647",    INT_MAX   },
+    {"-2147483648",   INT_MIN   },
+    {"999999999999",  INT_MAX   },
+    {"-999999999999", INT_MIN   }
+  };
 
   for (const auto &it : tests) {
     auto [buf, val] = it;
diff --git a/proxy/http/Http1ServerSession.h b/proxy/http/Http1ServerSession.h
index 0c6c76c9fdf..8a7b43f69e6 100644
--- a/proxy/http/Http1ServerSession.h
+++ b/proxy/http/Http1ServerSession.h
@@ -53,7 +53,7 @@ class Http1ServerSession : public PoolableSession
 
 public:
   Http1ServerSession();
-  Http1ServerSession(self_type const &) = delete;
+  Http1ServerSession(self_type const &)   = delete;
   self_type &operator=(self_type const &) = delete;
   ~Http1ServerSession()                   = default;
 
diff --git a/proxy/http/HttpBodyFactory.h b/proxy/http/HttpBodyFactory.h
index 1803eaf8736..08eae3d612c 100644
--- a/proxy/http/HttpBodyFactory.h
+++ b/proxy/http/HttpBodyFactory.h
@@ -67,8 +67,8 @@
 #include <unordered_map>
 
 #define HTTP_BODY_TEMPLATE_MAGIC 0xB0DFAC00
-#define HTTP_BODY_SET_MAGIC 0xB0DFAC55
-#define HTTP_BODY_FACTORY_MAGIC 0xB0DFACFF
+#define HTTP_BODY_SET_MAGIC      0xB0DFAC55
+#define HTTP_BODY_FACTORY_MAGIC  0xB0DFACFF
 
 ////////////////////////////////////////////////////////////////////////
 //
diff --git a/proxy/http/HttpConfig.cc b/proxy/http/HttpConfig.cc
index 377985ef354..9d1bf3e9181 100644
--- a/proxy/http/HttpConfig.cc
+++ b/proxy/http/HttpConfig.cc
@@ -113,10 +113,15 @@ http_config_enum_read(const char *name, const ConfigEnumPair<T> (&list)[N], Mgmt
 ////////////////////////////////////////////////////////////////
 /// Session sharing match types.
 static const ConfigEnumPair<TSServerSessionSharingMatchType> SessionSharingMatchStrings[] = {
-  {TS_SERVER_SESSION_SHARING_MATCH_NONE, "none"}, {TS_SERVER_SESSION_SHARING_MATCH_IP, "ip"},
-  {TS_SERVER_SESSION_SHARING_MATCH_HOST, "host"}, {TS_SERVER_SESSION_SHARING_MATCH_HOST, "hostsni"},
-  {TS_SERVER_SESSION_SHARING_MATCH_BOTH, "both"}, {TS_SERVER_SESSION_SHARING_MATCH_HOSTONLY, "hostonly"},
-  {TS_SERVER_SESSION_SHARING_MATCH_SNI, "sni"},   {TS_SERVER_SESSION_SHARING_MATCH_CERT, "cert"}};
+  {TS_SERVER_SESSION_SHARING_MATCH_NONE,     "none"    },
+  {TS_SERVER_SESSION_SHARING_MATCH_IP,       "ip"      },
+  {TS_SERVER_SESSION_SHARING_MATCH_HOST,     "host"    },
+  {TS_SERVER_SESSION_SHARING_MATCH_HOST,     "hostsni" },
+  {TS_SERVER_SESSION_SHARING_MATCH_BOTH,     "both"    },
+  {TS_SERVER_SESSION_SHARING_MATCH_HOSTONLY, "hostonly"},
+  {TS_SERVER_SESSION_SHARING_MATCH_SNI,      "sni"     },
+  {TS_SERVER_SESSION_SHARING_MATCH_CERT,     "cert"    }
+};
 
 bool
 HttpConfig::load_server_session_sharing_match(const char *key, MgmtByte &mask)
@@ -167,7 +172,8 @@ http_config_enum_mask_read(const char *name, MgmtByte &value)
 static const ConfigEnumPair<TSServerSessionSharingPoolType> SessionSharingPoolStrings[] = {
   {TS_SERVER_SESSION_SHARING_POOL_GLOBAL, "global"},
   {TS_SERVER_SESSION_SHARING_POOL_THREAD, "thread"},
-  {TS_SERVER_SESSION_SHARING_POOL_HYBRID, "hybrid"}};
+  {TS_SERVER_SESSION_SHARING_POOL_HYBRID, "hybrid"}
+};
 
 int HttpConfig::m_id = 0;
 HttpConfigParams HttpConfig::m_master;
@@ -1401,13 +1407,13 @@ HttpConfig::startup()
   HttpEstablishStaticConfigLongLong(c.max_payload_iobuf_index, "proxy.config.payload.io.max_buffer_index");
   HttpEstablishStaticConfigLongLong(c.max_msg_iobuf_index, "proxy.config.msg.io.max_buffer_index");
 
-  //##############################################################################
-  //#
-  //# Redirection
-  //#
-  //# See RecordsConfig definition.
-  //#
-  //##############################################################################
+  // ##############################################################################
+  // #
+  // # Redirection
+  // #
+  // # See RecordsConfig definition.
+  // #
+  // ##############################################################################
   HttpEstablishStaticConfigByte(c.oride.redirect_use_orig_cache_key, "proxy.config.http.redirect_use_orig_cache_key");
   HttpEstablishStaticConfigByte(c.redirection_host_no_port, "proxy.config.http.redirect_host_no_port");
   HttpEstablishStaticConfigLongLong(c.oride.number_of_redirections, "proxy.config.http.number_of_redirections");
@@ -1941,8 +1947,8 @@ HttpConfig::parse_redirect_actions(char *input_string, RedirectEnabled::Action &
   // SELF
   // We must store the self address class separately instead of adding the addresses to our map.
   // The addresses Trafficserver will use depend on configurations that are loaded here, so they are not available yet.
-  action = configMapping.find(AddressClass::SELF) != configMapping.end() ? configMapping[AddressClass::SELF] :
-                                                                           configMapping[AddressClass::DEFAULT];
+  action      = configMapping.find(AddressClass::SELF) != configMapping.end() ? configMapping[AddressClass::SELF] :
+                                                                                configMapping[AddressClass::DEFAULT];
   self_action = action;
 
   // IpMap::fill only marks things that are not already marked.
diff --git a/proxy/http/HttpConfig.h b/proxy/http/HttpConfig.h
index 4ce28a100bc..c3057058aab 100644
--- a/proxy/http/HttpConfig.h
+++ b/proxy/http/HttpConfig.h
@@ -383,9 +383,9 @@ enum CacheOpenWriteFailAction_t {
 extern RecRawStatBlock *http_rsb;
 
 /* Stats should only be accessed using these macros */
-#define HTTP_INCREMENT_DYN_STAT(x) RecIncrRawStat(http_rsb, this_ethread(), (int)x, 1)
-#define HTTP_DECREMENT_DYN_STAT(x) RecIncrRawStat(http_rsb, this_ethread(), (int)x, -1)
-#define HTTP_SUM_DYN_STAT(x, y) RecIncrRawStat(http_rsb, this_ethread(), (int)x, (int64_t)y)
+#define HTTP_INCREMENT_DYN_STAT(x)     RecIncrRawStat(http_rsb, this_ethread(), (int)x, 1)
+#define HTTP_DECREMENT_DYN_STAT(x)     RecIncrRawStat(http_rsb, this_ethread(), (int)x, -1)
+#define HTTP_SUM_DYN_STAT(x, y)        RecIncrRawStat(http_rsb, this_ethread(), (int)x, (int64_t)y)
 #define HTTP_SUM_GLOBAL_DYN_STAT(x, y) RecIncrGlobalRawStatSum(http_rsb, x, y)
 
 #define HTTP_CLEAR_DYN_STAT(x)          \
@@ -394,7 +394,7 @@ extern RecRawStatBlock *http_rsb;
     RecSetRawStatCount(http_rsb, x, 0); \
   } while (0);
 
-#define HTTP_READ_DYN_SUM(x, S) RecGetRawStatSum(http_rsb, (int)x, &S) // This aggregates threads too
+#define HTTP_READ_DYN_SUM(x, S)        RecGetRawStatSum(http_rsb, (int)x, &S) // This aggregates threads too
 #define HTTP_READ_GLOBAL_DYN_SUM(x, S) RecGetGlobalRawStatSum(http_rsb, (int)x, &S)
 
 /////////////////////////////////////////////////////////////
@@ -468,9 +468,13 @@ enum class Action {
 };
 
 static std::map<std::string, AddressClass> address_class_map = {
-  {"default", AddressClass::DEFAULT},     {"private", AddressClass::PRIVATE},     {"loopback", AddressClass::LOOPBACK},
-  {"multicast", AddressClass::MULTICAST}, {"linklocal", AddressClass::LINKLOCAL}, {"routable", AddressClass::ROUTABLE},
-  {"self", AddressClass::SELF},
+  {"default",   AddressClass::DEFAULT  },
+  {"private",   AddressClass::PRIVATE  },
+  {"loopback",  AddressClass::LOOPBACK },
+  {"multicast", AddressClass::MULTICAST},
+  {"linklocal", AddressClass::LINKLOCAL},
+  {"routable",  AddressClass::ROUTABLE },
+  {"self",      AddressClass::SELF     },
 };
 
 static std::map<std::string, Action> action_map = {
@@ -864,7 +868,7 @@ struct HttpConfigParams : public ConfigInfo {
   /////////////////////////////////////
   // operator = and copy constructor //
   /////////////////////////////////////
-  HttpConfigParams(const HttpConfigParams &) = delete;
+  HttpConfigParams(const HttpConfigParams &)            = delete;
   HttpConfigParams &operator=(const HttpConfigParams &) = delete;
 };
 
diff --git a/proxy/http/HttpConnectionCount.cc b/proxy/http/HttpConnectionCount.cc
index 3d9318f21c1..e51c45426ea 100644
--- a/proxy/http/HttpConnectionCount.cc
+++ b/proxy/http/HttpConnectionCount.cc
@@ -71,7 +71,8 @@ const MgmtConverter OutboundConnTrack::MATCH_CONV{
   }};
 
 const std::array<std::string_view, static_cast<int>(OutboundConnTrack::MATCH_BOTH) + 1> OutboundConnTrack::MATCH_TYPE_NAME{
-  {"ip"sv, "port"sv, "host"sv, "both"sv}};
+  {"ip"sv, "port"sv, "host"sv, "both"sv}
+};
 
 // Make sure the clock is millisecond resolution or finer.
 static_assert(OutboundConnTrack::Group::Clock::period::num == 1);
diff --git a/proxy/http/HttpConnectionCount.h b/proxy/http/HttpConnectionCount.h
index 19a3075dc85..10cc1daa4e6 100644
--- a/proxy/http/HttpConnectionCount.h
+++ b/proxy/http/HttpConnectionCount.h
@@ -54,7 +54,7 @@ class OutboundConnTrack
 
 public:
   // Non-copyable.
-  OutboundConnTrack(const self_type &) = delete;
+  OutboundConnTrack(const self_type &)    = delete;
   self_type &operator=(const self_type &) = delete;
 
   /// Definition of an upstream server group equivalence class.
diff --git a/proxy/http/HttpPages.cc b/proxy/http/HttpPages.cc
index 37061dad546..afc9c445e07 100644
--- a/proxy/http/HttpPages.cc
+++ b/proxy/http/HttpPages.cc
@@ -97,10 +97,10 @@ HttpPagesHandler::dump_hdr(HTTPHdr *hdr, const char *desc)
     int done;
     offset = 0;
     do {
-      used = 0;
-      tmp  = offset;
-      done = hdr->print(b, 4095, &used, &tmp);
-      offset += used;
+      used    = 0;
+      tmp     = offset;
+      done    = hdr->print(b, 4095, &used, &tmp);
+      offset  += used;
       b[used] = '\0';
       resp_add(b);
     } while (!done);
diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index e53889f0e54..71a208a0950 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -64,8 +64,8 @@
 #include <logging/Log.h>
 
 #define DEFAULT_RESPONSE_BUFFER_SIZE_INDEX 6 // 8K
-#define DEFAULT_REQUEST_BUFFER_SIZE_INDEX 6  // 8K
-#define MIN_CONFIG_BUFFER_SIZE_INDEX 5       // 4K
+#define DEFAULT_REQUEST_BUFFER_SIZE_INDEX  6 // 8K
+#define MIN_CONFIG_BUFFER_SIZE_INDEX       5 // 4K
 
 #define hsm_release_assert(EX)              \
   {                                         \
@@ -2367,9 +2367,9 @@ HttpSM::state_hostdb_lookup(int event, void *data)
 
     char const *host_name = t_state.dns_info.is_srv() ? t_state.dns_info.record->name() : t_state.dns_info.lookup_name;
     HostDBProcessor::Options opt;
-    opt.port  = t_state.dns_info.is_srv() ? t_state.dns_info.srv_port : t_state.server_info.dst_addr.host_order_port();
-    opt.flags = (t_state.cache_info.directives.does_client_permit_dns_storing) ? HostDBProcessor::HOSTDB_DO_NOT_FORCE_DNS :
-                                                                                 HostDBProcessor::HOSTDB_FORCE_DNS_RELOAD;
+    opt.port           = t_state.dns_info.is_srv() ? t_state.dns_info.srv_port : t_state.server_info.dst_addr.host_order_port();
+    opt.flags          = (t_state.cache_info.directives.does_client_permit_dns_storing) ? HostDBProcessor::HOSTDB_DO_NOT_FORCE_DNS :
+                                                                                          HostDBProcessor::HOSTDB_FORCE_DNS_RELOAD;
     opt.timeout        = (t_state.api_txn_dns_timeout_value != -1) ? t_state.api_txn_dns_timeout_value : 0;
     opt.host_res_style = ats_host_res_from(ua_txn->get_netvc()->get_local_addr()->sa_family, t_state.txn_conf->host_res_data.order);
 
@@ -3443,7 +3443,7 @@ HttpSM::tunnel_handler_ua_push(int event, HttpTunnelProducer *p)
   STATE_ENTER(&HttpSM::tunnel_handler_ua_push, event);
 
   pushed_response_body_bytes += p->bytes_read;
-  client_request_body_bytes += p->bytes_read;
+  client_request_body_bytes  += p->bytes_read;
 
   switch (event) {
   case VC_EVENT_INACTIVITY_TIMEOUT:
@@ -4237,12 +4237,11 @@ HttpSM::do_hostdb_lookup()
     pending_action = hostDBProcessor.getSRVbyname_imm(this, (cb_process_result_pfn)&HttpSM::process_srv_info, d, 0, opt);
     if (pending_action.empty()) {
       char const *host_name = t_state.dns_info.resolved_p ? t_state.dns_info.srv_hostname : t_state.dns_info.lookup_name;
-      opt.port              = t_state.dns_info.resolved_p ?
-                   t_state.dns_info.srv_port :
-                   t_state.server_info.dst_addr.isValid() ? t_state.server_info.dst_addr.host_order_port() :
-                                                            t_state.hdr_info.client_request.port_get();
-      opt.flags = (t_state.cache_info.directives.does_client_permit_dns_storing) ? HostDBProcessor::HOSTDB_DO_NOT_FORCE_DNS :
-                                                                                   HostDBProcessor::HOSTDB_FORCE_DNS_RELOAD;
+      opt.port              = t_state.dns_info.resolved_p            ? t_state.dns_info.srv_port :
+                              t_state.server_info.dst_addr.isValid() ? t_state.server_info.dst_addr.host_order_port() :
+                                                                       t_state.hdr_info.client_request.port_get();
+      opt.flags   = (t_state.cache_info.directives.does_client_permit_dns_storing) ? HostDBProcessor::HOSTDB_DO_NOT_FORCE_DNS :
+                                                                                     HostDBProcessor::HOSTDB_FORCE_DNS_RELOAD;
       opt.timeout = (t_state.api_txn_dns_timeout_value != -1) ? t_state.api_txn_dns_timeout_value : 0;
       opt.host_res_style =
         ats_host_res_from(ua_txn->get_netvc()->get_local_addr()->sa_family, t_state.txn_conf->host_res_data.order);
@@ -4272,9 +4271,9 @@ HttpSM::do_hostdb_lookup()
     }
 
     HostDBProcessor::Options opt;
-    opt.port  = server_port;
-    opt.flags = (t_state.cache_info.directives.does_client_permit_dns_storing) ? HostDBProcessor::HOSTDB_DO_NOT_FORCE_DNS :
-                                                                                 HostDBProcessor::HOSTDB_FORCE_DNS_RELOAD;
+    opt.port    = server_port;
+    opt.flags   = (t_state.cache_info.directives.does_client_permit_dns_storing) ? HostDBProcessor::HOSTDB_DO_NOT_FORCE_DNS :
+                                                                                   HostDBProcessor::HOSTDB_FORCE_DNS_RELOAD;
     opt.timeout = (t_state.api_txn_dns_timeout_value != -1) ? t_state.api_txn_dns_timeout_value : 0;
 
     opt.host_res_style = ats_host_res_from(ua_txn->get_netvc()->get_local_addr()->sa_family, t_state.txn_conf->host_res_data.order);
@@ -4415,8 +4414,8 @@ HttpSM::parse_range_and_compare(MIMEField *field, int64_t content_length)
     return;
   }
 
-  ranges = new RangeRecord[n_values];
-  value += 6; // skip leading 'bytes='
+  ranges    = new RangeRecord[n_values];
+  value     += 6; // skip leading 'bytes='
   value_len -= 6;
 
   // assume range_in_cache
@@ -6168,7 +6167,7 @@ HttpSM::write_header_into_buffer(HTTPHdr *h, MIOBuffer *b)
     int tmp              = dumpoffset;
 
     ink_assert(block->write_avail() > 0);
-    done = h->print(block->start(), block->write_avail(), &bufindex, &tmp);
+    done       = h->print(block->start(), block->write_avail(), &bufindex, &tmp);
     dumpoffset += bufindex;
     ink_assert(bufindex > 0);
     b->fill(bufindex);
@@ -6319,7 +6318,7 @@ HttpSM::setup_server_send_request()
   // the plugin decided to append a message to the request
   if (t_state.api_server_request_body_set) {
     SMDebug("http", "appending msg of %" PRId64 " bytes to request %s", msg_len, t_state.internal_msg_buffer);
-    hdr_length += server_entry->write_buffer->write(t_state.internal_msg_buffer, msg_len);
+    hdr_length                += server_entry->write_buffer->write(t_state.internal_msg_buffer, msg_len);
     server_request_body_bytes = msg_len;
   }
 
diff --git a/proxy/http/HttpSM.h b/proxy/http/HttpSM.h
index 3a41ad866f9..7015d67bdab 100644
--- a/proxy/http/HttpSM.h
+++ b/proxy/http/HttpSM.h
@@ -47,7 +47,7 @@
 #include "tscore/PendingAction.h"
 
 #define HTTP_API_CONTINUE (INK_API_EVENT_EVENTS_START + 0)
-#define HTTP_API_ERROR (INK_API_EVENT_EVENTS_START + 1)
+#define HTTP_API_ERROR    (INK_API_EVENT_EVENTS_START + 1)
 
 // The default size for http header buffers when we don't
 //   need to include extra space for the document
diff --git a/proxy/http/HttpSessionAccept.h b/proxy/http/HttpSessionAccept.h
index 588fa265352..a8ab00ab7b3 100644
--- a/proxy/http/HttpSessionAccept.h
+++ b/proxy/http/HttpSessionAccept.h
@@ -198,6 +198,6 @@ class HttpSessionAccept : public SessionAccept, private detail::HttpSessionAccep
   int mainEvent(int event, void *netvc) override;
 
   // noncopyable
-  HttpSessionAccept(const HttpSessionAccept &) = delete;
+  HttpSessionAccept(const HttpSessionAccept &)            = delete;
   HttpSessionAccept &operator=(const HttpSessionAccept &) = delete;
 };
diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc
index c79f698e244..5d1e2ba8987 100644
--- a/proxy/http/HttpTransact.cc
+++ b/proxy/http/HttpTransact.cc
@@ -463,7 +463,7 @@ update_cache_control_information_from_config(HttpTransact::State *s)
 {
   getCacheControl(&s->cache_control, &s->request_data, s->txn_conf);
 
-  s->cache_info.directives.does_config_permit_lookup &= (s->cache_control.never_cache == false);
+  s->cache_info.directives.does_config_permit_lookup  &= (s->cache_control.never_cache == false);
   s->cache_info.directives.does_config_permit_storing &= (s->cache_control.never_cache == false);
 
   s->cache_info.directives.does_client_permit_storing =
@@ -2518,7 +2518,7 @@ HttpTransact::issue_revalidate(State *s)
       const char *etag = c_resp->value_get(MIME_FIELD_ETAG, MIME_LEN_ETAG, &length);
       if (nullptr != etag) {
         if ((length >= 2) && (etag[0] == 'W') && (etag[1] == '/')) {
-          etag += 2;
+          etag   += 2;
           length -= 2;
         }
         s->hdr_info.server_request.value_set(MIME_FIELD_IF_NONE_MATCH, MIME_LEN_IF_NONE_MATCH, etag, length);
@@ -7859,11 +7859,11 @@ HttpTransact::build_response(State *s, HTTPHdr *base_response, HTTPHdr *outgoing
             int len;
             uint64_t presence;
           } fields[] = {
-            {MIME_FIELD_ETAG, MIME_LEN_ETAG, MIME_PRESENCE_ETAG},
+            {MIME_FIELD_ETAG,             MIME_LEN_ETAG,             MIME_PRESENCE_ETAG            },
             {MIME_FIELD_CONTENT_LOCATION, MIME_LEN_CONTENT_LOCATION, MIME_PRESENCE_CONTENT_LOCATION},
-            {MIME_FIELD_EXPIRES, MIME_LEN_EXPIRES, MIME_PRESENCE_EXPIRES},
-            {MIME_FIELD_CACHE_CONTROL, MIME_LEN_CACHE_CONTROL, MIME_PRESENCE_CACHE_CONTROL},
-            {MIME_FIELD_VARY, MIME_LEN_VARY, MIME_PRESENCE_VARY},
+            {MIME_FIELD_EXPIRES,          MIME_LEN_EXPIRES,          MIME_PRESENCE_EXPIRES         },
+            {MIME_FIELD_CACHE_CONTROL,    MIME_LEN_CACHE_CONTROL,    MIME_PRESENCE_CACHE_CONTROL   },
+            {MIME_FIELD_VARY,             MIME_LEN_VARY,             MIME_PRESENCE_VARY            },
           };
 
           for (size_t i = 0; i < countof(fields); i++) {
diff --git a/proxy/http/HttpTransact.h b/proxy/http/HttpTransact.h
index 61da1211a86..efeba51ba7f 100644
--- a/proxy/http/HttpTransact.h
+++ b/proxy/http/HttpTransact.h
@@ -60,10 +60,10 @@
       offset = 0;                                               \
       if ((H)->valid()) {                                       \
         do {                                                    \
-          used = 0;                                             \
-          tmp  = offset;                                        \
-          done = (H)->print(b, 4095, &used, &tmp);              \
-          offset += used;                                       \
+          used    = 0;                                          \
+          tmp     = offset;                                     \
+          done    = (H)->print(b, 4095, &used, &tmp);           \
+          offset  += used;                                      \
           b[used] = '\0';                                       \
           fprintf(stderr, "%s", b);                             \
         } while (!done);                                        \
@@ -217,7 +217,7 @@ const int32_t HTTP_UNDEFINED_CL = -1;
 //
 //////////////////////////////////////////////////////////////////////////////
 #define SET_VIA_STRING(I, S) s->via_string[I] = S;
-#define GET_VIA_STRING(I) (s->via_string[I])
+#define GET_VIA_STRING(I)    (s->via_string[I])
 
 class HttpTransact
 {
diff --git a/proxy/http/HttpTransactCache.cc b/proxy/http/HttpTransactCache.cc
index 48b3282e601..9750f450be7 100644
--- a/proxy/http/HttpTransactCache.cc
+++ b/proxy/http/HttpTransactCache.cc
@@ -223,20 +223,20 @@ HttpTransactCache::SelectFromAlternates(CacheHTTPInfoVector *cache_vector, HTTPH
 
         offset = 0;
         do {
-          used = 0;
-          tmp  = offset;
-          done = cached_request->print(b, sizeof(b) - 1, &used, &tmp);
-          offset += used;
+          used    = 0;
+          tmp     = offset;
+          done    = cached_request->print(b, sizeof(b) - 1, &used, &tmp);
+          offset  += used;
           b[used] = '\0';
           fprintf(stderr, "%s", b);
         } while (!done);
 
         offset = 0;
         do {
-          used = 0;
-          tmp  = offset;
-          done = cached_response->print(b, sizeof(b) - 1, &used, &tmp);
-          offset += used;
+          used    = 0;
+          tmp     = offset;
+          done    = cached_response->print(b, sizeof(b) - 1, &used, &tmp);
+          offset  += used;
           b[used] = '\0';
           fprintf(stderr, "%s", b);
         } while (!done);
diff --git a/proxy/http/HttpTransactHeaders.cc b/proxy/http/HttpTransactHeaders.cc
index 8f8b00f63aa..3ea841128a3 100644
--- a/proxy/http/HttpTransactHeaders.cc
+++ b/proxy/http/HttpTransactHeaders.cc
@@ -135,7 +135,7 @@ HttpTransactHeaders::insert_supported_methods_in_response(HTTPHdr *response, int
     if (is_supported) {
       ++num_methods_supported;
       method_output_lengths[i] = hdrtoken_wks_to_length(method_wks);
-      bytes += method_output_lengths[i];
+      bytes                    += method_output_lengths[i];
       if (num_methods_supported > 1) {
         bytes += 2; // +2 if need leading ", "
       }
@@ -781,7 +781,7 @@ HttpTransactHeaders::insert_via_header_in_request(HttpTransact::State *s, HTTPHd
 
   *via_string++ = '[';
   memcpy(via_string, Machine::instance()->uuid.getString(), TS_UUID_STRING_LEN);
-  via_string += TS_UUID_STRING_LEN;
+  via_string    += TS_UUID_STRING_LEN;
   *via_string++ = ']';
   *via_string++ = ' ';
   *via_string++ = '(';
@@ -867,7 +867,7 @@ HttpTransactHeaders::insert_via_header_in_response(HttpTransact::State *s, HTTPH
     write_hdr_protocol_stack(via_string, via_limit - via_string, ProtocolStackDetail::Standard, proto_buf.data(), n_proto);
   *via_string++ = ' ';
 
-  via_string += nstrcpy(via_string, s->http_config_param->proxy_hostname);
+  via_string    += nstrcpy(via_string, s->http_config_param->proxy_hostname);
   *via_string++ = ' ';
   *via_string++ = '(';
 
diff --git a/proxy/http/HttpTunnel.cc b/proxy/http/HttpTunnel.cc
index 9071d29133e..19c65c8427f 100644
--- a/proxy/http/HttpTunnel.cc
+++ b/proxy/http/HttpTunnel.cc
@@ -223,9 +223,9 @@ ChunkedHandler::transfer_bytes()
 
     if (moved > 0) {
       chunked_reader->consume(moved);
-      bytes_left = bytes_left - moved;
+      bytes_left     = bytes_left - moved;
       dechunked_size += moved;
-      total_moved += moved;
+      total_moved    += moved;
     } else {
       break;
     }
diff --git a/proxy/http/HttpTunnel.h b/proxy/http/HttpTunnel.h
index 0bd1be84511..895d65adb65 100644
--- a/proxy/http/HttpTunnel.h
+++ b/proxy/http/HttpTunnel.h
@@ -45,16 +45,16 @@
 #define MAX_PRODUCERS 2
 #define MAX_CONSUMERS 4
 
-#define HTTP_TUNNEL_EVENT_DONE (HTTP_TUNNEL_EVENTS_START + 1)
-#define HTTP_TUNNEL_EVENT_PRECOMPLETE (HTTP_TUNNEL_EVENTS_START + 2)
+#define HTTP_TUNNEL_EVENT_DONE            (HTTP_TUNNEL_EVENTS_START + 1)
+#define HTTP_TUNNEL_EVENT_PRECOMPLETE     (HTTP_TUNNEL_EVENTS_START + 2)
 #define HTTP_TUNNEL_EVENT_CONSUMER_DETACH (HTTP_TUNNEL_EVENTS_START + 3)
-#define HTTP_TUNNEL_EVENT_ACTIVITY_CHECK (HTTP_TUNNEL_EVENTS_START + 4)
+#define HTTP_TUNNEL_EVENT_ACTIVITY_CHECK  (HTTP_TUNNEL_EVENTS_START + 4)
 
 #define HTTP_TUNNEL_STATIC_PRODUCER (VConnection *)!0
 
 // YTS Team, yamsat Plugin
 #define ALLOCATE_AND_WRITE_TO_BUF 1
-#define WRITE_TO_BUF 2
+#define WRITE_TO_BUF              2
 
 struct HttpTunnelProducer;
 class HttpSM;
@@ -518,7 +518,7 @@ HttpTunnel::append_message_to_producer_buffer(HttpTunnelProducer *p, const char
   }
 
   p->read_buffer->write(msg, msg_len);
-  p->nbytes += msg_len;
+  p->nbytes     += msg_len;
   p->bytes_read += msg_len;
 }
 
diff --git a/proxy/http/PreWarmConfig.h b/proxy/http/PreWarmConfig.h
index 12b22100f58..e199722e103 100644
--- a/proxy/http/PreWarmConfig.h
+++ b/proxy/http/PreWarmConfig.h
@@ -27,7 +27,7 @@ struct PreWarmConfigParams : public ConfigInfo {
   PreWarmConfigParams();
 
   // noncopyable
-  PreWarmConfigParams(const HttpConfigParams &) = delete;
+  PreWarmConfigParams(const HttpConfigParams &)            = delete;
   PreWarmConfigParams &operator=(const HttpConfigParams &) = delete;
 
   // Config Params
diff --git a/proxy/http/PreWarmManager.cc b/proxy/http/PreWarmManager.cc
index dd67fc9cf66..f06c3cb57ae 100644
--- a/proxy/http/PreWarmManager.cc
+++ b/proxy/http/PreWarmManager.cc
@@ -34,7 +34,7 @@
 
 #include <algorithm>
 
-#define PreWarmSMDebug(fmt, ...) Debug("prewarm_sm", "[%p] " fmt, this, ##__VA_ARGS__);
+#define PreWarmSMDebug(fmt, ...)  Debug("prewarm_sm", "[%p] " fmt, this, ##__VA_ARGS__);
 #define PreWarmSMVDebug(fmt, ...) Debug("v_prewarm_sm", "[%p] " fmt, this, ##__VA_ARGS__);
 
 ClassAllocator<PreWarmSM> preWarmSMAllocator("preWarmSMAllocator");
diff --git a/proxy/http/RegressionHttpTransact.cc b/proxy/http/RegressionHttpTransact.cc
index 7008edea955..dc62d066383 100644
--- a/proxy/http/RegressionHttpTransact.cc
+++ b/proxy/http/RegressionHttpTransact.cc
@@ -72,25 +72,27 @@ REGRESSION_TEST(HttpTransact_is_request_valid)(RegressionTest *t, int /* level *
     const char *scheme;
     const char *req;
     bool result;
-  } requests[] = {// missing host header
-                  {"http", "GET / HTTP/1.1\r\n\r\n", false},
-                  // good get request
-                  {"http", "GET / HTTP/1.1\r\nHost: abc.com\r\n\r\n", true},
-                  // good trace request
-                  {"http", "TRACE / HTTP/1.1\r\nHost: abc.com\r\n\r\n", true},
-                  // content len < 0
-                  {"http", "POST / HTTP/1.1\r\nHost: abc.com\r\nContent-Length: -1\r\n\r\n", false},
-                  {"http", "PUSH / HTTP/1.1\r\nHost: abc.com\r\nContent-Length: -1\r\n\r\n", false},
-                  {"http", "PUT / HTTP/1.1\r\nHost: abc.com\r\nContent-Length: -1\r\n\r\n", false},
-                  // valid content len
-                  {"http", "POST / HTTP/1.1\r\nHost: abc.com\r\nContent-Length: 10\r\n\r\n", true},
-                  {"http", "PUSH / HTTP/1.1\r\nHost: abc.com\r\nContent-Length: 10\r\n\r\n", true},
-                  {"http", "PUT / HTTP/1.1\r\nHost: abc.com\r\nContent-Length: 10\r\n\r\n", true},
-                  // Content Length missing
-                  {"http", "POST / HTTP/1.1\r\nHost: abc.com\r\n\r\n", false},
-                  {"http", "PUSH / HTTP/1.1\r\nHost: abc.com\r\n\r\n", false},
-                  {"http", "PUT / HTTP/1.1\r\nHost: abc.com\r\n\r\n", false},
-                  {nullptr, nullptr, false}};
+  } requests[] = {
+  // missing host header
+    {"http",  "GET / HTTP/1.1\r\n\r\n",                                         false},
+ // good get request
+    {"http",  "GET / HTTP/1.1\r\nHost: abc.com\r\n\r\n",                        true },
+ // good trace request
+    {"http",  "TRACE / HTTP/1.1\r\nHost: abc.com\r\n\r\n",                      true },
+ // content len < 0
+    {"http",  "POST / HTTP/1.1\r\nHost: abc.com\r\nContent-Length: -1\r\n\r\n", false},
+    {"http",  "PUSH / HTTP/1.1\r\nHost: abc.com\r\nContent-Length: -1\r\n\r\n", false},
+    {"http",  "PUT / HTTP/1.1\r\nHost: abc.com\r\nContent-Length: -1\r\n\r\n",  false},
+ // valid content len
+    {"http",  "POST / HTTP/1.1\r\nHost: abc.com\r\nContent-Length: 10\r\n\r\n", true },
+    {"http",  "PUSH / HTTP/1.1\r\nHost: abc.com\r\nContent-Length: 10\r\n\r\n", true },
+    {"http",  "PUT / HTTP/1.1\r\nHost: abc.com\r\nContent-Length: 10\r\n\r\n",  true },
+ // Content Length missing
+    {"http",  "POST / HTTP/1.1\r\nHost: abc.com\r\n\r\n",                       false},
+    {"http",  "PUSH / HTTP/1.1\r\nHost: abc.com\r\n\r\n",                       false},
+    {"http",  "PUT / HTTP/1.1\r\nHost: abc.com\r\n\r\n",                        false},
+    {nullptr, nullptr,                                                          false}
+  };
   for (int i = 0; requests[i].req; i++) {
     setup_client_request(&sm, requests[i].scheme, requests[i].req);
 
@@ -112,9 +114,11 @@ REGRESSION_TEST(HttpTransact_handle_trace_and_options_requests)(RegressionTest *
     const char *scheme;
     const char *req;
     bool result;
-  } requests[] = {// good trace request
-                  {"http", "TRACE www.abc.com/ HTTP/1.1\r\nHost: abc.com\r\nMax-Forwards: 0\r\n\r\n", true},
-                  {nullptr, nullptr, false}};
+  } requests[] = {
+  // good trace request
+    {"http",  "TRACE www.abc.com/ HTTP/1.1\r\nHost: abc.com\r\nMax-Forwards: 0\r\n\r\n", true },
+    {nullptr, nullptr,                                                                   false}
+  };
   for (int i = 0; requests[i].req; i++) {
     setup_client_request(&sm, requests[i].scheme, requests[i].req);
 
diff --git a/proxy/http/remap/AclFiltering.h b/proxy/http/remap/AclFiltering.h
index ceba59a7c2c..c62339311c8 100644
--- a/proxy/http/remap/AclFiltering.h
+++ b/proxy/http/remap/AclFiltering.h
@@ -70,10 +70,10 @@ class acl_filter_rule
   acl_filter_rule *next = nullptr;
   char *filter_name     = nullptr; // optional filter name
   unsigned int allow_flag : 1,     // action allow deny
-    src_ip_valid : 1,              // src_ip range valid
-    in_ip_valid : 1,
-    active_queue_flag : 1, // filter is in active state (used by .useflt directive)
-    internal : 1;          // filter internal HTTP requests
+    src_ip_valid          : 1,     // src_ip range valid
+    in_ip_valid           : 1,
+    active_queue_flag     : 1, // filter is in active state (used by .useflt directive)
+    internal              : 1; // filter internal HTTP requests
 
   // we need arguments as string array for directive processing
   int argc = 0;                    // argument counter (only for filter defs)
diff --git a/proxy/http/remap/NextHopSelectionStrategy.h b/proxy/http/remap/NextHopSelectionStrategy.h
index e63a3a4f23c..1fe49cb701f 100644
--- a/proxy/http/remap/NextHopSelectionStrategy.h
+++ b/proxy/http/remap/NextHopSelectionStrategy.h
@@ -32,9 +32,9 @@
 
 #ifndef _NH_UNIT_TESTS_
 #define NH_Debug(tag, ...) Debug(tag, __VA_ARGS__)
-#define NH_Error(...) DiagsError(DL_Error, __VA_ARGS__)
-#define NH_Note(...) DiagsError(DL_Note, __VA_ARGS__)
-#define NH_Warn(...) DiagsError(DL_Warning, __VA_ARGS__)
+#define NH_Error(...)      DiagsError(DL_Error, __VA_ARGS__)
+#define NH_Note(...)       DiagsError(DL_Note, __VA_ARGS__)
+#define NH_Warn(...)       DiagsError(DL_Warning, __VA_ARGS__)
 #define NH_GetConfig(v, n) REC_ReadConfigInteger(v, n)
 #else
 #include "unit-tests/nexthop_test_stubs.h"
@@ -125,7 +125,7 @@ struct HostRecord : public ATSConsistentHashNode, public HostRecordCfg {
   explicit HostRecord(HostRecordCfg &&o) : HostRecordCfg(std::move(o)) {}
 
   // No copying or moving.
-  HostRecord(const HostRecord &) = delete;
+  HostRecord(const HostRecord &)            = delete;
   HostRecord &operator=(const HostRecord &) = delete;
 
   // locks the record when marking this host down.
diff --git a/proxy/http/remap/RemapConfig.cc b/proxy/http/remap/RemapConfig.cc
index 9df1c0f406b..2798517bb4a 100644
--- a/proxy/http/remap/RemapConfig.cc
+++ b/proxy/http/remap/RemapConfig.cc
@@ -375,26 +375,26 @@ struct remap_directive {
 
 static const remap_directive directives[] = {
 
-  {".definefilter", parse_define_directive},
-  {".deffilter", parse_define_directive},
-  {".defflt", parse_define_directive},
+  {".definefilter",     parse_define_directive    },
+  {".deffilter",        parse_define_directive    },
+  {".defflt",           parse_define_directive    },
 
-  {".deletefilter", parse_delete_directive},
-  {".delfilter", parse_delete_directive},
-  {".delflt", parse_delete_directive},
+  {".deletefilter",     parse_delete_directive    },
+  {".delfilter",        parse_delete_directive    },
+  {".delflt",           parse_delete_directive    },
 
-  {".usefilter", parse_activate_directive},
-  {".activefilter", parse_activate_directive},
-  {".activatefilter", parse_activate_directive},
-  {".useflt", parse_activate_directive},
+  {".usefilter",        parse_activate_directive  },
+  {".activefilter",     parse_activate_directive  },
+  {".activatefilter",   parse_activate_directive  },
+  {".useflt",           parse_activate_directive  },
 
-  {".unusefilter", parse_deactivate_directive},
+  {".unusefilter",      parse_deactivate_directive},
   {".deactivatefilter", parse_deactivate_directive},
-  {".unactivefilter", parse_deactivate_directive},
-  {".deuseflt", parse_deactivate_directive},
-  {".unuseflt", parse_deactivate_directive},
+  {".unactivefilter",   parse_deactivate_directive},
+  {".deuseflt",         parse_deactivate_directive},
+  {".unuseflt",         parse_deactivate_directive},
 
-  {".include", parse_include_directive},
+  {".include",          parse_include_directive   },
 };
 
 const char *
@@ -746,7 +746,7 @@ remap_load_plugin(const char **argv, int argc, url_mapping *mp, char *errbuf, in
   ink_assert((unsigned)argc < countof(new_argv));
 
   if (jump_to_argc != 0) {
-    argc -= jump_to_argc;
+    argc  -= jump_to_argc;
     int i = 0;
     while (argv[i + jump_to_argc]) {
       new_argv[i] = argv[i + jump_to_argc];
@@ -1078,7 +1078,7 @@ remap_parse_config_bti(const char *path, BUILD_TABLE_INFO *bti)
     //   the beginning of the string
     if ((tmp = (map_from_start = map_from)) != nullptr && length > 2 && tmp[length - 1] == '/' && tmp[length - 2] == '/') {
       new_mapping->unique = true;
-      length -= 2;
+      length              -= 2;
     }
 
     new_mapping->fromURL.create(nullptr);
diff --git a/proxy/http/remap/RemapConfig.h b/proxy/http/remap/RemapConfig.h
index 20c7d07c0ef..247e5e0c913 100644
--- a/proxy/http/remap/RemapConfig.h
+++ b/proxy/http/remap/RemapConfig.h
@@ -30,18 +30,18 @@ class UrlRewrite;
 #define BUILD_TABLE_MAX_ARGS 2048
 
 // Remap inline options
-#define REMAP_OPTFLG_MAP_WITH_REFERER 0x0001u /* "map_with_referer" option */
-#define REMAP_OPTFLG_PLUGIN 0x0002u           /* "plugin=" option (per remap plugin) */
-#define REMAP_OPTFLG_PPARAM 0x0004u           /* "pparam=" option (per remap plugin option) */
-#define REMAP_OPTFLG_METHOD 0x0008u           /* "method=" option (used for ACL filtering) */
-#define REMAP_OPTFLG_SRC_IP 0x0010u           /* "src_ip=" option (used for ACL filtering) */
-#define REMAP_OPTFLG_ACTION 0x0020u           /* "action=" option (used for ACL filtering) */
-#define REMAP_OPTFLG_INTERNAL 0x0040u         /* only allow internal requests to hit this remap */
-#define REMAP_OPTFLG_IN_IP 0x0080u            /* "in_ip=" option (used for ACL filtering)*/
-#define REMAP_OPTFLG_STRATEGY 0x0100u         /* "strategy=" the name of the nexthop selection strategy */
-#define REMAP_OPTFLG_MAP_ID 0x0800u           /* associate a map ID with this rule */
-#define REMAP_OPTFLG_INVERT 0x80000000u       /* "invert" the rule (for src_ip at least) */
-#define REMAP_OPTFLG_ALL_FILTERS (REMAP_OPTFLG_METHOD | REMAP_OPTFLG_SRC_IP | REMAP_OPTFLG_ACTION | REMAP_OPTFLG_INTERNAL)
+#define REMAP_OPTFLG_MAP_WITH_REFERER 0x0001u     /* "map_with_referer" option */
+#define REMAP_OPTFLG_PLUGIN           0x0002u     /* "plugin=" option (per remap plugin) */
+#define REMAP_OPTFLG_PPARAM           0x0004u     /* "pparam=" option (per remap plugin option) */
+#define REMAP_OPTFLG_METHOD           0x0008u     /* "method=" option (used for ACL filtering) */
+#define REMAP_OPTFLG_SRC_IP           0x0010u     /* "src_ip=" option (used for ACL filtering) */
+#define REMAP_OPTFLG_ACTION           0x0020u     /* "action=" option (used for ACL filtering) */
+#define REMAP_OPTFLG_INTERNAL         0x0040u     /* only allow internal requests to hit this remap */
+#define REMAP_OPTFLG_IN_IP            0x0080u     /* "in_ip=" option (used for ACL filtering)*/
+#define REMAP_OPTFLG_STRATEGY         0x0100u     /* "strategy=" the name of the nexthop selection strategy */
+#define REMAP_OPTFLG_MAP_ID           0x0800u     /* associate a map ID with this rule */
+#define REMAP_OPTFLG_INVERT           0x80000000u /* "invert" the rule (for src_ip at least) */
+#define REMAP_OPTFLG_ALL_FILTERS      (REMAP_OPTFLG_METHOD | REMAP_OPTFLG_SRC_IP | REMAP_OPTFLG_ACTION | REMAP_OPTFLG_INTERNAL)
 
 struct BUILD_TABLE_INFO {
   BUILD_TABLE_INFO();
@@ -62,7 +62,7 @@ struct BUILD_TABLE_INFO {
   void reset();
 
   // noncopyable
-  BUILD_TABLE_INFO(const BUILD_TABLE_INFO &) = delete;            // disabled
+  BUILD_TABLE_INFO(const BUILD_TABLE_INFO &)            = delete; // disabled
   BUILD_TABLE_INFO &operator=(const BUILD_TABLE_INFO &) = delete; // disabled
 };
 
diff --git a/proxy/http/remap/RemapPlugins.cc b/proxy/http/remap/RemapPlugins.cc
index 68ba8742ea3..3757d774cf0 100644
--- a/proxy/http/remap/RemapPlugins.cc
+++ b/proxy/http/remap/RemapPlugins.cc
@@ -87,7 +87,10 @@ RemapPlugins::run_single_remap()
   TSRemapStatus plugin_retcode = TSREMAP_NO_REMAP;
   bool zret                    = true; // default - last iteration.
   Debug("url_rewrite", "running single remap rule id %d for the %d%s time", map->map_id, _cur,
-        _cur == 1 ? "st" : _cur == 2 ? "nd" : _cur == 3 ? "rd" : "th");
+        _cur == 1 ? "st" :
+        _cur == 2 ? "nd" :
+        _cur == 3 ? "rd" :
+                    "th");
 
   if (0 == _cur) {
     Debug("url_rewrite", "setting the remapped url by copying from mapping rule");
diff --git a/proxy/http/remap/RemapProcessor.h b/proxy/http/remap/RemapProcessor.h
index e21aee5f697..5afb4e08dbd 100644
--- a/proxy/http/remap/RemapProcessor.h
+++ b/proxy/http/remap/RemapProcessor.h
@@ -31,8 +31,8 @@
 #include "RemapPluginInfo.h"
 #include "ReverseProxy.h"
 
-#define EVENT_REMAP_START (REMAP_EVENT_EVENTS_START + 0)
-#define EVENT_REMAP_ERROR (REMAP_EVENT_EVENTS_START + 1)
+#define EVENT_REMAP_START    (REMAP_EVENT_EVENTS_START + 0)
+#define EVENT_REMAP_ERROR    (REMAP_EVENT_EVENTS_START + 1)
 #define EVENT_REMAP_COMPLETE (REMAP_EVENT_EVENTS_START + 2)
 
 class RemapProcessor
diff --git a/proxy/http/remap/UrlMapping.h b/proxy/http/remap/UrlMapping.h
index bb25e36ad75..b864cae9b1f 100644
--- a/proxy/http/remap/UrlMapping.h
+++ b/proxy/http/remap/UrlMapping.h
@@ -218,7 +218,7 @@ class UrlMappingContainer
   }
 
   // noncopyable, non-assignable
-  UrlMappingContainer(const UrlMappingContainer &orig) = delete;
+  UrlMappingContainer(const UrlMappingContainer &orig)           = delete;
   UrlMappingContainer &operator=(const UrlMappingContainer &rhs) = delete;
 
 private:
diff --git a/proxy/http/remap/UrlRewrite.cc b/proxy/http/remap/UrlRewrite.cc
index 2fede9c16cc..00858e2058e 100644
--- a/proxy/http/remap/UrlRewrite.cc
+++ b/proxy/http/remap/UrlRewrite.cc
@@ -182,7 +182,10 @@ UrlRewrite::PrintStore(const MappingsStore &store) const
 
   if (!store.regex_list.empty()) {
     printf("    Regex mappings:\n");
-    forl_LL(RegexMapping, list_iter, store.regex_list) { list_iter->url_map->Print(); }
+    forl_LL(RegexMapping, list_iter, store.regex_list)
+    {
+      list_iter->url_map->Print();
+    }
   }
 }
 
@@ -352,10 +355,12 @@ UrlRewrite::ReverseMap(HTTPHdr *response_header)
   const struct {
     const char *const field;
     const int len;
-  } url_headers[N_URL_HEADERS] = {{MIME_FIELD_LOCATION, MIME_LEN_LOCATION},
-                                  {MIME_FIELD_CONTENT_LOCATION, MIME_LEN_CONTENT_LOCATION},
-                                  {"URI", 3},
-                                  {"Destination", 11}};
+  } url_headers[N_URL_HEADERS] = {
+    {MIME_FIELD_LOCATION,         MIME_LEN_LOCATION        },
+    {MIME_FIELD_CONTENT_LOCATION, MIME_LEN_CONTENT_LOCATION},
+    {"URI",                       3                        },
+    {"Destination",               11                       }
+  };
 
   if (unlikely(num_rules_reverse == 0)) {
     ink_assert(reverse_mappings.empty());
diff --git a/proxy/http/remap/UrlRewrite.h b/proxy/http/remap/UrlRewrite.h
index b413825add8..6a8b7953e22 100644
--- a/proxy/http/remap/UrlRewrite.h
+++ b/proxy/http/remap/UrlRewrite.h
@@ -34,8 +34,8 @@
 
 #include <memory>
 
-#define URL_REMAP_FILTER_NONE 0x00000000
-#define URL_REMAP_FILTER_REFERER 0x00000001      /* enable "referer" header validation */
+#define URL_REMAP_FILTER_NONE         0x00000000
+#define URL_REMAP_FILTER_REFERER      0x00000001 /* enable "referer" header validation */
 #define URL_REMAP_FILTER_REDIRECT_FMT 0x00010000 /* enable redirect URL formatting */
 
 struct BUILD_TABLE_INFO;
diff --git a/proxy/http/remap/unit-tests/nexthop_test_stubs.h b/proxy/http/remap/unit-tests/nexthop_test_stubs.h
index 28df079b270..c6abe37b887 100644
--- a/proxy/http/remap/unit-tests/nexthop_test_stubs.h
+++ b/proxy/http/remap/unit-tests/nexthop_test_stubs.h
@@ -41,10 +41,10 @@ extern "C" {
 #endif /* __cplusplus */
 
 #define NH_Debug(tag, fmt, ...) PrintToStdErr("%s %s:%d:%s() " fmt "\n", tag, __FILE__, __LINE__, __func__, ##__VA_ARGS__)
-#define NH_Error(fmt, ...) PrintToStdErr("%s:%d:%s() " fmt "\n", __FILE__, __LINE__, __func__, ##__VA_ARGS__)
-#define NH_Note(fmt, ...) PrintToStdErr("%s:%d:%s() " fmt "\n", __FILE__, __LINE__, __func__, ##__VA_ARGS__)
-#define NH_Warn(fmt, ...) PrintToStdErr("%s:%d:%s() " fmt "\n", __FILE__, __LINE__, __func__, ##__VA_ARGS__)
-#define NH_GetConfig(v, n) GetConfigInteger(&v, n)
+#define NH_Error(fmt, ...)      PrintToStdErr("%s:%d:%s() " fmt "\n", __FILE__, __LINE__, __func__, ##__VA_ARGS__)
+#define NH_Note(fmt, ...)       PrintToStdErr("%s:%d:%s() " fmt "\n", __FILE__, __LINE__, __func__, ##__VA_ARGS__)
+#define NH_Warn(fmt, ...)       PrintToStdErr("%s:%d:%s() " fmt "\n", __FILE__, __LINE__, __func__, ##__VA_ARGS__)
+#define NH_GetConfig(v, n)      GetConfigInteger(&v, n)
 
 class HttpRequestData;
 
diff --git a/proxy/http/remap/unit-tests/plugin_testing_common.cc b/proxy/http/remap/unit-tests/plugin_testing_common.cc
index 6231d70c322..c586c1ad49c 100644
--- a/proxy/http/remap/unit-tests/plugin_testing_common.cc
+++ b/proxy/http/remap/unit-tests/plugin_testing_common.cc
@@ -43,7 +43,7 @@ getTemporaryDir()
 {
   std::error_code ec;
   fs::path tmpDir = fs::canonical(fs::temp_directory_path(), ec);
-  tmpDir /= "sandbox_XXXXXX";
+  tmpDir          /= "sandbox_XXXXXX";
 
   char dirNameTemplate[tmpDir.string().length() + 1];
   memcpy(dirNameTemplate, tmpDir.c_str(), sizeof(dirNameTemplate));
diff --git a/proxy/http/remap/unit-tests/test_RemapPlugin.cc b/proxy/http/remap/unit-tests/test_RemapPlugin.cc
index 45bf70734ab..0035eafdb30 100644
--- a/proxy/http/remap/unit-tests/test_RemapPlugin.cc
+++ b/proxy/http/remap/unit-tests/test_RemapPlugin.cc
@@ -378,7 +378,10 @@ SCENARIO("unloading the plugin", "[plugin][core]")
 
       plugin->done();
 
-      THEN("expect it to run") { CHECK(1 == debugObject->doneCalled); }
+      THEN("expect it to run")
+      {
+        CHECK(1 == debugObject->doneCalled);
+      }
       cleanupSandBox(plugin);
     }
   }
diff --git a/proxy/http/unit_tests/test_ForwardedConfig.cc b/proxy/http/unit_tests/test_ForwardedConfig.cc
index 02f2ff7b620..7168b227d43 100644
--- a/proxy/http/unit_tests/test_ForwardedConfig.cc
+++ b/proxy/http/unit_tests/test_ForwardedConfig.cc
@@ -73,11 +73,11 @@ class XS
     bool upper{true};
     for (; *in; ++in) {
       if (islower(*in)) {
-        s += upper ? toupper(*in) : *in;
+        s     += upper ? toupper(*in) : *in;
         upper = !upper;
 
       } else if (isupper(*in)) {
-        s += upper ? *in : tolower(*in);
+        s     += upper ? *in : tolower(*in);
         upper = !upper;
 
       } else {
diff --git a/proxy/http/unit_tests/test_error_page_selection.cc b/proxy/http/unit_tests/test_error_page_selection.cc
index 7656cbe6c51..edad4da03af 100644
--- a/proxy/http/unit_tests/test_error_page_selection.cc
+++ b/proxy/http/unit_tests/test_error_page_selection.cc
@@ -33,16 +33,18 @@ TEST_CASE("error page selection test", "[http]")
     const char *content_charset;
   };
 
-  std::array<Sets, 10> sets = {{{"default", "en", "iso-8859-1"},
-                                {"en-cockney", "en-cockney", "iso-8859-1"},
-                                {"en0", "en", "iso-8859-1"},
-                                {"en-us", "en-us", "us-ascii"},
-                                {"en1", "en", "unicode"},
-                                {"en-cockney-slang", "en-cockney-slang", "iso-8859-1"},
-                                {"ko0", "ko", "iso-8859-1"},
-                                {"ko1", "ko", "iso-2022-kr"},
-                                {"jp", "jp", "shift-jis"},
-                                {"es", "es", "unicode"}}};
+  std::array<Sets, 10> sets = {
+    {{"default", "en", "iso-8859-1"},
+     {"en-cockney", "en-cockney", "iso-8859-1"},
+     {"en0", "en", "iso-8859-1"},
+     {"en-us", "en-us", "us-ascii"},
+     {"en1", "en", "unicode"},
+     {"en-cockney-slang", "en-cockney-slang", "iso-8859-1"},
+     {"ko0", "ko", "iso-8859-1"},
+     {"ko1", "ko", "iso-2022-kr"},
+     {"jp", "jp", "shift-jis"},
+     {"es", "es", "unicode"}}
+  };
 
   struct Tests {
     const char *accept_language;
@@ -53,34 +55,36 @@ TEST_CASE("error page selection test", "[http]")
     int expected_I;
   };
 
-  std::array<Tests, 26> tests = {{
-    {nullptr, nullptr, "default", 1, 0, INT_MAX},
-    {"en", "iso-8859-1", "en0", 1, 2, 1},
-    {"en", "unicode", "en1", 1, 2, 1},
-    {"ko", "iso-8859-1", "ko0", 1, 2, 1},
-    {"ko", "iso-2022-kr", "ko1", 1, 2, 1},
-    {"en-us", nullptr, "en-us", 1, 5, 1},
-    {"en-US", nullptr, "en-us", 1, 5, 1},
-    {"jp,es", nullptr, "jp", 1, 2, 1},
-    {"es,jp", nullptr, "es", 1, 2, 1},
-    {"jp;q=0.7,es", nullptr, "es", 1, 2, 2},
-    {"jp;q=.7,es", nullptr, "es", 1, 2, 2},
-    {"jp;q=.7,es;q=.7", nullptr, "jp", 0.7, 2, 1},
-    {"jp;q=.7,es;q=.701", nullptr, "es", 0.701, 2, 2},
-    {"jp;q=.7  ,  es;q=.701", nullptr, "es", 0.701, 2, 2},
-    {"jp  ;  q=.7  ,  es  ;  ;  ;  ; q=.701", nullptr, "es", 0.701, 2, 2},
-    {"jp,es;q=.7", nullptr, "jp", 1, 2, 1},
-    {"jp;q=1,es;q=.7", nullptr, "jp", 1, 2, 1},
-    {"jp;;;q=1,es;q=.7", nullptr, "jp", 1, 2, 1},
-    {"jp;;;q=1,,,,es;q=.7", nullptr, "jp", 1, 2, 1},
-    {"jp;;;q=.7,,,,es;q=.7", nullptr, "jp", 0.7, 2, 1},
-    {"jp;;;q=.699,,,,es;q=.7", nullptr, "es", 0.7, 2, 5},
-    {"jp;q=0,es;q=1", nullptr, "es", 1, 2, 2},
-    {"jp;q=0, es;q=1", nullptr, "es", 1, 2, 2},
-    {"jp;q=0,es;q=.5", nullptr, "es", 0.5, 2, 2},
-    {"jp;q=0, es;q=.5", nullptr, "es", 0.5, 2, 2},
-    {"jp;q=000000000.00000000000000000000,es;q=1.0000000000000000000", nullptr, "es", 1, 2, 2},
-  }};
+  std::array<Tests, 26> tests = {
+    {
+     {nullptr, nullptr, "default", 1, 0, INT_MAX},
+     {"en", "iso-8859-1", "en0", 1, 2, 1},
+     {"en", "unicode", "en1", 1, 2, 1},
+     {"ko", "iso-8859-1", "ko0", 1, 2, 1},
+     {"ko", "iso-2022-kr", "ko1", 1, 2, 1},
+     {"en-us", nullptr, "en-us", 1, 5, 1},
+     {"en-US", nullptr, "en-us", 1, 5, 1},
+     {"jp,es", nullptr, "jp", 1, 2, 1},
+     {"es,jp", nullptr, "es", 1, 2, 1},
+     {"jp;q=0.7,es", nullptr, "es", 1, 2, 2},
+     {"jp;q=.7,es", nullptr, "es", 1, 2, 2},
+     {"jp;q=.7,es;q=.7", nullptr, "jp", 0.7, 2, 1},
+     {"jp;q=.7,es;q=.701", nullptr, "es", 0.701, 2, 2},
+     {"jp;q=.7  ,  es;q=.701", nullptr, "es", 0.701, 2, 2},
+     {"jp  ;  q=.7  ,  es  ;  ;  ;  ; q=.701", nullptr, "es", 0.701, 2, 2},
+     {"jp,es;q=.7", nullptr, "jp", 1, 2, 1},
+     {"jp;q=1,es;q=.7", nullptr, "jp", 1, 2, 1},
+     {"jp;;;q=1,es;q=.7", nullptr, "jp", 1, 2, 1},
+     {"jp;;;q=1,,,,es;q=.7", nullptr, "jp", 1, 2, 1},
+     {"jp;;;q=.7,,,,es;q=.7", nullptr, "jp", 0.7, 2, 1},
+     {"jp;;;q=.699,,,,es;q=.7", nullptr, "es", 0.7, 2, 5},
+     {"jp;q=0,es;q=1", nullptr, "es", 1, 2, 2},
+     {"jp;q=0, es;q=1", nullptr, "es", 1, 2, 2},
+     {"jp;q=0,es;q=.5", nullptr, "es", 0.5, 2, 2},
+     {"jp;q=0, es;q=.5", nullptr, "es", 0.5, 2, 2},
+     {"jp;q=000000000.00000000000000000000,es;q=1.0000000000000000000", nullptr, "es", 1, 2, 2},
+     }
+  };
 
   // (1) build fake hash table of sets
   std::unique_ptr<HttpBodyFactory::BodySetTable> table_of_sets;
diff --git a/proxy/http2/HPACK.cc b/proxy/http2/HPACK.cc
index 57c53fe8857..3b2edaef395 100644
--- a/proxy/http2/HPACK.cc
+++ b/proxy/http2/HPACK.cc
@@ -128,68 +128,70 @@ constexpr int HPACK_STATIC_TABLE_OFFSET[26] = {
   TS_HPACK_STATIC_TABLE_ENTRY_NUM,
 };
 
-constexpr HpackHeaderField STATIC_TABLE[] = {{"", ""},
-                                             {":authority", ""},
-                                             {":method", "GET"},
-                                             {":method", "POST"},
-                                             {":path", "/"},
-                                             {":path", "/index.html"},
-                                             {":scheme", "http"},
-                                             {":scheme", "https"},
-                                             {":status", "200"},
-                                             {":status", "204"},
-                                             {":status", "206"},
-                                             {":status", "304"},
-                                             {":status", "400"},
-                                             {":status", "404"},
-                                             {":status", "500"},
-                                             {"accept-charset", ""},
-                                             {"accept-encoding", "gzip, deflate"},
-                                             {"accept-language", ""},
-                                             {"accept-ranges", ""},
-                                             {"accept", ""},
-                                             {"access-control-allow-origin", ""},
-                                             {"age", ""},
-                                             {"allow", ""},
-                                             {"authorization", ""},
-                                             {"cache-control", ""},
-                                             {"content-disposition", ""},
-                                             {"content-encoding", ""},
-                                             {"content-language", ""},
-                                             {"content-length", ""},
-                                             {"content-location", ""},
-                                             {"content-range", ""},
-                                             {"content-type", ""},
-                                             {"cookie", ""},
-                                             {"date", ""},
-                                             {"etag", ""},
-                                             {"expect", ""},
-                                             {"expires", ""},
-                                             {"from", ""},
-                                             {"host", ""},
-                                             {"if-match", ""},
-                                             {"if-modified-since", ""},
-                                             {"if-none-match", ""},
-                                             {"if-range", ""},
-                                             {"if-unmodified-since", ""},
-                                             {"last-modified", ""},
-                                             {"link", ""},
-                                             {"location", ""},
-                                             {"max-forwards", ""},
-                                             {"proxy-authenticate", ""},
-                                             {"proxy-authorization", ""},
-                                             {"range", ""},
-                                             {"referer", ""},
-                                             {"refresh", ""},
-                                             {"retry-after", ""},
-                                             {"server", ""},
-                                             {"set-cookie", ""},
-                                             {"strict-transport-security", ""},
-                                             {"transfer-encoding", ""},
-                                             {"user-agent", ""},
-                                             {"vary", ""},
-                                             {"via", ""},
-                                             {"www-authenticate", ""}};
+constexpr HpackHeaderField STATIC_TABLE[] = {
+  {"",                            ""             },
+  {":authority",                  ""             },
+  {":method",                     "GET"          },
+  {":method",                     "POST"         },
+  {":path",                       "/"            },
+  {":path",                       "/index.html"  },
+  {":scheme",                     "http"         },
+  {":scheme",                     "https"        },
+  {":status",                     "200"          },
+  {":status",                     "204"          },
+  {":status",                     "206"          },
+  {":status",                     "304"          },
+  {":status",                     "400"          },
+  {":status",                     "404"          },
+  {":status",                     "500"          },
+  {"accept-charset",              ""             },
+  {"accept-encoding",             "gzip, deflate"},
+  {"accept-language",             ""             },
+  {"accept-ranges",               ""             },
+  {"accept",                      ""             },
+  {"access-control-allow-origin", ""             },
+  {"age",                         ""             },
+  {"allow",                       ""             },
+  {"authorization",               ""             },
+  {"cache-control",               ""             },
+  {"content-disposition",         ""             },
+  {"content-encoding",            ""             },
+  {"content-language",            ""             },
+  {"content-length",              ""             },
+  {"content-location",            ""             },
+  {"content-range",               ""             },
+  {"content-type",                ""             },
+  {"cookie",                      ""             },
+  {"date",                        ""             },
+  {"etag",                        ""             },
+  {"expect",                      ""             },
+  {"expires",                     ""             },
+  {"from",                        ""             },
+  {"host",                        ""             },
+  {"if-match",                    ""             },
+  {"if-modified-since",           ""             },
+  {"if-none-match",               ""             },
+  {"if-range",                    ""             },
+  {"if-unmodified-since",         ""             },
+  {"last-modified",               ""             },
+  {"link",                        ""             },
+  {"location",                    ""             },
+  {"max-forwards",                ""             },
+  {"proxy-authenticate",          ""             },
+  {"proxy-authorization",         ""             },
+  {"range",                       ""             },
+  {"referer",                     ""             },
+  {"refresh",                     ""             },
+  {"retry-after",                 ""             },
+  {"server",                      ""             },
+  {"set-cookie",                  ""             },
+  {"strict-transport-security",   ""             },
+  {"transfer-encoding",           ""             },
+  {"user-agent",                  ""             },
+  {"vary",                        ""             },
+  {"via",                         ""             },
+  {"www-authenticate",            ""             }
+};
 
 constexpr std::string_view HPACK_HDR_FIELD_COOKIE        = STATIC_TABLE[TS_HPACK_STATIC_TABLE_COOKIE].name;
 constexpr std::string_view HPACK_HDR_FIELD_AUTHORIZATION = STATIC_TABLE[TS_HPACK_STATIC_TABLE_AUTHORIZATION].name;
@@ -612,7 +614,7 @@ encode_indexed_header_field(uint8_t *buf_start, const uint8_t *buf_end, uint32_t
   }
 
   *p |= 0x80;
-  p += len;
+  p  += len;
 
   Debug("hpack_encode", "Encoded field: %d", index);
   return p - buf_start;
@@ -658,7 +660,7 @@ encode_literal_header_field_with_indexed_name(uint8_t *buf_start, const uint8_t
     return -1;
   }
   *p |= flag;
-  p += len;
+  p  += len;
 
   // Value String
   len = xpack_encode_string(p, buf_end, header.value.data(), header.value.size());
@@ -913,7 +915,7 @@ hpack_decode_header_block(HpackIndexingTable &indexing_table, HTTPHdr *hdr, cons
       if (read_bytes == HPACK_ERROR_COMPRESSION_ERROR) {
         return HPACK_ERROR_COMPRESSION_ERROR;
       }
-      cursor += read_bytes;
+      cursor               += read_bytes;
       header_field_started = true;
       break;
     case HpackField::INDEXED_LITERAL:
@@ -927,7 +929,7 @@ hpack_decode_header_block(HpackIndexingTable &indexing_table, HTTPHdr *hdr, cons
         has_http2_violation = true;
         read_bytes          = -read_bytes;
       }
-      cursor += read_bytes;
+      cursor               += read_bytes;
       header_field_started = true;
       break;
     case HpackField::TABLESIZE_UPDATE:
diff --git a/proxy/http2/HPACK.h b/proxy/http2/HPACK.h
index 8c538efa6cb..f5413cfa2e7 100644
--- a/proxy/http2/HPACK.h
+++ b/proxy/http2/HPACK.h
@@ -115,7 +115,7 @@ class HpackDynamicTable
   ~HpackDynamicTable();
 
   // noncopyable
-  HpackDynamicTable(HpackDynamicTable &) = delete;
+  HpackDynamicTable(HpackDynamicTable &)                  = delete;
   HpackDynamicTable &operator=(const HpackDynamicTable &) = delete;
 
   const MIMEField *get_header_field(uint32_t index) const;
@@ -148,7 +148,7 @@ class HpackIndexingTable
   ~HpackIndexingTable() {}
 
   // noncopyable
-  HpackIndexingTable(HpackIndexingTable &) = delete;
+  HpackIndexingTable(HpackIndexingTable &)                  = delete;
   HpackIndexingTable &operator=(const HpackIndexingTable &) = delete;
 
   HpackLookupResult lookup(const HpackHeaderField &header) const;
diff --git a/proxy/http2/HTTP2.cc b/proxy/http2/HTTP2.cc
index 65622a8189d..ab81a0484cc 100644
--- a/proxy/http2/HTTP2.cc
+++ b/proxy/http2/HTTP2.cc
@@ -216,10 +216,10 @@ http2_parse_frame_header(IOVec iov, Http2FrameHeader &hdr)
   memcpy_and_advance(hdr.flags, ptr);
   memcpy_and_advance(streamid.bytes, ptr);
 
-  hdr.length = ntohl(length_and_type.value) >> 8;
-  hdr.type   = ntohl(length_and_type.value) & 0xff;
+  hdr.length        = ntohl(length_and_type.value) >> 8;
+  hdr.type          = ntohl(length_and_type.value) & 0xff;
   streamid.bytes[0] &= 0x7f; // Clear the high reserved bit
-  hdr.streamid = ntohl(streamid.value);
+  hdr.streamid      = ntohl(streamid.value);
 
   return true;
 }
@@ -339,7 +339,7 @@ http2_parse_priority_parameter(IOVec iov, Http2Priority &priority)
 
   priority.exclusive_flag = dependency.bytes[0] & 0x80;
 
-  dependency.bytes[0] &= 0x7f; // Clear the highest bit for exclusive flag
+  dependency.bytes[0]        &= 0x7f; // Clear the highest bit for exclusive flag
   priority.stream_dependency = ntohl(dependency.value);
 
   memcpy_and_advance(priority.weight, ptr);
diff --git a/proxy/http2/HTTP2.h b/proxy/http2/HTTP2.h
index d55e3804c7b..3353888660b 100644
--- a/proxy/http2/HTTP2.h
+++ b/proxy/http2/HTTP2.h
@@ -102,7 +102,7 @@ enum {
 
 #define HTTP2_INCREMENT_THREAD_DYN_STAT(_s, _t) RecIncrRawStat(http2_rsb, _t, (int)_s, 1);
 #define HTTP2_DECREMENT_THREAD_DYN_STAT(_s, _t) RecIncrRawStat(http2_rsb, _t, (int)_s, -1);
-#define HTTP2_SUM_THREAD_DYN_STAT(_s, _t, _v) RecIncrRawStat(http2_rsb, _t, (int)_s, _v);
+#define HTTP2_SUM_THREAD_DYN_STAT(_s, _t, _v)   RecIncrRawStat(http2_rsb, _t, (int)_s, _v);
 extern RecRawStatBlock *http2_rsb; // Container for statistics.
 
 // [RFC 7540] 6.9.1. The Flow Control Window
diff --git a/proxy/http2/Http2ClientSession.h b/proxy/http2/Http2ClientSession.h
index cd4cf0df503..b839d78542c 100644
--- a/proxy/http2/Http2ClientSession.h
+++ b/proxy/http2/Http2ClientSession.h
@@ -66,7 +66,7 @@ class Http2ClientSession : public ProxySession, public Http2CommonSession
   ProxySession *get_proxy_session() override;
 
   // noncopyable
-  Http2ClientSession(Http2ClientSession &) = delete;
+  Http2ClientSession(Http2ClientSession &)                  = delete;
   Http2ClientSession &operator=(const Http2ClientSession &) = delete;
 
 private:
diff --git a/proxy/http2/Http2CommonSession.cc b/proxy/http2/Http2CommonSession.cc
index b151441e481..11464420553 100644
--- a/proxy/http2/Http2CommonSession.cc
+++ b/proxy/http2/Http2CommonSession.cc
@@ -150,7 +150,7 @@ Http2CommonSession::set_half_close_local_flag(bool flag)
 int64_t
 Http2CommonSession::xmit(const Http2TxFrame &frame, bool flush)
 {
-  int64_t len = frame.write_to(this->write_buffer);
+  int64_t len                      = frame.write_to(this->write_buffer);
   this->_pending_sending_data_size += len;
   // Force flush for some cases
   if (!flush) {
@@ -259,7 +259,7 @@ Http2CommonSession::do_start_frame_read(Http2ErrorCode &ret_error)
 
   // Check whether data is read from early data
   if (this->read_from_early_data > 0) {
-    this->read_from_early_data -= this->read_from_early_data > nbytes ? nbytes : this->read_from_early_data;
+    this->read_from_early_data      -= this->read_from_early_data > nbytes ? nbytes : this->read_from_early_data;
     this->cur_frame_from_early_data = true;
   }
 
diff --git a/proxy/http2/Http2CommonSession.h b/proxy/http2/Http2CommonSession.h
index 7d4066f7059..6e046469f47 100644
--- a/proxy/http2/Http2CommonSession.h
+++ b/proxy/http2/Http2CommonSession.h
@@ -36,13 +36,13 @@
 // HTTP2_SESSION_EVENT_RECV   Http2Frame *          Received a frame
 // HTTP2_SESSION_EVENT_XMIT   Http2Frame *          Send this frame
 
-#define HTTP2_SESSION_EVENT_INIT (HTTP2_SESSION_EVENTS_START + 1)
-#define HTTP2_SESSION_EVENT_FINI (HTTP2_SESSION_EVENTS_START + 2)
-#define HTTP2_SESSION_EVENT_RECV (HTTP2_SESSION_EVENTS_START + 3)
-#define HTTP2_SESSION_EVENT_XMIT (HTTP2_SESSION_EVENTS_START + 4)
+#define HTTP2_SESSION_EVENT_INIT          (HTTP2_SESSION_EVENTS_START + 1)
+#define HTTP2_SESSION_EVENT_FINI          (HTTP2_SESSION_EVENTS_START + 2)
+#define HTTP2_SESSION_EVENT_RECV          (HTTP2_SESSION_EVENTS_START + 3)
+#define HTTP2_SESSION_EVENT_XMIT          (HTTP2_SESSION_EVENTS_START + 4)
 #define HTTP2_SESSION_EVENT_SHUTDOWN_INIT (HTTP2_SESSION_EVENTS_START + 5)
 #define HTTP2_SESSION_EVENT_SHUTDOWN_CONT (HTTP2_SESSION_EVENTS_START + 6)
-#define HTTP2_SESSION_EVENT_REENABLE (HTTP2_SESSION_EVENTS_START + 7)
+#define HTTP2_SESSION_EVENT_REENABLE      (HTTP2_SESSION_EVENTS_START + 7)
 
 enum class Http2SessionCod : int {
   NOT_PROVIDED,
diff --git a/proxy/http2/Http2ConnectionState.cc b/proxy/http2/Http2ConnectionState.cc
index 6e8cc209044..01b8c9a55b0 100644
--- a/proxy/http2/Http2ConnectionState.cc
+++ b/proxy/http2/Http2ConnectionState.cc
@@ -914,7 +914,7 @@ Http2ConnectionState::rcv_continuation_frame(const Http2Frame &frame)
   }
 
   uint32_t header_blocks_offset = stream->header_blocks_length;
-  stream->header_blocks_length += payload_length;
+  stream->header_blocks_length  += payload_length;
 
   // ATS advertises SETTINGS_MAX_HEADER_LIST_SIZE as a limit of total header blocks length. (Details in [RFC 7560] 10.5.1.)
   // Make it double to relax the limit in cases of 1) HPACK is used naively, or 2) Huffman Encoding generates large header blocks.
@@ -1872,11 +1872,11 @@ Http2ConnectionState::send_headers_frame(Http2Stream *stream)
   // Send a HEADERS frame
   if (header_blocks_size <= static_cast<uint32_t>(BUFFER_SIZE_FOR_INDEX(buffer_size_index[HTTP2_FRAME_TYPE_HEADERS]))) {
     payload_length = header_blocks_size;
-    flags |= HTTP2_FLAGS_HEADERS_END_HEADERS;
+    flags          |= HTTP2_FLAGS_HEADERS_END_HEADERS;
     if ((resp_hdr->presence(MIME_PRESENCE_CONTENT_LENGTH) && resp_hdr->get_content_length() == 0) ||
         (!resp_hdr->expect_final_response() && stream->is_write_vio_done())) {
       Http2StreamDebug(session, stream->get_id(), "END_STREAM");
-      flags |= HTTP2_FLAGS_HEADERS_END_STREAM;
+      flags                   |= HTTP2_FLAGS_HEADERS_END_STREAM;
       stream->send_end_stream = true;
     }
     stream->mark_milestone(Http2StreamMilestone::START_TX_HEADERS_FRAMES);
@@ -1964,7 +1964,7 @@ Http2ConnectionState::send_push_promise_frame(Http2Stream *stream, URL &url, con
   if (header_blocks_size <=
       BUFFER_SIZE_FOR_INDEX(buffer_size_index[HTTP2_FRAME_TYPE_PUSH_PROMISE]) - sizeof(push_promise.promised_streamid)) {
     payload_length = header_blocks_size;
-    flags |= HTTP2_FLAGS_PUSH_PROMISE_END_HEADERS;
+    flags          |= HTTP2_FLAGS_PUSH_PROMISE_END_HEADERS;
   } else {
     payload_length =
       BUFFER_SIZE_FOR_INDEX(buffer_size_index[HTTP2_FRAME_TYPE_PUSH_PROMISE]) - sizeof(push_promise.promised_streamid);
diff --git a/proxy/http2/Http2ConnectionState.h b/proxy/http2/Http2ConnectionState.h
index ee9bc45c705..1ab2f74b561 100644
--- a/proxy/http2/Http2ConnectionState.h
+++ b/proxy/http2/Http2ConnectionState.h
@@ -76,7 +76,7 @@ class Http2ConnectionState : public Continuation
   Http2ConnectionState();
 
   // noncopyable
-  Http2ConnectionState(const Http2ConnectionState &) = delete;
+  Http2ConnectionState(const Http2ConnectionState &)            = delete;
   Http2ConnectionState &operator=(const Http2ConnectionState &) = delete;
 
   ProxyError rx_error_code;
diff --git a/proxy/http2/Http2DependencyTree.h b/proxy/http2/Http2DependencyTree.h
index 92a920b8cac..7201447000e 100644
--- a/proxy/http2/Http2DependencyTree.h
+++ b/proxy/http2/Http2DependencyTree.h
@@ -71,7 +71,7 @@ class Node
     }
   }
 
-  Node(const Node &) = delete;
+  Node(const Node &)            = delete;
   Node &operator=(const Node &) = delete;
 
   LINK(Node, link);
diff --git a/proxy/http2/Http2Frame.cc b/proxy/http2/Http2Frame.cc
index a731f09e2a8..4914de4eb9a 100644
--- a/proxy/http2/Http2Frame.cc
+++ b/proxy/http2/Http2Frame.cc
@@ -61,7 +61,7 @@ Http2DataFrame::write_to(MIOBuffer *iobuffer) const
     // Fill current IOBufferBlock as much as possible to reduce SSL_write() calls
     while (written < this->_payload_len) {
       int64_t read_len = std::min(this->_payload_len - written, this->_reader->block_read_avail());
-      written += iobuffer->write(this->_reader->start(), read_len);
+      written          += iobuffer->write(this->_reader->start(), read_len);
       this->_reader->consume(read_len);
     }
     len += written;
diff --git a/proxy/http2/Http2FrequencyCounter.cc b/proxy/http2/Http2FrequencyCounter.cc
index 9fab3e6acc6..42bf930a9de 100644
--- a/proxy/http2/Http2FrequencyCounter.cc
+++ b/proxy/http2/Http2FrequencyCounter.cc
@@ -45,7 +45,7 @@ Http2FrequencyCounter::increment(uint16_t amount)
   }
 
   this->_count[counter_index] += amount;
-  this->_last_update = hrtime_sec;
+  this->_last_update          = hrtime_sec;
 }
 
 uint32_t
diff --git a/proxy/http2/Http2SessionAccept.h b/proxy/http2/Http2SessionAccept.h
index e01cd2333f6..341089c15ab 100644
--- a/proxy/http2/Http2SessionAccept.h
+++ b/proxy/http2/Http2SessionAccept.h
@@ -46,7 +46,7 @@ struct Http2SessionAccept : public SessionAccept {
   int mainEvent(int event, void *netvc) override;
 
   // noncopyable
-  Http2SessionAccept(const Http2SessionAccept &) = delete;
+  Http2SessionAccept(const Http2SessionAccept &)            = delete;
   Http2SessionAccept &operator=(const Http2SessionAccept &) = delete;
 
 private:
diff --git a/proxy/http2/Http2Stream.cc b/proxy/http2/Http2Stream.cc
index 28a18e30b3c..33c96fbb643 100644
--- a/proxy/http2/Http2Stream.cc
+++ b/proxy/http2/Http2Stream.cc
@@ -250,7 +250,7 @@ Http2Stream::send_request(Http2ConnectionState &cstate)
       this->_receive_buffer.add_block();
       block = this->_receive_buffer.get_current_block();
     }
-    done = _receive_header.print(block->start(), block->write_avail(), &bufindex, &tmp);
+    done       = _receive_header.print(block->start(), block->write_avail(), &bufindex, &tmp);
     dumpoffset += bufindex;
     this->_receive_buffer.fill(bufindex);
     if (!done) {
diff --git a/proxy/http2/Http2Stream.h b/proxy/http2/Http2Stream.h
index 01c5b88c212..ead1d60f733 100644
--- a/proxy/http2/Http2Stream.h
+++ b/proxy/http2/Http2Stream.h
@@ -64,7 +64,10 @@ class Http2Stream : public ProxyTransaction
   void reenable(VIO *vio) override;
   void transaction_done() override;
 
-  void do_io_shutdown(ShutdownHowTo_t) override {}
+  void
+  do_io_shutdown(ShutdownHowTo_t) override
+  {
+  }
   VIO *do_io_read(Continuation *c, int64_t nbytes, MIOBuffer *buf) override;
   VIO *do_io_write(Continuation *c, int64_t nbytes, IOBufferReader *abuffer, bool owner = false) override;
   void do_io_close(int lerrno = -1) override;
@@ -246,7 +249,7 @@ Http2Stream::is_write_vio_done() const
 inline void
 Http2Stream::update_sent_count(unsigned num_bytes)
 {
-  bytes_sent += num_bytes;
+  bytes_sent            += num_bytes;
   this->write_vio.ndone += num_bytes;
 }
 
diff --git a/proxy/http2/test_HPACK.cc b/proxy/http2/test_HPACK.cc
index e4a46460ca0..ee099b4e281 100644
--- a/proxy/http2/test_HPACK.cc
+++ b/proxy/http2/test_HPACK.cc
@@ -44,13 +44,14 @@ static char cmd_input_dir[512]  = "";
 static char cmd_output_dir[512] = "";
 
 static const ArgumentDescription argument_descriptions[] = {
-  {"disable_freelist", 'f', "Disable the freelist memory allocator", "T", &cmd_disable_freelist, nullptr, nullptr},
-  {"disable_pfreelist", 'F', "Disable the freelist memory allocator in ProxyAllocator", "T", &cmd_disable_pfreelist,
-   "PROXY_DPRINTF_LEVEL", nullptr},
-  {"input_dir", 'i', "input dir", "S511", &cmd_input_dir, nullptr, nullptr},
-  {"output_dir", 'o', "output dir", "S511", &cmd_output_dir, nullptr, nullptr},
+  {"disable_freelist",  'f', "Disable the freelist memory allocator",                   "T",    &cmd_disable_freelist,  nullptr, nullptr},
+  {"disable_pfreelist", 'F', "Disable the freelist memory allocator in ProxyAllocator", "T",    &cmd_disable_pfreelist,
+   "PROXY_DPRINTF_LEVEL",                                                                                                        nullptr},
+  {"input_dir",         'i', "input dir",                                               "S511", &cmd_input_dir,         nullptr, nullptr},
+  {"output_dir",        'o', "output dir",                                              "S511", &cmd_output_dir,        nullptr, nullptr},
   HELP_ARGUMENT_DESCRIPTION(),
-  VERSION_ARGUMENT_DESCRIPTION()};
+  VERSION_ARGUMENT_DESCRIPTION()
+};
 
 const static uint32_t INITIAL_TABLE_SIZE = 4096;
 
diff --git a/proxy/http2/unit_tests/test_HpackIndexingTable.cc b/proxy/http2/unit_tests/test_HpackIndexingTable.cc
index 75ec83a0619..26baba34935 100644
--- a/proxy/http2/unit_tests/test_HpackIndexingTable.cc
+++ b/proxy/http2/unit_tests/test_HpackIndexingTable.cc
@@ -106,88 +106,70 @@ TEST_CASE("HPACK low level APIs", "[hpack]")
       {(char *)"custom-key", (char *)"custom-header", 0, HpackField::INDEXED_LITERAL,
        (uint8_t *)"\x40\x0a"
                   "custom-key\x0d"
-                  "custom-header",
-       26},
+                  "custom-header",                            26},
       {(char *)"custom-key", (char *)"custom-header", 0, HpackField::NOINDEX_LITERAL,
        (uint8_t *)"\x00\x0a"
                   "custom-key\x0d"
-                  "custom-header",
-       26},
+                  "custom-header",                            26},
       {(char *)"custom-key", (char *)"custom-header", 0, HpackField::NEVERINDEX_LITERAL,
        (uint8_t *)"\x10\x0a"
                   "custom-key\x0d"
-                  "custom-header",
-       26},
-      {(char *)":path", (char *)"/sample/path", 4, HpackField::INDEXED_LITERAL,
+                  "custom-header",                            26},
+      {(char *)":path",      (char *)"/sample/path",  4, HpackField::INDEXED_LITERAL,
        (uint8_t *)"\x44\x0c"
-                  "/sample/path",
-       14},
-      {(char *)":path", (char *)"/sample/path", 4, HpackField::NOINDEX_LITERAL,
+                  "/sample/path",                             14},
+      {(char *)":path",      (char *)"/sample/path",  4, HpackField::NOINDEX_LITERAL,
        (uint8_t *)"\x04\x0c"
-                  "/sample/path",
-       14},
-      {(char *)":path", (char *)"/sample/path", 4, HpackField::NEVERINDEX_LITERAL,
+                  "/sample/path",                             14},
+      {(char *)":path",      (char *)"/sample/path",  4, HpackField::NEVERINDEX_LITERAL,
        (uint8_t *)"\x14\x0c"
-                  "/sample/path",
-       14},
-      {(char *)"password", (char *)"secret", 0, HpackField::INDEXED_LITERAL,
+                  "/sample/path",                             14},
+      {(char *)"password",   (char *)"secret",        0, HpackField::INDEXED_LITERAL,
        (uint8_t *)"\x40\x08"
                   "password\x06"
-                  "secret",
-       17},
-      {(char *)"password", (char *)"secret", 0, HpackField::NOINDEX_LITERAL,
+                  "secret",                                   17},
+      {(char *)"password",   (char *)"secret",        0, HpackField::NOINDEX_LITERAL,
        (uint8_t *)"\x00\x08"
                   "password\x06"
-                  "secret",
-       17},
-      {(char *)"password", (char *)"secret", 0, HpackField::NEVERINDEX_LITERAL,
+                  "secret",                                   17},
+      {(char *)"password",   (char *)"secret",        0, HpackField::NEVERINDEX_LITERAL,
        (uint8_t *)"\x10\x08"
                   "password\x06"
-                  "secret",
-       17},
-      // with Huffman Coding
+                  "secret",                                   17},
+ // with Huffman Coding
       {(char *)"custom-key", (char *)"custom-header", 0, HpackField::INDEXED_LITERAL,
        (uint8_t *)"\x40"
                   "\x88\x25\xa8\x49\xe9\x5b\xa9\x7d\x7f"
-                  "\x89\x25\xa8\x49\xe9\x5a\x72\x8e\x42\xd9",
-       20},
+                  "\x89\x25\xa8\x49\xe9\x5a\x72\x8e\x42\xd9", 20},
       {(char *)"custom-key", (char *)"custom-header", 0, HpackField::NOINDEX_LITERAL,
        (uint8_t *)"\x00"
                   "\x88\x25\xa8\x49\xe9\x5b\xa9\x7d\x7f"
-                  "\x89\x25\xa8\x49\xe9\x5a\x72\x8e\x42\xd9",
-       20},
+                  "\x89\x25\xa8\x49\xe9\x5a\x72\x8e\x42\xd9", 20},
       {(char *)"custom-key", (char *)"custom-header", 0, HpackField::NEVERINDEX_LITERAL,
        (uint8_t *)"\x10"
                   "\x88\x25\xa8\x49\xe9\x5b\xa9\x7d\x7f"
-                  "\x89\x25\xa8\x49\xe9\x5a\x72\x8e\x42\xd9",
-       20},
-      {(char *)":path", (char *)"/sample/path", 4, HpackField::INDEXED_LITERAL,
+                  "\x89\x25\xa8\x49\xe9\x5a\x72\x8e\x42\xd9", 20},
+      {(char *)":path",      (char *)"/sample/path",  4, HpackField::INDEXED_LITERAL,
        (uint8_t *)"\x44"
-                  "\x89\x61\x03\xa6\xba\x0a\xc5\x63\x4c\xff",
-       11},
-      {(char *)":path", (char *)"/sample/path", 4, HpackField::NOINDEX_LITERAL,
+                  "\x89\x61\x03\xa6\xba\x0a\xc5\x63\x4c\xff", 11},
+      {(char *)":path",      (char *)"/sample/path",  4, HpackField::NOINDEX_LITERAL,
        (uint8_t *)"\x04"
-                  "\x89\x61\x03\xa6\xba\x0a\xc5\x63\x4c\xff",
-       11},
-      {(char *)":path", (char *)"/sample/path", 4, HpackField::NEVERINDEX_LITERAL,
+                  "\x89\x61\x03\xa6\xba\x0a\xc5\x63\x4c\xff", 11},
+      {(char *)":path",      (char *)"/sample/path",  4, HpackField::NEVERINDEX_LITERAL,
        (uint8_t *)"\x14"
-                  "\x89\x61\x03\xa6\xba\x0a\xc5\x63\x4c\xff",
-       11},
-      {(char *)"password", (char *)"secret", 0, HpackField::INDEXED_LITERAL,
+                  "\x89\x61\x03\xa6\xba\x0a\xc5\x63\x4c\xff", 11},
+      {(char *)"password",   (char *)"secret",        0, HpackField::INDEXED_LITERAL,
        (uint8_t *)"\x40"
                   "\x86\xac\x68\x47\x83\xd9\x27"
-                  "\x84\x41\x49\x61\x53",
-       13},
-      {(char *)"password", (char *)"secret", 0, HpackField::NOINDEX_LITERAL,
+                  "\x84\x41\x49\x61\x53",                     13},
+      {(char *)"password",   (char *)"secret",        0, HpackField::NOINDEX_LITERAL,
        (uint8_t *)"\x00"
                   "\x86\xac\x68\x47\x83\xd9\x27"
-                  "\x84\x41\x49\x61\x53",
-       13},
-      {(char *)"password", (char *)"secret", 0, HpackField::NEVERINDEX_LITERAL,
+                  "\x84\x41\x49\x61\x53",                     13},
+      {(char *)"password",   (char *)"secret",        0, HpackField::NEVERINDEX_LITERAL,
        (uint8_t *)"\x10"
                   "\x86\xac\x68\x47\x83\xd9\x27"
-                  "\x84\x41\x49\x61\x53",
-       13},
+                  "\x84\x41\x49\x61\x53",                     13},
     };
 
     SECTION("encoding")
@@ -257,27 +239,27 @@ TEST_CASE("HPACK high level APIs", "[hpack]")
       char *raw_value;
     } raw_field_response_test_case[][MAX_TEST_FIELD_NUM] = {
       {
-        {(char *)":status", (char *)"302"},
-        {(char *)"cache-control", (char *)"private"},
-        {(char *)"date", (char *)"Mon, 21 Oct 2013 20:13:21 GMT"},
-        {(char *)"location", (char *)"https://www.example.com"},
-        {(char *)"", (char *)""} // End of this test case
+       {(char *)":status", (char *)"302"},
+       {(char *)"cache-control", (char *)"private"},
+       {(char *)"date", (char *)"Mon, 21 Oct 2013 20:13:21 GMT"},
+       {(char *)"location", (char *)"https://www.example.com"},
+       {(char *)"", (char *)""} // End of this test case
       },
       {
-        {(char *)":status", (char *)"307"},
-        {(char *)"cache-control", (char *)"private"},
-        {(char *)"date", (char *)"Mon, 21 Oct 2013 20:13:21 GMT"},
-        {(char *)"location", (char *)"https://www.example.com"},
-        {(char *)"", (char *)""} // End of this test case
+       {(char *)":status", (char *)"307"},
+       {(char *)"cache-control", (char *)"private"},
+       {(char *)"date", (char *)"Mon, 21 Oct 2013 20:13:21 GMT"},
+       {(char *)"location", (char *)"https://www.example.com"},
+       {(char *)"", (char *)""} // End of this test case
       },
       {
-        {(char *)":status", (char *)"200"},
-        {(char *)"cache-control", (char *)"private"},
-        {(char *)"date", (char *)"Mon, 21 Oct 2013 20:13:22 GMT"},
-        {(char *)"location", (char *)"https://www.example.com"},
-        {(char *)"content-encoding", (char *)"gzip"},
-        {(char *)"set-cookie", (char *)"foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1"},
-        {(char *)"", (char *)""} // End of this test case
+       {(char *)":status", (char *)"200"},
+       {(char *)"cache-control", (char *)"private"},
+       {(char *)"date", (char *)"Mon, 21 Oct 2013 20:13:22 GMT"},
+       {(char *)"location", (char *)"https://www.example.com"},
+       {(char *)"content-encoding", (char *)"gzip"},
+       {(char *)"set-cookie", (char *)"foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1"},
+       {(char *)"", (char *)""} // End of this test case
       },
     };
 
@@ -294,14 +276,12 @@ TEST_CASE("HPACK high level APIs", "[hpack]")
                   "\xe0\x82\xa6\x2d\x1b\xff"
                   "\x6e\x91"
                   "\x9d\x29\xad\x17\x18\x63\xc7\x8f\x0b\x97\xc8\xe9\xae\x82\xae\x43"
-                  "\xd3",
-       54},
+                  "\xd3",                                                 54},
       {(uint8_t *)"\x48\x83"
                   "\x64\x0e\xff"
                   "\xc1"
                   "\xc0"
-                  "\xbf",
-       8},
+                  "\xbf",                                                 8 },
       {(uint8_t *)"\x88"
                   "\xc1"
                   "\x61\x96"
@@ -313,8 +293,7 @@ TEST_CASE("HPACK high level APIs", "[hpack]")
                   "\x77\xad"
                   "\x94\xe7\x82\x1d\xd7\xf2\xe6\xc7\xb3\x35\xdf\xdf\xcd\x5b\x39\x60"
                   "\xd5\xaf\x27\x08\x7f\x36\x72\xc1\xab\x27\x0f\xb5\x29\x1f\x95\x87"
-                  "\x31\x60\x65\xc0\x03\xed\x4e\xe5\xb1\x06\x3d\x50\x07",
-       79},
+                  "\x31\x60\x65\xc0\x03\xed\x4e\xe5\xb1\x06\x3d\x50\x07", 79},
     };
 
     const static struct {
@@ -323,24 +302,24 @@ TEST_CASE("HPACK high level APIs", "[hpack]")
       char *value;
     } dynamic_table_response_test_case[][MAX_TEST_FIELD_NUM] = {
       {
-        {63, (char *)"location", (char *)"https://www.example.com"},
-        {65, (char *)"date", (char *)"Mon, 21 Oct 2013 20:13:21 GMT"},
-        {52, (char *)"cache-control", (char *)"private"},
-        {42, (char *)":status", (char *)"302"},
-        {0, (char *)"", (char *)""} // End of this test case
+       {63, (char *)"location", (char *)"https://www.example.com"},
+       {65, (char *)"date", (char *)"Mon, 21 Oct 2013 20:13:21 GMT"},
+       {52, (char *)"cache-control", (char *)"private"},
+       {42, (char *)":status", (char *)"302"},
+       {0, (char *)"", (char *)""} // End of this test case
       },
       {
-        {42, (char *)":status", (char *)"307"},
-        {63, (char *)"location", (char *)"https://www.example.com"},
-        {65, (char *)"date", (char *)"Mon, 21 Oct 2013 20:13:21 GMT"},
-        {52, (char *)"cache-control", (char *)"private"},
-        {0, (char *)"", (char *)""} // End of this test case
+       {42, (char *)":status", (char *)"307"},
+       {63, (char *)"location", (char *)"https://www.example.com"},
+       {65, (char *)"date", (char *)"Mon, 21 Oct 2013 20:13:21 GMT"},
+       {52, (char *)"cache-control", (char *)"private"},
+       {0, (char *)"", (char *)""} // End of this test case
       },
       {
-        {98, (char *)"set-cookie", (char *)"foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1"},
-        {52, (char *)"content-encoding", (char *)"gzip"},
-        {65, (char *)"date", (char *)"Mon, 21 Oct 2013 20:13:22 GMT"},
-        {0, (char *)"", (char *)""} // End of this test case
+       {98, (char *)"set-cookie", (char *)"foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1"},
+       {52, (char *)"content-encoding", (char *)"gzip"},
+       {65, (char *)"date", (char *)"Mon, 21 Oct 2013 20:13:22 GMT"},
+       {0, (char *)"", (char *)""} // End of this test case
       },
     };
 
@@ -405,18 +384,18 @@ TEST_CASE("HPACK high level APIs", "[hpack]")
       char *raw_value;
     } raw_field_request_test_case[][MAX_TEST_FIELD_NUM] = {
       {
-        {(char *)":method", (char *)"GET"},
-        {(char *)":scheme", (char *)"http"},
-        {(char *)":path", (char *)"/"},
-        {(char *)":authority", (char *)"www.example.com"},
-        {(char *)"", (char *)""} // End of this test case
+       {(char *)":method", (char *)"GET"},
+       {(char *)":scheme", (char *)"http"},
+       {(char *)":path", (char *)"/"},
+       {(char *)":authority", (char *)"www.example.com"},
+       {(char *)"", (char *)""} // End of this test case
       },
       {
-        {(char *)":method", (char *)"GET"},
-        {(char *)":scheme", (char *)"http"},
-        {(char *)":path", (char *)"/"},
-        {(char *)":authority", (char *)"www.example.com"},
-        {(char *)"", (char *)""} // End of this test case
+       {(char *)":method", (char *)"GET"},
+       {(char *)":scheme", (char *)"http"},
+       {(char *)":path", (char *)"/"},
+       {(char *)":authority", (char *)"www.example.com"},
+       {(char *)"", (char *)""} // End of this test case
       },
     };
 
@@ -435,8 +414,7 @@ TEST_CASE("HPACK high level APIs", "[hpack]")
                   "\x1/"
                   "\x40"
                   "\xa:authority"
-                  "\xfwww.example.com",
-       64},
+                  "\xfwww.example.com",                                   64},
       {(uint8_t *)"\x40"
                   "\x85\xb9\x49\x53\x39\xe4"
                   "\x83\xc5\x83\x7f"
@@ -448,8 +426,7 @@ TEST_CASE("HPACK high level APIs", "[hpack]")
                   "\x81\x63"
                   "\x40"
                   "\x88\xb8\x3b\x53\x39\xec\x32\x7d\x7f"
-                  "\x8c\xf1\xe3\xc2\xe5\xf2\x3a\x6b\xa0\xab\x90\xf4\xff",
-       53},
+                  "\x8c\xf1\xe3\xc2\xe5\xf2\x3a\x6b\xa0\xab\x90\xf4\xff", 53},
     };
 
     HpackIndexingTable indexing_table(4096);
diff --git a/proxy/http2/unit_tests/test_Http2Frame.cc b/proxy/http2/unit_tests/test_Http2Frame.cc
index d30b07a10e0..fdc52478e7f 100644
--- a/proxy/http2/unit_tests/test_Http2Frame.cc
+++ b/proxy/http2/unit_tests/test_Http2Frame.cc
@@ -70,79 +70,79 @@ TEST_CASE("HTTP/2 Frame Flags", "[http2]")
     uint8_t fflags;
     bool valid;
   } http2_frame_flags_test_case[] = {
-    {HTTP2_FRAME_TYPE_DATA, 0x00, true},
-    {HTTP2_FRAME_TYPE_DATA, 0x01, true},
-    {HTTP2_FRAME_TYPE_DATA, 0x02, false},
-    {HTTP2_FRAME_TYPE_DATA, 0x04, false},
-    {HTTP2_FRAME_TYPE_DATA, 0x08, true},
-    {HTTP2_FRAME_TYPE_DATA, 0x10, false},
-    {HTTP2_FRAME_TYPE_DATA, 0x20, false},
-    {HTTP2_FRAME_TYPE_DATA, 0x40, false},
-    {HTTP2_FRAME_TYPE_DATA, 0x80, false},
-    {HTTP2_FRAME_TYPE_HEADERS, 0x00, true},
-    {HTTP2_FRAME_TYPE_HEADERS, 0x01, true},
-    {HTTP2_FRAME_TYPE_HEADERS, 0x02, false},
-    {HTTP2_FRAME_TYPE_HEADERS, 0x04, true},
-    {HTTP2_FRAME_TYPE_HEADERS, 0x08, true},
-    {HTTP2_FRAME_TYPE_HEADERS, 0x10, false},
-    {HTTP2_FRAME_TYPE_HEADERS, 0x20, true},
-    {HTTP2_FRAME_TYPE_HEADERS, 0x40, false},
-    {HTTP2_FRAME_TYPE_HEADERS, 0x80, false},
-    {HTTP2_FRAME_TYPE_PRIORITY, 0x00, true},
-    {HTTP2_FRAME_TYPE_PRIORITY, 0x01, false},
-    {HTTP2_FRAME_TYPE_PRIORITY, 0x02, false},
-    {HTTP2_FRAME_TYPE_PRIORITY, 0x04, false},
-    {HTTP2_FRAME_TYPE_PRIORITY, 0x08, false},
-    {HTTP2_FRAME_TYPE_PRIORITY, 0x10, false},
-    {HTTP2_FRAME_TYPE_PRIORITY, 0x20, false},
-    {HTTP2_FRAME_TYPE_PRIORITY, 0x40, false},
-    {HTTP2_FRAME_TYPE_PRIORITY, 0x80, false},
-    {HTTP2_FRAME_TYPE_RST_STREAM, 0x00, true},
-    {HTTP2_FRAME_TYPE_RST_STREAM, 0x01, false},
-    {HTTP2_FRAME_TYPE_RST_STREAM, 0x02, false},
-    {HTTP2_FRAME_TYPE_RST_STREAM, 0x04, false},
-    {HTTP2_FRAME_TYPE_RST_STREAM, 0x08, false},
-    {HTTP2_FRAME_TYPE_RST_STREAM, 0x10, false},
-    {HTTP2_FRAME_TYPE_RST_STREAM, 0x20, false},
-    {HTTP2_FRAME_TYPE_RST_STREAM, 0x40, false},
-    {HTTP2_FRAME_TYPE_RST_STREAM, 0x80, false},
-    {HTTP2_FRAME_TYPE_SETTINGS, 0x00, true},
-    {HTTP2_FRAME_TYPE_SETTINGS, 0x01, true},
-    {HTTP2_FRAME_TYPE_SETTINGS, 0x02, false},
-    {HTTP2_FRAME_TYPE_SETTINGS, 0x04, false},
-    {HTTP2_FRAME_TYPE_SETTINGS, 0x08, false},
-    {HTTP2_FRAME_TYPE_SETTINGS, 0x10, false},
-    {HTTP2_FRAME_TYPE_SETTINGS, 0x20, false},
-    {HTTP2_FRAME_TYPE_SETTINGS, 0x40, false},
-    {HTTP2_FRAME_TYPE_SETTINGS, 0x80, false},
-    {HTTP2_FRAME_TYPE_PUSH_PROMISE, 0x00, true},
-    {HTTP2_FRAME_TYPE_PUSH_PROMISE, 0x01, false},
-    {HTTP2_FRAME_TYPE_PUSH_PROMISE, 0x02, false},
-    {HTTP2_FRAME_TYPE_PUSH_PROMISE, 0x04, true},
-    {HTTP2_FRAME_TYPE_PUSH_PROMISE, 0x08, true},
-    {HTTP2_FRAME_TYPE_PUSH_PROMISE, 0x10, false},
-    {HTTP2_FRAME_TYPE_PUSH_PROMISE, 0x20, false},
-    {HTTP2_FRAME_TYPE_PUSH_PROMISE, 0x40, false},
-    {HTTP2_FRAME_TYPE_PUSH_PROMISE, 0x80, false},
-    {HTTP2_FRAME_TYPE_PING, 0x00, true},
-    {HTTP2_FRAME_TYPE_PING, 0x01, true},
-    {HTTP2_FRAME_TYPE_PING, 0x02, false},
-    {HTTP2_FRAME_TYPE_PING, 0x04, false},
-    {HTTP2_FRAME_TYPE_PING, 0x08, false},
-    {HTTP2_FRAME_TYPE_PING, 0x10, false},
-    {HTTP2_FRAME_TYPE_PING, 0x20, false},
-    {HTTP2_FRAME_TYPE_PING, 0x40, false},
-    {HTTP2_FRAME_TYPE_PING, 0x80, false},
-    {HTTP2_FRAME_TYPE_GOAWAY, 0x00, true},
-    {HTTP2_FRAME_TYPE_GOAWAY, 0x01, false},
-    {HTTP2_FRAME_TYPE_GOAWAY, 0x02, false},
-    {HTTP2_FRAME_TYPE_GOAWAY, 0x04, false},
-    {HTTP2_FRAME_TYPE_GOAWAY, 0x08, false},
-    {HTTP2_FRAME_TYPE_GOAWAY, 0x10, false},
-    {HTTP2_FRAME_TYPE_GOAWAY, 0x20, false},
-    {HTTP2_FRAME_TYPE_GOAWAY, 0x40, false},
-    {HTTP2_FRAME_TYPE_GOAWAY, 0x80, false},
-    {HTTP2_FRAME_TYPE_WINDOW_UPDATE, 0x00, true},
+    {HTTP2_FRAME_TYPE_DATA,          0x00, true },
+    {HTTP2_FRAME_TYPE_DATA,          0x01, true },
+    {HTTP2_FRAME_TYPE_DATA,          0x02, false},
+    {HTTP2_FRAME_TYPE_DATA,          0x04, false},
+    {HTTP2_FRAME_TYPE_DATA,          0x08, true },
+    {HTTP2_FRAME_TYPE_DATA,          0x10, false},
+    {HTTP2_FRAME_TYPE_DATA,          0x20, false},
+    {HTTP2_FRAME_TYPE_DATA,          0x40, false},
+    {HTTP2_FRAME_TYPE_DATA,          0x80, false},
+    {HTTP2_FRAME_TYPE_HEADERS,       0x00, true },
+    {HTTP2_FRAME_TYPE_HEADERS,       0x01, true },
+    {HTTP2_FRAME_TYPE_HEADERS,       0x02, false},
+    {HTTP2_FRAME_TYPE_HEADERS,       0x04, true },
+    {HTTP2_FRAME_TYPE_HEADERS,       0x08, true },
+    {HTTP2_FRAME_TYPE_HEADERS,       0x10, false},
+    {HTTP2_FRAME_TYPE_HEADERS,       0x20, true },
+    {HTTP2_FRAME_TYPE_HEADERS,       0x40, false},
+    {HTTP2_FRAME_TYPE_HEADERS,       0x80, false},
+    {HTTP2_FRAME_TYPE_PRIORITY,      0x00, true },
+    {HTTP2_FRAME_TYPE_PRIORITY,      0x01, false},
+    {HTTP2_FRAME_TYPE_PRIORITY,      0x02, false},
+    {HTTP2_FRAME_TYPE_PRIORITY,      0x04, false},
+    {HTTP2_FRAME_TYPE_PRIORITY,      0x08, false},
+    {HTTP2_FRAME_TYPE_PRIORITY,      0x10, false},
+    {HTTP2_FRAME_TYPE_PRIORITY,      0x20, false},
+    {HTTP2_FRAME_TYPE_PRIORITY,      0x40, false},
+    {HTTP2_FRAME_TYPE_PRIORITY,      0x80, false},
+    {HTTP2_FRAME_TYPE_RST_STREAM,    0x00, true },
+    {HTTP2_FRAME_TYPE_RST_STREAM,    0x01, false},
+    {HTTP2_FRAME_TYPE_RST_STREAM,    0x02, false},
+    {HTTP2_FRAME_TYPE_RST_STREAM,    0x04, false},
+    {HTTP2_FRAME_TYPE_RST_STREAM,    0x08, false},
+    {HTTP2_FRAME_TYPE_RST_STREAM,    0x10, false},
+    {HTTP2_FRAME_TYPE_RST_STREAM,    0x20, false},
+    {HTTP2_FRAME_TYPE_RST_STREAM,    0x40, false},
+    {HTTP2_FRAME_TYPE_RST_STREAM,    0x80, false},
+    {HTTP2_FRAME_TYPE_SETTINGS,      0x00, true },
+    {HTTP2_FRAME_TYPE_SETTINGS,      0x01, true },
+    {HTTP2_FRAME_TYPE_SETTINGS,      0x02, false},
+    {HTTP2_FRAME_TYPE_SETTINGS,      0x04, false},
+    {HTTP2_FRAME_TYPE_SETTINGS,      0x08, false},
+    {HTTP2_FRAME_TYPE_SETTINGS,      0x10, false},
+    {HTTP2_FRAME_TYPE_SETTINGS,      0x20, false},
+    {HTTP2_FRAME_TYPE_SETTINGS,      0x40, false},
+    {HTTP2_FRAME_TYPE_SETTINGS,      0x80, false},
+    {HTTP2_FRAME_TYPE_PUSH_PROMISE,  0x00, true },
+    {HTTP2_FRAME_TYPE_PUSH_PROMISE,  0x01, false},
+    {HTTP2_FRAME_TYPE_PUSH_PROMISE,  0x02, false},
+    {HTTP2_FRAME_TYPE_PUSH_PROMISE,  0x04, true },
+    {HTTP2_FRAME_TYPE_PUSH_PROMISE,  0x08, true },
+    {HTTP2_FRAME_TYPE_PUSH_PROMISE,  0x10, false},
+    {HTTP2_FRAME_TYPE_PUSH_PROMISE,  0x20, false},
+    {HTTP2_FRAME_TYPE_PUSH_PROMISE,  0x40, false},
+    {HTTP2_FRAME_TYPE_PUSH_PROMISE,  0x80, false},
+    {HTTP2_FRAME_TYPE_PING,          0x00, true },
+    {HTTP2_FRAME_TYPE_PING,          0x01, true },
+    {HTTP2_FRAME_TYPE_PING,          0x02, false},
+    {HTTP2_FRAME_TYPE_PING,          0x04, false},
+    {HTTP2_FRAME_TYPE_PING,          0x08, false},
+    {HTTP2_FRAME_TYPE_PING,          0x10, false},
+    {HTTP2_FRAME_TYPE_PING,          0x20, false},
+    {HTTP2_FRAME_TYPE_PING,          0x40, false},
+    {HTTP2_FRAME_TYPE_PING,          0x80, false},
+    {HTTP2_FRAME_TYPE_GOAWAY,        0x00, true },
+    {HTTP2_FRAME_TYPE_GOAWAY,        0x01, false},
+    {HTTP2_FRAME_TYPE_GOAWAY,        0x02, false},
+    {HTTP2_FRAME_TYPE_GOAWAY,        0x04, false},
+    {HTTP2_FRAME_TYPE_GOAWAY,        0x08, false},
+    {HTTP2_FRAME_TYPE_GOAWAY,        0x10, false},
+    {HTTP2_FRAME_TYPE_GOAWAY,        0x20, false},
+    {HTTP2_FRAME_TYPE_GOAWAY,        0x40, false},
+    {HTTP2_FRAME_TYPE_GOAWAY,        0x80, false},
+    {HTTP2_FRAME_TYPE_WINDOW_UPDATE, 0x00, true },
     {HTTP2_FRAME_TYPE_WINDOW_UPDATE, 0x01, false},
     {HTTP2_FRAME_TYPE_WINDOW_UPDATE, 0x02, false},
     {HTTP2_FRAME_TYPE_WINDOW_UPDATE, 0x04, false},
@@ -151,24 +151,24 @@ TEST_CASE("HTTP/2 Frame Flags", "[http2]")
     {HTTP2_FRAME_TYPE_WINDOW_UPDATE, 0x20, false},
     {HTTP2_FRAME_TYPE_WINDOW_UPDATE, 0x40, false},
     {HTTP2_FRAME_TYPE_WINDOW_UPDATE, 0x80, false},
-    {HTTP2_FRAME_TYPE_CONTINUATION, 0x00, true},
-    {HTTP2_FRAME_TYPE_CONTINUATION, 0x01, false},
-    {HTTP2_FRAME_TYPE_CONTINUATION, 0x02, false},
-    {HTTP2_FRAME_TYPE_CONTINUATION, 0x04, true},
-    {HTTP2_FRAME_TYPE_CONTINUATION, 0x08, false},
-    {HTTP2_FRAME_TYPE_CONTINUATION, 0x10, false},
-    {HTTP2_FRAME_TYPE_CONTINUATION, 0x20, false},
-    {HTTP2_FRAME_TYPE_CONTINUATION, 0x40, false},
-    {HTTP2_FRAME_TYPE_CONTINUATION, 0x80, false},
-    {HTTP2_FRAME_TYPE_MAX, 0x00, true},
-    {HTTP2_FRAME_TYPE_MAX, 0x01, true},
-    {HTTP2_FRAME_TYPE_MAX, 0x02, true},
-    {HTTP2_FRAME_TYPE_MAX, 0x04, true},
-    {HTTP2_FRAME_TYPE_MAX, 0x08, true},
-    {HTTP2_FRAME_TYPE_MAX, 0x10, true},
-    {HTTP2_FRAME_TYPE_MAX, 0x20, true},
-    {HTTP2_FRAME_TYPE_MAX, 0x40, true},
-    {HTTP2_FRAME_TYPE_MAX, 0x80, true},
+    {HTTP2_FRAME_TYPE_CONTINUATION,  0x00, true },
+    {HTTP2_FRAME_TYPE_CONTINUATION,  0x01, false},
+    {HTTP2_FRAME_TYPE_CONTINUATION,  0x02, false},
+    {HTTP2_FRAME_TYPE_CONTINUATION,  0x04, true },
+    {HTTP2_FRAME_TYPE_CONTINUATION,  0x08, false},
+    {HTTP2_FRAME_TYPE_CONTINUATION,  0x10, false},
+    {HTTP2_FRAME_TYPE_CONTINUATION,  0x20, false},
+    {HTTP2_FRAME_TYPE_CONTINUATION,  0x40, false},
+    {HTTP2_FRAME_TYPE_CONTINUATION,  0x80, false},
+    {HTTP2_FRAME_TYPE_MAX,           0x00, true },
+    {HTTP2_FRAME_TYPE_MAX,           0x01, true },
+    {HTTP2_FRAME_TYPE_MAX,           0x02, true },
+    {HTTP2_FRAME_TYPE_MAX,           0x04, true },
+    {HTTP2_FRAME_TYPE_MAX,           0x08, true },
+    {HTTP2_FRAME_TYPE_MAX,           0x10, true },
+    {HTTP2_FRAME_TYPE_MAX,           0x20, true },
+    {HTTP2_FRAME_TYPE_MAX,           0x40, true },
+    {HTTP2_FRAME_TYPE_MAX,           0x80, true },
   };
 
   static const uint8_t HTTP2_FRAME_FLAGS_MASKS[HTTP2_FRAME_TYPE_MAX] = {
diff --git a/proxy/http2/unit_tests/test_Http2FrequencyCounter.cc b/proxy/http2/unit_tests/test_Http2FrequencyCounter.cc
index b69d58f1ef9..b4f6f4a3a45 100644
--- a/proxy/http2/unit_tests/test_Http2FrequencyCounter.cc
+++ b/proxy/http2/unit_tests/test_Http2FrequencyCounter.cc
@@ -67,7 +67,7 @@ TEST_CASE("Http2FrequencyCounter_basic", "[http2][Http2FrequencyCounter]")
   SECTION("Update at 0")
   {
     ink_hrtime now = ink_hrtime_to_sec(Thread::get_hrtime_updated());
-    now -= now % 60;
+    now            -= now % 60;
 
     counter.set_internal_state(now, now - 5, 1, 2);
     counter.increment();
@@ -105,8 +105,8 @@ TEST_CASE("Http2FrequencyCounter_basic", "[http2][Http2FrequencyCounter]")
   SECTION("Update at 10")
   {
     ink_hrtime now = ink_hrtime_to_sec(Thread::get_hrtime_updated());
-    now -= now % 60;
-    now += 10;
+    now            -= now % 60;
+    now            += 10;
 
     counter.set_internal_state(now, now - 5, 1, 2);
     counter.increment();
@@ -144,8 +144,8 @@ TEST_CASE("Http2FrequencyCounter_basic", "[http2][Http2FrequencyCounter]")
   SECTION("Update at 30")
   {
     ink_hrtime now = ink_hrtime_to_sec(Thread::get_hrtime_updated());
-    now -= now % 60;
-    now += 30;
+    now            -= now % 60;
+    now            += 30;
 
     counter.set_internal_state(now, now - 5, 1, 2);
     counter.increment();
@@ -183,8 +183,8 @@ TEST_CASE("Http2FrequencyCounter_basic", "[http2][Http2FrequencyCounter]")
   SECTION("Update at 40")
   {
     ink_hrtime now = ink_hrtime_to_sec(Thread::get_hrtime_updated());
-    now -= now % 60;
-    now += 40;
+    now            -= now % 60;
+    now            += 40;
 
     counter.set_internal_state(now, now - 5, 1, 2);
     counter.increment();
diff --git a/proxy/http3/Http3DataFramer.cc b/proxy/http3/Http3DataFramer.cc
index 5fbb56dc8b1..e4a4b75ec63 100644
--- a/proxy/http3/Http3DataFramer.cc
+++ b/proxy/http3/Http3DataFramer.cc
@@ -43,7 +43,7 @@ Http3DataFramer::generate_frame()
   }
 
   if (payload_len) {
-    frame = Http3FrameFactory::create_data_frame(reader, payload_len);
+    frame                    = Http3FrameFactory::create_data_frame(reader, payload_len);
     this->_source_vio->ndone += payload_len;
   }
 
diff --git a/proxy/http3/Http3Frame.cc b/proxy/http3/Http3Frame.cc
index 3b7c6110163..631b2325cef 100644
--- a/proxy/http3/Http3Frame.cc
+++ b/proxy/http3/Http3Frame.cc
@@ -269,11 +269,11 @@ Http3SettingsFrame::Http3SettingsFrame(const uint8_t *buf, size_t buf_len, uint3
 
     size_t id_len = QUICVariableInt::size(buf + len);
     uint16_t id   = QUICIntUtil::read_QUICVariableInt(buf + len, buf_len - len);
-    len += id_len;
+    len           += id_len;
 
     size_t value_len = QUICVariableInt::size(buf + len);
     uint64_t value   = QUICIntUtil::read_QUICVariableInt(buf + len, buf_len - len);
-    len += value_len;
+    len              += value_len;
 
     // Ignore any SETTINGS identifier it does not understand.
     bool ignore = true;
diff --git a/proxy/http3/Http3FrameCollector.cc b/proxy/http3/Http3FrameCollector.cc
index 3118baca304..fd3cc7aa1a3 100644
--- a/proxy/http3/Http3FrameCollector.cc
+++ b/proxy/http3/Http3FrameCollector.cc
@@ -38,8 +38,8 @@ Http3FrameCollector::on_write_ready(QUICStreamId stream_id, MIOBuffer &writer, s
     size_t len           = 0;
     Http3FrameUPtr frame = g->generate_frame();
     if (frame) {
-      auto b = frame->to_io_buffer_block();
-      len    = writer.write(b.get(), INT64_MAX, 0);
+      auto b   = frame->to_io_buffer_block();
+      len      = writer.write(b.get(), INT64_MAX, 0);
       nwritten += len;
       Debug("http3", "[TX] [%" PRIu64 "] | %s size=%zu", stream_id, Http3DebugNames::frame_type(frame->type()), len);
     }
diff --git a/proxy/http3/Http3HeaderVIOAdaptor.cc b/proxy/http3/Http3HeaderVIOAdaptor.cc
index e99357abfc4..3641b91f119 100644
--- a/proxy/http3/Http3HeaderVIOAdaptor.cc
+++ b/proxy/http3/Http3HeaderVIOAdaptor.cc
@@ -128,7 +128,7 @@ Http3HeaderVIOAdaptor::_on_qpack_decode_complete()
       writer->add_block();
       block = writer->get_current_block();
     }
-    done = this->_header.print(block->end(), block->write_avail(), &bufindex, &tmp);
+    done       = this->_header.print(block->end(), block->write_avail(), &bufindex, &tmp);
     dumpoffset += bufindex;
     writer->fill(bufindex);
     if (!done) {
diff --git a/proxy/http3/Http3Session.cc b/proxy/http3/Http3Session.cc
index 60d0f0f2c7d..ac0416da155 100644
--- a/proxy/http3/Http3Session.cc
+++ b/proxy/http3/Http3Session.cc
@@ -172,7 +172,7 @@ HQSession::get_transact_count() const
 Http3Session::Http3Session(NetVConnection *vc) : HQSession(vc)
 {
   this->_local_qpack  = new QPACK(static_cast<QUICNetVConnection *>(vc), HTTP3_DEFAULT_MAX_HEADER_LIST_SIZE,
-                                 HTTP3_DEFAULT_HEADER_TABLE_SIZE, HTTP3_DEFAULT_QPACK_BLOCKED_STREAMS);
+                                  HTTP3_DEFAULT_HEADER_TABLE_SIZE, HTTP3_DEFAULT_QPACK_BLOCKED_STREAMS);
   this->_remote_qpack = new QPACK(static_cast<QUICNetVConnection *>(vc), HTTP3_DEFAULT_MAX_HEADER_LIST_SIZE,
                                   HTTP3_DEFAULT_HEADER_TABLE_SIZE, HTTP3_DEFAULT_QPACK_BLOCKED_STREAMS);
 }
diff --git a/proxy/http3/Http3Transaction.cc b/proxy/http3/Http3Transaction.cc
index 823cd3c311e..0916c91fc56 100644
--- a/proxy/http3/Http3Transaction.cc
+++ b/proxy/http3/Http3Transaction.cc
@@ -661,7 +661,7 @@ Http09Transaction::_process_read_vio()
       if (len < 2 || buf[len - 1] != '\n') {
         return 0;
       }
-      nread += len;
+      nread                             += len;
       this->_client_req_header_complete = true;
 
       // Check "CRLF" or "LF"
@@ -752,7 +752,7 @@ Http09Transaction::_process_write_vio()
 
       reader->consume(bytes_written);
       this->_write_vio.ndone += bytes_written;
-      total_written += bytes_written;
+      total_written          += bytes_written;
     }
 
     // NOTE: When Chunked Transfer Coding is supported, check ChunkedState of ChunkedHandler
diff --git a/proxy/http3/QPACK.cc b/proxy/http3/QPACK.cc
index 6aec8f86614..092008de28b 100644
--- a/proxy/http3/QPACK.cc
+++ b/proxy/http3/QPACK.cc
@@ -27,110 +27,111 @@
 #include "tscore/ink_defs.h"
 #include "tscore/ink_memory.h"
 
-#define QPACKDebug(fmt, ...) Debug("qpack", "[%s] " fmt, this->_qc->cids().data(), ##__VA_ARGS__)
+#define QPACKDebug(fmt, ...)   Debug("qpack", "[%s] " fmt, this->_qc->cids().data(), ##__VA_ARGS__)
 #define QPACKDTDebug(fmt, ...) Debug("qpack", "" fmt, ##__VA_ARGS__)
 
 // qpack-05 Appendix A.
 const QPACK::Header QPACK::StaticTable::STATIC_HEADER_FIELDS[] = {
-  {":authority", ""},
-  {":path", "/"},
-  {"age", "0"},
-  {"content-disposition", ""},
-  {"content-length", "0"},
-  {"cookie", ""},
-  {"date", ""},
-  {"etag", ""},
-  {"if-modified-since", ""},
-  {"if-none-match", ""},
-  {"last-modified", ""},
-  {"link", ""},
-  {"location", ""},
-  {"referer", ""},
-  {"set-cookie", ""},
-  {":method", "CONNECT"},
-  {":method", "DELETE"},
-  {":method", "GET"},
-  {":method", "HEAD"},
-  {":method", "OPTIONS"},
-  {":method", "POST"},
-  {":method", "PUT"},
-  {":scheme", "http"},
-  {":scheme", "https"},
-  {":status", "103"},
-  {":status", "200"},
-  {":status", "304"},
-  {":status", "404"},
-  {":status", "503"},
-  {"accept", "*/*"},
-  {"accept", "application/dns-message"},
-  {"accept-encoding", "gzip, deflate, br"},
-  {"accept-ranges", "bytes"},
-  {"access-control-allow-headers", "cache-control"},
-  {"access-control-allow-headers", "content-type"},
-  {"access-control-allow-origin", "*"},
-  {"cache-control", "max-age=0"},
-  {"cache-control", "max-age=2592000"},
-  {"cache-control", "max-age=604800"},
-  {"cache-control", "no-cache"},
-  {"cache-control", "no-store"},
-  {"cache-control", "public, max-age=31536000"},
-  {"content-encoding", "br"},
-  {"content-encoding", "gzip"},
-  {"content-type", "application/dns-message"},
-  {"content-type", "application/javascript"},
-  {"content-type", "application/json"},
-  {"content-type", "application/x-www-form-urlencoded"},
-  {"content-type", "image/gif"},
-  {"content-type", "image/jpeg"},
-  {"content-type", "image/png"},
-  {"content-type", "text/css"},
-  {"content-type", "text/html; charset=utf-8"},
-  {"content-type", "text/plain"},
-  {"content-type", "text/plain;charset=utf-8"},
-  {"range", "bytes=0-"},
-  {"strict-transport-security", "max-age=31536000"},
-  {"strict-transport-security", "max-age=31536000; includesubdomains"},
-  {"strict-transport-security", "max-age=31536000; includesubdomains; preload"},
-  {"vary", "accept-encoding"},
-  {"vary", "origin"},
-  {"x-content-type-options", "nosniff"},
-  {"x-xss-protection", "1; mode=block"},
-  {":status", "100"},
-  {":status", "204"},
-  {":status", "206"},
-  {":status", "302"},
-  {":status", "400"},
-  {":status", "403"},
-  {":status", "421"},
-  {":status", "425"},
-  {":status", "500"},
-  {"accept-language", ""},
-  {"access-control-allow-credentials", "FALSE"},
-  {"access-control-allow-credentials", "TRUE"},
-  {"access-control-allow-headers", "*"},
-  {"access-control-allow-methods", "get"},
-  {"access-control-allow-methods", "get, post, options"},
-  {"access-control-allow-methods", "options"},
-  {"access-control-expose-headers", "content-length"},
-  {"access-control-request-headers", "content-type"},
-  {"access-control-request-method", "get"},
-  {"access-control-request-method", "post"},
-  {"alt-svc", "clear"},
-  {"authorization", ""},
-  {"content-security-policy", "script-src 'none'; object-src 'none'; base-uri 'none'"},
-  {"early-data", "1"},
-  {"expect-ct", ""},
-  {"forwarded", ""},
-  {"if-range", ""},
-  {"origin", ""},
-  {"purpose", "prefetch"},
-  {"server", ""},
-  {"timing-allow-origin", "*"},
-  {"upgrade-insecure-requests", "1"},
-  {"user-agent", ""},
-  {"x-forwarded-for", ""},
-  {"x-frame-options", "deny"},
-  {"x-frame-options", "sameorigin"}};
+  {":authority",                       ""                                                     },
+  {":path",                            "/"                                                    },
+  {"age",                              "0"                                                    },
+  {"content-disposition",              ""                                                     },
+  {"content-length",                   "0"                                                    },
+  {"cookie",                           ""                                                     },
+  {"date",                             ""                                                     },
+  {"etag",                             ""                                                     },
+  {"if-modified-since",                ""                                                     },
+  {"if-none-match",                    ""                                                     },
+  {"last-modified",                    ""                                                     },
+  {"link",                             ""                                                     },
+  {"location",                         ""                                                     },
+  {"referer",                          ""                                                     },
+  {"set-cookie",                       ""                                                     },
+  {":method",                          "CONNECT"                                              },
+  {":method",                          "DELETE"                                               },
+  {":method",                          "GET"                                                  },
+  {":method",                          "HEAD"                                                 },
+  {":method",                          "OPTIONS"                                              },
+  {":method",                          "POST"                                                 },
+  {":method",                          "PUT"                                                  },
+  {":scheme",                          "http"                                                 },
+  {":scheme",                          "https"                                                },
+  {":status",                          "103"                                                  },
+  {":status",                          "200"                                                  },
+  {":status",                          "304"                                                  },
+  {":status",                          "404"                                                  },
+  {":status",                          "503"                                                  },
+  {"accept",                           "*/*"                                                  },
+  {"accept",                           "application/dns-message"                              },
+  {"accept-encoding",                  "gzip, deflate, br"                                    },
+  {"accept-ranges",                    "bytes"                                                },
+  {"access-control-allow-headers",     "cache-control"                                        },
+  {"access-control-allow-headers",     "content-type"                                         },
+  {"access-control-allow-origin",      "*"                                                    },
+  {"cache-control",                    "max-age=0"                                            },
+  {"cache-control",                    "max-age=2592000"                                      },
+  {"cache-control",                    "max-age=604800"                                       },
+  {"cache-control",                    "no-cache"                                             },
+  {"cache-control",                    "no-store"                                             },
+  {"cache-control",                    "public, max-age=31536000"                             },
+  {"content-encoding",                 "br"                                                   },
+  {"content-encoding",                 "gzip"                                                 },
+  {"content-type",                     "application/dns-message"                              },
+  {"content-type",                     "application/javascript"                               },
+  {"content-type",                     "application/json"                                     },
+  {"content-type",                     "application/x-www-form-urlencoded"                    },
+  {"content-type",                     "image/gif"                                            },
+  {"content-type",                     "image/jpeg"                                           },
+  {"content-type",                     "image/png"                                            },
+  {"content-type",                     "text/css"                                             },
+  {"content-type",                     "text/html; charset=utf-8"                             },
+  {"content-type",                     "text/plain"                                           },
+  {"content-type",                     "text/plain;charset=utf-8"                             },
+  {"range",                            "bytes=0-"                                             },
+  {"strict-transport-security",        "max-age=31536000"                                     },
+  {"strict-transport-security",        "max-age=31536000; includesubdomains"                  },
+  {"strict-transport-security",        "max-age=31536000; includesubdomains; preload"         },
+  {"vary",                             "accept-encoding"                                      },
+  {"vary",                             "origin"                                               },
+  {"x-content-type-options",           "nosniff"                                              },
+  {"x-xss-protection",                 "1; mode=block"                                        },
+  {":status",                          "100"                                                  },
+  {":status",                          "204"                                                  },
+  {":status",                          "206"                                                  },
+  {":status",                          "302"                                                  },
+  {":status",                          "400"                                                  },
+  {":status",                          "403"                                                  },
+  {":status",                          "421"                                                  },
+  {":status",                          "425"                                                  },
+  {":status",                          "500"                                                  },
+  {"accept-language",                  ""                                                     },
+  {"access-control-allow-credentials", "FALSE"                                                },
+  {"access-control-allow-credentials", "TRUE"                                                 },
+  {"access-control-allow-headers",     "*"                                                    },
+  {"access-control-allow-methods",     "get"                                                  },
+  {"access-control-allow-methods",     "get, post, options"                                   },
+  {"access-control-allow-methods",     "options"                                              },
+  {"access-control-expose-headers",    "content-length"                                       },
+  {"access-control-request-headers",   "content-type"                                         },
+  {"access-control-request-method",    "get"                                                  },
+  {"access-control-request-method",    "post"                                                 },
+  {"alt-svc",                          "clear"                                                },
+  {"authorization",                    ""                                                     },
+  {"content-security-policy",          "script-src 'none'; object-src 'none'; base-uri 'none'"},
+  {"early-data",                       "1"                                                    },
+  {"expect-ct",                        ""                                                     },
+  {"forwarded",                        ""                                                     },
+  {"if-range",                         ""                                                     },
+  {"origin",                           ""                                                     },
+  {"purpose",                          "prefetch"                                             },
+  {"server",                           ""                                                     },
+  {"timing-allow-origin",              "*"                                                    },
+  {"upgrade-insecure-requests",        "1"                                                    },
+  {"user-agent",                       ""                                                     },
+  {"x-forwarded-for",                  ""                                                     },
+  {"x-frame-options",                  "deny"                                                 },
+  {"x-frame-options",                  "sameorigin"                                           }
+};
 
 QPACK::QPACK(QUICConnection *qc, uint32_t max_header_list_size, uint16_t max_table_size, uint16_t max_blocking_streams)
   : QUICApplication(qc),
@@ -322,7 +323,7 @@ QPACK::_encode_prefix(uint16_t largest_reference, uint16_t base_index, IOBufferB
   prefix->end()[0] = 0x0;
   if (base_index < largest_reference) {
     prefix->end()[0] |= 0x80;
-    delta = largest_reference - base_index;
+    delta            = largest_reference - base_index;
   } else {
     delta = base_index - largest_reference;
   }
@@ -890,7 +891,7 @@ QPACK::_decode_header(const uint8_t *header_block, size_t header_block_len, HTTP
   if ((ret = xpack_decode_integer(tmp, pos, pos + remain_len, 8)) < 0 && tmp > 0xFFFF) {
     return -1;
   }
-  pos += ret;
+  pos                        += ret;
   uint16_t largest_reference = tmp;
 
   uint64_t delta_base_index;
@@ -1348,7 +1349,7 @@ QPACK::DynamicTable::insert_entry(const char *name, uint16_t name_len, const cha
       break;
     }
     available += this->_entries[tail].name_len + this->_entries[tail].value_len;
-    tail = (tail + 1) % this->_max_entries;
+    tail      = (tail + 1) % this->_max_entries;
   }
   if (available < required_len) {
     // We can't insert a new entry because some stream(s) refer an entry that need to be evicted
@@ -1368,7 +1369,7 @@ QPACK::DynamicTable::insert_entry(const char *name, uint16_t name_len, const cha
   this->_entries_head                 = (this->_entries_head + 1) % this->_max_entries;
   this->_entries[this->_entries_head] = {++this->_entries_inserted, this->_storage->write(name, name_len, value, value_len),
                                          name_len, value_len, 0};
-  this->_available -= required_len;
+  this->_available                    -= required_len;
 
   QPACKDTDebug("Insert Entry: entry=%u, index=%u, size=%u", this->_entries_head, this->_entries_inserted, name_len + value_len);
   QPACKDTDebug("Available size: %u", this->_available);
@@ -1657,7 +1658,7 @@ QPACK::_read_insert_with_name_ref(IOBufferReader &reader, bool &is_static, uint1
   if ((ret = xpack_decode_integer(tmp, input, input + input_len, 6)) < 0 && tmp > 0xFFFF) {
     return -1;
   }
-  index = tmp;
+  index    = tmp;
   read_len += ret;
 
   // Value
@@ -1665,7 +1666,7 @@ QPACK::_read_insert_with_name_ref(IOBufferReader &reader, bool &is_static, uint1
     return -1;
   }
   value_len = tmp;
-  read_len += ret;
+  read_len  += ret;
 
   reader.consume(read_len);
 
@@ -1695,7 +1696,7 @@ QPACK::_read_insert_without_name_ref(IOBufferReader &reader, Arena &arena, char
     return -1;
   }
   value_len = tmp;
-  read_len += ret;
+  read_len  += ret;
 
   reader.consume(read_len);
 
@@ -1716,7 +1717,7 @@ QPACK::_read_duplicate(IOBufferReader &reader, uint16_t &index)
   if ((ret = xpack_decode_integer(tmp, input, input + input_len, 5)) < 0 && tmp > 0xFFFF) {
     return -1;
   }
-  index = tmp;
+  index    = tmp;
   read_len += ret;
 
   reader.consume(read_len);
@@ -1761,7 +1762,7 @@ QPACK::_read_table_state_synchronize(IOBufferReader &reader, uint16_t &insert_co
     return -1;
   }
   insert_count = tmp;
-  read_len += ret;
+  read_len     += ret;
 
   reader.consume(read_len);
 
diff --git a/proxy/logging/LogAccess.cc b/proxy/logging/LogAccess.cc
index 7a6eaadb923..56ff3cc4d6d 100644
--- a/proxy/logging/LogAccess.cc
+++ b/proxy/logging/LogAccess.cc
@@ -34,7 +34,7 @@ extern AppVersionInfo appVersionInfo;
 
 char INVALID_STR[] = "!INVALID_STR!";
 
-#define HIDDEN_CONTENT_TYPE "@Content-Type"
+#define HIDDEN_CONTENT_TYPE     "@Content-Type"
 #define HIDDEN_CONTENT_TYPE_LEN 13
 
 // should be at least 22 bytes to always accommodate a converted
@@ -207,8 +207,8 @@ LogAccess::marshal_record(char *record, char *buf)
 
 #define LOG_INTEGER RECD_INT
 #define LOG_COUNTER RECD_COUNTER
-#define LOG_FLOAT RECD_FLOAT
-#define LOG_STRING RECD_STRING
+#define LOG_FLOAT   RECD_FLOAT
+#define LOG_STRING  RECD_STRING
 
   RecDataT stype = RECD_NULL;
   bool found     = false;
@@ -456,7 +456,7 @@ LogAccess::unmarshal_int(char **buf)
   int64_t val;
 
   // TODO: this used to do nthol, do we need to worry? TS-1156.
-  val = *(reinterpret_cast<int64_t *>(*buf));
+  val  = *(reinterpret_cast<int64_t *>(*buf));
   *buf += INK_MIN_ALIGN;
   return val;
 }
@@ -497,7 +497,7 @@ LogAccess::unmarshal_itoa(int64_t val, char *dest, int field_width, char leading
 
   do {
     *p-- = '0' + (val % 10);
-    val /= 10;
+    val  /= 10;
   } while (val);
 
   while (dest - p < field_width) {
@@ -530,7 +530,7 @@ LogAccess::unmarshal_itox(int64_t val, char *dest, int field_width, char leading
 
   for (int i = 0; i < static_cast<int>(sizeof(int64_t) * 2); i++) {
     *p-- = table[val & 0xf];
-    val >>= 4;
+    val  >>= 4;
   }
   while (dest - p < field_width) {
     *p-- = leading_char;
@@ -898,7 +898,7 @@ LogAccess::unmarshal_http_version(char **buf, char *dest, int len)
   if (res1 < 0) {
     return -1;
   }
-  p += res1;
+  p        += res1;
   *p++     = '.';
   int res2 = unmarshal_int_to_str(buf, p, 128 - http_len - res1 - 1);
   if (res2 < 0) {
@@ -934,13 +934,13 @@ LogAccess::unmarshal_http_text(char **buf, char *dest, int len, LogSlice *slice,
   if (res1 < 0) {
     return -1;
   }
-  p += res1;
+  p        += res1;
   *p++     = ' ';
   int res2 = unmarshal_str(buf, p, len - res1 - 1, slice, escape_type);
   if (res2 < 0) {
     return -1;
   }
-  p += res2;
+  p        += res2;
   *p++     = ' ';
   int res3 = unmarshal_http_version(buf, p, len - res1 - res2 - 2);
   if (res3 < 0) {
@@ -1000,7 +1000,7 @@ LogAccess::unmarshal_ip(char **buf, IpEndpoint *dest)
   } else {
     ats_ip_invalidate(dest);
   }
-  len = INK_ALIGN_DEFAULT(len);
+  len  = INK_ALIGN_DEFAULT(len);
   *buf += len;
   return len;
 }
@@ -1149,7 +1149,7 @@ LogAccess::unmarshal_record(char **buf, char *dest, int len)
 
   char *val_buf = *buf;
   int val_len   = static_cast<int>(::strlen(val_buf));
-  *buf += MARSHAL_RECORD_LENGTH; // this is how it was stored
+  *buf          += MARSHAL_RECORD_LENGTH; // this is how it was stored
   if (val_len < len) {
     memcpy(dest, val_buf, val_len);
     return val_len;
@@ -1606,7 +1606,7 @@ LogAccess::validate_unmapped_url_path()
 
       if (c && (len = static_cast<int>(c - m_client_req_unmapped_url_path_str)) <= 5) { // 5 - max schema size
         if (len + 2 <= m_client_req_unmapped_url_canon_len && c[1] == '/' && c[2] == '/') {
-          len += 3; // Skip "://"
+          len                                += 3; // Skip "://"
           m_client_req_unmapped_url_host_str = &m_client_req_unmapped_url_canon_str[len];
           m_client_req_unmapped_url_host_len = m_client_req_unmapped_url_path_len - len;
           // Attempt to find first '/' in the path
@@ -1657,10 +1657,10 @@ LogAccess::marshal_client_req_text(char *buf)
 
   if (buf) {
     int offset = 0;
-    offset += marshal_client_req_http_method(&buf[offset]);
-    offset += marshal_client_req_url(&buf[offset]);
-    offset += marshal_client_req_http_version(&buf[offset]);
-    len = offset;
+    offset     += marshal_client_req_http_method(&buf[offset]);
+    offset     += marshal_client_req_url(&buf[offset]);
+    offset     += marshal_client_req_http_version(&buf[offset]);
+    len        = offset;
   }
   return len;
 }
@@ -3012,7 +3012,7 @@ LogAccess::marshal_http_header_field(LogField::Container container, char *field,
           buf += actual_len;
         }
         running_len += actual_len;
-        fld = fld->m_next_dup;
+        fld         = fld->m_next_dup;
 
         // Dups need to be comma separated.  So if there's another
         // dup, then add a comma and a space ...
@@ -3034,7 +3034,7 @@ LogAccess::marshal_http_header_field(LogField::Container container, char *field,
         buf++;
       }
       running_len += 1;
-      padded_len = round_strlen(running_len);
+      padded_len  = round_strlen(running_len);
 
 // Note: marshal_string fills the padding to
 //  prevent purify UMRs so we do it here too
@@ -3114,7 +3114,7 @@ LogAccess::marshal_http_header_field_escapify(LogField::Container container, cha
           buf += new_len;
         }
         running_len += new_len;
-        fld = fld->m_next_dup;
+        fld         = fld->m_next_dup;
 
         // Dups need to be comma separated.  So if there's another
         // dup, then add a comma and an escapified space ...
@@ -3137,7 +3137,7 @@ LogAccess::marshal_http_header_field_escapify(LogField::Container container, cha
         buf++;
       }
       running_len += 1;
-      padded_len = round_strlen(running_len);
+      padded_len  = round_strlen(running_len);
 
 // Note: marshal_string fills the padding to
 //  prevent purify UMRs so we do it here too
diff --git a/proxy/logging/LogAccess.h b/proxy/logging/LogAccess.h
index 178e3e247d8..f34e7cee162 100644
--- a/proxy/logging/LogAccess.h
+++ b/proxy/logging/LogAccess.h
@@ -84,7 +84,7 @@ union IpEndpoint;
   -------------------------------------------------------------------------*/
 
 // DEFAULT_STR_LEN MUST be less than INK_MIN_ALIGN
-#define DEFAULT_STR "-"
+#define DEFAULT_STR     "-"
 #define DEFAULT_STR_LEN 1
 
 extern char INVALID_STR[];
@@ -341,7 +341,7 @@ class LogAccess
 
   // noncopyable
   // -- member functions that are not allowed --
-  LogAccess(const LogAccess &rhs) = delete;      // no copies
+  LogAccess(const LogAccess &rhs)      = delete; // no copies
   LogAccess &operator=(LogAccess &rhs) = delete; // or assignment
 
 private:
diff --git a/proxy/logging/LogAccessTest.h b/proxy/logging/LogAccessTest.h
index 6519071cba2..7a785c121b2 100644
--- a/proxy/logging/LogAccessTest.h
+++ b/proxy/logging/LogAccessTest.h
@@ -97,6 +97,6 @@ class LogAccessTest : public LogAccess
 
   // noncopyable
   // -- member functions that are not allowed --
-  LogAccessTest(const LogAccessTest &rhs) = delete;
+  LogAccessTest(const LogAccessTest &rhs)      = delete;
   LogAccessTest &operator=(LogAccessTest &rhs) = delete;
 };
diff --git a/proxy/logging/LogBuffer.cc b/proxy/logging/LogBuffer.cc
index 59c622ab518..498d99f6d86 100644
--- a/proxy/logging/LogBuffer.cc
+++ b/proxy/logging/LogBuffer.cc
@@ -414,23 +414,23 @@ LogBuffer::_add_buffer_header(const LogConfig *cfg)
 
   if (fmt->name()) {
     m_header->fmt_name_offset = header_len;
-    header_len += add_header_str(fmt->name(), &m_buffer[header_len], m_size - header_len);
+    header_len                += add_header_str(fmt->name(), &m_buffer[header_len], m_size - header_len);
   }
   if (fmt->fieldlist()) {
     m_header->fmt_fieldlist_offset = header_len;
-    header_len += add_header_str(fmt->fieldlist(), &m_buffer[header_len], m_size - header_len);
+    header_len                     += add_header_str(fmt->fieldlist(), &m_buffer[header_len], m_size - header_len);
   }
   if (fmt->printf_str()) {
     m_header->fmt_printf_offset = header_len;
-    header_len += add_header_str(fmt->printf_str(), &m_buffer[header_len], m_size - header_len);
+    header_len                  += add_header_str(fmt->printf_str(), &m_buffer[header_len], m_size - header_len);
   }
   if (cfg->hostname) {
     m_header->src_hostname_offset = header_len;
-    header_len += add_header_str(cfg->hostname, &m_buffer[header_len], m_size - header_len);
+    header_len                    += add_header_str(cfg->hostname, &m_buffer[header_len], m_size - header_len);
   }
   if (m_owner->get_base_filename()) {
     m_header->log_filename_offset = header_len;
-    header_len += add_header_str(m_owner->get_base_filename(), &m_buffer[header_len], m_size - header_len);
+    header_len                    += add_header_str(m_owner->get_base_filename(), &m_buffer[header_len], m_size - header_len);
   }
   // update the rest of the header fields; make sure the header_len is
   // correctly aligned, so that the first record will start on a legal
@@ -542,8 +542,8 @@ LogBuffer::resolve_custom_entry(LogFieldList *fieldlist, char *printf_str, char
         }
 
         bytes_written += res;
-        lastField = field;
-        field     = fieldlist->next(field);
+        lastField     = field;
+        field         = fieldlist->next(field);
       } else {
         ts::LocalBufferWriter<10 * 1024> bw;
         if (auto bs = fieldlist->badSymbols(); bs.size() > 0) {
diff --git a/proxy/logging/LogBuffer.h b/proxy/logging/LogBuffer.h
index bd8d32fab70..4fe7530d2ce 100644
--- a/proxy/logging/LogBuffer.h
+++ b/proxy/logging/LogBuffer.h
@@ -34,7 +34,7 @@ class LogObject;
 class LogConfig;
 class LogBufferIterator;
 
-#define LOG_SEGMENT_COOKIE 0xaceface
+#define LOG_SEGMENT_COOKIE  0xaceface
 #define LOG_SEGMENT_VERSION 2
 
 #if defined(linux)
@@ -109,7 +109,7 @@ union LB_State {
   struct {
     uint32_t offset;           // buffer offset(bytes in buffer)
     uint16_t num_entries;      // number of entries in buffer
-    uint16_t full : 1;         // not accepting more checkouts
+    uint16_t full        : 1;  // not accepting more checkouts
     uint16_t num_writers : 15; // number of writers
   } s;
 };
@@ -232,7 +232,7 @@ class LogBuffer
 
   // noncopyable
   // -- member functions that are not allowed --
-  LogBuffer(const LogBuffer &rhs) = delete;
+  LogBuffer(const LogBuffer &rhs)            = delete;
   LogBuffer &operator=(const LogBuffer &rhs) = delete;
 
 private:
@@ -291,7 +291,7 @@ class LogBufferIterator
 
   // noncopyable
   // -- member functions not allowed --
-  LogBufferIterator(const LogBufferIterator &) = delete;
+  LogBufferIterator(const LogBufferIterator &)            = delete;
   LogBufferIterator &operator=(const LogBufferIterator &) = delete;
 
 private:
diff --git a/proxy/logging/LogConfig.cc b/proxy/logging/LogConfig.cc
index b840295b1a4..435d7d1c9dd 100644
--- a/proxy/logging/LogConfig.cc
+++ b/proxy/logging/LogConfig.cc
@@ -63,8 +63,8 @@
 #define DISK_IS_ACTUAL_LOW_MESSAGE "Access logging to local log directory suspended - partition space is low."
 
 #define PARTITION_HEADROOM_MB 10
-#define DIAGS_LOG_FILENAME "diags.log"
-#define MANAGER_LOG_FILENAME "manager.log"
+#define DIAGS_LOG_FILENAME    "diags.log"
+#define MANAGER_LOG_FILENAME  "manager.log"
 
 void
 LogConfig::setup_default_values()
@@ -99,7 +99,8 @@ LogConfig::setup_default_values()
   logbuffer_max_iobuf_index = BUFFER_SIZE_INDEX_32K;
 }
 
-void LogConfig::reconfigure_mgmt_variables(swoc::MemSpan<void>)
+void
+LogConfig::reconfigure_mgmt_variables(swoc::MemSpan<void>)
 {
   Note("received log reconfiguration event, rolling now");
   Log::config->roll_log_files_now = true;
@@ -740,7 +741,7 @@ LogConfig::update_space_used()
                 victim->rolled_log_path.c_str(), victim->size);
 
           // Update after successful unlink;
-          m_space_used -= victim->size;
+          m_space_used           -= victim->size;
           m_partition_space_left += victim->size;
         }
       }
diff --git a/proxy/logging/LogConfig.h b/proxy/logging/LogConfig.h
index 149c774a587..309bdb3090b 100644
--- a/proxy/logging/LogConfig.h
+++ b/proxy/logging/LogConfig.h
@@ -128,7 +128,7 @@ class LogConfig : public ConfigInfo
   void
   increment_space_used(int bytes)
   {
-    m_space_used += bytes;
+    m_space_used           += bytes;
     m_partition_space_left -= bytes;
   }
 
@@ -227,6 +227,6 @@ class LogConfig : public ConfigInfo
 
   // noncopyable
   // -- member functions not allowed --
-  LogConfig(const LogConfig &) = delete;
+  LogConfig(const LogConfig &)            = delete;
   LogConfig &operator=(const LogConfig &) = delete;
 };
diff --git a/proxy/logging/LogField.cc b/proxy/logging/LogField.cc
index 66495d7fc4f..63cdd7096c7 100644
--- a/proxy/logging/LogField.cc
+++ b/proxy/logging/LogField.cc
@@ -181,30 +181,30 @@ struct milestone {
 };
 
 static const milestone milestones[] = {
-  {"TS_MILESTONE_UA_BEGIN", TS_MILESTONE_UA_BEGIN},
-  {"TS_MILESTONE_UA_FIRST_READ", TS_MILESTONE_UA_FIRST_READ},
-  {"TS_MILESTONE_UA_READ_HEADER_DONE", TS_MILESTONE_UA_READ_HEADER_DONE},
-  {"TS_MILESTONE_UA_BEGIN_WRITE", TS_MILESTONE_UA_BEGIN_WRITE},
-  {"TS_MILESTONE_UA_CLOSE", TS_MILESTONE_UA_CLOSE},
-  {"TS_MILESTONE_SERVER_FIRST_CONNECT", TS_MILESTONE_SERVER_FIRST_CONNECT},
-  {"TS_MILESTONE_SERVER_CONNECT", TS_MILESTONE_SERVER_CONNECT},
-  {"TS_MILESTONE_SERVER_CONNECT_END", TS_MILESTONE_SERVER_CONNECT_END},
-  {"TS_MILESTONE_SERVER_BEGIN_WRITE", TS_MILESTONE_SERVER_BEGIN_WRITE},
-  {"TS_MILESTONE_SERVER_FIRST_READ", TS_MILESTONE_SERVER_FIRST_READ},
+  {"TS_MILESTONE_UA_BEGIN",                TS_MILESTONE_UA_BEGIN               },
+  {"TS_MILESTONE_UA_FIRST_READ",           TS_MILESTONE_UA_FIRST_READ          },
+  {"TS_MILESTONE_UA_READ_HEADER_DONE",     TS_MILESTONE_UA_READ_HEADER_DONE    },
+  {"TS_MILESTONE_UA_BEGIN_WRITE",          TS_MILESTONE_UA_BEGIN_WRITE         },
+  {"TS_MILESTONE_UA_CLOSE",                TS_MILESTONE_UA_CLOSE               },
+  {"TS_MILESTONE_SERVER_FIRST_CONNECT",    TS_MILESTONE_SERVER_FIRST_CONNECT   },
+  {"TS_MILESTONE_SERVER_CONNECT",          TS_MILESTONE_SERVER_CONNECT         },
+  {"TS_MILESTONE_SERVER_CONNECT_END",      TS_MILESTONE_SERVER_CONNECT_END     },
+  {"TS_MILESTONE_SERVER_BEGIN_WRITE",      TS_MILESTONE_SERVER_BEGIN_WRITE     },
+  {"TS_MILESTONE_SERVER_FIRST_READ",       TS_MILESTONE_SERVER_FIRST_READ      },
   {"TS_MILESTONE_SERVER_READ_HEADER_DONE", TS_MILESTONE_SERVER_READ_HEADER_DONE},
-  {"TS_MILESTONE_SERVER_CLOSE", TS_MILESTONE_SERVER_CLOSE},
-  {"TS_MILESTONE_CACHE_OPEN_READ_BEGIN", TS_MILESTONE_CACHE_OPEN_READ_BEGIN},
-  {"TS_MILESTONE_CACHE_OPEN_READ_END", TS_MILESTONE_CACHE_OPEN_READ_END},
-  {"TS_MILESTONE_CACHE_OPEN_WRITE_BEGIN", TS_MILESTONE_CACHE_OPEN_WRITE_BEGIN},
-  {"TS_MILESTONE_CACHE_OPEN_WRITE_END", TS_MILESTONE_CACHE_OPEN_WRITE_END},
-  {"TS_MILESTONE_DNS_LOOKUP_BEGIN", TS_MILESTONE_DNS_LOOKUP_BEGIN},
-  {"TS_MILESTONE_DNS_LOOKUP_END", TS_MILESTONE_DNS_LOOKUP_END},
-  {"TS_MILESTONE_SM_START", TS_MILESTONE_SM_START},
-  {"TS_MILESTONE_SM_FINISH", TS_MILESTONE_SM_FINISH},
-  {"TS_MILESTONE_PLUGIN_ACTIVE", TS_MILESTONE_PLUGIN_ACTIVE},
-  {"TS_MILESTONE_PLUGIN_TOTAL", TS_MILESTONE_PLUGIN_TOTAL},
-  {"TS_MILESTONE_TLS_HANDSHAKE_START", TS_MILESTONE_TLS_HANDSHAKE_START},
-  {"TS_MILESTONE_TLS_HANDSHAKE_END", TS_MILESTONE_TLS_HANDSHAKE_END},
+  {"TS_MILESTONE_SERVER_CLOSE",            TS_MILESTONE_SERVER_CLOSE           },
+  {"TS_MILESTONE_CACHE_OPEN_READ_BEGIN",   TS_MILESTONE_CACHE_OPEN_READ_BEGIN  },
+  {"TS_MILESTONE_CACHE_OPEN_READ_END",     TS_MILESTONE_CACHE_OPEN_READ_END    },
+  {"TS_MILESTONE_CACHE_OPEN_WRITE_BEGIN",  TS_MILESTONE_CACHE_OPEN_WRITE_BEGIN },
+  {"TS_MILESTONE_CACHE_OPEN_WRITE_END",    TS_MILESTONE_CACHE_OPEN_WRITE_END   },
+  {"TS_MILESTONE_DNS_LOOKUP_BEGIN",        TS_MILESTONE_DNS_LOOKUP_BEGIN       },
+  {"TS_MILESTONE_DNS_LOOKUP_END",          TS_MILESTONE_DNS_LOOKUP_END         },
+  {"TS_MILESTONE_SM_START",                TS_MILESTONE_SM_START               },
+  {"TS_MILESTONE_SM_FINISH",               TS_MILESTONE_SM_FINISH              },
+  {"TS_MILESTONE_PLUGIN_ACTIVE",           TS_MILESTONE_PLUGIN_ACTIVE          },
+  {"TS_MILESTONE_PLUGIN_TOTAL",            TS_MILESTONE_PLUGIN_TOTAL           },
+  {"TS_MILESTONE_TLS_HANDSHAKE_START",     TS_MILESTONE_TLS_HANDSHAKE_START    },
+  {"TS_MILESTONE_TLS_HANDSHAKE_END",       TS_MILESTONE_TLS_HANDSHAKE_END      },
 };
 
 void
@@ -822,7 +822,7 @@ LogFieldList::marshal(LogAccess *lad, char *buf)
   char *ptr;
   int bytes = 0;
   for (LogField *f = first(); f; f = next(f)) {
-    ptr = &buf[bytes];
+    ptr   = &buf[bytes];
     bytes += f->marshal(lad, ptr);
     ink_assert(bytes % INK_MIN_ALIGN == 0);
   }
@@ -835,7 +835,7 @@ LogFieldList::marshal_agg(char *buf)
   char *ptr;
   int bytes = 0;
   for (LogField *f = first(); f; f = next(f)) {
-    ptr = &buf[bytes];
+    ptr   = &buf[bytes];
     bytes += f->marshal_agg(ptr);
   }
   return bytes;
diff --git a/proxy/logging/LogField.h b/proxy/logging/LogField.h
index 173a14064ce..9472b0fdc44 100644
--- a/proxy/logging/LogField.h
+++ b/proxy/logging/LogField.h
@@ -267,7 +267,7 @@ class LogFieldList
 
   // noncopyable
   // -- member functions that are not allowed --
-  LogFieldList(const LogFieldList &rhs) = delete;
+  LogFieldList(const LogFieldList &rhs)            = delete;
   LogFieldList &operator=(const LogFieldList &rhs) = delete;
 
 private:
diff --git a/proxy/logging/LogFile.cc b/proxy/logging/LogFile.cc
index 1f73033f9f7..886d4447b84 100644
--- a/proxy/logging/LogFile.cc
+++ b/proxy/logging/LogFile.cc
@@ -541,7 +541,7 @@ LogFile::write_ascii_logbuffer(LogBufferHeader *buffer_header, int fd, const cha
       fmt_buf_bytes += fmt_line_bytes;
       ink_assert(fmt_buf_bytes < LOG_MAX_FORMATTED_BUFFER);
       fmt_buf[fmt_buf_bytes] = '\n'; // keep entries separate
-      fmt_buf_bytes += 1;
+      fmt_buf_bytes          += 1;
     }
   }
   if (fmt_buf_bytes > 0) {
@@ -610,7 +610,7 @@ LogFile::write_ascii_logbuffer3(LogBufferHeader *buffer_header, const char *alt_
                                       printf_str, buffer_header->version, alt_format, get_escape_type());
 
       if (bytes > 0) {
-        fmt_buf_bytes += bytes;
+        fmt_buf_bytes               += bytes;
         ascii_buffer[fmt_buf_bytes] = '\n';
         ++fmt_buf_bytes;
         ++fmt_entry_count;
diff --git a/proxy/logging/LogFilter.cc b/proxy/logging/LogFilter.cc
index a16d2d60910..b54fd2959cb 100644
--- a/proxy/logging/LogFilter.cc
+++ b/proxy/logging/LogFilter.cc
@@ -92,7 +92,7 @@ LogFilter::parse(const char *name, Action action, const char *condition)
     while (*end && *end != '>') {
       end++;
     }
-    *end = '\0';
+    *end      = '\0';
     field_str += 2;
     Debug("log", "... now field symbol is %s", field_str);
   }
diff --git a/proxy/logging/LogFilter.h b/proxy/logging/LogFilter.h
index 749c044e5ac..5f09bc066e6 100644
--- a/proxy/logging/LogFilter.h
+++ b/proxy/logging/LogFilter.h
@@ -110,7 +110,7 @@ class LogFilter : public RefCountObj
   LINK(LogFilter, link); // so we can create a LogFilterList
 
   // noncopyable
-  LogFilter(const LogFilter &rhs) = delete;
+  LogFilter(const LogFilter &rhs)      = delete;
   LogFilter &operator=(LogFilter &rhs) = delete;
 
 private:
@@ -295,7 +295,7 @@ class LogFilterList
 
   // noncopyable
   // -- member functions that are not allowed --
-  LogFilterList(const LogFilterList &rhs) = delete;
+  LogFilterList(const LogFilterList &rhs)            = delete;
   LogFilterList &operator=(const LogFilterList &rhs) = delete;
 
 private:
@@ -422,12 +422,12 @@ updatePatternForFieldValue(char **field, const char *pattern_str, int field_pos,
   char buf_dest_to_field[buf_dest_len + 1];
   char *temp_text = buf_dest_to_field;
   memcpy(temp_text, buf_dest, (pattern_str - buf_dest));
-  temp_text += (pattern_str - buf_dest);
+  temp_text             += (pattern_str - buf_dest);
   const char *value_str = strchr(pattern_str, '=');
   if (value_str) {
     value_str++;
     memcpy(temp_text, pattern_str, (value_str - pattern_str));
-    temp_text += (value_str - pattern_str);
+    temp_text                  += (value_str - pattern_str);
     const char *next_param_str = strchr(value_str, '&');
     if (next_param_str) {
       for (int i = 0; i < (next_param_str - value_str); i++) {
diff --git a/proxy/logging/LogFormat.cc b/proxy/logging/LogFormat.cc
index 4d6263053ba..b79ffc00209 100644
--- a/proxy/logging/LogFormat.cc
+++ b/proxy/logging/LogFormat.cc
@@ -679,7 +679,7 @@ LogFormat::parse_format_string(const char *format_str, char **printf_str, char *
         //
         field_len = stop - start - 2;
         memcpy(&(*fields_str)[fields_pos], &format_str[start + 2], field_len);
-        fields_pos += field_len;
+        fields_pos                  += field_len;
         (*printf_str)[printf_pos++] = LOG_FIELD_MARKER;
         ++field_count;
         start = stop;
@@ -691,10 +691,10 @@ LogFormat::parse_format_string(const char *format_str, char **printf_str, char *
         escape_char = parse_escape_string(&format_str[start], (len - start));
 
         if (escape_char == '\\') {
-          start += 1;
+          start                       += 1;
           (*printf_str)[printf_pos++] = static_cast<char>(escape_char);
         } else if (escape_char >= 0) {
-          start += 3;
+          start                       += 3;
           (*printf_str)[printf_pos++] = static_cast<char>(escape_char);
         } else {
           memcpy(&(*printf_str)[printf_pos], &format_str[start], stop - start + 1);
@@ -709,10 +709,10 @@ LogFormat::parse_format_string(const char *format_str, char **printf_str, char *
       escape_char = parse_escape_string(&format_str[start], (len - start));
 
       if (escape_char == '\\') {
-        start += 1;
+        start                       += 1;
         (*printf_str)[printf_pos++] = static_cast<char>(escape_char);
       } else if (escape_char >= 0) {
-        start += 3;
+        start                       += 3;
         (*printf_str)[printf_pos++] = static_cast<char>(escape_char);
       } else {
         (*printf_str)[printf_pos++] = format_str[start];
diff --git a/proxy/logging/LogFormat.h b/proxy/logging/LogFormat.h
index 8d6cfca1b62..602853eb69f 100644
--- a/proxy/logging/LogFormat.h
+++ b/proxy/logging/LogFormat.h
@@ -215,7 +215,7 @@ class LogFormatList
 
   // noncopyable
   // -- member functions that are not allowed --
-  LogFormatList(const LogFormatList &rhs) = delete;
+  LogFormatList(const LogFormatList &rhs)            = delete;
   LogFormatList &operator=(const LogFormatList &rhs) = delete;
 
 private:
diff --git a/proxy/logging/LogObject.h b/proxy/logging/LogObject.h
index 6527f9c3fdb..392ca547e84 100644
--- a/proxy/logging/LogObject.h
+++ b/proxy/logging/LogObject.h
@@ -45,9 +45,9 @@
   consist of a list of LogObjects.
   -------------------------------------------------------------------------*/
 
-#define LOG_FILE_ASCII_OBJECT_FILENAME_EXTENSION ".log"
+#define LOG_FILE_ASCII_OBJECT_FILENAME_EXTENSION  ".log"
 #define LOG_FILE_BINARY_OBJECT_FILENAME_EXTENSION ".blog"
-#define LOG_FILE_PIPE_OBJECT_FILENAME_EXTENSION ".pipe"
+#define LOG_FILE_PIPE_OBJECT_FILENAME_EXTENSION   ".pipe"
 
 #define FLUSH_ARRAY_SIZE (512 * 4)
 
@@ -288,7 +288,7 @@ class LogObject : public RefCountObj
   LogBuffer *_checkout_write(size_t *write_offset, size_t write_size);
 
   // noncopyable
-  LogObject(const LogObject &) = delete;
+  LogObject(const LogObject &)            = delete;
   LogObject &operator=(const LogObject &) = delete;
 
 private:
diff --git a/proxy/logging/YamlLogConfig.cc b/proxy/logging/YamlLogConfig.cc
index f7e48c34791..25e70fd7202 100644
--- a/proxy/logging/YamlLogConfig.cc
+++ b/proxy/logging/YamlLogConfig.cc
@@ -105,9 +105,12 @@ YamlLogConfig::loadLogConfig(const char *cfgFilename)
   return true;
 }
 
-TsEnumDescriptor ROLLING_MODE_TEXT = {{{"none", 0}, {"time", 1}, {"size", 2}, {"both", 3}, {"any", 4}}};
-TsEnumDescriptor ROLLING_MODE_LUA  = {
-  {{"log.roll.none", 0}, {"log.roll.time", 1}, {"log.roll.size", 2}, {"log.roll.both", 3}, {"log.roll.any", 4}}};
+TsEnumDescriptor ROLLING_MODE_TEXT = {
+  {{"none", 0}, {"time", 1}, {"size", 2}, {"both", 3}, {"any", 4}}
+};
+TsEnumDescriptor ROLLING_MODE_LUA = {
+  {{"log.roll.none", 0}, {"log.roll.time", 1}, {"log.roll.size", 2}, {"log.roll.both", 3}, {"log.roll.any", 4}}
+};
 
 std::set<std::string> valid_log_object_keys = {"filename",
                                                "format",
@@ -165,8 +168,8 @@ YamlLogConfig::decodeLogObject(const YAML::Node &node)
   if (node["mode"]) {
     std::string mode = node["mode"].as<std::string>();
     file_type        = (0 == strncasecmp(mode.c_str(), "bin", 3) || (1 == mode.size() && mode[0] == 'b') ?
-                   LOG_FILE_BINARY :
-                   (0 == strcasecmp(mode.c_str(), "ascii_pipe") ? LOG_FILE_PIPE : LOG_FILE_ASCII));
+                          LOG_FILE_BINARY :
+                          (0 == strcasecmp(mode.c_str(), "ascii_pipe") ? LOG_FILE_PIPE : LOG_FILE_ASCII));
   }
 
   int obj_rolling_enabled      = cfg->rolling_enabled;
diff --git a/proxy/logging/YamlLogConfig.h b/proxy/logging/YamlLogConfig.h
index 323b406b677..83b6d35b8a1 100644
--- a/proxy/logging/YamlLogConfig.h
+++ b/proxy/logging/YamlLogConfig.h
@@ -39,7 +39,7 @@ class YamlLogConfig
 
   LogObject *decodeLogObject(const YAML::Node &node);
 
-  YamlLogConfig(const YamlLogConfig &) = delete;
+  YamlLogConfig(const YamlLogConfig &)            = delete;
   YamlLogConfig &operator=(const YamlLogConfig &) = delete;
 
   LogConfig *cfg;
diff --git a/proxy/logging/unit-tests/test_LogUtils.cc b/proxy/logging/unit-tests/test_LogUtils.cc
index a38be6d1b2d..1edc69682dd 100644
--- a/proxy/logging/unit-tests/test_LogUtils.cc
+++ b/proxy/logging/unit-tests/test_LogUtils.cc
@@ -83,7 +83,7 @@ test(const MIMEField *pairs, int numPairs, const char *asciiResult, int extraUnm
 
 TEST_CASE("LogUtilsHttp", "[LUHP]")
 {
-#define X "12345678"
+#define X  "12345678"
 #define X2 X X
 #define X3 X2 X2
 #define X4 X3 X3
@@ -92,7 +92,11 @@ TEST_CASE("LogUtilsHttp", "[LUHP]")
 #define X7 X6 X6
 #define X8 X7 X7
 
-  const MIMEField pairs[] = {{"Argh", "Ugh"}, {"Argh2", "UghUgh"}, {"alltogethernow", X8}};
+  const MIMEField pairs[] = {
+    {"Argh",           "Ugh"   },
+    {"Argh2",          "UghUgh"},
+    {"alltogethernow", X8      }
+  };
 
   test(pairs, 1, "{{{Argh}:{Ugh}}}");
   test(pairs, 2, "{{{Argh}:{Ugh}}{{Argh2}:{UghUgh}}}");
diff --git a/proxy/shared/DiagsConfig.cc b/proxy/shared/DiagsConfig.cc
index 3e505020d42..f8d1f9f5f51 100644
--- a/proxy/shared/DiagsConfig.cc
+++ b/proxy/shared/DiagsConfig.cc
@@ -50,11 +50,16 @@ DiagsConfig::reconfigure_diags()
     const char *config_name;
     DiagsLevel level;
   } output_records[] = {
-    {"proxy.config.diags.output.diag", DL_Diag},           {"proxy.config.diags.output.debug", DL_Debug},
-    {"proxy.config.diags.output.status", DL_Status},       {"proxy.config.diags.output.note", DL_Note},
-    {"proxy.config.diags.output.warning", DL_Warning},     {"proxy.config.diags.output.error", DL_Error},
-    {"proxy.config.diags.output.fatal", DL_Fatal},         {"proxy.config.diags.output.alert", DL_Alert},
-    {"proxy.config.diags.output.emergency", DL_Emergency}, {nullptr, DL_Undefined},
+    {"proxy.config.diags.output.diag",      DL_Diag     },
+    {"proxy.config.diags.output.debug",     DL_Debug    },
+    {"proxy.config.diags.output.status",    DL_Status   },
+    {"proxy.config.diags.output.note",      DL_Note     },
+    {"proxy.config.diags.output.warning",   DL_Warning  },
+    {"proxy.config.diags.output.error",     DL_Error    },
+    {"proxy.config.diags.output.fatal",     DL_Fatal    },
+    {"proxy.config.diags.output.alert",     DL_Alert    },
+    {"proxy.config.diags.output.emergency", DL_Emergency},
+    {nullptr,                               DL_Undefined},
   };
 
   if (!callbacks_established) {
diff --git a/src/records/RecFile.cc b/src/records/RecFile.cc
index cbd5e9bd53d..b19ecd4140c 100644
--- a/src/records/RecFile.cc
+++ b/src/records/RecFile.cc
@@ -112,7 +112,9 @@ int
 RecSnapFileWrite(RecHandle h_file, char *buf, int size, int *bytes_written)
 {
   // First write the version byes for snap file
-  std::array<char, VERSION_HDR_SIZE> VERSION_HDR{{'V', PACKAGE_VERSION[0], PACKAGE_VERSION[2], PACKAGE_VERSION[4], '\0'}};
+  std::array<char, VERSION_HDR_SIZE> VERSION_HDR{
+    {'V', PACKAGE_VERSION[0], PACKAGE_VERSION[2], PACKAGE_VERSION[4], '\0'}
+  };
   if (::write(h_file, VERSION_HDR.data(), VERSION_HDR_SIZE) < 0) {
     return REC_ERR_FAIL;
   }
diff --git a/src/records/RecHttp.cc b/src/records/RecHttp.cc
index a2e7cb58001..4d64f85b135 100644
--- a/src/records/RecHttp.cc
+++ b/src/records/RecHttp.cc
@@ -551,7 +551,7 @@ HttpProxyPort::print(char *out, size_t n)
   bool need_colon_p = false;
 
   if (m_inbound_ip.isValid()) {
-    zret += snprintf(out + zret, n - zret, "%s=[%s]", OPT_INBOUND_IP_PREFIX, m_inbound_ip.toString(ipb, sizeof(ipb)));
+    zret         += snprintf(out + zret, n - zret, "%s=[%s]", OPT_INBOUND_IP_PREFIX, m_inbound_ip.toString(ipb, sizeof(ipb)));
     need_colon_p = true;
   }
   if (zret >= n) {
@@ -562,7 +562,7 @@ HttpProxyPort::print(char *out, size_t n)
     if (need_colon_p) {
       out[zret++] = ':';
     }
-    zret += snprintf(out + zret, n - zret, "%s=[%s]", OPT_OUTBOUND_IP_PREFIX, m_outbound_ip4.toString(ipb, sizeof(ipb)));
+    zret         += snprintf(out + zret, n - zret, "%s=[%s]", OPT_OUTBOUND_IP_PREFIX, m_outbound_ip4.toString(ipb, sizeof(ipb)));
     need_colon_p = true;
   }
   if (zret >= n) {
@@ -573,7 +573,7 @@ HttpProxyPort::print(char *out, size_t n)
     if (need_colon_p) {
       out[zret++] = ':';
     }
-    zret += snprintf(out + zret, n - zret, "%s=[%s]", OPT_OUTBOUND_IP_PREFIX, m_outbound_ip6.toString(ipb, sizeof(ipb)));
+    zret         += snprintf(out + zret, n - zret, "%s=[%s]", OPT_OUTBOUND_IP_PREFIX, m_outbound_ip6.toString(ipb, sizeof(ipb)));
     need_colon_p = true;
   }
   if (zret >= n) {
@@ -584,7 +584,7 @@ HttpProxyPort::print(char *out, size_t n)
     if (need_colon_p) {
       out[zret++] = ':';
     }
-    zret += snprintf(out + zret, n - zret, "%d", m_port);
+    zret         += snprintf(out + zret, n - zret, "%d", m_port);
     need_colon_p = true;
   }
   if (zret >= n) {
@@ -692,7 +692,7 @@ HttpProxyPort::print(char *out, size_t n)
     for (int k = 0; k < SessionProtocolSet::MAX; ++k) {
       if (sp_set.contains(k)) {
         auto name{globalSessionProtocolNameRegistry.nameFor(k)};
-        zret += snprintf(out + zret, n - zret, "%s%.*s", sep_p ? ";" : "", static_cast<int>(name.size()), name.data());
+        zret  += snprintf(out + zret, n - zret, "%s%.*s", sep_p ? ";" : "", static_cast<int>(name.size()), name.data());
         sep_p = true;
       }
     }
@@ -900,7 +900,7 @@ convert_alpn_to_wire_format(std::string_view protocols_sv, unsigned char *wire_f
     }
 
     auto const protocol_wire_format = globalSessionProtocolNameRegistry.convert_openssl_alpn_wire_format(protocol_index);
-    computed_alpn_array_len += protocol_wire_format.size();
+    computed_alpn_array_len         += protocol_wire_format.size();
     if (computed_alpn_array_len > orig_wire_format_buffer_len) {
       // We have exceeded the size of the output buffer.
       Error("The output ALPN length (%d bytes) is larger than the output buffer size of %d bytes", computed_alpn_array_len,
diff --git a/src/records/RecMessage.cc b/src/records/RecMessage.cc
index 2c4ec43e699..2f9d80eb3c9 100644
--- a/src/records/RecMessage.cc
+++ b/src/records/RecMessage.cc
@@ -90,16 +90,16 @@ RecMessageMarshal_Realloc(RecMessage *msg, const RecRecord *record)
   if (record->data_type == RECD_STRING) {
     if (record->data.rec_string) {
       rec_data_str_len = strlen(record->data.rec_string) + 1;
-      msg_ele_size += rec_data_str_len;
+      msg_ele_size     += rec_data_str_len;
     }
     if (record->data_default.rec_string) {
       rec_data_def_str_len = strlen(record->data_default.rec_string) + 1;
-      msg_ele_size += rec_data_def_str_len;
+      msg_ele_size         += rec_data_def_str_len;
     }
   }
   if (REC_TYPE_IS_CONFIG(record->rec_type) && (record->config_meta.check_expr)) {
     rec_cfg_chk_len = strlen(record->config_meta.check_expr) + 1;
-    msg_ele_size += rec_cfg_chk_len;
+    msg_ele_size    += rec_cfg_chk_len;
   }
   // XXX: this is NOT 8 byte alignment
   // msg_ele_size = 5;
@@ -131,19 +131,19 @@ RecMessageMarshal_Realloc(RecMessage *msg, const RecRecord *record)
     ink_assert((msg->o_end - ((uintptr_t)p - (uintptr_t)msg)) >= (uintptr_t)rec_name_len);
     memcpy(p, record->name, rec_name_len);
     r->name = (char *)((uintptr_t)p - (uintptr_t)r);
-    p += rec_name_len;
+    p       += rec_name_len;
   }
   if (rec_data_str_len != -1) {
     ink_assert((msg->o_end - ((uintptr_t)p - (uintptr_t)msg)) >= (uintptr_t)rec_data_str_len);
     memcpy(p, record->data.rec_string, rec_data_str_len);
     r->data.rec_string = (char *)((uintptr_t)p - (uintptr_t)r);
-    p += rec_data_str_len;
+    p                  += rec_data_str_len;
   }
   if (rec_data_def_str_len != -1) {
     ink_assert((msg->o_end - ((uintptr_t)p - (uintptr_t)msg)) >= (uintptr_t)rec_data_def_str_len);
     memcpy(p, record->data_default.rec_string, rec_data_def_str_len);
     r->data_default.rec_string = (char *)((uintptr_t)p - (uintptr_t)r);
-    p += rec_data_def_str_len;
+    p                          += rec_data_def_str_len;
   }
   if (rec_cfg_chk_len != -1) {
     ink_assert((msg->o_end - ((uintptr_t)p - (uintptr_t)msg)) >= (uintptr_t)rec_cfg_chk_len);
@@ -190,8 +190,8 @@ RecMessageUnmarshalNext(RecMessage *msg, RecMessageItr *itr, RecRecord **record)
       return REC_ERR_FAIL;
     }
     itr->ele_hdr = reinterpret_cast<RecMessageEleHdr *>(reinterpret_cast<char *>(msg) + itr->ele_hdr->o_next);
-    itr->next += 1;
-    eh = itr->ele_hdr;
+    itr->next    += 1;
+    eh           = itr->ele_hdr;
   }
 
   ink_assert(eh->magic == REC_MESSAGE_ELE_MAGIC);
diff --git a/src/records/RecRawStats.cc b/src/records/RecRawStats.cc
index 622c1d5013d..1760a0a746b 100644
--- a/src/records/RecRawStats.cc
+++ b/src/records/RecRawStats.cc
@@ -52,14 +52,14 @@ raw_stat_get_total(RecRawStatBlock *rsb, int id, RecRawStat *total)
   // get thread local values
   for (EThread *et : eventProcessor.active_ethreads()) {
     RecRawStat *tlp = thread_stat(et, rsb, id);
-    total->sum += tlp->sum;
-    total->count += tlp->count;
+    total->sum      += tlp->sum;
+    total->count    += tlp->count;
   }
 
   for (EThread *et : eventProcessor.active_dthreads()) {
     RecRawStat *tlp = thread_stat(et, rsb, id);
-    total->sum += tlp->sum;
-    total->count += tlp->count;
+    total->sum      += tlp->sum;
+    total->count    += tlp->count;
   }
 
   if (total->sum < 0) { // Assure that we stay positive
@@ -83,14 +83,14 @@ raw_stat_sync_to_global(RecRawStatBlock *rsb, int id)
   // sum the thread local values
   for (EThread *et : eventProcessor.active_ethreads()) {
     RecRawStat *tlp = thread_stat(et, rsb, id);
-    total.sum += tlp->sum;
-    total.count += tlp->count;
+    total.sum       += tlp->sum;
+    total.count     += tlp->count;
   }
 
   for (EThread *et : eventProcessor.active_dthreads()) {
     RecRawStat *tlp = thread_stat(et, rsb, id);
-    total.sum += tlp->sum;
-    total.count += tlp->count;
+    total.sum       += tlp->sum;
+    total.count     += tlp->count;
   }
 
   if (total.sum < 0) { // Assure that we stay positive
diff --git a/src/shared/overridable_txn_vars.cc b/src/shared/overridable_txn_vars.cc
index 9a89064ee36..855c34a8d11 100644
--- a/src/shared/overridable_txn_vars.cc
+++ b/src/shared/overridable_txn_vars.cc
@@ -24,150 +24,150 @@
 #include "shared/overridable_txn_vars.h"
 
 const std::unordered_map<std::string_view, std::tuple<const TSOverridableConfigKey, const TSRecordDataType>>
-  ts::Overridable_Txn_Vars(
-    {{"proxy.config.srv_enabled", {TS_CONFIG_SRV_ENABLED, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.http", {TS_CONFIG_HTTP_CACHE_HTTP, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.ssl.hsts_max_age", {TS_CONFIG_SSL_HSTS_MAX_AGE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.normalize_ae", {TS_CONFIG_HTTP_NORMALIZE_AE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.chunking.size", {TS_CONFIG_HTTP_CHUNKING_SIZE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.ssl.client.cert.path", {TS_CONFIG_SSL_CERT_FILEPATH, TS_RECORDDATATYPE_STRING}},
-     {"proxy.config.http.allow_half_open", {TS_CONFIG_HTTP_ALLOW_HALF_OPEN, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.chunking_enabled", {TS_CONFIG_HTTP_CHUNKING_ENABLED, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.generation", {TS_CONFIG_HTTP_CACHE_GENERATION, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.insert_client_ip", {TS_CONFIG_HTTP_ANONYMIZE_INSERT_CLIENT_IP, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.insert_forwarded", {TS_CONFIG_HTTP_INSERT_FORWARDED, TS_RECORDDATATYPE_STRING}},
-     {"proxy.config.http.cache.range.write", {TS_CONFIG_HTTP_CACHE_RANGE_WRITE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.allow_multi_range", {TS_CONFIG_HTTP_ALLOW_MULTI_RANGE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.range.lookup", {TS_CONFIG_HTTP_CACHE_RANGE_LOOKUP, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.net.sock_packet_tos_out", {TS_CONFIG_NET_SOCK_PACKET_TOS_OUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.slow.log.threshold", {TS_CONFIG_HTTP_SLOW_LOG_THRESHOLD, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.max_stale_age", {TS_CONFIG_HTTP_CACHE_MAX_STALE_AGE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.default_buffer_size", {TS_CONFIG_HTTP_DEFAULT_BUFFER_SIZE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.response_server_str", {TS_CONFIG_HTTP_RESPONSE_SERVER_STR, TS_RECORDDATATYPE_STRING}},
-     {"proxy.config.http.keep_alive_post_out", {TS_CONFIG_HTTP_KEEP_ALIVE_POST_OUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.net.sock_option_flag_out", {TS_CONFIG_NET_SOCK_OPTION_FLAG_OUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.net.sock_packet_mark_out", {TS_CONFIG_NET_SOCK_PACKET_MARK_OUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.websocket.active_timeout", {TS_CONFIG_WEBSOCKET_ACTIVE_TIMEOUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.connect.dead.policy", {TS_CONFIG_HTTP_CONNECT_DEAD_POLICY, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.flow_control.enabled", {TS_CONFIG_HTTP_FLOW_CONTROL_ENABLED, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.send_http11_requests", {TS_CONFIG_HTTP_SEND_HTTP11_REQUESTS, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.body_factory.template_base", {TS_CONFIG_BODY_FACTORY_TEMPLATE_BASE, TS_RECORDDATATYPE_STRING}},
-     {"proxy.config.http.anonymize_remove_from", {TS_CONFIG_HTTP_ANONYMIZE_REMOVE_FROM, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.keep_alive_enabled_in", {TS_CONFIG_HTTP_KEEP_ALIVE_ENABLED_IN, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.doc_in_cache_skip_dns", {TS_CONFIG_HTTP_DOC_IN_CACHE_SKIP_DNS, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.forward_connect_method", {TS_CONFIG_HTTP_FORWARD_CONNECT_METHOD, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.request_buffer_enabled", {TS_CONFIG_HTTP_REQUEST_BUFFER_ENABLED, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.down_server.cache_time", {TS_CONFIG_HTTP_DOWN_SERVER_CACHE_TIME, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.proxy_protocol_out", {TS_CONFIG_HTTP_PROXY_PROTOCOL_OUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.insert_age_in_response", {TS_CONFIG_HTTP_INSERT_AGE_IN_RESPONSE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.url_remap.pristine_host_hdr", {TS_CONFIG_URL_REMAP_PRISTINE_HOST_HDR, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.insert_request_via_str", {TS_CONFIG_HTTP_INSERT_REQUEST_VIA_STR, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.flow_control.low_water", {TS_CONFIG_HTTP_FLOW_CONTROL_LOW_WATER_MARK, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.required_headers", {TS_CONFIG_HTTP_CACHE_REQUIRED_HEADERS, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.ssl.hsts_include_subdomains", {TS_CONFIG_SSL_HSTS_INCLUDE_SUBDOMAINS, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.number_of_redirections", {TS_CONFIG_HTTP_NUMBER_OF_REDIRECTIONS, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.keep_alive_enabled_out", {TS_CONFIG_HTTP_KEEP_ALIVE_ENABLED_OUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.response_server_enabled", {TS_CONFIG_HTTP_RESPONSE_SERVER_ENABLED, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.anonymize_remove_cookie", {TS_CONFIG_HTTP_ANONYMIZE_REMOVE_COOKIE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.request_header_max_size", {TS_CONFIG_HTTP_REQUEST_HEADER_MAX_SIZE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.parent_proxy.retry_time", {TS_CONFIG_HTTP_PARENT_PROXY_RETRY_TIME, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.insert_response_via_str", {TS_CONFIG_HTTP_INSERT_RESPONSE_VIA_STR, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.flow_control.high_water", {TS_CONFIG_HTTP_FLOW_CONTROL_HIGH_WATER_MARK, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.negative_caching_enabled", {TS_CONFIG_HTTP_NEGATIVE_CACHING_ENABLED, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.when_to_revalidate", {TS_CONFIG_HTTP_CACHE_WHEN_TO_REVALIDATE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.response_header_max_size", {TS_CONFIG_HTTP_RESPONSE_HEADER_MAX_SIZE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.anonymize_remove_referer", {TS_CONFIG_HTTP_ANONYMIZE_REMOVE_REFERER, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.global_user_agent_header", {TS_CONFIG_HTTP_GLOBAL_USER_AGENT_HEADER, TS_RECORDDATATYPE_STRING}},
-     {"proxy.config.net.sock_recv_buffer_size_out", {TS_CONFIG_NET_SOCK_RECV_BUFFER_SIZE_OUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.net.sock_send_buffer_size_out", {TS_CONFIG_NET_SOCK_SEND_BUFFER_SIZE_OUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.connect_attempts_timeout", {TS_CONFIG_HTTP_CONNECT_ATTEMPTS_TIMEOUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.websocket.no_activity_timeout", {TS_CONFIG_WEBSOCKET_NO_ACTIVITY_TIMEOUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.negative_caching_lifetime", {TS_CONFIG_HTTP_NEGATIVE_CACHING_LIFETIME, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.default_buffer_water_mark", {TS_CONFIG_HTTP_DEFAULT_BUFFER_WATER_MARK, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.heuristic_lm_factor", {TS_CONFIG_HTTP_CACHE_HEURISTIC_LM_FACTOR, TS_RECORDDATATYPE_FLOAT}},
-     {OutboundConnTrack::CONFIG_VAR_MAX, {TS_CONFIG_HTTP_PER_SERVER_CONNECTION_MAX, TS_RECORDDATATYPE_INT}},
-     {OutboundConnTrack::CONFIG_VAR_MIN, {TS_CONFIG_HTTP_SERVER_MIN_KEEP_ALIVE_CONNS, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.anonymize_remove_client_ip", {TS_CONFIG_HTTP_ANONYMIZE_REMOVE_CLIENT_IP, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.open_read_retry_time", {TS_CONFIG_HTTP_CACHE_OPEN_READ_RETRY_TIME, TS_RECORDDATATYPE_INT}},
-     {OutboundConnTrack::CONFIG_VAR_MATCH, {TS_CONFIG_HTTP_PER_SERVER_CONNECTION_MATCH, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.parent_proxy.fail_threshold", {TS_CONFIG_HTTP_PARENT_PROXY_FAIL_THRESHOLD, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.ignore_authentication", {TS_CONFIG_HTTP_CACHE_IGNORE_AUTHENTICATION, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.anonymize_remove_user_agent", {TS_CONFIG_HTTP_ANONYMIZE_REMOVE_USER_AGENT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.connect_attempts_rr_retries", {TS_CONFIG_HTTP_CONNECT_ATTEMPTS_RR_RETRIES, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.max_open_read_retries", {TS_CONFIG_HTTP_CACHE_MAX_OPEN_READ_RETRIES, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.auth_server_session_private", {TS_CONFIG_HTTP_AUTH_SERVER_SESSION_PRIVATE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.redirect_use_orig_cache_key", {TS_CONFIG_HTTP_REDIRECT_USE_ORIG_CACHE_KEY, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.ignore_client_no_cache", {TS_CONFIG_HTTP_CACHE_IGNORE_CLIENT_NO_CACHE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.ims_on_client_no_cache", {TS_CONFIG_HTTP_CACHE_IMS_ON_CLIENT_NO_CACHE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.ignore_server_no_cache", {TS_CONFIG_HTTP_CACHE_IGNORE_SERVER_NO_CACHE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.heuristic_min_lifetime", {TS_CONFIG_HTTP_CACHE_HEURISTIC_MIN_LIFETIME, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.heuristic_max_lifetime", {TS_CONFIG_HTTP_CACHE_HEURISTIC_MAX_LIFETIME, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.server_session_sharing.match", {TS_CONFIG_HTTP_SERVER_SESSION_SHARING_MATCH, TS_RECORDDATATYPE_STRING}},
-     {"proxy.config.http.cache.ignore_accept_mismatch", {TS_CONFIG_HTTP_CACHE_IGNORE_ACCEPT_MISMATCH, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.open_write_fail_action", {TS_CONFIG_HTTP_CACHE_OPEN_WRITE_FAIL_ACTION, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.insert_squid_x_forwarded_for", {TS_CONFIG_HTTP_INSERT_SQUID_X_FORWARDED_FOR, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.connect_attempts_max_retries", {TS_CONFIG_HTTP_CONNECT_ATTEMPTS_MAX_RETRIES, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.max_open_write_retries", {TS_CONFIG_HTTP_CACHE_MAX_OPEN_WRITE_RETRIES, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.max_open_write_retry_timeout",
-      {TS_CONFIG_HTTP_CACHE_MAX_OPEN_WRITE_RETRY_TIMEOUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.forward.proxy_auth_to_parent", {TS_CONFIG_HTTP_FORWARD_PROXY_AUTH_TO_PARENT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.parent_proxy.mark_down_hostdb", {TS_CONFIG_PARENT_FAILURES_UPDATE_HOSTDB, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.negative_revalidating_enabled", {TS_CONFIG_HTTP_NEGATIVE_REVALIDATING_ENABLED, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.guaranteed_min_lifetime", {TS_CONFIG_HTTP_CACHE_GUARANTEED_MIN_LIFETIME, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.guaranteed_max_lifetime", {TS_CONFIG_HTTP_CACHE_GUARANTEED_MAX_LIFETIME, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.transaction_active_timeout_in", {TS_CONFIG_HTTP_TRANSACTION_ACTIVE_TIMEOUT_IN, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.ignore_client_cc_max_age", {TS_CONFIG_HTTP_CACHE_IGNORE_CLIENT_CC_MAX_AGE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.negative_revalidating_lifetime", {TS_CONFIG_HTTP_NEGATIVE_REVALIDATING_LIFETIME, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.transaction_active_timeout_out", {TS_CONFIG_HTTP_TRANSACTION_ACTIVE_TIMEOUT_OUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.background_fill_active_timeout", {TS_CONFIG_HTTP_BACKGROUND_FILL_ACTIVE_TIMEOUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.attach_server_session_to_client", {TS_CONFIG_HTTP_ATTACH_SERVER_SESSION_TO_CLIENT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.max_proxy_cycles", {TS_CONFIG_HTTP_MAX_PROXY_CYCLES, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.cache_responses_to_cookies",
-      {TS_CONFIG_HTTP_CACHE_CACHE_RESPONSES_TO_COOKIES, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.keep_alive_no_activity_timeout_in",
-      {TS_CONFIG_HTTP_KEEP_ALIVE_NO_ACTIVITY_TIMEOUT_IN, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.post.check.content_length.enabled",
-      {TS_CONFIG_HTTP_POST_CHECK_CONTENT_LENGTH_ENABLED, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.cache_urls_that_look_dynamic",
-      {TS_CONFIG_HTTP_CACHE_CACHE_URLS_THAT_LOOK_DYNAMIC, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.transaction_no_activity_timeout_in",
-      {TS_CONFIG_HTTP_TRANSACTION_NO_ACTIVITY_TIMEOUT_IN, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.keep_alive_no_activity_timeout_out",
-      {TS_CONFIG_HTTP_KEEP_ALIVE_NO_ACTIVITY_TIMEOUT_OUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.uncacheable_requests_bypass_parent",
-      {TS_CONFIG_HTTP_UNCACHEABLE_REQUESTS_BYPASS_PARENT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.transaction_no_activity_timeout_out",
-      {TS_CONFIG_HTTP_TRANSACTION_NO_ACTIVITY_TIMEOUT_OUT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.background_fill_completed_threshold",
-      {TS_CONFIG_HTTP_BACKGROUND_FILL_COMPLETED_THRESHOLD, TS_RECORDDATATYPE_FLOAT}},
-     {"proxy.config.http.parent_proxy.total_connect_attempts",
-      {TS_CONFIG_HTTP_PARENT_PROXY_TOTAL_CONNECT_ATTEMPTS, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.ignore_accept_charset_mismatch",
-      {TS_CONFIG_HTTP_CACHE_IGNORE_ACCEPT_CHARSET_MISMATCH, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.ignore_accept_language_mismatch",
-      {TS_CONFIG_HTTP_CACHE_IGNORE_ACCEPT_LANGUAGE_MISMATCH, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.cache.ignore_accept_encoding_mismatch",
-      {TS_CONFIG_HTTP_CACHE_IGNORE_ACCEPT_ENCODING_MISMATCH, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.connect_attempts_max_retries_dead_server",
-      {TS_CONFIG_HTTP_CONNECT_ATTEMPTS_MAX_RETRIES_DEAD_SERVER, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.parent_proxy.per_parent_connect_attempts",
-      {TS_CONFIG_HTTP_PER_PARENT_CONNECT_ATTEMPTS, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.ssl.client.verify.server.policy", {TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_POLICY, TS_RECORDDATATYPE_STRING}},
-     {"proxy.config.ssl.client.verify.server.properties",
-      {TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_PROPERTIES, TS_RECORDDATATYPE_STRING}},
-     {"proxy.config.ssl.client.sni_policy", {TS_CONFIG_SSL_CLIENT_SNI_POLICY, TS_RECORDDATATYPE_STRING}},
-     {"proxy.config.ssl.client.cert.filename", {TS_CONFIG_SSL_CLIENT_CERT_FILENAME, TS_RECORDDATATYPE_STRING}},
-     {"proxy.config.ssl.client.cert.path", {TS_CONFIG_SSL_CERT_FILEPATH, TS_RECORDDATATYPE_STRING}},
-     {"proxy.config.ssl.client.private_key.filename", {TS_CONFIG_SSL_CLIENT_PRIVATE_KEY_FILENAME, TS_RECORDDATATYPE_STRING}},
-     {"proxy.config.ssl.client.CA.cert.filename", {TS_CONFIG_SSL_CLIENT_CA_CERT_FILENAME, TS_RECORDDATATYPE_STRING}},
-     {"proxy.config.ssl.client.alpn_protocols", {TS_CONFIG_SSL_CLIENT_ALPN_PROTOCOLS, TS_RECORDDATATYPE_STRING}},
-     {"proxy.config.hostdb.ip_resolve", {TS_CONFIG_HTTP_HOST_RESOLUTION_PREFERENCE, TS_RECORDDATATYPE_STRING}},
-     {"proxy.config.plugin.vc.default_buffer_index", {TS_CONFIG_PLUGIN_VC_DEFAULT_BUFFER_INDEX, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.plugin.vc.default_buffer_water_mark", {TS_CONFIG_PLUGIN_VC_DEFAULT_BUFFER_WATER_MARK, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.net.sock_notsent_lowat", {TS_CONFIG_NET_SOCK_NOTSENT_LOWAT, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.body_factory.response_suppression_mode",
-      {TS_CONFIG_BODY_FACTORY_RESPONSE_SUPPRESSION_MODE, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.parent_proxy.enable_parent_timeout_markdowns",
-      {TS_CONFIG_HTTP_ENABLE_PARENT_TIMEOUT_MARKDOWNS, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.http.parent_proxy.disable_parent_markdowns", {TS_CONFIG_HTTP_DISABLE_PARENT_MARKDOWNS, TS_RECORDDATATYPE_INT}},
-     {"proxy.config.net.default_inactivity_timeout", {TS_CONFIG_NET_DEFAULT_INACTIVITY_TIMEOUT, TS_RECORDDATATYPE_INT}}});
+  ts::Overridable_Txn_Vars({
+    {"proxy.config.srv_enabled",                                       {TS_CONFIG_SRV_ENABLED, TS_RECORDDATATYPE_INT}                           },
+    {"proxy.config.http.cache.http",                                   {TS_CONFIG_HTTP_CACHE_HTTP, TS_RECORDDATATYPE_INT}                       },
+    {"proxy.config.ssl.hsts_max_age",                                  {TS_CONFIG_SSL_HSTS_MAX_AGE, TS_RECORDDATATYPE_INT}                      },
+    {"proxy.config.http.normalize_ae",                                 {TS_CONFIG_HTTP_NORMALIZE_AE, TS_RECORDDATATYPE_INT}                     },
+    {"proxy.config.http.chunking.size",                                {TS_CONFIG_HTTP_CHUNKING_SIZE, TS_RECORDDATATYPE_INT}                    },
+    {"proxy.config.ssl.client.cert.path",                              {TS_CONFIG_SSL_CERT_FILEPATH, TS_RECORDDATATYPE_STRING}                  },
+    {"proxy.config.http.allow_half_open",                              {TS_CONFIG_HTTP_ALLOW_HALF_OPEN, TS_RECORDDATATYPE_INT}                  },
+    {"proxy.config.http.chunking_enabled",                             {TS_CONFIG_HTTP_CHUNKING_ENABLED, TS_RECORDDATATYPE_INT}                 },
+    {"proxy.config.http.cache.generation",                             {TS_CONFIG_HTTP_CACHE_GENERATION, TS_RECORDDATATYPE_INT}                 },
+    {"proxy.config.http.insert_client_ip",                             {TS_CONFIG_HTTP_ANONYMIZE_INSERT_CLIENT_IP, TS_RECORDDATATYPE_INT}       },
+    {"proxy.config.http.insert_forwarded",                             {TS_CONFIG_HTTP_INSERT_FORWARDED, TS_RECORDDATATYPE_STRING}              },
+    {"proxy.config.http.cache.range.write",                            {TS_CONFIG_HTTP_CACHE_RANGE_WRITE, TS_RECORDDATATYPE_INT}                },
+    {"proxy.config.http.allow_multi_range",                            {TS_CONFIG_HTTP_ALLOW_MULTI_RANGE, TS_RECORDDATATYPE_INT}                },
+    {"proxy.config.http.cache.range.lookup",                           {TS_CONFIG_HTTP_CACHE_RANGE_LOOKUP, TS_RECORDDATATYPE_INT}               },
+    {"proxy.config.net.sock_packet_tos_out",                           {TS_CONFIG_NET_SOCK_PACKET_TOS_OUT, TS_RECORDDATATYPE_INT}               },
+    {"proxy.config.http.slow.log.threshold",                           {TS_CONFIG_HTTP_SLOW_LOG_THRESHOLD, TS_RECORDDATATYPE_INT}               },
+    {"proxy.config.http.cache.max_stale_age",                          {TS_CONFIG_HTTP_CACHE_MAX_STALE_AGE, TS_RECORDDATATYPE_INT}              },
+    {"proxy.config.http.default_buffer_size",                          {TS_CONFIG_HTTP_DEFAULT_BUFFER_SIZE, TS_RECORDDATATYPE_INT}              },
+    {"proxy.config.http.response_server_str",                          {TS_CONFIG_HTTP_RESPONSE_SERVER_STR, TS_RECORDDATATYPE_STRING}           },
+    {"proxy.config.http.keep_alive_post_out",                          {TS_CONFIG_HTTP_KEEP_ALIVE_POST_OUT, TS_RECORDDATATYPE_INT}              },
+    {"proxy.config.net.sock_option_flag_out",                          {TS_CONFIG_NET_SOCK_OPTION_FLAG_OUT, TS_RECORDDATATYPE_INT}              },
+    {"proxy.config.net.sock_packet_mark_out",                          {TS_CONFIG_NET_SOCK_PACKET_MARK_OUT, TS_RECORDDATATYPE_INT}              },
+    {"proxy.config.websocket.active_timeout",                          {TS_CONFIG_WEBSOCKET_ACTIVE_TIMEOUT, TS_RECORDDATATYPE_INT}              },
+    {"proxy.config.http.connect.dead.policy",                          {TS_CONFIG_HTTP_CONNECT_DEAD_POLICY, TS_RECORDDATATYPE_INT}              },
+    {"proxy.config.http.flow_control.enabled",                         {TS_CONFIG_HTTP_FLOW_CONTROL_ENABLED, TS_RECORDDATATYPE_INT}             },
+    {"proxy.config.http.send_http11_requests",                         {TS_CONFIG_HTTP_SEND_HTTP11_REQUESTS, TS_RECORDDATATYPE_INT}             },
+    {"proxy.config.body_factory.template_base",                        {TS_CONFIG_BODY_FACTORY_TEMPLATE_BASE, TS_RECORDDATATYPE_STRING}         },
+    {"proxy.config.http.anonymize_remove_from",                        {TS_CONFIG_HTTP_ANONYMIZE_REMOVE_FROM, TS_RECORDDATATYPE_INT}            },
+    {"proxy.config.http.keep_alive_enabled_in",                        {TS_CONFIG_HTTP_KEEP_ALIVE_ENABLED_IN, TS_RECORDDATATYPE_INT}            },
+    {"proxy.config.http.doc_in_cache_skip_dns",                        {TS_CONFIG_HTTP_DOC_IN_CACHE_SKIP_DNS, TS_RECORDDATATYPE_INT}            },
+    {"proxy.config.http.forward_connect_method",                       {TS_CONFIG_HTTP_FORWARD_CONNECT_METHOD, TS_RECORDDATATYPE_INT}           },
+    {"proxy.config.http.request_buffer_enabled",                       {TS_CONFIG_HTTP_REQUEST_BUFFER_ENABLED, TS_RECORDDATATYPE_INT}           },
+    {"proxy.config.http.down_server.cache_time",                       {TS_CONFIG_HTTP_DOWN_SERVER_CACHE_TIME, TS_RECORDDATATYPE_INT}           },
+    {"proxy.config.http.proxy_protocol_out",                           {TS_CONFIG_HTTP_PROXY_PROTOCOL_OUT, TS_RECORDDATATYPE_INT}               },
+    {"proxy.config.http.insert_age_in_response",                       {TS_CONFIG_HTTP_INSERT_AGE_IN_RESPONSE, TS_RECORDDATATYPE_INT}           },
+    {"proxy.config.url_remap.pristine_host_hdr",                       {TS_CONFIG_URL_REMAP_PRISTINE_HOST_HDR, TS_RECORDDATATYPE_INT}           },
+    {"proxy.config.http.insert_request_via_str",                       {TS_CONFIG_HTTP_INSERT_REQUEST_VIA_STR, TS_RECORDDATATYPE_INT}           },
+    {"proxy.config.http.flow_control.low_water",                       {TS_CONFIG_HTTP_FLOW_CONTROL_LOW_WATER_MARK, TS_RECORDDATATYPE_INT}      },
+    {"proxy.config.http.cache.required_headers",                       {TS_CONFIG_HTTP_CACHE_REQUIRED_HEADERS, TS_RECORDDATATYPE_INT}           },
+    {"proxy.config.ssl.hsts_include_subdomains",                       {TS_CONFIG_SSL_HSTS_INCLUDE_SUBDOMAINS, TS_RECORDDATATYPE_INT}           },
+    {"proxy.config.http.number_of_redirections",                       {TS_CONFIG_HTTP_NUMBER_OF_REDIRECTIONS, TS_RECORDDATATYPE_INT}           },
+    {"proxy.config.http.keep_alive_enabled_out",                       {TS_CONFIG_HTTP_KEEP_ALIVE_ENABLED_OUT, TS_RECORDDATATYPE_INT}           },
+    {"proxy.config.http.response_server_enabled",                      {TS_CONFIG_HTTP_RESPONSE_SERVER_ENABLED, TS_RECORDDATATYPE_INT}          },
+    {"proxy.config.http.anonymize_remove_cookie",                      {TS_CONFIG_HTTP_ANONYMIZE_REMOVE_COOKIE, TS_RECORDDATATYPE_INT}          },
+    {"proxy.config.http.request_header_max_size",                      {TS_CONFIG_HTTP_REQUEST_HEADER_MAX_SIZE, TS_RECORDDATATYPE_INT}          },
+    {"proxy.config.http.parent_proxy.retry_time",                      {TS_CONFIG_HTTP_PARENT_PROXY_RETRY_TIME, TS_RECORDDATATYPE_INT}          },
+    {"proxy.config.http.insert_response_via_str",                      {TS_CONFIG_HTTP_INSERT_RESPONSE_VIA_STR, TS_RECORDDATATYPE_INT}          },
+    {"proxy.config.http.flow_control.high_water",                      {TS_CONFIG_HTTP_FLOW_CONTROL_HIGH_WATER_MARK, TS_RECORDDATATYPE_INT}     },
+    {"proxy.config.http.negative_caching_enabled",                     {TS_CONFIG_HTTP_NEGATIVE_CACHING_ENABLED, TS_RECORDDATATYPE_INT}         },
+    {"proxy.config.http.cache.when_to_revalidate",                     {TS_CONFIG_HTTP_CACHE_WHEN_TO_REVALIDATE, TS_RECORDDATATYPE_INT}         },
+    {"proxy.config.http.response_header_max_size",                     {TS_CONFIG_HTTP_RESPONSE_HEADER_MAX_SIZE, TS_RECORDDATATYPE_INT}         },
+    {"proxy.config.http.anonymize_remove_referer",                     {TS_CONFIG_HTTP_ANONYMIZE_REMOVE_REFERER, TS_RECORDDATATYPE_INT}         },
+    {"proxy.config.http.global_user_agent_header",                     {TS_CONFIG_HTTP_GLOBAL_USER_AGENT_HEADER, TS_RECORDDATATYPE_STRING}      },
+    {"proxy.config.net.sock_recv_buffer_size_out",                     {TS_CONFIG_NET_SOCK_RECV_BUFFER_SIZE_OUT, TS_RECORDDATATYPE_INT}         },
+    {"proxy.config.net.sock_send_buffer_size_out",                     {TS_CONFIG_NET_SOCK_SEND_BUFFER_SIZE_OUT, TS_RECORDDATATYPE_INT}         },
+    {"proxy.config.http.connect_attempts_timeout",                     {TS_CONFIG_HTTP_CONNECT_ATTEMPTS_TIMEOUT, TS_RECORDDATATYPE_INT}         },
+    {"proxy.config.websocket.no_activity_timeout",                     {TS_CONFIG_WEBSOCKET_NO_ACTIVITY_TIMEOUT, TS_RECORDDATATYPE_INT}         },
+    {"proxy.config.http.negative_caching_lifetime",                    {TS_CONFIG_HTTP_NEGATIVE_CACHING_LIFETIME, TS_RECORDDATATYPE_INT}        },
+    {"proxy.config.http.default_buffer_water_mark",                    {TS_CONFIG_HTTP_DEFAULT_BUFFER_WATER_MARK, TS_RECORDDATATYPE_INT}        },
+    {"proxy.config.http.cache.heuristic_lm_factor",                    {TS_CONFIG_HTTP_CACHE_HEURISTIC_LM_FACTOR, TS_RECORDDATATYPE_FLOAT}      },
+    {OutboundConnTrack::CONFIG_VAR_MAX,                                {TS_CONFIG_HTTP_PER_SERVER_CONNECTION_MAX, TS_RECORDDATATYPE_INT}        },
+    {OutboundConnTrack::CONFIG_VAR_MIN,                                {TS_CONFIG_HTTP_SERVER_MIN_KEEP_ALIVE_CONNS, TS_RECORDDATATYPE_INT}      },
+    {"proxy.config.http.anonymize_remove_client_ip",                   {TS_CONFIG_HTTP_ANONYMIZE_REMOVE_CLIENT_IP, TS_RECORDDATATYPE_INT}       },
+    {"proxy.config.http.cache.open_read_retry_time",                   {TS_CONFIG_HTTP_CACHE_OPEN_READ_RETRY_TIME, TS_RECORDDATATYPE_INT}       },
+    {OutboundConnTrack::CONFIG_VAR_MATCH,                              {TS_CONFIG_HTTP_PER_SERVER_CONNECTION_MATCH, TS_RECORDDATATYPE_INT}      },
+    {"proxy.config.http.parent_proxy.fail_threshold",                  {TS_CONFIG_HTTP_PARENT_PROXY_FAIL_THRESHOLD, TS_RECORDDATATYPE_INT}      },
+    {"proxy.config.http.cache.ignore_authentication",                  {TS_CONFIG_HTTP_CACHE_IGNORE_AUTHENTICATION, TS_RECORDDATATYPE_INT}      },
+    {"proxy.config.http.anonymize_remove_user_agent",                  {TS_CONFIG_HTTP_ANONYMIZE_REMOVE_USER_AGENT, TS_RECORDDATATYPE_INT}      },
+    {"proxy.config.http.connect_attempts_rr_retries",                  {TS_CONFIG_HTTP_CONNECT_ATTEMPTS_RR_RETRIES, TS_RECORDDATATYPE_INT}      },
+    {"proxy.config.http.cache.max_open_read_retries",                  {TS_CONFIG_HTTP_CACHE_MAX_OPEN_READ_RETRIES, TS_RECORDDATATYPE_INT}      },
+    {"proxy.config.http.auth_server_session_private",                  {TS_CONFIG_HTTP_AUTH_SERVER_SESSION_PRIVATE, TS_RECORDDATATYPE_INT}      },
+    {"proxy.config.http.redirect_use_orig_cache_key",                  {TS_CONFIG_HTTP_REDIRECT_USE_ORIG_CACHE_KEY, TS_RECORDDATATYPE_INT}      },
+    {"proxy.config.http.cache.ignore_client_no_cache",                 {TS_CONFIG_HTTP_CACHE_IGNORE_CLIENT_NO_CACHE, TS_RECORDDATATYPE_INT}     },
+    {"proxy.config.http.cache.ims_on_client_no_cache",                 {TS_CONFIG_HTTP_CACHE_IMS_ON_CLIENT_NO_CACHE, TS_RECORDDATATYPE_INT}     },
+    {"proxy.config.http.cache.ignore_server_no_cache",                 {TS_CONFIG_HTTP_CACHE_IGNORE_SERVER_NO_CACHE, TS_RECORDDATATYPE_INT}     },
+    {"proxy.config.http.cache.heuristic_min_lifetime",                 {TS_CONFIG_HTTP_CACHE_HEURISTIC_MIN_LIFETIME, TS_RECORDDATATYPE_INT}     },
+    {"proxy.config.http.cache.heuristic_max_lifetime",                 {TS_CONFIG_HTTP_CACHE_HEURISTIC_MAX_LIFETIME, TS_RECORDDATATYPE_INT}     },
+    {"proxy.config.http.server_session_sharing.match",                 {TS_CONFIG_HTTP_SERVER_SESSION_SHARING_MATCH, TS_RECORDDATATYPE_STRING}  },
+    {"proxy.config.http.cache.ignore_accept_mismatch",                 {TS_CONFIG_HTTP_CACHE_IGNORE_ACCEPT_MISMATCH, TS_RECORDDATATYPE_INT}     },
+    {"proxy.config.http.cache.open_write_fail_action",                 {TS_CONFIG_HTTP_CACHE_OPEN_WRITE_FAIL_ACTION, TS_RECORDDATATYPE_INT}     },
+    {"proxy.config.http.insert_squid_x_forwarded_for",                 {TS_CONFIG_HTTP_INSERT_SQUID_X_FORWARDED_FOR, TS_RECORDDATATYPE_INT}     },
+    {"proxy.config.http.connect_attempts_max_retries",                 {TS_CONFIG_HTTP_CONNECT_ATTEMPTS_MAX_RETRIES, TS_RECORDDATATYPE_INT}     },
+    {"proxy.config.http.cache.max_open_write_retries",                 {TS_CONFIG_HTTP_CACHE_MAX_OPEN_WRITE_RETRIES, TS_RECORDDATATYPE_INT}     },
+    {"proxy.config.http.cache.max_open_write_retry_timeout",
+     {TS_CONFIG_HTTP_CACHE_MAX_OPEN_WRITE_RETRY_TIMEOUT, TS_RECORDDATATYPE_INT}                                                                 },
+    {"proxy.config.http.forward.proxy_auth_to_parent",                 {TS_CONFIG_HTTP_FORWARD_PROXY_AUTH_TO_PARENT, TS_RECORDDATATYPE_INT}     },
+    {"proxy.config.http.parent_proxy.mark_down_hostdb",                {TS_CONFIG_PARENT_FAILURES_UPDATE_HOSTDB, TS_RECORDDATATYPE_INT}         },
+    {"proxy.config.http.negative_revalidating_enabled",                {TS_CONFIG_HTTP_NEGATIVE_REVALIDATING_ENABLED, TS_RECORDDATATYPE_INT}    },
+    {"proxy.config.http.cache.guaranteed_min_lifetime",                {TS_CONFIG_HTTP_CACHE_GUARANTEED_MIN_LIFETIME, TS_RECORDDATATYPE_INT}    },
+    {"proxy.config.http.cache.guaranteed_max_lifetime",                {TS_CONFIG_HTTP_CACHE_GUARANTEED_MAX_LIFETIME, TS_RECORDDATATYPE_INT}    },
+    {"proxy.config.http.transaction_active_timeout_in",                {TS_CONFIG_HTTP_TRANSACTION_ACTIVE_TIMEOUT_IN, TS_RECORDDATATYPE_INT}    },
+    {"proxy.config.http.cache.ignore_client_cc_max_age",               {TS_CONFIG_HTTP_CACHE_IGNORE_CLIENT_CC_MAX_AGE, TS_RECORDDATATYPE_INT}   },
+    {"proxy.config.http.negative_revalidating_lifetime",               {TS_CONFIG_HTTP_NEGATIVE_REVALIDATING_LIFETIME, TS_RECORDDATATYPE_INT}   },
+    {"proxy.config.http.transaction_active_timeout_out",               {TS_CONFIG_HTTP_TRANSACTION_ACTIVE_TIMEOUT_OUT, TS_RECORDDATATYPE_INT}   },
+    {"proxy.config.http.background_fill_active_timeout",               {TS_CONFIG_HTTP_BACKGROUND_FILL_ACTIVE_TIMEOUT, TS_RECORDDATATYPE_INT}   },
+    {"proxy.config.http.attach_server_session_to_client",              {TS_CONFIG_HTTP_ATTACH_SERVER_SESSION_TO_CLIENT, TS_RECORDDATATYPE_INT}  },
+    {"proxy.config.http.max_proxy_cycles",                             {TS_CONFIG_HTTP_MAX_PROXY_CYCLES, TS_RECORDDATATYPE_INT}                 },
+    {"proxy.config.http.cache.cache_responses_to_cookies",
+     {TS_CONFIG_HTTP_CACHE_CACHE_RESPONSES_TO_COOKIES, TS_RECORDDATATYPE_INT}                                                                   },
+    {"proxy.config.http.keep_alive_no_activity_timeout_in",
+     {TS_CONFIG_HTTP_KEEP_ALIVE_NO_ACTIVITY_TIMEOUT_IN, TS_RECORDDATATYPE_INT}                                                                  },
+    {"proxy.config.http.post.check.content_length.enabled",
+     {TS_CONFIG_HTTP_POST_CHECK_CONTENT_LENGTH_ENABLED, TS_RECORDDATATYPE_INT}                                                                  },
+    {"proxy.config.http.cache.cache_urls_that_look_dynamic",
+     {TS_CONFIG_HTTP_CACHE_CACHE_URLS_THAT_LOOK_DYNAMIC, TS_RECORDDATATYPE_INT}                                                                 },
+    {"proxy.config.http.transaction_no_activity_timeout_in",
+     {TS_CONFIG_HTTP_TRANSACTION_NO_ACTIVITY_TIMEOUT_IN, TS_RECORDDATATYPE_INT}                                                                 },
+    {"proxy.config.http.keep_alive_no_activity_timeout_out",
+     {TS_CONFIG_HTTP_KEEP_ALIVE_NO_ACTIVITY_TIMEOUT_OUT, TS_RECORDDATATYPE_INT}                                                                 },
+    {"proxy.config.http.uncacheable_requests_bypass_parent",
+     {TS_CONFIG_HTTP_UNCACHEABLE_REQUESTS_BYPASS_PARENT, TS_RECORDDATATYPE_INT}                                                                 },
+    {"proxy.config.http.transaction_no_activity_timeout_out",
+     {TS_CONFIG_HTTP_TRANSACTION_NO_ACTIVITY_TIMEOUT_OUT, TS_RECORDDATATYPE_INT}                                                                },
+    {"proxy.config.http.background_fill_completed_threshold",
+     {TS_CONFIG_HTTP_BACKGROUND_FILL_COMPLETED_THRESHOLD, TS_RECORDDATATYPE_FLOAT}                                                              },
+    {"proxy.config.http.parent_proxy.total_connect_attempts",
+     {TS_CONFIG_HTTP_PARENT_PROXY_TOTAL_CONNECT_ATTEMPTS, TS_RECORDDATATYPE_INT}                                                                },
+    {"proxy.config.http.cache.ignore_accept_charset_mismatch",
+     {TS_CONFIG_HTTP_CACHE_IGNORE_ACCEPT_CHARSET_MISMATCH, TS_RECORDDATATYPE_INT}                                                               },
+    {"proxy.config.http.cache.ignore_accept_language_mismatch",
+     {TS_CONFIG_HTTP_CACHE_IGNORE_ACCEPT_LANGUAGE_MISMATCH, TS_RECORDDATATYPE_INT}                                                              },
+    {"proxy.config.http.cache.ignore_accept_encoding_mismatch",
+     {TS_CONFIG_HTTP_CACHE_IGNORE_ACCEPT_ENCODING_MISMATCH, TS_RECORDDATATYPE_INT}                                                              },
+    {"proxy.config.http.connect_attempts_max_retries_dead_server",
+     {TS_CONFIG_HTTP_CONNECT_ATTEMPTS_MAX_RETRIES_DEAD_SERVER, TS_RECORDDATATYPE_INT}                                                           },
+    {"proxy.config.http.parent_proxy.per_parent_connect_attempts",
+     {TS_CONFIG_HTTP_PER_PARENT_CONNECT_ATTEMPTS, TS_RECORDDATATYPE_INT}                                                                        },
+    {"proxy.config.ssl.client.verify.server.policy",                   {TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_POLICY, TS_RECORDDATATYPE_STRING}    },
+    {"proxy.config.ssl.client.verify.server.properties",               {TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_PROPERTIES, TS_RECORDDATATYPE_STRING}},
+    {"proxy.config.ssl.client.sni_policy",                             {TS_CONFIG_SSL_CLIENT_SNI_POLICY, TS_RECORDDATATYPE_STRING}              },
+    {"proxy.config.ssl.client.cert.filename",                          {TS_CONFIG_SSL_CLIENT_CERT_FILENAME, TS_RECORDDATATYPE_STRING}           },
+    {"proxy.config.ssl.client.cert.path",                              {TS_CONFIG_SSL_CERT_FILEPATH, TS_RECORDDATATYPE_STRING}                  },
+    {"proxy.config.ssl.client.private_key.filename",                   {TS_CONFIG_SSL_CLIENT_PRIVATE_KEY_FILENAME, TS_RECORDDATATYPE_STRING}    },
+    {"proxy.config.ssl.client.CA.cert.filename",                       {TS_CONFIG_SSL_CLIENT_CA_CERT_FILENAME, TS_RECORDDATATYPE_STRING}        },
+    {"proxy.config.ssl.client.alpn_protocols",                         {TS_CONFIG_SSL_CLIENT_ALPN_PROTOCOLS, TS_RECORDDATATYPE_STRING}          },
+    {"proxy.config.hostdb.ip_resolve",                                 {TS_CONFIG_HTTP_HOST_RESOLUTION_PREFERENCE, TS_RECORDDATATYPE_STRING}    },
+    {"proxy.config.plugin.vc.default_buffer_index",                    {TS_CONFIG_PLUGIN_VC_DEFAULT_BUFFER_INDEX, TS_RECORDDATATYPE_INT}        },
+    {"proxy.config.plugin.vc.default_buffer_water_mark",               {TS_CONFIG_PLUGIN_VC_DEFAULT_BUFFER_WATER_MARK, TS_RECORDDATATYPE_INT}   },
+    {"proxy.config.net.sock_notsent_lowat",                            {TS_CONFIG_NET_SOCK_NOTSENT_LOWAT, TS_RECORDDATATYPE_INT}                },
+    {"proxy.config.body_factory.response_suppression_mode",
+     {TS_CONFIG_BODY_FACTORY_RESPONSE_SUPPRESSION_MODE, TS_RECORDDATATYPE_INT}                                                                  },
+    {"proxy.config.http.parent_proxy.enable_parent_timeout_markdowns",
+     {TS_CONFIG_HTTP_ENABLE_PARENT_TIMEOUT_MARKDOWNS, TS_RECORDDATATYPE_INT}                                                                    },
+    {"proxy.config.http.parent_proxy.disable_parent_markdowns",        {TS_CONFIG_HTTP_DISABLE_PARENT_MARKDOWNS, TS_RECORDDATATYPE_INT}         },
+    {"proxy.config.net.default_inactivity_timeout",                    {TS_CONFIG_NET_DEFAULT_INACTIVITY_TIMEOUT, TS_RECORDDATATYPE_INT}        }
+});
diff --git a/src/traffic_cache_tool/CacheDefs.cc b/src/traffic_cache_tool/CacheDefs.cc
index 631563f4969..5fb8ab67458 100644
--- a/src/traffic_cache_tool/CacheDefs.cc
+++ b/src/traffic_cache_tool/CacheDefs.cc
@@ -809,14 +809,14 @@ Stripe::dir_check()
       ++hist[std::min(h, SEGMENT_HISTOGRAM_WIDTH)];
       seg_chain_max = std::max(seg_chain_max, h);
     }
-    int fl_size = dir_freelist_length(s);
-    in_use += seg_in_use;
-    empty += seg_empty;
-    stale += seg_stale;
-    free += fl_size;
-    buckets_in_use += seg_buckets_in_use;
+    int fl_size      = dir_freelist_length(s);
+    in_use           += seg_in_use;
+    empty            += seg_empty;
+    stale            += seg_stale;
+    free             += fl_size;
+    buckets_in_use   += seg_buckets_in_use;
     max_chain_length = std::max(max_chain_length, seg_chain_max);
-    bytes_in_use += seg_bytes_in_use;
+    bytes_in_use     += seg_bytes_in_use;
 
     printf("  - Segment-%d | Entries: used=%d stale=%d free=%d disk-bytes=%d Buckets: used=%d empty=%d max=%d avg=%.2f dups=%d\n",
            s, seg_in_use, seg_stale, fl_size, seg_bytes_in_use, seg_buckets_in_use, seg_empty, seg_chain_max,
@@ -913,8 +913,8 @@ Stripe::loadMeta()
     delta              = Bytes(data.rebind<char>().data() - stripe_buff2);
     _meta[A][HEAD]     = *meta;
     _meta_pos[A][HEAD] = round_down(pos + Bytes(delta));
-    pos += round_up(SBSIZE);
-    _directory._skip = Bytes(SBSIZE); // first guess, updated in @c updateLiveData when the header length is computed.
+    pos                += round_up(SBSIZE);
+    _directory._skip   = Bytes(SBSIZE); // first guess, updated in @c updateLiveData when the header length is computed.
     // Search for Footer A. Nothing for it except to grub through the disk.
     // The searched data is cached so it's available for directory parsing later if needed.
     while (pos < limit) {
@@ -957,7 +957,7 @@ Stripe::loadMeta()
 
       // Footer B must be at the same relative offset to Header B as Footer A -> Header A.
       pos += delta;
-      n = Bytes(pread(fd, stripe_buff, ts::CacheStoreBlocks::SCALE, pos));
+      n   = Bytes(pread(fd, stripe_buff, ts::CacheStoreBlocks::SCALE, pos));
       data.assign(stripe_buff, n);
       meta = static_cast<StripeMeta *>(data.data());
       if (this->validateMeta(meta)) {
diff --git a/src/traffic_cache_tool/CacheDefs.h b/src/traffic_cache_tool/CacheDefs.h
index e69becaaf79..60c4999f375 100644
--- a/src/traffic_cache_tool/CacheDefs.h
+++ b/src/traffic_cache_tool/CacheDefs.h
@@ -50,7 +50,7 @@ namespace ts
 {
 /* INK_ALIGN() is only to be used to align on a power of 2 boundary */
 #define INK_ALIGN(size, boundary) (((size) + ((boundary)-1)) & ~((boundary)-1))
-#define ROUND_TO_STORE_BLOCK(_x) INK_ALIGN((_x), 8192)
+#define ROUND_TO_STORE_BLOCK(_x)  INK_ALIGN((_x), 8192)
 #define dir_clear(_e) \
   do {                \
     (_e)->w[0] = 0;   \
@@ -177,9 +177,9 @@ struct Doc {
 #endif
   uint32_t hlen;         ///< Length of this header.
   uint32_t doc_type : 8; ///< Doc type - indicates the format of this structure and its content.
-  uint32_t v_major : 8;  ///< Major version number.
-  uint32_t v_minor : 8;  ///< Minor version number.
-  uint32_t unused : 8;   ///< Unused, forced to zero.
+  uint32_t v_major  : 8; ///< Major version number.
+  uint32_t v_minor  : 8; ///< Minor version number.
+  uint32_t unused   : 8; ///< Unused, forced to zero.
   uint32_t sync_serial;
   uint32_t write_serial;
   uint32_t pinned; // pinned until
@@ -368,13 +368,13 @@ constexpr int CACHE_BLOCK_SIZE          = (1 << CACHE_BLOCK_SHIFT); // 512, smal
 
 namespace ct
 {
-#define dir_big(_e) ((uint32_t)((((_e)->w[1]) >> 8) & 0x3))
+#define dir_big(_e)         ((uint32_t)((((_e)->w[1]) >> 8) & 0x3))
 #define dir_bit(_e, _w, _b) ((uint32_t)(((_e)->w[_w] >> (_b)) & 1))
-#define dir_size(_e) ((uint32_t)(((_e)->w[1]) >> 10))
+#define dir_size(_e)        ((uint32_t)(((_e)->w[1]) >> 10))
 #define dir_approx_size(_e) ((dir_size(_e) + 1) * DIR_BLOCK_SIZE(dir_big(_e)))
-#define dir_head(_e) dir_bit(_e, 2, 13)
-#define DIR_MASK_TAG(_t) ((_t) & ((1 << DIR_TAG_WIDTH) - 1))
-#define dir_tag(_e) ((uint32_t)((_e)->w[2] & ((1 << DIR_TAG_WIDTH) - 1)))
+#define dir_head(_e)        dir_bit(_e, 2, 13)
+#define DIR_MASK_TAG(_t)    ((_t) & ((1 << DIR_TAG_WIDTH) - 1))
+#define dir_tag(_e)         ((uint32_t)((_e)->w[2] & ((1 << DIR_TAG_WIDTH) - 1)))
 #define dir_offset(_e) \
   ((int64_t)(((uint64_t)(_e)->w[0]) | (((uint64_t)((_e)->w[1] & 0xFF)) << 16) | (((uint64_t)(_e)->w[4]) << 24)))
 
@@ -385,10 +385,10 @@ namespace ct
     (_e)->w[4] = (uint16_t)((_o) >> 24);                                    \
   } while (0)
 
-#define dir_next(_e) (_e)->w[3]
-#define dir_phase(_e) dir_bit(_e, 2, 12)
-#define DIR_BLOCK_SHIFT(_i) (3 * (_i))
-#define DIR_BLOCK_SIZE(_i) (CACHE_BLOCK_SIZE << DIR_BLOCK_SHIFT(_i))
+#define dir_next(_e)         (_e)->w[3]
+#define dir_phase(_e)        dir_bit(_e, 2, 12)
+#define DIR_BLOCK_SHIFT(_i)  (3 * (_i))
+#define DIR_BLOCK_SIZE(_i)   (CACHE_BLOCK_SIZE << DIR_BLOCK_SHIFT(_i))
 #define dir_set_prev(_e, _o) (_e)->w[2] = (uint16_t)(_o)
 #define dir_set_next(_e, _o) (_e)->w[3] = (uint16_t)(_o)
 
diff --git a/src/traffic_cache_tool/CacheScan.cc b/src/traffic_cache_tool/CacheScan.cc
index 207c1ab7eca..033bc99ec78 100644
--- a/src/traffic_cache_tool/CacheScan.cc
+++ b/src/traffic_cache_tool/CacheScan.cc
@@ -314,7 +314,7 @@ CacheScan::unmarshal(char *buf, int len, RefCountObj *block_ref)
       zret.push(0, 0, "HTTPInfo::request unmarshal failed");
       return zret;
     }
-    len -= tmp;
+    len                                    -= tmp;
     alt->m_request_hdr.m_heap              = heap;
     alt->m_request_hdr.m_http              = hh;
     alt->m_request_hdr.m_mime              = hh->m_fields_impl;
diff --git a/src/traffic_cache_tool/CacheTool.cc b/src/traffic_cache_tool/CacheTool.cc
index 5210ccec174..c7b545f8195 100644
--- a/src/traffic_cache_tool/CacheTool.cc
+++ b/src/traffic_cache_tool/CacheTool.cc
@@ -397,8 +397,8 @@ VolumeAllocator::allocateFor(Span &span)
   for (auto &v : _av) {
     auto delta = v._config._alloc - v._size;
     if (delta > 0) {
-      v._deficit = (delta.count() * SCALE) / v._config._alloc.count();
-      v._shares  = delta.count() * v._deficit;
+      v._deficit   = (delta.count() * SCALE) / v._config._alloc.count();
+      v._shares    = delta.count() * v._deficit;
       total_shares += v._shares;
     } else {
       v._shares = 0;
@@ -418,11 +418,11 @@ VolumeAllocator::allocateFor(Span &span)
       // Not sure why this is needed. But a large and empty volume can dominate the shares
       // enough to get more than it actually needs if the other volume are relative small or full.
       // I need to do more math to see if the weighting can be adjusted to not have this happen.
-      n = std::min(n, delta);
-      v._size += n;
-      span_used += n;
+      n            = std::min(n, delta);
+      v._size      += n;
+      span_used    += n;
       total_shares -= v._shares;
-      Errata z = _cache.allocStripe(&span, v._config._idx, round_up(n));
+      Errata z     = _cache.allocStripe(&span, v._config._idx, round_up(n));
       if (Verbosity >= NORMAL) {
         std::cout << "           " << n << " to volume " << v._config._idx << std::endl;
       }
@@ -786,11 +786,11 @@ Span::allocStripe(int vol_idx, const CacheStripeBlocks &len)
           stripe->_type    = 1;
           return stripe;
         } else {
-          Stripe *ns = new Stripe(this, stripe->_start, len);
+          Stripe *ns     = new Stripe(this, stripe->_start, len);
           stripe->_start += len;
-          stripe->_len -= len;
-          ns->_vol_idx = vol_idx;
-          ns->_type    = 1;
+          stripe->_len   -= len;
+          ns->_vol_idx   = vol_idx;
+          ns->_type      = 1;
           _stripes.insert(spot, ns);
           return ns;
         }
@@ -956,17 +956,17 @@ Cache::build_stripe_hash_table()
   for (auto &elt : globalVec_stripe) {
     // printf("stripe length %" PRId64 "\n", elt->_len.count());
     rtable_entries[i] = static_cast<int64_t>(elt->_len) / Vol_hash_alloc_size;
-    rtable_size += rtable_entries[i];
-    uint64_t x = elt->hash_id.fold();
+    rtable_size       += rtable_entries[i];
+    uint64_t x        = elt->hash_id.fold();
     // seed random number generator
     rnd[i] = static_cast<unsigned int>(x);
-    total += elt->_len;
+    total  += elt->_len;
     i++;
   }
   i = 0;
   for (auto &elt : globalVec_stripe) {
     forvol[i] = total ? static_cast<int64_t>(VOL_HASH_TABLE_SIZE * elt->_len) / total : 0;
-    used += forvol[i];
+    used      += forvol[i];
     gotvol[i] = 0;
     i++;
   }
diff --git a/src/traffic_crashlog/procinfo.cc b/src/traffic_crashlog/procinfo.cc
index db99549d5bd..3510dd1e261 100644
--- a/src/traffic_crashlog/procinfo.cc
+++ b/src/traffic_crashlog/procinfo.cc
@@ -220,7 +220,7 @@ crashlog_write_registers(FILE *fp, const crashlog_target &target)
 
 // x86 register names as per ucontext.h.
 #if defined(__i386__)
-#define REGFMT "0x%08" PRIx32
+#define REGFMT     "0x%08" PRIx32
 #define REGCAST(x) ((uint32_t)(x))
   static const char *names[NGREG] = {
     "GS",  "FS",  "ES",     "DS",  "EDI", "ESI", "EBP", "ESP",  "EBX", "EDX",
@@ -229,7 +229,7 @@ crashlog_write_registers(FILE *fp, const crashlog_target &target)
 #endif
 
 #if defined(__x86_64__)
-#define REGFMT "0x%016" PRIx64
+#define REGFMT     "0x%016" PRIx64
 #define REGCAST(x) ((uint64_t)(x))
   static const char *names[NGREG] = {
     "R8",  "R9",  "R10", "R11", "R12", "R13", "R14",    "R15", "RDI",    "RSI",     "RBP", "RBX",
diff --git a/src/traffic_crashlog/traffic_crashlog.cc b/src/traffic_crashlog/traffic_crashlog.cc
index 245245e273c..3ca2afecc16 100644
--- a/src/traffic_crashlog/traffic_crashlog.cc
+++ b/src/traffic_crashlog/traffic_crashlog.cc
@@ -44,15 +44,16 @@ extern char __pid_size_static_assert[sizeof(pid_t) == sizeof(int) ? 0 : -1];
 
 static AppVersionInfo appVersionInfo;
 static const ArgumentDescription argument_descriptions[] = {
-  {"target", '-', "Target process ID", "I", &target_pid, nullptr, nullptr},
-  {"host", '-', "Host triplet for the process being logged", "S*", &host_triplet, nullptr, nullptr},
-  {"wait", '-', "Stop until signalled at startup", "F", &wait_mode, nullptr, nullptr},
-  {"syslog", '-', "Syslog after writing a crash log", "F", &syslog_mode, nullptr, nullptr},
-  {"debug", '-', "Enable debugging mode", "F", &debug_mode, nullptr, nullptr},
-  {"user", '-', "Username used to set privileges", "S*", &user, nullptr, nullptr},
+  {"target", '-', "Target process ID",                         "I",  &target_pid,   nullptr, nullptr},
+  {"host",   '-', "Host triplet for the process being logged", "S*", &host_triplet, nullptr, nullptr},
+  {"wait",   '-', "Stop until signalled at startup",           "F",  &wait_mode,    nullptr, nullptr},
+  {"syslog", '-', "Syslog after writing a crash log",          "F",  &syslog_mode,  nullptr, nullptr},
+  {"debug",  '-', "Enable debugging mode",                     "F",  &debug_mode,   nullptr, nullptr},
+  {"user",   '-', "Username used to set privileges",           "S*", &user,         nullptr, nullptr},
   HELP_ARGUMENT_DESCRIPTION(),
   VERSION_ARGUMENT_DESCRIPTION(),
-  RUNROOT_ARGUMENT_DESCRIPTION()};
+  RUNROOT_ARGUMENT_DESCRIPTION()
+};
 
 static struct tm
 timestamp()
diff --git a/src/traffic_crashlog/traffic_crashlog.h b/src/traffic_crashlog/traffic_crashlog.h
index 37dded2eb5a..7563ef636aa 100644
--- a/src/traffic_crashlog/traffic_crashlog.h
+++ b/src/traffic_crashlog/traffic_crashlog.h
@@ -39,10 +39,10 @@
 
 // Printf format for memory addresses.
 #if SIZEOF_VOIDP == 8
-#define ADDRFMT "0x%016" PRIx64
+#define ADDRFMT     "0x%016" PRIx64
 #define ADDRCAST(x) ((uint64_t)(x))
 #elif SIZEOF_VOIDP == 4
-#define ADDRFMT "0x%08" PRIx32
+#define ADDRFMT     "0x%08" PRIx32
 #define ADDRCAST(x) ((uint32_t)(x))
 #else
 #error unsupported pointer size
diff --git a/src/traffic_ctl/CtrlCommands.cc b/src/traffic_ctl/CtrlCommands.cc
index 7db72f7346b..682879b82d5 100644
--- a/src/traffic_ctl/CtrlCommands.cc
+++ b/src/traffic_ctl/CtrlCommands.cc
@@ -32,8 +32,9 @@ using Codec = yamlcpp_json_emitter;
 const std::unordered_map<std::string_view, BasePrinter::Options::OutputFormat> _Fmt_str_to_enum = {
   {"pretty", BasePrinter::Options::OutputFormat::PRETTY},
   {"legacy", BasePrinter::Options::OutputFormat::LEGACY},
-  {"json", BasePrinter::Options::OutputFormat::JSON},
-  {"rpc", BasePrinter::Options::OutputFormat::RPC}};
+  {"json",   BasePrinter::Options::OutputFormat::JSON  },
+  {"rpc",    BasePrinter::Options::OutputFormat::RPC   }
+};
 
 BasePrinter::Options::OutputFormat
 parse_format(ts::Arguments *args)
@@ -199,7 +200,9 @@ void
 ConfigCommand::config_set()
 {
   auto const &data = get_parsed_arguments()->get(SET_STR);
-  ConfigSetRecordRequest request{{data[0], data[1]}};
+  ConfigSetRecordRequest request{
+    {data[0], data[1]}
+  };
   shared::rpc::JSONRPCResponse response = invoke_rpc(request);
 
   _printer->write_output(response);
@@ -290,7 +293,9 @@ void
 HostCommand::status_get()
 {
   auto const &data = get_parsed_arguments()->get(STATUS_STR);
-  HostGetStatusRequest request{{std::begin(data), std::end(data)}};
+  HostGetStatusRequest request{
+    {std::begin(data), std::end(data)}
+  };
 
   auto response = invoke_rpc(request);
 
@@ -301,10 +306,12 @@ void
 HostCommand::status_down()
 {
   auto hosts = get_parsed_arguments()->get(DOWN_STR);
-  HostSetStatusRequest request{{HostSetStatusRequest::Params::Op::DOWN,
-                                {std::begin(hosts), std::end(hosts)},
-                                get_parsed_arguments()->get(REASON_STR).value(),
-                                "0"}};
+  HostSetStatusRequest request{
+    {HostSetStatusRequest::Params::Op::DOWN,
+     {std::begin(hosts), std::end(hosts)},
+     get_parsed_arguments()->get(REASON_STR).value(),
+     "0"}
+  };
   auto response = invoke_rpc(request);
   _printer->write_output(response);
 }
@@ -313,10 +320,12 @@ void
 HostCommand::status_up()
 {
   auto hosts = get_parsed_arguments()->get(UP_STR);
-  HostSetStatusRequest request{{HostSetStatusRequest::Params::Op::UP,
-                                {std::begin(hosts), std::end(hosts)},
-                                get_parsed_arguments()->get(REASON_STR).value(),
-                                "0"}};
+  HostSetStatusRequest request{
+    {HostSetStatusRequest::Params::Op::UP,
+     {std::begin(hosts), std::end(hosts)},
+     get_parsed_arguments()->get(REASON_STR).value(),
+     "0"}
+  };
 
   auto response = invoke_rpc(request);
   _printer->write_output(response);
diff --git a/src/traffic_ctl/CtrlPrinters.cc b/src/traffic_ctl/CtrlPrinters.cc
index aeaf20396bc..900d1232f71 100644
--- a/src/traffic_ctl/CtrlPrinters.cc
+++ b/src/traffic_ctl/CtrlPrinters.cc
@@ -197,10 +197,10 @@ ConfigSetPrinter::write_output(YAML::Node const &result)
 {
   // we match the legacy format, the only one supported for now.
   static const std::unordered_map<std::string, std::string> Update_Type_To_String_Message = {
-    {"0", "Set {}"},                                                                                           // UNDEFINED
+    {"0", "Set {}"                                                                                          }, // UNDEFINED
     {"1", "Set {}, please wait 10 seconds for traffic server to sync configuration, restart is not required"}, // DYNAMIC
-    {"2", "Set {}, restart required"},                                                                         // RESTART_TS
-    {"3", "Set {}, restart required"} // RESTART TM, we take care of this in case we get it from TS.
+    {"2", "Set {}, restart required"                                                                        }, // RESTART_TS
+    {"3", "Set {}, restart required"                                                                        }  // RESTART TM, we take care of this in case we get it from TS.
   };
   std::string text;
   try {
diff --git a/src/traffic_logcat/logcat.cc b/src/traffic_logcat/logcat.cc
index 9f398dc7a23..c1b337e6389 100644
--- a/src/traffic_logcat/logcat.cc
+++ b/src/traffic_logcat/logcat.cc
@@ -26,7 +26,7 @@
 #include "tscore/I_Layout.h"
 #include "tscore/runroot.h"
 
-#define PROGRAM_NAME "traffic_logcat"
+#define PROGRAM_NAME       "traffic_logcat"
 #define MAX_LOGBUFFER_SIZE 65536
 
 #include <poll.h>
@@ -57,18 +57,19 @@ int auto_clear_cache_flag = 0;
 
 static const ArgumentDescription argument_descriptions[] = {
 
-  {"output_file", 'o', "Specify output file", "S1023", &output_file, NULL, NULL},
-  {"auto_filenames", 'a', "Automatically generate output names", "T", &auto_filenames, NULL, NULL},
-  {"follow", 'f', "Follow the log file as it grows", "T", &follow_flag, NULL, NULL},
-  {"clf", 'C', "Convert to Common Logging Format", "T", &clf_flag, NULL, NULL},
-  {"elf", 'E', "Convert to Extended Logging Format", "T", &elf_flag, NULL, NULL},
-  {"squid", 'S', "Convert to Squid Logging Format", "T", &squid_flag, NULL, NULL},
-  {"debug_tags", 'T', "Colon-Separated Debug Tags", "S1023", error_tags, NULL, NULL},
-  {"overwrite_output", 'w', "Overwrite existing output file(s)", "T", &overwrite_existing_file, NULL, NULL},
-  {"elf2", '2', "Convert to Extended2 Logging Format", "T", &elf2_flag, NULL, NULL},
+  {"output_file",      'o', "Specify output file",                 "S1023", &output_file,             NULL, NULL},
+  {"auto_filenames",   'a', "Automatically generate output names", "T",     &auto_filenames,          NULL, NULL},
+  {"follow",           'f', "Follow the log file as it grows",     "T",     &follow_flag,             NULL, NULL},
+  {"clf",              'C', "Convert to Common Logging Format",    "T",     &clf_flag,                NULL, NULL},
+  {"elf",              'E', "Convert to Extended Logging Format",  "T",     &elf_flag,                NULL, NULL},
+  {"squid",            'S', "Convert to Squid Logging Format",     "T",     &squid_flag,              NULL, NULL},
+  {"debug_tags",       'T', "Colon-Separated Debug Tags",          "S1023", error_tags,               NULL, NULL},
+  {"overwrite_output", 'w', "Overwrite existing output file(s)",   "T",     &overwrite_existing_file, NULL, NULL},
+  {"elf2",             '2', "Convert to Extended2 Logging Format", "T",     &elf2_flag,               NULL, NULL},
   HELP_ARGUMENT_DESCRIPTION(),
   VERSION_ARGUMENT_DESCRIPTION(),
-  RUNROOT_ARGUMENT_DESCRIPTION()};
+  RUNROOT_ARGUMENT_DESCRIPTION()
+};
 
 /*
  * Gets the inode number of a given file
diff --git a/src/traffic_logstats/logstats.cc b/src/traffic_logstats/logstats.cc
index c9c151c9f0a..f0471d8da25 100644
--- a/src/traffic_logstats/logstats.cc
+++ b/src/traffic_logstats/logstats.cc
@@ -635,29 +635,30 @@ struct CommandLineArgs {
 static CommandLineArgs cl;
 
 static ArgumentDescription argument_descriptions[] = {
-  {"log_file", 'f', "Specific logfile to parse", "S1023", cl.log_file, nullptr, nullptr},
-  {"origin_list", 'o', "Only show stats for listed Origins", "S4095", cl.origin_list, nullptr, nullptr},
-  {"origin_file", 'O', "File listing Origins to show", "S1023", cl.origin_file, nullptr, nullptr},
-  {"max_origins", 'M', "Max number of Origins to show", "I", &cl.max_origins, nullptr, nullptr},
-  {"urls", 'u', "Produce JSON stats for URLs, argument is LRU size", "I", &cl.urls, nullptr, nullptr},
-  {"show_urls", 'U', "Only show max this number of URLs", "I", &cl.show_urls, nullptr, nullptr},
-  {"as_object", 'A', "Produce URL stats as a JSON object instead of array", "T", &cl.as_object, nullptr, nullptr},
-  {"concise", 'C', "Eliminate metrics that can be inferred from other values", "T", &cl.concise, nullptr, nullptr},
-  {"incremental", 'i', "Incremental log parsing", "T", &cl.incremental, nullptr, nullptr},
-  {"statetag", 'S', "Name of the state file to use", "S1023", cl.state_tag, nullptr, nullptr},
-  {"tail", 't', "Parse the last <sec> seconds of log", "I", &cl.tail, nullptr, nullptr},
-  {"summary", 's', "Only produce the summary", "T", &cl.summary, nullptr, nullptr},
-  {"json", 'j', "Produce JSON formatted output", "T", &cl.json, nullptr, nullptr},
-  {"cgi", 'c', "Produce HTTP headers suitable as a CGI", "T", &cl.cgi, nullptr, nullptr},
-  {"min_hits", 'm', "Minimum total hits for an Origin", "L", &cl.min_hits, nullptr, nullptr},
-  {"max_age", 'a', "Max age for log entries to be considered", "I", &cl.max_age, nullptr, nullptr},
-  {"line_len", 'l', "Output line length", "I", &cl.line_len, nullptr, nullptr},
-  {"debug_tags", 'T', "Colon-Separated Debug Tags", "S1023", &error_tags, nullptr, nullptr},
-  {"report_per_user", 'r', "Report stats per user instead of host", "T", &cl.report_per_user, nullptr, nullptr},
-  {"no_format_check", 'n', "Don't validate the log format field names", "T", &cl.no_format_check, nullptr, nullptr},
+  {"log_file",        'f', "Specific logfile to parse",                                "S1023", cl.log_file,         nullptr, nullptr},
+  {"origin_list",     'o', "Only show stats for listed Origins",                       "S4095", cl.origin_list,      nullptr, nullptr},
+  {"origin_file",     'O', "File listing Origins to show",                             "S1023", cl.origin_file,      nullptr, nullptr},
+  {"max_origins",     'M', "Max number of Origins to show",                            "I",     &cl.max_origins,     nullptr, nullptr},
+  {"urls",            'u', "Produce JSON stats for URLs, argument is LRU size",        "I",     &cl.urls,            nullptr, nullptr},
+  {"show_urls",       'U', "Only show max this number of URLs",                        "I",     &cl.show_urls,       nullptr, nullptr},
+  {"as_object",       'A', "Produce URL stats as a JSON object instead of array",      "T",     &cl.as_object,       nullptr, nullptr},
+  {"concise",         'C', "Eliminate metrics that can be inferred from other values", "T",     &cl.concise,         nullptr, nullptr},
+  {"incremental",     'i', "Incremental log parsing",                                  "T",     &cl.incremental,     nullptr, nullptr},
+  {"statetag",        'S', "Name of the state file to use",                            "S1023", cl.state_tag,        nullptr, nullptr},
+  {"tail",            't', "Parse the last <sec> seconds of log",                      "I",     &cl.tail,            nullptr, nullptr},
+  {"summary",         's', "Only produce the summary",                                 "T",     &cl.summary,         nullptr, nullptr},
+  {"json",            'j', "Produce JSON formatted output",                            "T",     &cl.json,            nullptr, nullptr},
+  {"cgi",             'c', "Produce HTTP headers suitable as a CGI",                   "T",     &cl.cgi,             nullptr, nullptr},
+  {"min_hits",        'm', "Minimum total hits for an Origin",                         "L",     &cl.min_hits,        nullptr, nullptr},
+  {"max_age",         'a', "Max age for log entries to be considered",                 "I",     &cl.max_age,         nullptr, nullptr},
+  {"line_len",        'l', "Output line length",                                       "I",     &cl.line_len,        nullptr, nullptr},
+  {"debug_tags",      'T', "Colon-Separated Debug Tags",                               "S1023", &error_tags,         nullptr, nullptr},
+  {"report_per_user", 'r', "Report stats per user instead of host",                    "T",     &cl.report_per_user, nullptr, nullptr},
+  {"no_format_check", 'n', "Don't validate the log format field names",                "T",     &cl.no_format_check, nullptr, nullptr},
   HELP_ARGUMENT_DESCRIPTION(),
   VERSION_ARGUMENT_DESCRIPTION(),
-  RUNROOT_ARGUMENT_DESCRIPTION()};
+  RUNROOT_ARGUMENT_DESCRIPTION()
+};
 
 static const char *USAGE_LINE = "Usage: " PROGRAM_NAME " [-f logfile] [-o origin[,...]] [-O originfile] [-m minhits] [-binshv]";
 
@@ -1308,8 +1309,8 @@ parse_log_buff(LogBufferHeader *buf_header, bool summary = false, bool aggregate
     while ((field = fieldlist->next(field))) {
       switch (state) {
       case P_STATE_ELAPSED:
-        state   = P_STATE_IP;
-        elapsed = *((int64_t *)(read_from));
+        state     = P_STATE_IP;
+        elapsed   = *((int64_t *)(read_from));
         read_from += INK_MIN_ALIGN;
         break;
 
@@ -1331,8 +1332,8 @@ parse_log_buff(LogBufferHeader *buf_header, bool summary = false, bool aggregate
         break;
 
       case P_STATE_RESULT:
-        state  = P_STATE_CODE;
-        result = *((int64_t *)(read_from));
+        state     = P_STATE_CODE;
+        result    = *((int64_t *)(read_from));
         read_from += INK_MIN_ALIGN;
         if ((result < 32) || (result > 255)) {
           flag  = 1;
@@ -1353,8 +1354,8 @@ parse_log_buff(LogBufferHeader *buf_header, bool summary = false, bool aggregate
       case P_STATE_SIZE:
         // Warning: This is not 64-bit safe, when converting the log format,
         // this needs to be fixed as well.
-        state = P_STATE_METHOD;
-        size  = *((int64_t *)(read_from));
+        state     = P_STATE_METHOD;
+        size      = *((int64_t *)(read_from));
         read_from += INK_MIN_ALIGN;
         break;
 
@@ -1365,19 +1366,19 @@ parse_log_buff(LogBufferHeader *buf_header, bool summary = false, bool aggregate
         // Small optimization for common (3-4 char) cases
         switch (*reinterpret_cast<int *>(read_from)) {
         case GET_AS_INT:
-          method = METHOD_GET;
+          method    = METHOD_GET;
           read_from += LogAccess::round_strlen(3 + 1);
           break;
         case PUT_AS_INT:
-          method = METHOD_PUT;
+          method    = METHOD_PUT;
           read_from += LogAccess::round_strlen(3 + 1);
           break;
         case HEAD_AS_INT:
-          method = METHOD_HEAD;
+          method    = METHOD_HEAD;
           read_from += LogAccess::round_strlen(4 + 1);
           break;
         case POST_AS_INT:
-          method = METHOD_POST;
+          method    = METHOD_POST;
           read_from += LogAccess::round_strlen(4 + 1);
           break;
         default:
@@ -1418,12 +1419,12 @@ parse_log_buff(LogBufferHeader *buf_header, bool summary = false, bool aggregate
           if (HTTP_AS_INT == *reinterpret_cast<int *>(tok)) {
             tok += 4;
             if (':' == *tok) {
-              scheme = SCHEME_HTTP;
-              tok += 3;
+              scheme  = SCHEME_HTTP;
+              tok     += 3;
               tok_len = strlen(tok) + 7;
             } else if ('s' == *tok) {
-              scheme = SCHEME_HTTPS;
-              tok += 4;
+              scheme  = SCHEME_HTTPS;
+              tok     += 4;
               tok_len = strlen(tok) + 8;
             } else {
               tok_len = strlen(tok) + 4;
@@ -1744,7 +1745,7 @@ parse_log_buff(LogBufferHeader *buf_header, bool summary = false, bool aggregate
           }
         }
         read_from += LogAccess::round_strlen(tok_len + 1);
-        flag = 0; // We exited this state without errors
+        flag      = 0; // We exited this state without errors
         break;
 
       case P_STATE_END:
diff --git a/src/traffic_quic/quic_client.cc b/src/traffic_quic/quic_client.cc
index dbdfa895f75..cce5d1e194f 100644
--- a/src/traffic_quic/quic_client.cc
+++ b/src/traffic_quic/quic_client.cc
@@ -142,7 +142,7 @@ QUICClient::state_http_server_open(int event, void *data)
 //
 // Http09ClientApp
 //
-#define Http09ClientAppDebug(fmt, ...) Debug("quic_client_app", "[%s] " fmt, this->_qc->cids().data(), ##__VA_ARGS__)
+#define Http09ClientAppDebug(fmt, ...)  Debug("quic_client_app", "[%s] " fmt, this->_qc->cids().data(), ##__VA_ARGS__)
 #define Http09ClientAppVDebug(fmt, ...) Debug("v_quic_client_app", "[%s] " fmt, this->_qc->cids().data(), ##__VA_ARGS__)
 
 Http09ClientApp::Http09ClientApp(QUICNetVConnection *qvc, const QUICClientConfig *config) : QUICApplication(qvc), _config(config)
diff --git a/src/traffic_quic/traffic_quic.cc b/src/traffic_quic/traffic_quic.cc
index b420a864451..ba995352df6 100644
--- a/src/traffic_quic/traffic_quic.cc
+++ b/src/traffic_quic/traffic_quic.cc
@@ -60,16 +60,16 @@ main(int argc, const char **argv)
   QUICClientConfig config;
 
   const ArgumentDescription argument_descriptions[] = {
-    {"addr", 'a', "Address", "S1023", config.addr, nullptr, nullptr},
-    {"output", 'o', "Write to FILE instead of stdout", "S1023", config.output, nullptr, nullptr},
-    {"port", 'p', "Port", "S15", config.port, nullptr, nullptr},
-    {"path", 'P', "Path", "S1017", config.path, nullptr, nullptr},
-    {"server", 's', "Server name", "S127", config.server_name, nullptr, nullptr},
-    {"debug", 'T', "Vertical-bar-separated Debug Tags", "S1023", config.debug_tags, nullptr, nullptr},
-    {"close", 'c', "Enable connection close exercise", "F", &config.close, nullptr, nullptr},
-    {"reset", 'r', "Enable stateless reset exercise", "F", &config.reset, nullptr, nullptr},
-    {"http0_9", '-', "Enable HTTP/0.9", "T", &config.http0_9, nullptr, nullptr},
-    {"http3", '-', "Enable HTTP/3", "F", &config.http3, nullptr, nullptr},
+    {"addr",    'a', "Address",                           "S1023", config.addr,        nullptr, nullptr},
+    {"output",  'o', "Write to FILE instead of stdout",   "S1023", config.output,      nullptr, nullptr},
+    {"port",    'p', "Port",                              "S15",   config.port,        nullptr, nullptr},
+    {"path",    'P', "Path",                              "S1017", config.path,        nullptr, nullptr},
+    {"server",  's', "Server name",                       "S127",  config.server_name, nullptr, nullptr},
+    {"debug",   'T', "Vertical-bar-separated Debug Tags", "S1023", config.debug_tags,  nullptr, nullptr},
+    {"close",   'c', "Enable connection close exercise",  "F",     &config.close,      nullptr, nullptr},
+    {"reset",   'r', "Enable stateless reset exercise",   "F",     &config.reset,      nullptr, nullptr},
+    {"http0_9", '-', "Enable HTTP/0.9",                   "T",     &config.http0_9,    nullptr, nullptr},
+    {"http3",   '-', "Enable HTTP/3",                     "F",     &config.http3,      nullptr, nullptr},
 
     HELP_ARGUMENT_DESCRIPTION(),
     VERSION_ARGUMENT_DESCRIPTION(),
diff --git a/src/traffic_server/FetchSM.cc b/src/traffic_server/FetchSM.cc
index aa735978475..38af0d0dd05 100644
--- a/src/traffic_server/FetchSM.cc
+++ b/src/traffic_server/FetchSM.cc
@@ -28,7 +28,7 @@
 #include "PluginVC.h"
 #include "ts/ts.h" // Ugly, but we need a bunch of the public APIs here ... :-/
 
-#define DEBUG_TAG "FetchSM"
+#define DEBUG_TAG             "FetchSM"
 #define FETCH_LOCK_RETRY_TIME HRTIME_MSECONDS(10)
 
 ClassAllocator<FetchSM> FetchSMAllocator("FetchSMAllocator");
@@ -393,7 +393,7 @@ FetchSM::get_info_from_buffer(IOBufferReader *reader)
     if (client_response_hdr.parse_resp(&http_parser, reader, &bytes_used, 0) == PARSE_RESULT_DONE) {
       if ((bytes_used > 0) && (bytes_used <= read_avail)) {
         memcpy(info, buf, bytes_used);
-        info += bytes_used;
+        info         += bytes_used;
         client_bytes += bytes_used;
       }
     } else {
@@ -421,8 +421,8 @@ FetchSM::get_info_from_buffer(IOBufferReader *reader)
       if ((read_done > 0) && ((read_done <= read_avail))) {
         memcpy(info, buf, read_done);
         reader->consume(read_done);
-        read_avail -= read_done;
-        info += read_done;
+        read_avail   -= read_done;
+        info         += read_done;
         client_bytes += read_done;
       }
     }
@@ -456,8 +456,8 @@ FetchSM::get_info_from_buffer(IOBufferReader *reader)
       if ((read_done > 0) && (read_done <= read_avail)) {
         memcpy(info, buf, read_done);
         reader->consume(read_done);
-        read_avail -= read_done;
-        info += read_done;
+        read_avail   -= read_done;
+        info         += read_done;
         client_bytes += read_done;
       }
     }
diff --git a/src/traffic_server/HostStatus.cc b/src/traffic_server/HostStatus.cc
index b496cdc936f..1bdeba667ec 100644
--- a/src/traffic_server/HostStatus.cc
+++ b/src/traffic_server/HostStatus.cc
@@ -217,7 +217,7 @@ HostStatus::setHostStatus(const std::string_view name, TSHostStatus status, cons
       if (status == TSHostStatus::TS_HOST_STATUS_DOWN) {
         host_stat->active_marked_down = time(0);
         host_stat->active_down_time   = down_time;
-        host_stat->reasons |= Reason::ACTIVE;
+        host_stat->reasons            |= Reason::ACTIVE;
       } else {
         host_stat->active_marked_down = 0;
         host_stat->active_down_time   = 0;
@@ -231,7 +231,7 @@ HostStatus::setHostStatus(const std::string_view name, TSHostStatus status, cons
       if (status == TSHostStatus::TS_HOST_STATUS_DOWN) {
         host_stat->local_marked_down = time(0);
         host_stat->local_down_time   = down_time;
-        host_stat->reasons |= Reason::LOCAL;
+        host_stat->reasons           |= Reason::LOCAL;
       } else {
         host_stat->local_marked_down = 0;
         host_stat->local_down_time   = 0;
@@ -245,7 +245,7 @@ HostStatus::setHostStatus(const std::string_view name, TSHostStatus status, cons
       if (status == TSHostStatus::TS_HOST_STATUS_DOWN) {
         host_stat->manual_marked_down = time(0);
         host_stat->manual_down_time   = down_time;
-        host_stat->reasons |= Reason::MANUAL;
+        host_stat->reasons            |= Reason::MANUAL;
       } else {
         host_stat->manual_marked_down = 0;
         host_stat->manual_down_time   = 0;
@@ -259,7 +259,7 @@ HostStatus::setHostStatus(const std::string_view name, TSHostStatus status, cons
             HostStatusNames[status]);
       if (status == TSHostStatus::TS_HOST_STATUS_DOWN) {
         host_stat->self_detect_marked_down = time(0);
-        host_stat->reasons |= Reason::SELF_DETECT;
+        host_stat->reasons                 |= Reason::SELF_DETECT;
       } else {
         host_stat->self_detect_marked_down = 0;
         if (host_stat->reasons & Reason::SELF_DETECT) {
diff --git a/src/traffic_server/InkAPI.cc b/src/traffic_server/InkAPI.cc
index 4ee952787f8..45b6f73f900 100644
--- a/src/traffic_server/InkAPI.cc
+++ b/src/traffic_server/InkAPI.cc
@@ -953,8 +953,8 @@ FileImpl::fwrite(const void *buf, size_t length)
     memcpy(&m_buf[m_bufpos], p, avail);
 
     m_bufpos += avail;
-    p += avail;
-    length -= avail;
+    p        += avail;
+    length   -= avail;
 
     if ((length > 0) && (m_bufpos > 0)) {
       if (fflush() <= 0) {
diff --git a/src/traffic_server/InkAPITest.cc b/src/traffic_server/InkAPITest.cc
index 74a26b4ec8c..4fbf97551f9 100644
--- a/src/traffic_server/InkAPITest.cc
+++ b/src/traffic_server/InkAPITest.cc
@@ -63,24 +63,24 @@
   }
 
 #define MAGIC_ALIVE 0xfeedbaba
-#define MAGIC_DEAD 0xdeadbeef
+#define MAGIC_DEAD  0xdeadbeef
 
 #define SYNSERVER_LISTEN_PORT 3300
-#define SYNSERVER_DUMMY_PORT -1
+#define SYNSERVER_DUMMY_PORT  -1
 
 #define PROXY_CONFIG_NAME_HTTP_PORT "proxy.config.http.server_port"
-#define PROXY_HTTP_DEFAULT_PORT 8080
+#define PROXY_HTTP_DEFAULT_PORT     8080
 
-#define REQUEST_MAX_SIZE 4095
+#define REQUEST_MAX_SIZE  4095
 #define RESPONSE_MAX_SIZE 4095
 
 #define HTTP_REQUEST_END "\r\n\r\n"
 
 // each request/response includes an identifier as a Mime field
-#define X_REQUEST_ID "X-Request-ID"
+#define X_REQUEST_ID  "X-Request-ID"
 #define X_RESPONSE_ID "X-Response-ID"
 
-#define ERROR_BODY "TESTING ERROR PAGE"
+#define ERROR_BODY              "TESTING ERROR PAGE"
 #define TRANSFORM_APPEND_STRING "This is a transformed response"
 
 extern int dns_failover_period;
@@ -8584,131 +8584,71 @@ EXCLUSIVE_REGRESSION_TEST(SDK_API_TSHttpConnectServerIntercept)(RegressionTest *
 // The order of these should be the same as TSOverridableConfigKey
 std::array<std::string_view, TS_CONFIG_LAST_ENTRY> SDK_Overridable_Configs = {
   {"proxy.config.url_remap.pristine_host_hdr",
-   "proxy.config.http.chunking_enabled",
-   "proxy.config.http.negative_caching_enabled",
-   "proxy.config.http.negative_caching_lifetime",
-   "proxy.config.http.cache.when_to_revalidate",
-   "proxy.config.http.keep_alive_enabled_in",
-   "proxy.config.http.keep_alive_enabled_out",
-   "proxy.config.http.keep_alive_post_out",
-   "proxy.config.http.server_session_sharing.match",
-   "proxy.config.net.sock_recv_buffer_size_out",
-   "proxy.config.net.sock_send_buffer_size_out",
-   "proxy.config.net.sock_option_flag_out",
-   "proxy.config.http.forward.proxy_auth_to_parent",
-   "proxy.config.http.anonymize_remove_from",
-   "proxy.config.http.anonymize_remove_referer",
-   "proxy.config.http.anonymize_remove_user_agent",
-   "proxy.config.http.anonymize_remove_cookie",
-   "proxy.config.http.anonymize_remove_client_ip",
-   "proxy.config.http.insert_client_ip",
-   "proxy.config.http.response_server_enabled",
-   "proxy.config.http.insert_squid_x_forwarded_for",
-   "proxy.config.http.send_http11_requests",
-   "proxy.config.http.cache.http",
-   "proxy.config.http.cache.ignore_client_no_cache",
-   "proxy.config.http.cache.ignore_client_cc_max_age",
-   "proxy.config.http.cache.ims_on_client_no_cache",
-   "proxy.config.http.cache.ignore_server_no_cache",
-   "proxy.config.http.cache.cache_responses_to_cookies",
-   "proxy.config.http.cache.ignore_authentication",
-   "proxy.config.http.cache.cache_urls_that_look_dynamic",
-   "proxy.config.http.cache.required_headers",
-   "proxy.config.http.insert_request_via_str",
-   "proxy.config.http.insert_response_via_str",
-   "proxy.config.http.cache.heuristic_min_lifetime",
-   "proxy.config.http.cache.heuristic_max_lifetime",
-   "proxy.config.http.cache.guaranteed_min_lifetime",
-   "proxy.config.http.cache.guaranteed_max_lifetime",
-   "proxy.config.http.cache.max_stale_age",
-   "proxy.config.http.keep_alive_no_activity_timeout_in",
-   "proxy.config.http.keep_alive_no_activity_timeout_out",
-   "proxy.config.http.transaction_no_activity_timeout_in",
-   "proxy.config.http.transaction_no_activity_timeout_out",
-   "proxy.config.http.transaction_active_timeout_out",
-   "proxy.config.http.connect_attempts_max_retries",
-   "proxy.config.http.connect_attempts_max_retries_dead_server",
-   "proxy.config.http.connect_attempts_rr_retries",
-   "proxy.config.http.connect_attempts_timeout",
-   "proxy.config.http.down_server.cache_time",
-   "proxy.config.http.doc_in_cache_skip_dns",
-   "proxy.config.http.background_fill_active_timeout",
-   "proxy.config.http.response_server_str",
-   "proxy.config.http.cache.heuristic_lm_factor",
-   "proxy.config.http.background_fill_completed_threshold",
-   "proxy.config.net.sock_packet_mark_out",
-   "proxy.config.net.sock_packet_tos_out",
-   "proxy.config.http.insert_age_in_response",
-   "proxy.config.http.chunking.size",
-   "proxy.config.http.flow_control.enabled",
-   "proxy.config.http.flow_control.low_water",
-   "proxy.config.http.flow_control.high_water",
-   "proxy.config.http.cache.range.lookup",
-   "proxy.config.http.default_buffer_size",
-   "proxy.config.http.default_buffer_water_mark",
-   "proxy.config.http.request_header_max_size",
-   "proxy.config.http.response_header_max_size",
-   "proxy.config.http.negative_revalidating_enabled",
-   "proxy.config.http.negative_revalidating_lifetime",
-   "proxy.config.ssl.hsts_max_age",
-   "proxy.config.ssl.hsts_include_subdomains",
-   "proxy.config.http.cache.open_read_retry_time",
-   "proxy.config.http.cache.max_open_read_retries",
-   "proxy.config.http.cache.range.write",
-   "proxy.config.http.post.check.content_length.enabled",
-   "proxy.config.http.global_user_agent_header",
-   "proxy.config.http.auth_server_session_private",
-   "proxy.config.http.slow.log.threshold",
-   "proxy.config.http.cache.generation",
-   "proxy.config.body_factory.template_base",
-   "proxy.config.http.cache.open_write_fail_action",
-   "proxy.config.http.number_of_redirections",
-   "proxy.config.http.cache.max_open_write_retries",
-   "proxy.config.http.cache.max_open_write_retry_timeout",
-   "proxy.config.http.redirect_use_orig_cache_key",
-   "proxy.config.http.attach_server_session_to_client",
-   "proxy.config.websocket.no_activity_timeout",
-   "proxy.config.websocket.active_timeout",
-   "proxy.config.http.uncacheable_requests_bypass_parent",
-   "proxy.config.http.parent_proxy.total_connect_attempts",
-   "proxy.config.http.transaction_active_timeout_in",
-   "proxy.config.srv_enabled",
-   "proxy.config.http.forward_connect_method",
-   "proxy.config.ssl.client.cert.filename",
-   "proxy.config.ssl.client.cert.path",
-   "proxy.config.http.parent_proxy.mark_down_hostdb",
-   "proxy.config.http.cache.ignore_accept_mismatch",
-   "proxy.config.http.cache.ignore_accept_language_mismatch",
-   "proxy.config.http.cache.ignore_accept_encoding_mismatch",
-   "proxy.config.http.cache.ignore_accept_charset_mismatch",
-   "proxy.config.http.parent_proxy.fail_threshold",
-   "proxy.config.http.parent_proxy.retry_time",
-   "proxy.config.http.parent_proxy.per_parent_connect_attempts",
-   "proxy.config.http.normalize_ae",
-   "proxy.config.http.insert_forwarded",
-   "proxy.config.http.proxy_protocol_out",
-   "proxy.config.http.allow_multi_range",
-   "proxy.config.http.request_buffer_enabled",
-   "proxy.config.http.allow_half_open",
+   "proxy.config.http.chunking_enabled", "proxy.config.http.negative_caching_enabled",
+   "proxy.config.http.negative_caching_lifetime", "proxy.config.http.cache.when_to_revalidate",
+   "proxy.config.http.keep_alive_enabled_in", "proxy.config.http.keep_alive_enabled_out",
+   "proxy.config.http.keep_alive_post_out", "proxy.config.http.server_session_sharing.match",
+   "proxy.config.net.sock_recv_buffer_size_out", "proxy.config.net.sock_send_buffer_size_out",
+   "proxy.config.net.sock_option_flag_out", "proxy.config.http.forward.proxy_auth_to_parent",
+   "proxy.config.http.anonymize_remove_from", "proxy.config.http.anonymize_remove_referer",
+   "proxy.config.http.anonymize_remove_user_agent", "proxy.config.http.anonymize_remove_cookie",
+   "proxy.config.http.anonymize_remove_client_ip", "proxy.config.http.insert_client_ip",
+   "proxy.config.http.response_server_enabled", "proxy.config.http.insert_squid_x_forwarded_for",
+   "proxy.config.http.send_http11_requests", "proxy.config.http.cache.http",
+   "proxy.config.http.cache.ignore_client_no_cache", "proxy.config.http.cache.ignore_client_cc_max_age",
+   "proxy.config.http.cache.ims_on_client_no_cache", "proxy.config.http.cache.ignore_server_no_cache",
+   "proxy.config.http.cache.cache_responses_to_cookies", "proxy.config.http.cache.ignore_authentication",
+   "proxy.config.http.cache.cache_urls_that_look_dynamic", "proxy.config.http.cache.required_headers",
+   "proxy.config.http.insert_request_via_str", "proxy.config.http.insert_response_via_str",
+   "proxy.config.http.cache.heuristic_min_lifetime", "proxy.config.http.cache.heuristic_max_lifetime",
+   "proxy.config.http.cache.guaranteed_min_lifetime", "proxy.config.http.cache.guaranteed_max_lifetime",
+   "proxy.config.http.cache.max_stale_age", "proxy.config.http.keep_alive_no_activity_timeout_in",
+   "proxy.config.http.keep_alive_no_activity_timeout_out", "proxy.config.http.transaction_no_activity_timeout_in",
+   "proxy.config.http.transaction_no_activity_timeout_out", "proxy.config.http.transaction_active_timeout_out",
+   "proxy.config.http.connect_attempts_max_retries", "proxy.config.http.connect_attempts_max_retries_dead_server",
+   "proxy.config.http.connect_attempts_rr_retries", "proxy.config.http.connect_attempts_timeout",
+   "proxy.config.http.down_server.cache_time", "proxy.config.http.doc_in_cache_skip_dns",
+   "proxy.config.http.background_fill_active_timeout", "proxy.config.http.response_server_str",
+   "proxy.config.http.cache.heuristic_lm_factor", "proxy.config.http.background_fill_completed_threshold",
+   "proxy.config.net.sock_packet_mark_out", "proxy.config.net.sock_packet_tos_out",
+   "proxy.config.http.insert_age_in_response", "proxy.config.http.chunking.size",
+   "proxy.config.http.flow_control.enabled", "proxy.config.http.flow_control.low_water",
+   "proxy.config.http.flow_control.high_water", "proxy.config.http.cache.range.lookup",
+   "proxy.config.http.default_buffer_size", "proxy.config.http.default_buffer_water_mark",
+   "proxy.config.http.request_header_max_size", "proxy.config.http.response_header_max_size",
+   "proxy.config.http.negative_revalidating_enabled", "proxy.config.http.negative_revalidating_lifetime",
+   "proxy.config.ssl.hsts_max_age", "proxy.config.ssl.hsts_include_subdomains",
+   "proxy.config.http.cache.open_read_retry_time", "proxy.config.http.cache.max_open_read_retries",
+   "proxy.config.http.cache.range.write", "proxy.config.http.post.check.content_length.enabled",
+   "proxy.config.http.global_user_agent_header", "proxy.config.http.auth_server_session_private",
+   "proxy.config.http.slow.log.threshold", "proxy.config.http.cache.generation",
+   "proxy.config.body_factory.template_base", "proxy.config.http.cache.open_write_fail_action",
+   "proxy.config.http.number_of_redirections", "proxy.config.http.cache.max_open_write_retries",
+   "proxy.config.http.cache.max_open_write_retry_timeout", "proxy.config.http.redirect_use_orig_cache_key",
+   "proxy.config.http.attach_server_session_to_client", "proxy.config.websocket.no_activity_timeout",
+   "proxy.config.websocket.active_timeout", "proxy.config.http.uncacheable_requests_bypass_parent",
+   "proxy.config.http.parent_proxy.total_connect_attempts", "proxy.config.http.transaction_active_timeout_in",
+   "proxy.config.srv_enabled", "proxy.config.http.forward_connect_method",
+   "proxy.config.ssl.client.cert.filename", "proxy.config.ssl.client.cert.path",
+   "proxy.config.http.parent_proxy.mark_down_hostdb", "proxy.config.http.cache.ignore_accept_mismatch",
+   "proxy.config.http.cache.ignore_accept_language_mismatch", "proxy.config.http.cache.ignore_accept_encoding_mismatch",
+   "proxy.config.http.cache.ignore_accept_charset_mismatch", "proxy.config.http.parent_proxy.fail_threshold",
+   "proxy.config.http.parent_proxy.retry_time", "proxy.config.http.parent_proxy.per_parent_connect_attempts",
+   "proxy.config.http.normalize_ae", "proxy.config.http.insert_forwarded",
+   "proxy.config.http.proxy_protocol_out", "proxy.config.http.allow_multi_range",
+   "proxy.config.http.request_buffer_enabled", "proxy.config.http.allow_half_open",
    OutboundConnTrack::CONFIG_VAR_MIN,
    OutboundConnTrack::CONFIG_VAR_MAX,
    OutboundConnTrack::CONFIG_VAR_MATCH,
-   "proxy.config.ssl.client.verify.server.policy",
-   "proxy.config.ssl.client.verify.server.properties",
-   "proxy.config.ssl.client.sni_policy",
-   "proxy.config.ssl.client.private_key.filename",
-   "proxy.config.ssl.client.CA.cert.filename",
-   "proxy.config.ssl.client.alpn_protocols",
-   "proxy.config.hostdb.ip_resolve",
-   "proxy.config.http.connect.dead.policy",
-   "proxy.config.http.max_proxy_cycles",
-   "proxy.config.plugin.vc.default_buffer_index",
-   "proxy.config.plugin.vc.default_buffer_water_mark",
-   "proxy.config.net.sock_notsent_lowat",
-   "proxy.config.body_factory.response_suppression_mode",
-   "proxy.config.http.parent_proxy.enable_parent_timeout_markdowns",
-   "proxy.config.http.parent_proxy.disable_parent_markdowns",
-   "proxy.config.net.default_inactivity_timeout"}};
+   "proxy.config.ssl.client.verify.server.policy", "proxy.config.ssl.client.verify.server.properties",
+   "proxy.config.ssl.client.sni_policy", "proxy.config.ssl.client.private_key.filename",
+   "proxy.config.ssl.client.CA.cert.filename", "proxy.config.ssl.client.alpn_protocols",
+   "proxy.config.hostdb.ip_resolve", "proxy.config.http.connect.dead.policy",
+   "proxy.config.http.max_proxy_cycles", "proxy.config.plugin.vc.default_buffer_index",
+   "proxy.config.plugin.vc.default_buffer_water_mark", "proxy.config.net.sock_notsent_lowat",
+   "proxy.config.body_factory.response_suppression_mode", "proxy.config.http.parent_proxy.enable_parent_timeout_markdowns",
+   "proxy.config.http.parent_proxy.disable_parent_markdowns", "proxy.config.net.default_inactivity_timeout"}
+};
 
 extern ClassAllocator<HttpSM> httpSMAllocator;
 
diff --git a/src/traffic_server/traffic_server.cc b/src/traffic_server/traffic_server.cc
index ec544ac7f9b..e0cf1075662 100644
--- a/src/traffic_server/traffic_server.cc
+++ b/src/traffic_server/traffic_server.cc
@@ -199,41 +199,40 @@ static int delay_listen_for_cache = 0;
 AppVersionInfo appVersionInfo; // Build info for this application
 
 static ArgumentDescription argument_descriptions[] = {
-  {"net_threads", 'n', "Number of Net Threads", "I", &num_of_net_threads, "PROXY_NET_THREADS", nullptr},
-  {"udp_threads", 'U', "Number of UDP Threads", "I", &num_of_udp_threads, "PROXY_UDP_THREADS", nullptr},
-  {"accept_thread", 'a', "Use an Accept Thread", "T", &num_accept_threads, "PROXY_ACCEPT_THREAD", nullptr},
-  {"accept_till_done", 'b', "Accept Till Done", "T", &accept_till_done, "PROXY_ACCEPT_TILL_DONE", nullptr},
-  {"httpport", 'p', "Port descriptor for HTTP Accept", "S*", &http_accept_port_descriptor, "PROXY_HTTP_ACCEPT_PORT", nullptr},
-  {"disable_freelist", 'f', "Disable the freelist memory allocator", "T", &cmd_disable_freelist, "PROXY_DPRINTF_LEVEL", nullptr},
-  {"disable_pfreelist", 'F', "Disable the freelist memory allocator in ProxyAllocator", "T", &cmd_disable_pfreelist,
-   "PROXY_DPRINTF_LEVEL", nullptr},
-  {"maxRecords", 'm', "Max number of librecords metrics and configurations (default & minimum: 1600)", "I", &max_records_entries,
-   "PROXY_MAX_RECORDS", nullptr},
+  {"net_threads",       'n', "Number of Net Threads",                                                                               "I",     &num_of_net_threads,             "PROXY_NET_THREADS",       nullptr},
+  {"udp_threads",       'U', "Number of UDP Threads",                                                                               "I",     &num_of_udp_threads,             "PROXY_UDP_THREADS",       nullptr},
+  {"accept_thread",     'a', "Use an Accept Thread",                                                                                "T",     &num_accept_threads,             "PROXY_ACCEPT_THREAD",     nullptr},
+  {"accept_till_done",  'b', "Accept Till Done",                                                                                    "T",     &accept_till_done,               "PROXY_ACCEPT_TILL_DONE",  nullptr},
+  {"httpport",          'p', "Port descriptor for HTTP Accept",                                                                     "S*",    &http_accept_port_descriptor,    "PROXY_HTTP_ACCEPT_PORT",  nullptr},
+  {"disable_freelist",  'f', "Disable the freelist memory allocator",                                                               "T",     &cmd_disable_freelist,           "PROXY_DPRINTF_LEVEL",     nullptr},
+  {"disable_pfreelist", 'F', "Disable the freelist memory allocator in ProxyAllocator",                                             "T",     &cmd_disable_pfreelist,
+   "PROXY_DPRINTF_LEVEL",                                                                                                                                                                                nullptr},
+  {"maxRecords",        'm', "Max number of librecords metrics and configurations (default & minimum: 1600)",                       "I",     &max_records_entries,
+   "PROXY_MAX_RECORDS",                                                                                                                                                                                  nullptr},
 
 #if TS_HAS_TESTS
-  {"regression", 'R', "Regression Level (quick:1..long:3)", "I", &regression_level, "PROXY_REGRESSION", nullptr},
-  {"regression_test", 'r', "Run Specific Regression Test", "S512", regression_test, "PROXY_REGRESSION_TEST", nullptr},
-  {"regression_list", 'l', "List Regression Tests", "T", &regression_list, "PROXY_REGRESSION_LIST", nullptr},
-#endif // TS_HAS_TESTS
+  {"regression",        'R', "Regression Level (quick:1..long:3)",                                                                  "I",     &regression_level,               "PROXY_REGRESSION",        nullptr},
+  {"regression_test",   'r', "Run Specific Regression Test",                                                                        "S512",  regression_test,                 "PROXY_REGRESSION_TEST",   nullptr},
+  {"regression_list",   'l', "List Regression Tests",                                                                               "T",     &regression_list,                "PROXY_REGRESSION_LIST",   nullptr},
+#endif  // TS_HAS_TESTS
 
 #if TS_USE_DIAGS
-  {"debug_tags", 'T', "Vertical-bar-separated Debug Tags", "S1023", error_tags, "PROXY_DEBUG_TAGS", nullptr},
-  {"action_tags", 'B', "Vertical-bar-separated Behavior Tags", "S1023", action_tags, "PROXY_BEHAVIOR_TAGS", nullptr},
+  {"debug_tags",        'T', "Vertical-bar-separated Debug Tags",                                                                   "S1023", error_tags,                      "PROXY_DEBUG_TAGS",        nullptr},
+  {"action_tags",       'B', "Vertical-bar-separated Behavior Tags",                                                                "S1023", action_tags,                     "PROXY_BEHAVIOR_TAGS",     nullptr},
 #endif
 
-  {"interval", 'i', "Statistics Interval", "I", &show_statistics, "PROXY_STATS_INTERVAL", nullptr},
-  {"command", 'C',
+  {"interval",          'i', "Statistics Interval",                                                                                 "I",     &show_statistics,                "PROXY_STATS_INTERVAL",    nullptr},
+  {"command",           'C',
    "Maintenance Command to Execute\n"
-   "      Commands: list, check, clear, clear_cache, clear_hostdb, verify_config, verify_global_plugin, verify_remap_plugin, help",
-   "S511", &command_string, "PROXY_COMMAND_STRING", nullptr},
-  {"conf_dir", 'D', "config dir to verify", "S511", &conf_dir, "PROXY_CONFIG_CONFIG_DIR", nullptr},
-  {"clear_hostdb", 'k', "Clear HostDB on Startup", "F", &auto_clear_hostdb_flag, "PROXY_CLEAR_HOSTDB", nullptr},
-  {"clear_cache", 'K', "Clear Cache on Startup", "F", &cacheProcessor.auto_clear_flag, "PROXY_CLEAR_CACHE", nullptr},
-  {"bind_stdout", '-', "Regular file to bind stdout to", "S512", &bind_stdout, "PROXY_BIND_STDOUT", nullptr},
-  {"bind_stderr", '-', "Regular file to bind stderr to", "S512", &bind_stderr, "PROXY_BIND_STDERR", nullptr},
-  {"accept_mss", '-', "MSS for client connections", "I", &accept_mss, nullptr, nullptr},
-  {"poll_timeout", 't', "poll timeout in milliseconds", "I", &poll_timeout, nullptr, nullptr},
-  {"block", '-', "block for debug attach", "T", &cmd_block, nullptr, nullptr},
+   "      Commands: list, check, clear, clear_cache, clear_hostdb, verify_config, verify_global_plugin, verify_remap_plugin, help", "S511",  &command_string,                 "PROXY_COMMAND_STRING",    nullptr},
+  {"conf_dir",          'D', "config dir to verify",                                                                                "S511",  &conf_dir,                       "PROXY_CONFIG_CONFIG_DIR", nullptr},
+  {"clear_hostdb",      'k', "Clear HostDB on Startup",                                                                             "F",     &auto_clear_hostdb_flag,         "PROXY_CLEAR_HOSTDB",      nullptr},
+  {"clear_cache",       'K', "Clear Cache on Startup",                                                                              "F",     &cacheProcessor.auto_clear_flag, "PROXY_CLEAR_CACHE",       nullptr},
+  {"bind_stdout",       '-', "Regular file to bind stdout to",                                                                      "S512",  &bind_stdout,                    "PROXY_BIND_STDOUT",       nullptr},
+  {"bind_stderr",       '-', "Regular file to bind stderr to",                                                                      "S512",  &bind_stderr,                    "PROXY_BIND_STDERR",       nullptr},
+  {"accept_mss",        '-', "MSS for client connections",                                                                          "I",     &accept_mss,                     nullptr,                   nullptr},
+  {"poll_timeout",      't', "poll timeout in milliseconds",                                                                        "I",     &poll_timeout,                   nullptr,                   nullptr},
+  {"block",             '-', "block for debug attach",                                                                              "T",     &cmd_block,                      nullptr,                   nullptr},
   HELP_ARGUMENT_DESCRIPTION(),
   VERSION_ARGUMENT_DESCRIPTION(),
   RUNROOT_ARGUMENT_DESCRIPTION(),
@@ -729,11 +728,11 @@ initialize_jsonrpc_server()
   return ok;
 }
 
-#define CMD_ERROR -2      // serious error, exit maintenance mode
-#define CMD_FAILED -1     // error, but recoverable
-#define CMD_OK 0          // ok, or minor (user) error
-#define CMD_HELP 1        // ok, print help
-#define CMD_IN_PROGRESS 2 // task not completed. don't exit
+#define CMD_ERROR       -2 // serious error, exit maintenance mode
+#define CMD_FAILED      -1 // error, but recoverable
+#define CMD_OK          0  // ok, or minor (user) error
+#define CMD_HELP        1  // ok, print help
+#define CMD_IN_PROGRESS 2  // task not completed. don't exit
 
 static int
 cmd_list(char * /* cmd ATS_UNUSED */)
@@ -1010,7 +1009,7 @@ load_plugin(plugin_type_t plugin_type, const fs::path &plugin_path, std::string
   }
   case plugin_type_t::REMAP: {
     auto temporary_directory = fs::temp_directory_path();
-    temporary_directory /= fs::path(std::string("verify_plugin_") + std::to_string(getpid()));
+    temporary_directory      /= fs::path(std::string("verify_plugin_") + std::to_string(getpid()));
     std::error_code ec;
     if (!fs::create_directories(temporary_directory, ec)) {
       std::ostringstream error_os;
@@ -1104,15 +1103,14 @@ static const struct CMD {
   int (*f)(char *);
   bool no_process_lock; /// If set this command doesn't need a process level lock.
 } commands[] = {
-  {"list", "List cache configuration",
+  {"list",                 "List cache configuration",
    "LIST\n"
    "\n"
    "FORMAT: list\n"
    "\n"
    "List the sizes of the Host Database and Cache Index,\n"
-   "and the storage available to the cache.\n",
-   cmd_list, false},
-  {"check", "Check the cache (do not make any changes)",
+   "and the storage available to the cache.\n",                        cmd_list,                 false},
+  {"check",                "Check the cache (do not make any changes)",
    "CHECK\n"
    "\n"
    "FORMAT: check\n"
@@ -1120,58 +1118,51 @@ static const struct CMD {
    "Check the cache for inconsistencies or corruption.\n"
    "CHECK does not make any changes to the data stored in\n"
    "the cache. CHECK requires a scan of the contents of the\n"
-   "cache and may take a long time for large caches.\n",
-   cmd_check, true},
-  {"clear", "Clear the entire cache",
+   "cache and may take a long time for large caches.\n",               cmd_check,                true },
+  {"clear",                "Clear the entire cache",
    "CLEAR\n"
    "\n"
    "FORMAT: clear\n"
    "\n"
    "Clear the entire cache.  All data in the cache is\n"
    "lost and the cache is reconfigured based on the current\n"
-   "description of database sizes and available storage.\n",
-   cmd_clear, false},
-  {"clear_cache", "Clear the document cache",
+   "description of database sizes and available storage.\n",           cmd_clear,                false},
+  {"clear_cache",          "Clear the document cache",
    "CLEAR_CACHE\n"
    "\n"
    "FORMAT: clear_cache\n"
    "\n"
    "Clear the document cache.  All documents in the cache are\n"
    "lost and the cache is reconfigured based on the current\n"
-   "description of database sizes and available storage.\n",
-   cmd_clear, false},
-  {"clear_hostdb", "Clear the hostdb cache",
+   "description of database sizes and available storage.\n",           cmd_clear,                false},
+  {"clear_hostdb",         "Clear the hostdb cache",
    "CLEAR_HOSTDB\n"
    "\n"
    "FORMAT: clear_hostdb\n"
    "\n"
    "Clear the entire hostdb cache.  All host name resolution\n"
-   "information is lost.\n",
-   cmd_clear, false},
-  {CMD_VERIFY_CONFIG, "Verify the config",
+   "information is lost.\n",                                           cmd_clear,                false},
+  {CMD_VERIFY_CONFIG,      "Verify the config",
    "\n"
    "\n"
    "FORMAT: verify_config\n"
    "\n"
-   "Load the config and verify traffic_server comes up correctly. \n",
-   cmd_verify, true},
+   "Load the config and verify traffic_server comes up correctly. \n", cmd_verify,               true },
   {"verify_global_plugin", "Verify a global plugin's shared object file",
    "VERIFY_GLOBAL_PLUGIN\n"
    "\n"
    "FORMAT: verify_global_plugin [global_plugin_so_file]\n"
    "\n"
    "Load a global plugin's shared object file and verify it meets\n"
-   "minimal plugin API requirements. \n",
-   cmd_verify_global_plugin, false},
-  {"verify_remap_plugin", "Verify a remap plugin's shared object file",
+   "minimal plugin API requirements. \n",                              cmd_verify_global_plugin, false},
+  {"verify_remap_plugin",  "Verify a remap plugin's shared object file",
    "VERIFY_REMAP_PLUGIN\n"
    "\n"
    "FORMAT: verify_remap_plugin [remap_plugin_so_file]\n"
    "\n"
    "Load a remap plugin's shared object file and verify it meets\n"
-   "minimal plugin API requirements. \n",
-   cmd_verify_remap_plugin, false},
-  {"help", "Obtain a short description of a command (e.g. 'help clear')",
+   "minimal plugin API requirements. \n",                              cmd_verify_remap_plugin,  false},
+  {"help",                 "Obtain a short description of a command (e.g. 'help clear')",
    "HELP\n"
    "\n"
    "FORMAT: help [command_name]\n"
@@ -1179,8 +1170,7 @@ static const struct CMD {
    "EXAMPLES: help help\n"
    "          help commit\n"
    "\n"
-   "Provide a short description of a command (like this).\n",
-   cmd_help, false},
+   "Provide a short description of a command (like this).\n",          cmd_help,                 false},
 };
 
 static int
@@ -1411,30 +1401,30 @@ struct ShowStats : public Continuation {
 
     NET_READ_DYN_SUM(net_calls_to_readfromnet_stat, sval);
     int64_t d_rb = sval - last_rb;
-    last_rb += d_rb;
+    last_rb      += d_rb;
 
     NET_READ_DYN_SUM(net_calls_to_writetonet_stat, sval);
     int64_t d_wb = sval - last_wb;
-    last_wb += d_wb;
+    last_wb      += d_wb;
 
     NET_READ_DYN_STAT(net_read_bytes_stat, sval, cval);
     int64_t d_nrb = sval - last_nrb;
-    last_nrb += d_nrb;
-    int64_t d_nr = cval - last_nr;
-    last_nr += d_nr;
+    last_nrb      += d_nrb;
+    int64_t d_nr  = cval - last_nr;
+    last_nr       += d_nr;
 
     NET_READ_DYN_STAT(net_write_bytes_stat, sval, cval);
     int64_t d_nwb = sval - last_nwb;
-    last_nwb += d_nwb;
-    int64_t d_nw = cval - last_nw;
-    last_nw += d_nw;
+    last_nwb      += d_nwb;
+    int64_t d_nw  = cval - last_nw;
+    last_nw       += d_nw;
 
     NET_READ_GLOBAL_DYN_SUM(net_connections_currently_open_stat, sval);
     int64_t d_o = sval;
 
     NET_READ_DYN_STAT(net_handler_run_stat, sval, cval);
     int64_t d_p = cval - last_p;
-    last_p += d_p;
+    last_p      += d_p;
     printf("%" PRId64 ":%" PRId64 ":%" PRId64 ":%" PRId64 " %" PRId64 ":%" PRId64 " %" PRId64 " %" PRId64 "\n", d_rb, d_wb, d_nrb,
            d_nr, d_nwb, d_nw, d_o, d_p);
 #ifdef ENABLE_TIME_TRACE
diff --git a/src/traffic_top/stats.h b/src/traffic_top/stats.h
index dfb7870b403..621c8ec6f17 100644
--- a/src/traffic_top/stats.h
+++ b/src/traffic_top/stats.h
@@ -496,7 +496,7 @@ class Stats
   {
     // move past global
     size_t pos = response.find(constant::global);
-    pos += sizeof(constant::global) - 1;
+    pos        += sizeof(constant::global) - 1;
 
     // find parts of the line
     while (true) {
diff --git a/src/traffic_top/traffic_top.cc b/src/traffic_top/traffic_top.cc
index c20c74af220..4bddbc393cb 100644
--- a/src/traffic_top/traffic_top.cc
+++ b/src/traffic_top/traffic_top.cc
@@ -34,7 +34,7 @@
 
 // At least on solaris, the default ncurses defines macros such as
 // clear() that break stdlibc++.
-#define NOMACROS 1
+#define NOMACROS         1
 #define NCURSES_NOMACROS 1
 
 #if defined HAVE_NCURSESW_CURSES_H
diff --git a/src/traffic_wccp/wccp_client.cc b/src/traffic_wccp/wccp_client.cc
index 1cb5a4b6d0b..17ceee648f8 100644
--- a/src/traffic_wccp/wccp_client.cc
+++ b/src/traffic_wccp/wccp_client.cc
@@ -126,12 +126,12 @@ main(int argc, char **argv)
 
   static option OPTIONS[] = {
     {"address", 1, nullptr, OPT_ADDRESS},
-    {"router", 1, nullptr, OPT_ROUTER},
+    {"router",  1, nullptr, OPT_ROUTER },
     {"service", 1, nullptr, OPT_SERVICE},
-    {"debug", 0, nullptr, OPT_DEBUG},
-    {"daemon", 0, nullptr, OPT_DAEMON},
-    {"help", 0, nullptr, OPT_HELP},
-    {nullptr, 0, nullptr, 0} // required terminator.
+    {"debug",   0, nullptr, OPT_DEBUG  },
+    {"daemon",  0, nullptr, OPT_DAEMON },
+    {"help",    0, nullptr, OPT_HELP   },
+    {nullptr,   0, nullptr, 0          }  // required terminator.
   };
 
   in_addr ip_addr     = {INADDR_ANY};
diff --git a/src/tscore/ArgParser.cc b/src/tscore/ArgParser.cc
index ab233f9b417..8ad1c54039c 100644
--- a/src/tscore/ArgParser.cc
+++ b/src/tscore/ArgParser.cc
@@ -348,7 +348,7 @@ ArgParser::Command::output_option() const
     if (!it.second.short_option.empty()) {
       msg = it.second.short_option + ", ";
     }
-    msg += it.first;
+    msg          += it.first;
     unsigned num = it.second.arg_num;
     if (num != 0) {
       if (num == 1) {
diff --git a/src/tscore/BaseLogFile.cc b/src/tscore/BaseLogFile.cc
index 1d9fe67088a..43a6b13e0b1 100644
--- a/src/tscore/BaseLogFile.cc
+++ b/src/tscore/BaseLogFile.cc
@@ -496,13 +496,13 @@ BaseMetaInfo::_read_from_file()
           t = tok.getNext();
           if (t) {
             _creation_time = static_cast<time_t>(ink_atoi64(t));
-            _flags |= VALID_CREATION_TIME;
+            _flags         |= VALID_CREATION_TIME;
           }
         } else if (strcmp(t, "object_signature") == 0) {
           t = tok.getNext();
           if (t) {
             _log_object_signature = ink_atoi64(t);
-            _flags |= VALID_SIGNATURE;
+            _flags                |= VALID_SIGNATURE;
             log_log_trace("BaseMetaInfo::_read_from_file\n"
                           "\tfilename = %s\n"
                           "\tsignature string = %s\n"
diff --git a/src/tscore/BufferWriterFormat.cc b/src/tscore/BufferWriterFormat.cc
index 9c4eb3a5aa7..1e97ce5fc5b 100644
--- a/src/tscore/BufferWriterFormat.cc
+++ b/src/tscore/BufferWriterFormat.cc
@@ -131,10 +131,10 @@ BWFSpec::BWFSpec(TextView fmt) : _name(fmt.take_prefix_at(':'))
         }
         _fill = isdigit(d0) ? d0 - '0' : tolower(d0) - 'a' + 10;
         _fill += (isdigit(d1) ? d1 - '0' : tolower(d1) - 'a' + 10) << 4;
-        sz += 4;
+        sz    += 4;
       } else if (sz.size() > 1 && Align::NONE != (_align = align_of(sz[1]))) {
         _fill = *sz;
-        sz += 2;
+        sz    += 2;
       } else if (Align::NONE != (_align = align_of(*sz))) {
         ++sz;
       }
@@ -285,7 +285,7 @@ namespace bw_fmt
           *dst++ = spec._fill;
         }
         // Right fill.
-        dst += size;
+        dst  += size;
         last = dst + delta / 2; // round down
         if (last > limit) {
           last = limit;
@@ -324,7 +324,8 @@ namespace bw_fmt
     char UPPER_DIGITS[]                                 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
     char LOWER_DIGITS[]                                 = "0123456789abcdefghijklmnopqrstuvwxyz";
     static const std::array<uint64_t, 11> POWERS_OF_TEN = {
-      {1, 10, 100, 1000, 10000, 100000, 1000000, 10000000, 100000000, 1000000000, 10000000000}};
+      {1, 10, 100, 1000, 10000, 100000, 1000000, 10000000, 100000000, 1000000000, 10000000000}
+    };
   } // namespace
 
   /// Templated radix based conversions. Only a small number of radix are supported
@@ -340,7 +341,7 @@ namespace bw_fmt
     if (n) {
       while (n) {
         *--out = digits[n % RADIX];
-        n /= RADIX;
+        n      /= RADIX;
       }
     } else {
       *--out = '0';
@@ -757,142 +758,77 @@ bwformat(BufferWriter &w, BWFSpec const &spec, bwf::Errno const &e)
   // Hand rolled, might not be totally compliant everywhere, but probably close enough.
   // The long string will be locally accurate.
   // Clang requires the double braces. Why, Turing only knows.
-  static const std::array<std::string_view, 134> SHORT_NAME = {{
-    "SUCCESS: ",
-    "EPERM: ",
-    "ENOENT: ",
-    "ESRCH: ",
-    "EINTR: ",
-    "EIO: ",
-    "ENXIO: ",
-    "E2BIG ",
-    "ENOEXEC: ",
-    "EBADF: ",
-    "ECHILD: ",
-    "EAGAIN: ",
-    "ENOMEM: ",
-    "EACCES: ",
-    "EFAULT: ",
-    "ENOTBLK: ",
-    "EBUSY: ",
-    "EEXIST: ",
-    "EXDEV: ",
-    "ENODEV: ",
-    "ENOTDIR: ",
-    "EISDIR: ",
-    "EINVAL: ",
-    "ENFILE: ",
-    "EMFILE: ",
-    "ENOTTY: ",
-    "ETXTBSY: ",
-    "EFBIG: ",
-    "ENOSPC: ",
-    "ESPIPE: ",
-    "EROFS: ",
-    "EMLINK: ",
-    "EPIPE: ",
-    "EDOM: ",
-    "ERANGE: ",
-    "EDEADLK: ",
-    "ENAMETOOLONG: ",
-    "ENOLCK: ",
-    "ENOSYS: ",
-    "ENOTEMPTY: ",
-    "ELOOP: ",
-    "EWOULDBLOCK: ",
-    "ENOMSG: ",
-    "EIDRM: ",
-    "ECHRNG: ",
-    "EL2NSYNC: ",
-    "EL3HLT: ",
-    "EL3RST: ",
-    "ELNRNG: ",
-    "EUNATCH: ",
-    "ENOCSI: ",
-    "EL2HTL: ",
-    "EBADE: ",
-    "EBADR: ",
-    "EXFULL: ",
-    "ENOANO: ",
-    "EBADRQC: ",
-    "EBADSLT: ",
-    "EDEADLOCK: ",
-    "EBFONT: ",
-    "ENOSTR: ",
-    "ENODATA: ",
-    "ETIME: ",
-    "ENOSR: ",
-    "ENONET: ",
-    "ENOPKG: ",
-    "EREMOTE: ",
-    "ENOLINK: ",
-    "EADV: ",
-    "ESRMNT: ",
-    "ECOMM: ",
-    "EPROTO: ",
-    "EMULTIHOP: ",
-    "EDOTDOT: ",
-    "EBADMSG: ",
-    "EOVERFLOW: ",
-    "ENOTUNIQ: ",
-    "EBADFD: ",
-    "EREMCHG: ",
-    "ELIBACC: ",
-    "ELIBBAD: ",
-    "ELIBSCN: ",
-    "ELIBMAX: ",
-    "ELIBEXEC: ",
-    "EILSEQ: ",
-    "ERESTART: ",
-    "ESTRPIPE: ",
-    "EUSERS: ",
-    "ENOTSOCK: ",
-    "EDESTADDRREQ: ",
-    "EMSGSIZE: ",
-    "EPROTOTYPE: ",
-    "ENOPROTOOPT: ",
-    "EPROTONOSUPPORT: ",
-    "ESOCKTNOSUPPORT: ",
-    "EOPNOTSUPP: ",
-    "EPFNOSUPPORT: ",
-    "EAFNOSUPPORT: ",
-    "EADDRINUSE: ",
-    "EADDRNOTAVAIL: ",
-    "ENETDOWN: ",
-    "ENETUNREACH: ",
-    "ENETRESET: ",
-    "ECONNABORTED: ",
-    "ECONNRESET: ",
-    "ENOBUFS: ",
-    "EISCONN: ",
-    "ENOTCONN: ",
-    "ESHUTDOWN: ",
-    "ETOOMANYREFS: ",
-    "ETIMEDOUT: ",
-    "ECONNREFUSED: ",
-    "EHOSTDOWN: ",
-    "EHOSTUNREACH: ",
-    "EALREADY: ",
-    "EINPROGRESS: ",
-    "ESTALE: ",
-    "EUCLEAN: ",
-    "ENOTNAM: ",
-    "ENAVAIL: ",
-    "EISNAM: ",
-    "EREMOTEIO: ",
-    "EDQUOT: ",
-    "ENOMEDIUM: ",
-    "EMEDIUMTYPE: ",
-    "ECANCELED: ",
-    "ENOKEY: ",
-    "EKEYEXPIRED: ",
-    "EKEYREVOKED: ",
-    "EKEYREJECTED: ",
-    "EOWNERDEAD: ",
-    "ENOTRECOVERABLE: ",
-    "ERFKILL: ",
-    "EHWPOISON: ",
-  }};
+  static const std::array<std::string_view, 134> SHORT_NAME = {
+    {
+     "SUCCESS: ", "EPERM: ",
+     "ENOENT: ", "ESRCH: ",
+     "EINTR: ", "EIO: ",
+     "ENXIO: ", "E2BIG ",
+     "ENOEXEC: ", "EBADF: ",
+     "ECHILD: ", "EAGAIN: ",
+     "ENOMEM: ", "EACCES: ",
+     "EFAULT: ", "ENOTBLK: ",
+     "EBUSY: ", "EEXIST: ",
+     "EXDEV: ", "ENODEV: ",
+     "ENOTDIR: ", "EISDIR: ",
+     "EINVAL: ", "ENFILE: ",
+     "EMFILE: ", "ENOTTY: ",
+     "ETXTBSY: ", "EFBIG: ",
+     "ENOSPC: ", "ESPIPE: ",
+     "EROFS: ", "EMLINK: ",
+     "EPIPE: ", "EDOM: ",
+     "ERANGE: ", "EDEADLK: ",
+     "ENAMETOOLONG: ", "ENOLCK: ",
+     "ENOSYS: ", "ENOTEMPTY: ",
+     "ELOOP: ", "EWOULDBLOCK: ",
+     "ENOMSG: ", "EIDRM: ",
+     "ECHRNG: ", "EL2NSYNC: ",
+     "EL3HLT: ", "EL3RST: ",
+     "ELNRNG: ", "EUNATCH: ",
+     "ENOCSI: ", "EL2HTL: ",
+     "EBADE: ", "EBADR: ",
+     "EXFULL: ", "ENOANO: ",
+     "EBADRQC: ", "EBADSLT: ",
+     "EDEADLOCK: ", "EBFONT: ",
+     "ENOSTR: ", "ENODATA: ",
+     "ETIME: ", "ENOSR: ",
+     "ENONET: ", "ENOPKG: ",
+     "EREMOTE: ", "ENOLINK: ",
+     "EADV: ", "ESRMNT: ",
+     "ECOMM: ", "EPROTO: ",
+     "EMULTIHOP: ", "EDOTDOT: ",
+     "EBADMSG: ", "EOVERFLOW: ",
+     "ENOTUNIQ: ", "EBADFD: ",
+     "EREMCHG: ", "ELIBACC: ",
+     "ELIBBAD: ", "ELIBSCN: ",
+     "ELIBMAX: ", "ELIBEXEC: ",
+     "EILSEQ: ", "ERESTART: ",
+     "ESTRPIPE: ", "EUSERS: ",
+     "ENOTSOCK: ", "EDESTADDRREQ: ",
+     "EMSGSIZE: ", "EPROTOTYPE: ",
+     "ENOPROTOOPT: ", "EPROTONOSUPPORT: ",
+     "ESOCKTNOSUPPORT: ", "EOPNOTSUPP: ",
+     "EPFNOSUPPORT: ", "EAFNOSUPPORT: ",
+     "EADDRINUSE: ", "EADDRNOTAVAIL: ",
+     "ENETDOWN: ", "ENETUNREACH: ",
+     "ENETRESET: ", "ECONNABORTED: ",
+     "ECONNRESET: ", "ENOBUFS: ",
+     "EISCONN: ", "ENOTCONN: ",
+     "ESHUTDOWN: ", "ETOOMANYREFS: ",
+     "ETIMEDOUT: ", "ECONNREFUSED: ",
+     "EHOSTDOWN: ", "EHOSTUNREACH: ",
+     "EALREADY: ", "EINPROGRESS: ",
+     "ESTALE: ", "EUCLEAN: ",
+     "ENOTNAM: ", "ENAVAIL: ",
+     "EISNAM: ", "EREMOTEIO: ",
+     "EDQUOT: ", "ENOMEDIUM: ",
+     "EMEDIUMTYPE: ", "ECANCELED: ",
+     "ENOKEY: ", "EKEYEXPIRED: ",
+     "EKEYREVOKED: ", "EKEYREJECTED: ",
+     "EOWNERDEAD: ", "ENOTRECOVERABLE: ",
+     "ERFKILL: ", "EHWPOISON: ",
+     }
+  };
   // This provides convenient safe access to the errno short name array.
   auto short_name = [](int n) { return n < static_cast<int>(SHORT_NAME.size()) ? SHORT_NAME[n] : "Unknown: "sv; };
   static const BWFormat number_fmt{"[{}]"sv}; // numeric value format.
diff --git a/src/tscore/CryptoHash.cc b/src/tscore/CryptoHash.cc
index 35fcbef3a65..8ee07eec11f 100644
--- a/src/tscore/CryptoHash.cc
+++ b/src/tscore/CryptoHash.cc
@@ -88,7 +88,7 @@ ink_code_to_hex_str(char *dest, uint8_t const *hash)
     *(d + 5) = hex_digits[hash[i + 2] & 15];
     *(d + 6) = hex_digits[hash[i + 3] >> 4];
     *(d + 7) = hex_digits[hash[i + 3] & 15];
-    d += 8;
+    d        += 8;
   }
   *d = '\0';
   return (dest);
diff --git a/src/tscore/Extendible.cc b/src/tscore/Extendible.cc
index c3003539252..e6e7cd83b71 100644
--- a/src/tscore/Extendible.cc
+++ b/src/tscore/Extendible.cc
@@ -61,7 +61,7 @@ namespace details
         auto &fld = pair_fld.second;
         if (fld.align == processing_align) {
           fld.field_offset = acc_offset;
-          acc_offset += fld.size;
+          acc_offset       += fld.size;
         } else if (fld.align < processing_align) {
           next_align = std::max(next_align, fld.align);
         }
diff --git a/src/tscore/HashSip.cc b/src/tscore/HashSip.cc
index 700f5f4f495..d2737518485 100644
--- a/src/tscore/HashSip.cc
+++ b/src/tscore/HashSip.cc
@@ -59,7 +59,7 @@ ATSHash64Sip24::update(const void *data, size_t len)
   uint8_t block_off = 0;
 
   if (!finalized) {
-    m = (unsigned char *)data;
+    m         = (unsigned char *)data;
     total_len += len;
 
     if (len + block_buffer_len < SIP_BLOCK_SIZE) {
diff --git a/src/tscore/IpMap.cc b/src/tscore/IpMap.cc
index 481ea0307f7..5200e1c19aa 100644
--- a/src/tscore/IpMap.cc
+++ b/src/tscore/IpMap.cc
@@ -760,7 +760,10 @@ namespace detail
     return w;
   }
 
-  template <typename N> IpMapBase<N>::~IpMapBase() { this->clear(); }
+  template <typename N> IpMapBase<N>::~IpMapBase()
+  {
+    this->clear();
+  }
 
   //----------------------------------------------------------------------------
   using Ip4Span = Interval<in_addr_t, in_addr_t>;
diff --git a/src/tscore/Layout.cc b/src/tscore/Layout.cc
index e2cb534b23e..795d0fa17cf 100644
--- a/src/tscore/Layout.cc
+++ b/src/tscore/Layout.cc
@@ -126,13 +126,13 @@ Layout::runroot_setup()
   // If some path values are not in runroot.yaml, we give it a default value instead of error out.
   prefix      = dir_map[LAYOUT_PREFIX].empty() ? runroot_file.substr(0, runroot_file.find_last_of('/')) : dir_map[LAYOUT_PREFIX];
   exec_prefix = dir_map[LAYOUT_EXEC_PREFIX].empty() ? prefix : dir_map[LAYOUT_EXEC_PREFIX];
-  bindir = dir_map[LAYOUT_BINDIR].empty() ? layout_relative(prefix, TS_BUILD_BINDIR) : bindir = dir_map[LAYOUT_BINDIR];
-  sbindir    = dir_map[LAYOUT_SBINDIR].empty() ? layout_relative(prefix, TS_BUILD_SBINDIR) : dir_map[LAYOUT_SBINDIR];
-  sysconfdir = dir_map[LAYOUT_SYSCONFDIR].empty() ? layout_relative(prefix, TS_BUILD_SYSCONFDIR) : dir_map[LAYOUT_SYSCONFDIR];
-  datadir    = dir_map[LAYOUT_DATADIR].empty() ? layout_relative(prefix, TS_BUILD_DATADIR) : dir_map[LAYOUT_DATADIR];
-  includedir = dir_map[LAYOUT_INCLUDEDIR].empty() ? layout_relative(prefix, TS_BUILD_INCLUDEDIR) : dir_map[LAYOUT_INCLUDEDIR];
-  libdir     = dir_map[LAYOUT_LIBDIR].empty() ? layout_relative(prefix, TS_BUILD_LIBDIR) : dir_map[LAYOUT_LIBDIR];
-  libexecdir = dir_map[LAYOUT_LIBEXECDIR].empty() ? layout_relative(prefix, TS_BUILD_LIBEXECDIR) : dir_map[LAYOUT_LIBEXECDIR];
+  bindir      = dir_map[LAYOUT_BINDIR].empty() ? layout_relative(prefix, TS_BUILD_BINDIR) : bindir = dir_map[LAYOUT_BINDIR];
+  sbindir     = dir_map[LAYOUT_SBINDIR].empty() ? layout_relative(prefix, TS_BUILD_SBINDIR) : dir_map[LAYOUT_SBINDIR];
+  sysconfdir  = dir_map[LAYOUT_SYSCONFDIR].empty() ? layout_relative(prefix, TS_BUILD_SYSCONFDIR) : dir_map[LAYOUT_SYSCONFDIR];
+  datadir     = dir_map[LAYOUT_DATADIR].empty() ? layout_relative(prefix, TS_BUILD_DATADIR) : dir_map[LAYOUT_DATADIR];
+  includedir  = dir_map[LAYOUT_INCLUDEDIR].empty() ? layout_relative(prefix, TS_BUILD_INCLUDEDIR) : dir_map[LAYOUT_INCLUDEDIR];
+  libdir      = dir_map[LAYOUT_LIBDIR].empty() ? layout_relative(prefix, TS_BUILD_LIBDIR) : dir_map[LAYOUT_LIBDIR];
+  libexecdir  = dir_map[LAYOUT_LIBEXECDIR].empty() ? layout_relative(prefix, TS_BUILD_LIBEXECDIR) : dir_map[LAYOUT_LIBEXECDIR];
   localstatedir =
     dir_map[LAYOUT_LOCALSTATEDIR].empty() ? layout_relative(prefix, TS_BUILD_LOCALSTATEDIR) : dir_map[LAYOUT_LOCALSTATEDIR];
   runtimedir = dir_map[LAYOUT_RUNTIMEDIR].empty() ? layout_relative(prefix, TS_BUILD_RUNTIMEDIR) : dir_map[LAYOUT_RUNTIMEDIR];
diff --git a/src/tscore/MMH.cc b/src/tscore/MMH.cc
index b0ed1460671..0caca25208e 100644
--- a/src/tscore/MMH.cc
+++ b/src/tscore/MMH.cc
@@ -107,12 +107,12 @@ ink_code_MMH(unsigned char *input, int len, unsigned char *sixteen_byte_hash)
 static inline void
 MMH_update(MMH_CTX *ctx, unsigned char *ab)
 {
-  uint32_t *b = reinterpret_cast<uint32_t *>(ab);
+  uint32_t *b   = reinterpret_cast<uint32_t *>(ab);
   ctx->state[0] += b[0] * MMH_x[(ctx->blocks + 0) % MMH_X_SIZE];
   ctx->state[1] += b[1] * MMH_x[(ctx->blocks + 1) % MMH_X_SIZE];
   ctx->state[2] += b[2] * MMH_x[(ctx->blocks + 2) % MMH_X_SIZE];
   ctx->state[3] += b[3] * MMH_x[(ctx->blocks + 3) % MMH_X_SIZE];
-  ctx->blocks += 4;
+  ctx->blocks   += 4;
 }
 
 static inline void
@@ -120,15 +120,15 @@ MMH_updateb1(MMH_CTX *ctx, unsigned char *ab)
 {
   uint32_t *b = reinterpret_cast<uint32_t *>(ab - 1);
   uint32_t b0 = b[0], b1 = b[1], b2 = b[2], b3 = b[3], b4 = b[4];
-  b0 = (b0 << 8) + (b1 >> 24);
-  b1 = (b1 << 8) + (b2 >> 24);
-  b2 = (b2 << 8) + (b3 >> 24);
-  b3 = (b3 << 8) + (b4 >> 24);
+  b0            = (b0 << 8) + (b1 >> 24);
+  b1            = (b1 << 8) + (b2 >> 24);
+  b2            = (b2 << 8) + (b3 >> 24);
+  b3            = (b3 << 8) + (b4 >> 24);
   ctx->state[0] += b0 * MMH_x[(ctx->blocks + 0) % MMH_X_SIZE];
   ctx->state[1] += b1 * MMH_x[(ctx->blocks + 1) % MMH_X_SIZE];
   ctx->state[2] += b2 * MMH_x[(ctx->blocks + 2) % MMH_X_SIZE];
   ctx->state[3] += b3 * MMH_x[(ctx->blocks + 3) % MMH_X_SIZE];
-  ctx->blocks += 4;
+  ctx->blocks   += 4;
 }
 
 static inline void
@@ -136,15 +136,15 @@ MMH_updateb2(MMH_CTX *ctx, unsigned char *ab)
 {
   uint32_t *b = reinterpret_cast<uint32_t *>(ab - 2);
   uint32_t b0 = b[0], b1 = b[1], b2 = b[2], b3 = b[3], b4 = b[4];
-  b0 = (b0 << 16) + (b1 >> 16);
-  b1 = (b1 << 16) + (b2 >> 16);
-  b2 = (b2 << 16) + (b3 >> 16);
-  b3 = (b3 << 16) + (b4 >> 16);
+  b0            = (b0 << 16) + (b1 >> 16);
+  b1            = (b1 << 16) + (b2 >> 16);
+  b2            = (b2 << 16) + (b3 >> 16);
+  b3            = (b3 << 16) + (b4 >> 16);
   ctx->state[0] += b0 * MMH_x[(ctx->blocks + 0) % MMH_X_SIZE];
   ctx->state[1] += b1 * MMH_x[(ctx->blocks + 1) % MMH_X_SIZE];
   ctx->state[2] += b2 * MMH_x[(ctx->blocks + 2) % MMH_X_SIZE];
   ctx->state[3] += b3 * MMH_x[(ctx->blocks + 3) % MMH_X_SIZE];
-  ctx->blocks += 4;
+  ctx->blocks   += 4;
 }
 
 static inline void
@@ -152,15 +152,15 @@ MMH_updateb3(MMH_CTX *ctx, unsigned char *ab)
 {
   uint32_t *b = reinterpret_cast<uint32_t *>(ab - 3);
   uint32_t b0 = b[0], b1 = b[1], b2 = b[2], b3 = b[3], b4 = b[4];
-  b0 = (b0 << 24) + (b1 >> 8);
-  b1 = (b1 << 24) + (b2 >> 8);
-  b2 = (b2 << 24) + (b3 >> 8);
-  b3 = (b3 << 24) + (b4 >> 8);
+  b0            = (b0 << 24) + (b1 >> 8);
+  b1            = (b1 << 24) + (b2 >> 8);
+  b2            = (b2 << 24) + (b3 >> 8);
+  b3            = (b3 << 24) + (b4 >> 8);
   ctx->state[0] += b0 * MMH_x[(ctx->blocks + 0) % MMH_X_SIZE];
   ctx->state[1] += b1 * MMH_x[(ctx->blocks + 1) % MMH_X_SIZE];
   ctx->state[2] += b2 * MMH_x[(ctx->blocks + 2) % MMH_X_SIZE];
   ctx->state[3] += b3 * MMH_x[(ctx->blocks + 3) % MMH_X_SIZE];
-  ctx->blocks += 4;
+  ctx->blocks   += 4;
 }
 
 static inline void
@@ -168,15 +168,15 @@ MMH_updatel1(MMH_CTX *ctx, unsigned char *ab)
 {
   uint32_t *b = reinterpret_cast<uint32_t *>(ab - 1);
   uint32_t b0 = b[0], b1 = b[1], b2 = b[2], b3 = b[3], b4 = b[4];
-  b0 = (b0 >> 8) + (b1 << 24);
-  b1 = (b1 >> 8) + (b2 << 24);
-  b2 = (b2 >> 8) + (b3 << 24);
-  b3 = (b3 >> 8) + (b4 << 24);
+  b0            = (b0 >> 8) + (b1 << 24);
+  b1            = (b1 >> 8) + (b2 << 24);
+  b2            = (b2 >> 8) + (b3 << 24);
+  b3            = (b3 >> 8) + (b4 << 24);
   ctx->state[0] += b0 * MMH_x[(ctx->blocks + 0) % MMH_X_SIZE];
   ctx->state[1] += b1 * MMH_x[(ctx->blocks + 1) % MMH_X_SIZE];
   ctx->state[2] += b2 * MMH_x[(ctx->blocks + 2) % MMH_X_SIZE];
   ctx->state[3] += b3 * MMH_x[(ctx->blocks + 3) % MMH_X_SIZE];
-  ctx->blocks += 4;
+  ctx->blocks   += 4;
 }
 
 static inline void
@@ -184,15 +184,15 @@ MMH_updatel2(MMH_CTX *ctx, unsigned char *ab)
 {
   uint32_t *b = reinterpret_cast<uint32_t *>(ab - 2);
   uint32_t b0 = b[0], b1 = b[1], b2 = b[2], b3 = b[3], b4 = b[4];
-  b0 = (b0 >> 16) + (b1 << 16);
-  b1 = (b1 >> 16) + (b2 << 16);
-  b2 = (b2 >> 16) + (b3 << 16);
-  b3 = (b3 >> 16) + (b4 << 16);
+  b0            = (b0 >> 16) + (b1 << 16);
+  b1            = (b1 >> 16) + (b2 << 16);
+  b2            = (b2 >> 16) + (b3 << 16);
+  b3            = (b3 >> 16) + (b4 << 16);
   ctx->state[0] += b0 * MMH_x[(ctx->blocks + 0) % MMH_X_SIZE];
   ctx->state[1] += b1 * MMH_x[(ctx->blocks + 1) % MMH_X_SIZE];
   ctx->state[2] += b2 * MMH_x[(ctx->blocks + 2) % MMH_X_SIZE];
   ctx->state[3] += b3 * MMH_x[(ctx->blocks + 3) % MMH_X_SIZE];
-  ctx->blocks += 4;
+  ctx->blocks   += 4;
 }
 
 static inline void
@@ -200,15 +200,15 @@ MMH_updatel3(MMH_CTX *ctx, unsigned char *ab)
 {
   uint32_t *b = reinterpret_cast<uint32_t *>(ab - 3);
   uint32_t b0 = b[0], b1 = b[1], b2 = b[2], b3 = b[3], b4 = b[4];
-  b0 = (b0 >> 24) + (b1 << 8);
-  b1 = (b1 >> 24) + (b2 << 8);
-  b2 = (b2 >> 24) + (b3 << 8);
-  b3 = (b3 >> 24) + (b4 << 8);
+  b0            = (b0 >> 24) + (b1 << 8);
+  b1            = (b1 >> 24) + (b2 << 8);
+  b2            = (b2 >> 24) + (b3 << 8);
+  b3            = (b3 >> 24) + (b4 << 8);
   ctx->state[0] += b0 * MMH_x[(ctx->blocks + 0) % MMH_X_SIZE];
   ctx->state[1] += b1 * MMH_x[(ctx->blocks + 1) % MMH_X_SIZE];
   ctx->state[2] += b2 * MMH_x[(ctx->blocks + 2) % MMH_X_SIZE];
   ctx->state[3] += b3 * MMH_x[(ctx->blocks + 3) % MMH_X_SIZE];
-  ctx->blocks += 4;
+  ctx->blocks   += 4;
 }
 
 int
@@ -221,7 +221,7 @@ ink_code_incr_MMH_update(MMH_CTX *ctx, const char *ainput, int input_length)
     if (input_length >= l) {
       memcpy(ctx->buffer + ctx->buffer_size, in, l);
       ctx->buffer_size = 0;
-      in += l;
+      in               += l;
       if (ctx->buffer_size & 0x0f) {
         return 0;
       }
@@ -286,7 +286,7 @@ ink_code_incr_MMH_update(MMH_CTX *ctx, const char *ainput, int input_length)
   }
 Lstore:
   if (end - in) {
-    int oldbs = ctx->buffer_size;
+    int oldbs        = ctx->buffer_size;
     ctx->buffer_size += static_cast<int>(end - in);
 #ifndef TEST
     ink_assert(ctx->buffer_size < 16);
diff --git a/src/tscore/MatcherUtils.cc b/src/tscore/MatcherUtils.cc
index e63b380da06..5df6f7f3ea9 100644
--- a/src/tscore/MatcherUtils.cc
+++ b/src/tscore/MatcherUtils.cc
@@ -98,7 +98,7 @@ readIntoBuffer(const char *file_path, const char *module_name, int *read_size_pt
       break;
     }
 
-    buf += ret;
+    buf       += ret;
     read_size += ret;
   }
 
@@ -381,7 +381,7 @@ processDurationString(char *str, int *seconds)
       }
 
       result += (multiplier * tmp);
-      s = current + 1;
+      s      = current + 1;
     }
     current++;
   }
@@ -511,7 +511,7 @@ parseConfigLine(char *line, matcher_line *p_line, const matcher_tags *tags)
             ink_assert(bytesCopy > 0);
 
             copyForward += bytesCopy;
-            copyFrom = s + 1;
+            copyFrom    = s + 1;
           } else {
             copyForward = s;
             copyFrom    = s + 1;
diff --git a/src/tscore/MemArena.cc b/src/tscore/MemArena.cc
index 4010d5e44a4..24d9714bd85 100644
--- a/src/tscore/MemArena.cc
+++ b/src/tscore/MemArena.cc
@@ -64,7 +64,7 @@ MemArena::make_block(size_t n)
   // Allocate space for the Block instance and the request memory and construct a Block at the front.
   // In theory this could use ::operator new(n) but this causes a size mismatch during ::operator delete.
   // Easier to use malloc and override @c delete.
-  auto free_space = n - sizeof(Block);
+  auto free_space  = n - sizeof(Block);
   _active_reserved += free_space;
   return BlockPtr(new (::malloc(n)) Block(free_space));
 }
diff --git a/src/tscore/ParseRules.cc b/src/tscore/ParseRules.cc
index 020749e784a..57e7391c25c 100644
--- a/src/tscore/ParseRules.cc
+++ b/src/tscore/ParseRules.cc
@@ -65,7 +65,7 @@ ink_atoi64(const char *str, const char **end)
   } else {
     if (unlikely(*str == '-')) {
       negative = 1;
-      str += 1;
+      str      += 1;
     }
 
     /*
@@ -163,7 +163,7 @@ ink_atoi64(const char *str, int len)
   } else {
     if (unlikely(*str == '-')) {
       negative = 1;
-      str += 1;
+      str      += 1;
     }
 
     /*
diff --git a/src/tscore/Regression.cc b/src/tscore/Regression.cc
index 137d8daf35d..cb648869eea 100644
--- a/src/tscore/Regression.cc
+++ b/src/tscore/Regression.cc
@@ -217,9 +217,9 @@ RegressionTest::main(int /* argc */, const char **argv, int level)
   int regression_level       = level;
 
   const ArgumentDescription argument_descriptions[] = {
-    {"regression", 'R', "Regression Level (quick:1..long:3)", "I", &regression_level, "PROXY_REGRESSION", nullptr},
-    {"regression_test", 'r', "Run Specific Regression Test", "S512", regression_test, "PROXY_REGRESSION_TEST", nullptr},
-    {"regression_list", 'l', "List Regression Tests", "T", &regression_list, "PROXY_REGRESSION_LIST", nullptr},
+    {"regression",      'R', "Regression Level (quick:1..long:3)", "I",    &regression_level, "PROXY_REGRESSION",      nullptr},
+    {"regression_test", 'r', "Run Specific Regression Test",       "S512", regression_test,   "PROXY_REGRESSION_TEST", nullptr},
+    {"regression_list", 'l', "List Regression Tests",              "T",    &regression_list,  "PROXY_REGRESSION_LIST", nullptr},
   };
 
   AppVersionInfo version;
diff --git a/src/tscore/SourceLocation.cc b/src/tscore/SourceLocation.cc
index c586935b6ab..d5dbe873b95 100644
--- a/src/tscore/SourceLocation.cc
+++ b/src/tscore/SourceLocation.cc
@@ -60,7 +60,10 @@ ts::BufferWriter &
 SourceLocation::print(ts::BufferWriter &w, ts::BWFSpec const &) const
 {
   if (this->valid()) {
-    ts::TextView base{ts::TextView{file, strlen(file)}.take_suffix_at('/')};
+    ts::TextView base{
+      ts::TextView{file, strlen(file)}
+      .take_suffix_at('/')
+    };
     w.print("{}:{}{}", base, line, ts::bwf::OptionalAffix(func, ")"_sv, " ("_sv));
   };
   return w;
diff --git a/src/tscore/TextBuffer.cc b/src/tscore/TextBuffer.cc
index 58054a54f63..670aef2ef37 100644
--- a/src/tscore/TextBuffer.cc
+++ b/src/tscore/TextBuffer.cc
@@ -106,7 +106,7 @@ TextBuffer::copyFrom(const void *source, unsigned num_bytes)
   memcpy(nextAdd, source, num_bytes);
   spaceLeft -= num_bytes;
 
-  nextAdd += num_bytes;
+  nextAdd    += num_bytes;
   nextAdd[0] = '\0';
 
   return num_bytes;
@@ -139,7 +139,7 @@ TextBuffer::enlargeBuffer(unsigned N)
     if (newSpace != nullptr) {
       nextAdd     = newSpace + static_cast<unsigned>(nextAdd - bufferStart);
       bufferStart = newSpace;
-      spaceLeft += addedSize;
+      spaceLeft   += addedSize;
       currentSize = newSize;
     } else {
       // Out of Memory, Sigh
@@ -179,7 +179,7 @@ TextBuffer::rawReadFromFile(int fd)
     // Error on read
     return readSize;
   } else {
-    nextAdd = nextAdd + readSize;
+    nextAdd   = nextAdd + readSize;
     spaceLeft -= readSize;
     return readSize;
   }
@@ -225,7 +225,7 @@ TextBuffer::readFromFD(int fd)
   } else {
     nextAdd    = nextAdd + readSize;
     nextAdd[0] = '\0';
-    spaceLeft -= readSize + 1;
+    spaceLeft  -= readSize + 1;
     return readSize;
   }
 }
@@ -250,8 +250,8 @@ TextBuffer::vformat(const char *fmt, va_list ap)
       // count does not include the NUL, we can just increment and the next format will
       // overwrite the previous NUL.
       this->spaceLeft -= num;
-      this->nextAdd += num;
-      done = true;
+      this->nextAdd   += num;
+      done            = true;
     } else {
       if (enlargeBuffer(num + 1) == -1) {
         return;
diff --git a/src/tscore/hugepages.cc b/src/tscore/hugepages.cc
index 3b7067a2772..f0e05c4e2ea 100644
--- a/src/tscore/hugepages.cc
+++ b/src/tscore/hugepages.cc
@@ -28,9 +28,9 @@
 
 #ifdef MAP_HUGETLB
 #define MEMINFO_PATH "/proc/meminfo"
-#define LINE_SIZE 256
-#define TOKEN "Hugepagesize:"
-#define TOKEN_SIZE (strlen(TOKEN))
+#define LINE_SIZE    256
+#define TOKEN        "Hugepagesize:"
+#define TOKEN_SIZE   (strlen(TOKEN))
 
 static int hugepage_size = -1;
 static bool hugepage_enabled;
diff --git a/src/tscore/ink_base64.cc b/src/tscore/ink_base64.cc
index bc68758bc94..d845f42287c 100644
--- a/src/tscore/ink_base64.cc
+++ b/src/tscore/ink_base64.cc
@@ -53,7 +53,7 @@ ats_base64_encode(const unsigned char *inBuffer, size_t inBufferSize, char *outB
     *obuf++ = _codes[inBuffer[2] & 077];
 
     inBufferSize -= 3;
-    inBuffer += 3;
+    inBuffer     += 3;
   }
 
   /*
@@ -105,7 +105,7 @@ ats_base64_encode(const char *inBuffer, size_t inBufferSize, char *outBuffer, si
 #undef DECODE
 #endif
 
-#define DECODE(x) printableToSixBit[(unsigned char)x]
+#define DECODE(x)     printableToSixBit[(unsigned char)x]
 #define MAX_PRINT_VAL 63
 
 /* Converts a printable character to it's six bit representation */
@@ -143,9 +143,9 @@ ats_base64_decode(const char *inBuffer, size_t inBufferSize, unsigned char *outB
     buf[1] = static_cast<unsigned char>(DECODE(inBuffer[1]) << 4 | DECODE(inBuffer[2]) >> 2);
     buf[2] = static_cast<unsigned char>(DECODE(inBuffer[2]) << 6 | DECODE(inBuffer[3]));
 
-    buf += 3;
-    inBuffer += 4;
-    decodedBytes += 3;
+    buf               += 3;
+    inBuffer          += 4;
+    decodedBytes      += 3;
     inputBytesDecoded += 4;
   }
 
diff --git a/src/tscore/ink_file.cc b/src/tscore/ink_file.cc
index 6e960aaa726..cf444548114 100644
--- a/src/tscore/ink_file.cc
+++ b/src/tscore/ink_file.cc
@@ -365,7 +365,7 @@ ink_filepath_make(char *path, int pathsz, const char *rootpath, const char *addp
     return static_cast<int>(maxlen);
   }
   ink_strlcpy(path, rootpath, pathsz);
-  path += rootlen;
+  path   += rootlen;
   pathsz -= rootlen;
   if (*(path - 1) != '/') {
     *(path++) = '/';
diff --git a/src/tscore/ink_hrtime.cc b/src/tscore/ink_hrtime.cc
index 9bffa1a53ce..39facb6fe33 100644
--- a/src/tscore/ink_hrtime.cc
+++ b/src/tscore/ink_hrtime.cc
@@ -74,7 +74,7 @@ int64_to_str(char *buf, unsigned int buf_size, int64_t val, unsigned int *total_
   } else {
     do {
       *working_buf-- = static_cast<char>(val % 10) + '0';
-      val /= 10;
+      val            /= 10;
       ++num_chars;
     } while (val);
   }
diff --git a/src/tscore/ink_inet.cc b/src/tscore/ink_inet.cc
index 50e13e32841..09e0fe06a55 100644
--- a/src/tscore/ink_inet.cc
+++ b/src/tscore/ink_inet.cc
@@ -317,7 +317,7 @@ ats_ip_range_parse(std::string_view src, IpAddr &lower, IpAddr &upper)
             } else if (cidr <= 32) {
               lower = upper = addr;
               if (cidr < 32) {
-                in_addr_t mask = htonl(INADDR_BROADCAST << (32 - cidr));
+                in_addr_t mask   = htonl(INADDR_BROADCAST << (32 - cidr));
                 lower._addr._ip4 &= mask;
                 upper._addr._ip4 |= ~mask;
               }
@@ -345,7 +345,7 @@ ats_ip_range_parse(std::string_view src, IpAddr &lower, IpAddr &upper)
             } else if (cidr <= 128) { // lower bytes changed, upper bytes unaffected.
               lower = upper = addr;
               if (cidr < 128) {
-                mask = htobe64(~static_cast<uint64_t>(0) << (128 - cidr));
+                mask                = htobe64(~static_cast<uint64_t>(0) << (128 - cidr));
                 lower._addr._u64[1] &= mask;
                 upper._addr._u64[1] |= ~mask;
               }
diff --git a/src/tscore/ink_queue.cc b/src/tscore/ink_queue.cc
index c4364c1225b..059a18419fe 100644
--- a/src/tscore/ink_queue.cc
+++ b/src/tscore/ink_queue.cc
@@ -478,8 +478,8 @@ ink_freelists_dump(FILE *f)
             static_cast<uint64_t>(fll->fl->used) * static_cast<uint64_t>(fll->fl->type_size), static_cast<uint64_t>(fll->fl->used),
             fll->fl->type_size, fll->fl->chunk_size, fll->fl->hugepages_failure, fll->fl->name ? fll->fl->name : "<unknown>");
     total_allocated += static_cast<uint64_t>(fll->fl->allocated) * static_cast<uint64_t>(fll->fl->type_size);
-    total_used += static_cast<uint64_t>(fll->fl->used) * static_cast<uint64_t>(fll->fl->type_size);
-    fll = fll->next;
+    total_used      += static_cast<uint64_t>(fll->fl->used) * static_cast<uint64_t>(fll->fl->type_size);
+    fll             = fll->next;
   }
   fprintf(f, " %18" PRIu64 " | %18" PRIu64 " |            | TOTAL\n", total_allocated, total_used);
   fprintf(f, "-----------------------------------------------------------------------------------------\n");
diff --git a/src/tscore/ink_rand.cc b/src/tscore/ink_rand.cc
index edfaeaf5ad0..26f761215a1 100644
--- a/src/tscore/ink_rand.cc
+++ b/src/tscore/ink_rand.cc
@@ -57,11 +57,11 @@
 #include "tscore/ink_platform.h"
 #include "tscore/ink_rand.h"
 
-#define NN 312
-#define MM 156
+#define NN       312
+#define MM       156
 #define MATRIX_A 0xB5026F5AA96619E9ULL
-#define UM 0xFFFFFFFF80000000ULL /* Most significant 33 bits */
-#define LM 0x7FFFFFFFULL         /* Least significant 31 bits */
+#define UM       0xFFFFFFFF80000000ULL /* Most significant 33 bits */
+#define LM       0x7FFFFFFFULL         /* Least significant 31 bits */
 
 static uint64_t mag01[2] = {0ULL, MATRIX_A};
 
diff --git a/src/tscore/ink_res_init.cc b/src/tscore/ink_res_init.cc
index fdc34bf73ba..79f57e96d0e 100644
--- a/src/tscore/ink_res_init.cc
+++ b/src/tscore/ink_res_init.cc
@@ -94,7 +94,8 @@
 #endif
 
 HostResPreferenceOrder const HOST_RES_DEFAULT_PREFERENCE_ORDER = {
-  {HOST_RES_PREFER_IPV4, HOST_RES_PREFER_IPV6, HOST_RES_PREFER_NONE}};
+  {HOST_RES_PREFER_IPV4, HOST_RES_PREFER_IPV6, HOST_RES_PREFER_NONE}
+};
 
 HostResPreferenceOrder host_res_default_preference_order;
 
@@ -115,7 +116,7 @@ ink_res_nclose(ink_res_state statp)
   if (statp->_vcsock >= 0) {
     (void)close(statp->_vcsock);
     statp->_vcsock = -1;
-    statp->_flags &= ~(INK_RES_F_VC | INK_RES_F_CONN);
+    statp->_flags  &= ~(INK_RES_F_VC | INK_RES_F_CONN);
   }
 }
 
diff --git a/src/tscore/ink_string++.cc b/src/tscore/ink_string++.cc
index f5d1ab152c6..3fdbd1fe802 100644
--- a/src/tscore/ink_string++.cc
+++ b/src/tscore/ink_string++.cc
@@ -164,7 +164,7 @@ StrListOverflow::alloc(int size, StrListOverflow **new_heap_ptr)
 
   char *start = (reinterpret_cast<char *>(this)) + overflow_head_hdr_size;
   char *rval  = start + heap_used;
-  heap_used += size;
+  heap_used   += size;
   ink_assert(heap_used <= heap_size);
   return (void *)rval;
 }
diff --git a/src/tscore/ink_syslog.cc b/src/tscore/ink_syslog.cc
index 48d56d22d3a..f010a100b31 100644
--- a/src/tscore/ink_syslog.cc
+++ b/src/tscore/ink_syslog.cc
@@ -37,15 +37,25 @@ struct syslog_fac {
 };
 
 static const syslog_fac convert_table[] = {
-  {(char *)"LOG_KERN", (char *)"KERN", LOG_KERN},       {(char *)"LOG_USER", (char *)"USER", LOG_USER},
-  {(char *)"LOG_MAIL", (char *)"MAIL", LOG_MAIL},       {(char *)"LOG_DAEMON", (char *)"DAEMON", LOG_DAEMON},
-  {(char *)"LOG_AUTH", (char *)"AUTH", LOG_AUTH},       {(char *)"LOG_LPR", (char *)"LPR", LOG_LPR},
-  {(char *)"LOG_NEWS", (char *)"NEWS", LOG_NEWS},       {(char *)"LOG_UUCP", (char *)"UUCP", LOG_UUCP},
-  {(char *)"LOG_CRON", (char *)"CRON", LOG_CRON},       {(char *)"LOG_LOCAL0", (char *)"LOCAL0", LOG_LOCAL0},
-  {(char *)"LOG_LOCAL1", (char *)"LOCAL1", LOG_LOCAL1}, {(char *)"LOG_LOCAL2", (char *)"LOCAL2", LOG_LOCAL2},
-  {(char *)"LOG_LOCAL3", (char *)"LOCAL3", LOG_LOCAL3}, {(char *)"LOG_LOCAL4", (char *)"LOCAL4", LOG_LOCAL4},
-  {(char *)"LOG_LOCAL5", (char *)"LOCAL5", LOG_LOCAL5}, {(char *)"LOG_LOCAL6", (char *)"LOCAL6", LOG_LOCAL6},
-  {(char *)"LOG_LOCAL7", (char *)"LOCAL7", LOG_LOCAL7}, {(char *)"INVALID_LOG_FAC", (char *)"INVALID", -1}};
+  {(char *)"LOG_KERN",        (char *)"KERN",    LOG_KERN  },
+  {(char *)"LOG_USER",        (char *)"USER",    LOG_USER  },
+  {(char *)"LOG_MAIL",        (char *)"MAIL",    LOG_MAIL  },
+  {(char *)"LOG_DAEMON",      (char *)"DAEMON",  LOG_DAEMON},
+  {(char *)"LOG_AUTH",        (char *)"AUTH",    LOG_AUTH  },
+  {(char *)"LOG_LPR",         (char *)"LPR",     LOG_LPR   },
+  {(char *)"LOG_NEWS",        (char *)"NEWS",    LOG_NEWS  },
+  {(char *)"LOG_UUCP",        (char *)"UUCP",    LOG_UUCP  },
+  {(char *)"LOG_CRON",        (char *)"CRON",    LOG_CRON  },
+  {(char *)"LOG_LOCAL0",      (char *)"LOCAL0",  LOG_LOCAL0},
+  {(char *)"LOG_LOCAL1",      (char *)"LOCAL1",  LOG_LOCAL1},
+  {(char *)"LOG_LOCAL2",      (char *)"LOCAL2",  LOG_LOCAL2},
+  {(char *)"LOG_LOCAL3",      (char *)"LOCAL3",  LOG_LOCAL3},
+  {(char *)"LOG_LOCAL4",      (char *)"LOCAL4",  LOG_LOCAL4},
+  {(char *)"LOG_LOCAL5",      (char *)"LOCAL5",  LOG_LOCAL5},
+  {(char *)"LOG_LOCAL6",      (char *)"LOCAL6",  LOG_LOCAL6},
+  {(char *)"LOG_LOCAL7",      (char *)"LOCAL7",  LOG_LOCAL7},
+  {(char *)"INVALID_LOG_FAC", (char *)"INVALID", -1        }
+};
 static const int convert_table_size = sizeof(convert_table) / sizeof(syslog_fac) - 1;
 
 // int facility_string_to_int(const char* str)
diff --git a/src/tscore/lockfile.cc b/src/tscore/lockfile.cc
index cb7f975e549..62f8a0524f9 100644
--- a/src/tscore/lockfile.cc
+++ b/src/tscore/lockfile.cc
@@ -85,7 +85,7 @@ Lockfile::Open(pid_t *holding_pid)
       }
 
       size -= err;
-      t += err;
+      t    += err;
     }
 
     *t = '\0';
diff --git a/src/tscore/runroot.cc b/src/tscore/runroot.cc
index 7736a97629f..faf8d6d9098 100644
--- a/src/tscore/runroot.cc
+++ b/src/tscore/runroot.cc
@@ -194,7 +194,7 @@ runroot_handler(const char **argv, bool json)
   // if --run-root is provided
   if (!arg.empty() && arg != prefix) {
     // 1. pass in path
-    prefix += "=";
+    prefix            += "=";
     std::string value = arg.substr(prefix.size(), arg.size() - 1);
     path              = get_yaml_path(value);
     if (!path.empty()) {
diff --git a/src/tscore/test_atomic.cc b/src/tscore/test_atomic.cc
index bb2ff0f1be7..d95ee13ab42 100644
--- a/src/tscore/test_atomic.cc
+++ b/src/tscore/test_atomic.cc
@@ -33,7 +33,7 @@
 
 #ifndef LONG_ATOMICLIST_TEST
 
-#define MAX_ALIST_TEST 10
+#define MAX_ALIST_TEST  10
 #define MAX_ALIST_ARRAY 100000
 InkAtomicList al[MAX_ALIST_TEST];
 void *al_test[MAX_ALIST_TEST][MAX_ALIST_ARRAY];
@@ -60,9 +60,9 @@ testalist(void *ame)
 
 #ifdef LONG_ATOMICLIST_TEST
 /************************************************************************/
-#define MAX_ATOMIC_LISTS (4 * 1024)
+#define MAX_ATOMIC_LISTS   (4 * 1024)
 #define MAX_ITEMS_PER_LIST (1 * 1024)
-#define MAX_TEST_THREADS 64
+#define MAX_TEST_THREADS   64
 static InkAtomicList alists[MAX_ATOMIC_LISTS];
 struct listItem *items[MAX_ATOMIC_LISTS * MAX_ITEMS_PER_LIST];
 
diff --git a/src/tscore/unit_tests/freelist_benchmark.cc b/src/tscore/unit_tests/freelist_benchmark.cc
index 161f89a2f61..683e296c078 100644
--- a/src/tscore/unit_tests/freelist_benchmark.cc
+++ b/src/tscore/unit_tests/freelist_benchmark.cc
@@ -171,7 +171,10 @@ TEST_CASE("simple new and free", "")
   // go 100 times in default (--benchmark-samples)
   char name[16];
   snprintf(name, sizeof(name), "nthreads = %d", nthreads);
-  BENCHMARK(name) { return setup_test_case_1(nthreads); };
+  BENCHMARK(name)
+  {
+    return setup_test_case_1(nthreads);
+  };
 }
 } // namespace
 
diff --git a/src/tscore/unit_tests/test_AcidPtr.cc b/src/tscore/unit_tests/test_AcidPtr.cc
index da5c18718b8..56817eb6abd 100644
--- a/src/tscore/unit_tests/test_AcidPtr.cc
+++ b/src/tscore/unit_tests/test_AcidPtr.cc
@@ -112,7 +112,7 @@ TEST_CASE("AcidPtr Isolation")
   CHECK(*p.getPtr() == 40);
   {
     AcidCommitPtr<int> w = p;
-    *w += 1;
+    *w                   += 1;
     CHECK(*p.getPtr() == 40); // new value not committed until end of scope
   }
   CHECK(*p.getPtr() == 41);
@@ -132,12 +132,12 @@ TEST_CASE("AcidPtr persistence")
   {
     AcidCommitPtr<int> w = p;
     r2                   = p.getPtr();
-    *w += 1; // update p at end of scope
+    *w                   += 1; // update p at end of scope
   }
   r3 = p.getPtr();
   {
     *AcidCommitPtr<int>(p) += 1; // leaves scope immediately if not named.
-    r4 = p.getPtr();
+    r4                     = p.getPtr();
   }
   CHECK(*r1 == 40); // references to data are still valid, but inconsistent. (todo: rename AcidPtr to AiPtr?)
   CHECK(*r2 == 40);
@@ -155,7 +155,7 @@ TEST_CASE("AcidPtr Abort")
   CHECK(*p.getPtr() == 40);
   {
     AcidCommitPtr<int> w = p;
-    *w += 1;
+    *w                   += 1;
     w.abort();
     CHECK(w == nullptr);
   }
diff --git a/src/tscore/unit_tests/test_BufferWriter.cc b/src/tscore/unit_tests/test_BufferWriter.cc
index 52678b9aad6..f548e7870ae 100644
--- a/src/tscore/unit_tests/test_BufferWriter.cc
+++ b/src/tscore/unit_tests/test_BufferWriter.cc
@@ -80,8 +80,16 @@ TEST_CASE("BufferWriter::write(StringView)", "[BWWSV]")
     {
       return 0;
     }
-    X &clip(size_t) override { return *this; }
-    X &extend(size_t) override { return *this; }
+    X &
+    clip(size_t) override
+    {
+      return *this;
+    }
+    X &
+    extend(size_t) override
+    {
+      return *this;
+    }
     std::ostream &
     operator>>(std::ostream &stream) const override
     {
diff --git a/src/tscore/unit_tests/test_History.cc b/src/tscore/unit_tests/test_History.cc
index 7505f10aa4c..73cfab4a1a7 100644
--- a/src/tscore/unit_tests/test_History.cc
+++ b/src/tscore/unit_tests/test_History.cc
@@ -29,7 +29,7 @@
 
 using std::string_view;
 
-#define REMEMBER(e, r) history.push_back(MakeSourceLocation(), e, r)
+#define REMEMBER(e, r)        history.push_back(MakeSourceLocation(), e, r)
 #define SM_REMEMBER(sm, e, r) sm->history.push_back(MakeSourceLocation(), e, r)
 
 // State Machine mock
diff --git a/src/tscore/unit_tests/test_List.cc b/src/tscore/unit_tests/test_List.cc
index c0cbb816984..8b113ad2bbe 100644
--- a/src/tscore/unit_tests/test_List.cc
+++ b/src/tscore/unit_tests/test_List.cc
@@ -52,7 +52,7 @@ TEST_CASE("test list", "[libts][List]")
   int tot = 0;
   for (int i = 0; i < 101; i++) {
     Foo *foo = q.dequeue();
-    tot += foo->x;
+    tot      += foo->x;
     delete foo;
   }
   REQUIRE(tot == 4957);
diff --git a/src/tscore/unit_tests/test_MMH.cc b/src/tscore/unit_tests/test_MMH.cc
index 36fc53407ec..9821550a081 100644
--- a/src/tscore/unit_tests/test_MMH.cc
+++ b/src/tscore/unit_tests/test_MMH.cc
@@ -93,15 +93,15 @@ TEST_CASE("MMH", "[libts][MMH]")
   int l                  = sizeof(MMH_x);
   unsigned char *s1      = (unsigned char *)ats_malloc(l + sizeof(uint32_t));
   unsigned char *free_s1 = s1;
-  s1 += 1;
+  s1                     += 1;
   memcpy(s1, s, l);
   unsigned char *s2      = (unsigned char *)ats_malloc(l + sizeof(uint32_t));
   unsigned char *free_s2 = s2;
-  s2 += 2;
+  s2                     += 2;
   memcpy(s2, s, l);
   unsigned char *s3      = (unsigned char *)ats_malloc(l + sizeof(uint32_t));
   unsigned char *free_s3 = s3;
-  s3 += 3;
+  s3                     += 3;
   memcpy(s3, s, l);
 
   printf("test alignment\n");
diff --git a/src/tscore/unit_tests/test_Regex.cc b/src/tscore/unit_tests/test_Regex.cc
index e457345fd85..bb1aa301727 100644
--- a/src/tscore/unit_tests/test_Regex.cc
+++ b/src/tscore/unit_tests/test_Regex.cc
@@ -38,8 +38,10 @@ struct test_t {
   std::array<subject_match_t, 4> tests;
 };
 
-std::array<test_t, 2> test_data{{{{"^foo"}, {{{{"foo"}, true}, {{"bar"}, false}, {{"foobar"}, true}, {{"foobarbaz"}, true}}}},
-                                 {{"foo$"}, {{{{"foo"}, true}, {{"bar"}, false}, {{"foobar"}, false}, {{"foobarbaz"}, false}}}}}};
+std::array<test_t, 2> test_data{
+  {{{"^foo"}, {{{{"foo"}, true}, {{"bar"}, false}, {{"foobar"}, true}, {{"foobarbaz"}, true}}}},
+   {{"foo$"}, {{{{"foo"}, true}, {{"bar"}, false}, {{"foobar"}, false}, {{"foobarbaz"}, false}}}}}
+};
 
 TEST_CASE("Regex", "[libts][Regex]")
 {
diff --git a/src/tscore/unit_tests/test_Version.cc b/src/tscore/unit_tests/test_Version.cc
index a962e3cbde6..c1ee8bd0942 100644
--- a/src/tscore/unit_tests/test_Version.cc
+++ b/src/tscore/unit_tests/test_Version.cc
@@ -34,12 +34,14 @@ TEST_CASE("AppVersionInfo", "[libts][version]")
   AppVersionInfo info;
 
   const char *errMsgFormat = "wrong build number, expected '%s', got '%s'\n";
-  const char *bench[][3]   = {// date, time, resulting build number
-                            {"Oct  4 1957", "19:28:34", BUILD_NUMBER},
-                            {"Oct  4 1957", "19:28:34", "100419"},
-                            {"Apr  4 1957", "09:08:04", "040409"},
-                            {" 4 Apr 1957", "09:08:04", "??????"},
-                            {"Apr  4 1957", "09-08-04", "??????"}};
+  const char *bench[][3]   = {
+  // date, time, resulting build number
+    {"Oct  4 1957", "19:28:34", BUILD_NUMBER},
+    {"Oct  4 1957", "19:28:34", "100419"    },
+    {"Apr  4 1957", "09:08:04", "040409"    },
+    {" 4 Apr 1957", "09:08:04", "??????"    },
+    {"Apr  4 1957", "09-08-04", "??????"    }
+  };
 
   int benchSize = sizeof(bench) / sizeof(bench[0]);
 
diff --git a/src/tscore/unit_tests/test_ink_inet.cc b/src/tscore/unit_tests/test_ink_inet.cc
index 4fd47475610..6fed519eaf1 100644
--- a/src/tscore/unit_tests/test_ink_inet.cc
+++ b/src/tscore/unit_tests/test_ink_inet.cc
@@ -43,18 +43,18 @@ TEST_CASE("ink_inet", "[libts][inet][ink_inet]")
   };
 
   constexpr ip_parse_spec names[] = {
-    {{"::"}, {"::"}, {nullptr}, {nullptr}},
-    {{"[::1]:99"}, {"::1"}, {"99"}, {nullptr}},
-    {{"127.0.0.1:8080"}, {"127.0.0.1"}, {"8080"}, {nullptr}},
-    {{"127.0.0.1:8080-Bob"}, {"127.0.0.1"}, {"8080"}, {"-Bob"}},
-    {{"127.0.0.1:"}, {"127.0.0.1"}, {nullptr}, {":"}},
-    {{"foo.example.com"}, {"foo.example.com"}, {nullptr}, {nullptr}},
-    {{"foo.example.com:99"}, {"foo.example.com"}, {"99"}, {nullptr}},
-    {{"ffee::24c3:3349:3cee:0143"}, {"ffee::24c3:3349:3cee:0143"}, {nullptr}, {nullptr}},
+    {{"::"},                                   {"::"},                                   {nullptr}, {nullptr}},
+    {{"[::1]:99"},                             {"::1"},                                  {"99"},    {nullptr}},
+    {{"127.0.0.1:8080"},                       {"127.0.0.1"},                            {"8080"},  {nullptr}},
+    {{"127.0.0.1:8080-Bob"},                   {"127.0.0.1"},                            {"8080"},  {"-Bob"} },
+    {{"127.0.0.1:"},                           {"127.0.0.1"},                            {nullptr}, {":"}    },
+    {{"foo.example.com"},                      {"foo.example.com"},                      {nullptr}, {nullptr}},
+    {{"foo.example.com:99"},                   {"foo.example.com"},                      {"99"},    {nullptr}},
+    {{"ffee::24c3:3349:3cee:0143"},            {"ffee::24c3:3349:3cee:0143"},            {nullptr}, {nullptr}},
     {{"fe80:88b5:4a:20c:29ff:feae:1c33:8080"}, {"fe80:88b5:4a:20c:29ff:feae:1c33:8080"}, {nullptr}, {nullptr}},
-    {{"[ffee::24c3:3349:3cee:0143]"}, {"ffee::24c3:3349:3cee:0143"}, {nullptr}, {nullptr}},
-    {{"[ffee::24c3:3349:3cee:0143]:80"}, {"ffee::24c3:3349:3cee:0143"}, {"80"}, {nullptr}},
-    {{"[ffee::24c3:3349:3cee:0143]:8080x"}, {"ffee::24c3:3349:3cee:0143"}, {"8080"}, {"x"}},
+    {{"[ffee::24c3:3349:3cee:0143]"},          {"ffee::24c3:3349:3cee:0143"},            {nullptr}, {nullptr}},
+    {{"[ffee::24c3:3349:3cee:0143]:80"},       {"ffee::24c3:3349:3cee:0143"},            {"80"},    {nullptr}},
+    {{"[ffee::24c3:3349:3cee:0143]:8080x"},    {"ffee::24c3:3349:3cee:0143"},            {"8080"},  {"x"}    },
   };
 
   for (auto const &s : names) {
diff --git a/src/tscpp/api/GzipDeflateTransformation.cc b/src/tscpp/api/GzipDeflateTransformation.cc
index d371e3076d1..2b25303804e 100644
--- a/src/tscpp/api/GzipDeflateTransformation.cc
+++ b/src/tscpp/api/GzipDeflateTransformation.cc
@@ -113,7 +113,7 @@ GzipDeflateTransformation::consume(std::string_view data)
       return;
     }
 
-    int bytes_to_write = buffer_size - state_->z_stream_.avail_out;
+    int bytes_to_write      = buffer_size - state_->z_stream_.avail_out;
     state_->bytes_produced_ += bytes_to_write;
 
     LOG_DEBUG("Iteration %d: Deflate compressed %ld bytes to %d bytes, producing output...", iteration, data.size(),
@@ -146,7 +146,7 @@ GzipDeflateTransformation::handleInputComplete()
 
     status = deflate(&state_->z_stream_, Z_FINISH);
 
-    int bytes_to_write = buffer_size - state_->z_stream_.avail_out;
+    int bytes_to_write      = buffer_size - state_->z_stream_.avail_out;
     state_->bytes_produced_ += bytes_to_write;
 
     if (status == Z_OK || status == Z_STREAM_END) {
diff --git a/src/tscpp/api/Headers.cc b/src/tscpp/api/Headers.cc
index 6b19ffdc171..2d113e68217 100644
--- a/src/tscpp/api/Headers.cc
+++ b/src/tscpp/api/Headers.cc
@@ -699,10 +699,10 @@ Headers::wireStr()
   string retval;
   for (auto &&iter : *this) {
     HeaderField hf = iter;
-    retval += hf.name().str();
-    retval += ": ";
-    retval += hf.values(", ");
-    retval += "\r\n";
+    retval         += hf.name().str();
+    retval         += ": ";
+    retval         += hf.values(", ");
+    retval         += "\r\n";
   }
   return retval;
 }
diff --git a/src/tscpp/api/InterceptPlugin.cc b/src/tscpp/api/InterceptPlugin.cc
index 2eb76175635..a5e45640237 100644
--- a/src/tscpp/api/InterceptPlugin.cc
+++ b/src/tscpp/api/InterceptPlugin.cc
@@ -246,7 +246,7 @@ InterceptPlugin::doRead()
         consume(string(data, num_body_bytes_in_block), InterceptPlugin::REQUEST_BODY);
       }
       consumed += data_len;
-      block = TSIOBufferBlockNext(block);
+      block    = TSIOBufferBlockNext(block);
     }
   }
   LOG_DEBUG("Consumed %d bytes from input vio", consumed);
@@ -287,7 +287,7 @@ InterceptPlugin::handleEvent(int abstract_event, void *edata)
     state_->input_.buffer_ = TSIOBufferCreate();
     state_->input_.reader_ = TSIOBufferReaderAlloc(state_->input_.buffer_);
     state_->input_.vio_    = TSVConnRead(state_->net_vc_, state_->cont_, state_->input_.buffer_,
-                                      INT64_MAX /* number of bytes to read - high value initially */);
+                                         INT64_MAX /* number of bytes to read - high value initially */);
 
     state_->hdr_buf_ = TSMBufferCreate();
     state_->hdr_loc_ = TSHttpHdrCreate(state_->hdr_buf_);
diff --git a/src/tscpp/api/TransformationPlugin.cc b/src/tscpp/api/TransformationPlugin.cc
index 6fb38167bc3..337dfedb2e2 100644
--- a/src/tscpp/api/TransformationPlugin.cc
+++ b/src/tscpp/api/TransformationPlugin.cc
@@ -364,7 +364,7 @@ TransformationPlugin::doProduce(std::string_view data)
   }
 
   // Finally we can copy this data into the output_buffer
-  int64_t bytes_written = TSIOBufferWrite(state_->output_buffer_, data.data(), write_length);
+  int64_t bytes_written  = TSIOBufferWrite(state_->output_buffer_, data.data(), write_length);
   state_->bytes_written_ += bytes_written; // So we can set BytesDone on outputComplete().
   LOG_DEBUG("TransformationPlugin=%p tshttptxn=%p write to TSIOBuffer %" PRId64 " bytes total bytes written %" PRId64, this,
             state_->txn_, bytes_written, state_->bytes_written_);
diff --git a/src/tscpp/api/utils_internal.cc b/src/tscpp/api/utils_internal.cc
index 783ddb8bf88..c7268115157 100644
--- a/src/tscpp/api/utils_internal.cc
+++ b/src/tscpp/api/utils_internal.cc
@@ -298,7 +298,7 @@ utils::internal::consumeFromTSIOBufferReader(TSIOBufferReader reader)
         char_data = TSIOBufferBlockReadStart(block, reader, &data_len);
         str.append(char_data, data_len);
         consumed += data_len;
-        block = TSIOBufferBlockNext(block);
+        block    = TSIOBufferBlockNext(block);
       }
     }
     TSIOBufferReaderConsume(reader, consumed);
diff --git a/src/tscpp/util/unit_tests/test_IntrusiveDList.cc b/src/tscpp/util/unit_tests/test_IntrusiveDList.cc
index cb77bf089cf..f939e08a6f1 100644
--- a/src/tscpp/util/unit_tests/test_IntrusiveDList.cc
+++ b/src/tscpp/util/unit_tests/test_IntrusiveDList.cc
@@ -86,7 +86,7 @@ class Container
 public:
   ~Container();
 
-  template <typename... Args> self_type &debug(std::string_view fmt, Args &&... args);
+  template <typename... Args> self_type &debug(std::string_view fmt, Args &&...args);
 
   size_t count() const;
   self_type &clear();
@@ -121,7 +121,7 @@ Container::count() const
 
 template <typename... Args>
 auto
-Container::debug(std::string_view fmt, Args &&... args) -> self_type &
+Container::debug(std::string_view fmt, Args &&...args) -> self_type &
 {
   Message *msg = new Message;
   ts::bwprintv(msg->_text, fmt, std::forward_as_tuple(args...));
diff --git a/src/wccp/WccpConfig.cc b/src/wccp/WccpConfig.cc
index 3c89cf59171..309f180db90 100644
--- a/src/wccp/WccpConfig.cc
+++ b/src/wccp/WccpConfig.cc
@@ -72,15 +72,29 @@ typedef std::vector<CfgString> CfgOpts;
 
 #define N_OPTS(x) (sizeof(x) / sizeof(*x))
 
-CfgString FORWARD_OPTS[]    = {{"gre", false}, {"l2", false}};
+CfgString FORWARD_OPTS[] = {
+  {"gre", false},
+  {"l2",  false}
+};
 size_t const N_FORWARD_OPTS = sizeof(FORWARD_OPTS) / sizeof(*FORWARD_OPTS);
 
-CfgString RETURN_OPTS[]    = {{"gre", false}, {"l2", false}};
+CfgString RETURN_OPTS[] = {
+  {"gre", false},
+  {"l2",  false}
+};
 size_t const N_RETURN_OPTS = sizeof(RETURN_OPTS) / sizeof(*RETURN_OPTS);
 
-CfgString ASSIGN_OPTS[] = {{"hash", false}, {"mask", false}};
+CfgString ASSIGN_OPTS[] = {
+  {"hash", false},
+  {"mask", false}
+};
 
-CfgString HASH_OPTS[] = {{"src_ip", false}, {"dst_ip", false}, {"src_port", false}, {"dst_port", false}};
+CfgString HASH_OPTS[] = {
+  {"src_ip",   false},
+  {"dst_ip",   false},
+  {"src_port", false},
+  {"dst_port", false}
+};
 
 ts::Errata::Code
 code_max(ts::Errata const &err)
diff --git a/src/wccp/WccpEndPoint.cc b/src/wccp/WccpEndPoint.cc
index 2298a84dd43..71f391bfa3b 100644
--- a/src/wccp/WccpEndPoint.cc
+++ b/src/wccp/WccpEndPoint.cc
@@ -29,13 +29,13 @@
 namespace wccp
 {
 #if defined IP_RECVDSTADDR
-#define DSTADDR_SOCKOPT IP_RECVDSTADDR
+#define DSTADDR_SOCKOPT  IP_RECVDSTADDR
 #define DSTADDR_DATASIZE (CMSG_SPACE(sizeof(struct in_addr)))
-#define dstaddr(x) (CMSG_DATA(x))
+#define dstaddr(x)       (CMSG_DATA(x))
 #elif defined IP_PKTINFO
-#define DSTADDR_SOCKOPT IP_PKTINFO
+#define DSTADDR_SOCKOPT  IP_PKTINFO
 #define DSTADDR_DATASIZE (CMSG_SPACE(sizeof(struct in_pktinfo)))
-#define dstaddr(x) (&(((struct in_pktinfo *)(CMSG_DATA(x)))->ipi_addr))
+#define dstaddr(x)       (&(((struct in_pktinfo *)(CMSG_DATA(x)))->ipi_addr))
 #else
 #error "can't determine socket option"
 #endif
@@ -480,7 +480,7 @@ CacheImpl::GroupData::cullRouters(time_t now)
 CacheImpl::GroupData &
 CacheImpl::GroupData::viewChanged(time_t now)
 {
-  m_generation += 1;
+  m_generation      += 1;
   m_generation_time = now;
   m_assign_info.setActive(false); // invalidate current assignment.
   m_assignment_pending = m_routers.size() && m_caches.size();
@@ -678,7 +678,7 @@ CacheImpl::housekeeping()
         if (0 <= zret) {
           logf(LVL_DEBUG, "Sent HERE_I_AM for SG %d to seed router %s [gen=#%d,t=%lu,n=%lu].", group.m_svc.getSvcId(),
                ip_addr_to_str(sspot->m_addr), group.m_generation, now, here_i_am.getCount());
-          sspot->m_xmit = now;
+          sspot->m_xmit  = now;
           sspot->m_count += 1;
         } else
           logf(LVL_DEBUG, "Error [%d:%s] sending HERE_I_AM for SG %d to seed router %s [#%d,%lu].", zret, strerror(errno),
diff --git a/src/wccp/WccpLocal.h b/src/wccp/WccpLocal.h
index 62765c63b40..ff82c6032fc 100644
--- a/src/wccp/WccpLocal.h
+++ b/src/wccp/WccpLocal.h
@@ -692,7 +692,7 @@ class CacheIdElt
                                  */
   unsigned int m_unassigned : 1;
   unsigned int m_reserved_1 : 1; ///< Reserved (unused).
-  unsigned int m_is_mask : 1;    ///< Set -> mask, Clear -> hash.
+  unsigned int m_is_mask    : 1; ///< Set -> mask, Clear -> hash.
   unsigned int m_reserved_2 : 6; ///< Reserved (unused).
                                  /** Trailing elements common to all cache ID variants.
                                      Unfortunately, although @c weight and @c status are common, they are
diff --git a/src/wccp/WccpMsg.cc b/src/wccp/WccpMsg.cc
index f054b862fe7..d983752e633 100644
--- a/src/wccp/WccpMsg.cc
+++ b/src/wccp/WccpMsg.cc
@@ -307,8 +307,8 @@ MaskAssignElt::getVarSize() const
   MaskValueSetElt const *set = reinterpret_cast<MaskValueSetElt const *>(this + 1);
   while (n--) {
     size_t k = set->getSize();
-    zret += k;
-    set = reinterpret_cast<MaskValueSetElt const *>(reinterpret_cast<char const *>(set) + k);
+    zret     += k;
+    set      = reinterpret_cast<MaskValueSetElt const *>(reinterpret_cast<char const *>(set) + k);
   }
   return zret;
 }
diff --git a/src/wccp/wccp-test-router.cc b/src/wccp/wccp-test-router.cc
index 73997ddc5bb..aa53632badb 100644
--- a/src/wccp/wccp-test-router.cc
+++ b/src/wccp/wccp-test-router.cc
@@ -70,7 +70,10 @@ main(int argc, char **argv)
   static int const OPT_MD5     = 259; ///< MD5 key.
 
   static option OPTIONS[] = {
-    {"address", 1, 0, OPT_ADDRESS}, {"md5", 1, 0, OPT_MD5}, {"help", 0, 0, OPT_HELP}, {0, 0, 0, 0} // required terminator.
+    {"address", 1, 0, OPT_ADDRESS},
+    {"md5",     1, 0, OPT_MD5    },
+    {"help",    0, 0, OPT_HELP   },
+    {0,         0, 0, 0          }  // required terminator.
   };
 
   in_addr ip_addr = {INADDR_ANY};
diff --git a/tools/clang-format.sh b/tools/clang-format.sh
index 255ea30ab5e..10716b6cd6b 100755
--- a/tools/clang-format.sh
+++ b/tools/clang-format.sh
@@ -19,7 +19,7 @@
 #  limitations under the License.
 
 # Update the PKGDATE with the new version date when making a new clang-format binary package.
-PKGDATE="20200514"
+PKGDATE="20230201"
 
 function main() {
   set -e # exit on error
@@ -38,28 +38,24 @@ function main() {
   fi
   DIR=${@:-.}
   PACKAGE="clang-format-${PKGDATE}.tar.bz2"
-  VERSION="clang-format version 10.0.0 (https://github.com/llvm/llvm-project.git d32170dbd5b0d54436537b6b75beaf44324e0c28)"
+  VERSION="clang-format version 15.0.7 (https://github.com/llvm/llvm-project.git 8dfdcc7b7bf66834a761bd8de445840ef68e4d1a)"
 
   URL=${URL:-https://ci.trafficserver.apache.org/bintray/${PACKAGE}}
 
   TAR=${TAR:-tar}
   CURL=${CURL:-curl}
 
-  # default to using native sha1sum command when available
-  if [ $(which sha1sum) ] ; then
-    SHASUM=${SHASUM:-sha1sum}
-  else
-    SHASUM=${SHASUM:-shasum}
-  fi
+  # Default to sha256sum, but honor the env variable just in case
+  SHASUM=${SHASUM:-sha256sum}
 
   ARCHIVE=$ROOT/$(basename ${URL})
 
   case $(uname -s) in
   Darwin)
-    FORMAT=${FORMAT:-${ROOT}/clang-format/clang-format.osx}
+    FORMAT=${FORMAT:-${ROOT}/clang-format/clang-format.macos.$(uname -m)}
     ;;
   Linux)
-    FORMAT=${FORMAT:-${ROOT}/clang-format/clang-format.linux}
+    FORMAT=${FORMAT:-${ROOT}/clang-format/clang-format.linux.$(uname -m)}
     ;;
   *)
     echo "Leif needs to build a clang-format for $(uname -s)"
@@ -72,10 +68,10 @@ function main() {
   if [ ! -e ${FORMAT} -o ! -e ${ROOT}/${PACKAGE} ] ; then
     ${CURL} -L --progress-bar -o ${ARCHIVE} ${URL}
     ${TAR} -x -C ${ROOT} -f ${ARCHIVE}
-    cat > ${ROOT}/sha1 << EOF
-5eec43e5c7f3010d6e6f37639491cabe51de0ab2  ${ARCHIVE}
+    cat > ${ROOT}/sha256 << EOF
+d488b4a4d8b5e824812c80d0188d4814022d903749bf8471b8c54b61aef02990  ${ARCHIVE}
 EOF
-    ${SHASUM} -c ${ROOT}/sha1
+    ${SHASUM} -c ${ROOT}/sha256
     chmod +x ${FORMAT}
   fi
 
@@ -84,8 +80,7 @@ EOF
   ver=$(${FORMAT} --version)
   if [ "$ver" != "$VERSION" ]; then
       echo "Wrong version of clang-format!"
-      echo "See https://bintray.com/apache/trafficserver/clang-format-tools/view for a newer version,"
-      echo "or alternatively, undefine the FORMAT environment variable"
+      echo "Contact the ATS community for help and details about clang-format versions."
       exit 1
   fi
   touch ${INSTALLED_SENTINEL}
diff --git a/tools/git/pre-commit b/tools/git/pre-commit
index 813197766b2..701cecbee62 100755
--- a/tools/git/pre-commit
+++ b/tools/git/pre-commit
@@ -23,14 +23,15 @@ source "$GIT_TOP/tools/clang-format.sh"
 
 case $(uname -s) in
 Darwin)
-    FORMAT=${FORMAT:-${ROOT}/clang-format/clang-format.osx}
+    FORMAT=${FORMAT:-${ROOT}/clang-format/clang-format.macos.$(uname -m)}
     ;;
 Linux)
-    FORMAT=${FORMAT:-${ROOT}/clang-format/clang-format.linux}
+    FORMAT=${FORMAT:-${ROOT}/clang-format/clang-format.linux.$(uname -m)}
     ;;
 *)
     echo "Leif needs to build a clang-format for $(uname -s)"
     exit 2
+    ;;
 esac
 
 # If there is no clang-format in our git repo, then try from git config
@@ -43,14 +44,12 @@ if [ ! -x "$FORMAT" ]; then
 fi
 
 source "$GIT_TOP/tools/autopep8.sh"
-if [ ! -d ${AUTOPEP8_VENV} ]
-then
+if [ ! -d ${AUTOPEP8_VENV} ]; then
     echo "Run \"make autopep8\""
     exit 1
 fi
 source ${AUTOPEP8_VENV}/bin/activate
 
-
 # Where to store the patch
 clang_patch_file=$(mktemp -t clang-format.XXXXXXXXXX)
 autopep8_patch_file=$(mktemp -t autopep8.XXXXXXXXXX)
@@ -59,24 +58,25 @@ trap "rm -f $clang_patch_file $autopep8_patch_file" 0 1 2 3 5 15
 # Loop over all files that are changed, and produce a diff file
 git diff-index --cached --diff-filter=ACMR --name-only HEAD | grep -vE "lib/(?:yamlcpp|swoc)" | while read file; do
     case "$file" in
-	*.cc | *.c | *.h | *.h.in)
-	    ${FORMAT} "$file" | diff -u "$file" - >> "$clang_patch_file"
-	    ;;
-        # Keep this list of Python extensions the same with the list of
-        # extensions searched for in the toosl/autopep8.sh script.
-        *.py | *.cli.ext | *.test.ext)
-            autopep8 \
-                --ignore-local-config \
-                --exclude ${GIT_TOP}/lib/yamlcpp \
-                --max-line-length 132 \
-                --aggressive \
-                --aggressive \
-                --diff \
-                "$file" >> "$autopep8_patch_file"
+    *.cc | *.c | *.h | *.h.in)
+        ${FORMAT} "$file" | diff -u "$file" - >>"$clang_patch_file"
+        ;;
+    # Keep this list of Python extensions the same with the list of
+    # extensions searched for in the toosl/autopep8.sh script.
+    *.py | *.cli.ext | *.test.ext)
+        autopep8 \
+            --ignore-local-config \
+            --exclude ${GIT_TOP}/lib/yamlcpp \
+            --max-line-length 132 \
+            --aggressive \
+            --aggressive \
+            --diff \
+            "$file" >>"$autopep8_patch_file"
+        ;;
     esac
 done
 
-if [ -s "$clang_patch_file" ] ; then
+if [ -s "$clang_patch_file" ]; then
     echo "The commit is not accepted, because clang-format does not match current"
     echo "requirements. Easiest to fix this is to run:"
     echo
@@ -87,8 +87,7 @@ else
     echo
 fi
 
-
-if [ -s "$autopep8_patch_file" ] ; then
+if [ -s "$autopep8_patch_file" ]; then
     echo "The commit is not accepted because autopep8 reports issues with it."
     echo "The easiest way to fix this is to run:"
     echo
diff --git a/tools/http_load/http_load.c b/tools/http_load/http_load.c
index 095672c9b64..e4e81304e87 100644
--- a/tools/http_load/http_load.c
+++ b/tools/http_load/http_load.c
@@ -107,7 +107,7 @@ static sip *sips;
 static int num_sips, max_sips;
 
 /* Protocol symbols. */
-#define PROTO_HTTP 0
+#define PROTO_HTTP  0
 #define PROTO_HTTPS 1
 
 /* Connection states */
@@ -298,12 +298,12 @@ main(int argc, char **argv)
 {
   int argn;
   int start;
-#define START_NONE 0
+#define START_NONE     0
 #define START_PARALLEL 1
-#define START_RATE 2
+#define START_RATE     2
   int start_parallel = -1, start_rate = -1;
   int end;
-#define END_NONE 0
+#define END_NONE    0
 #define END_FETCHES 1
 #define END_SECONDS 2
   int end_fetches = -1, end_seconds = -1;
@@ -649,7 +649,7 @@ read_url_file(char *url_file)
 
   char hdr_buf[2048];
   int hdr_bytes = 0;
-  hdr_bytes += snprintf(&hdr_buf[hdr_bytes], sizeof(hdr_buf) - hdr_bytes, "User-Agent: %s\r\n", user_agent);
+  hdr_bytes     += snprintf(&hdr_buf[hdr_bytes], sizeof(hdr_buf) - hdr_bytes, "User-Agent: %s\r\n", user_agent);
   if (cookie)
     hdr_bytes += snprintf(&hdr_buf[hdr_bytes], sizeof(hdr_buf) - hdr_bytes, "Cookie: %s\r\n", cookie);
   if (do_accept_gzip)
@@ -673,7 +673,7 @@ read_url_file(char *url_file)
     /* Check for room in urls. */
     if (num_urls >= max_urls) {
       max_urls *= 2;
-      urls = (url *)realloc_check((void *)urls, max_urls * sizeof(url));
+      urls     = (url *)realloc_check((void *)urls, max_urls * sizeof(url));
     }
 
     /* Add to table. */
@@ -732,9 +732,9 @@ read_url_file(char *url_file)
         req_bytes += snprintf(&req_buf[req_bytes], sizeof(req_buf) - req_bytes, "Host: %s\r\n", urls[num_urls].hostname);
     }
     if (unique_id == 1) {
-      req_bytes += snprintf(&req_buf[req_bytes], sizeof(req_buf) - req_bytes, "X-ID: ");
+      req_bytes                       += snprintf(&req_buf[req_bytes], sizeof(req_buf) - req_bytes, "X-ID: ");
       urls[num_urls].unique_id_offset = req_bytes;
-      req_bytes += snprintf(&req_buf[req_bytes], sizeof(req_buf) - req_bytes, "%09u\r\n", 0);
+      req_bytes                       += snprintf(&req_buf[req_bytes], sizeof(req_buf) - req_bytes, "%09u\r\n", 0);
     }
 
     // add the common hdr here
@@ -899,7 +899,7 @@ read_sip_file(char *sip_file)
     /* Check for room in sips. */
     if (num_sips >= max_sips) {
       max_sips *= 2;
-      sips = (sip *)realloc_check((void *)sips, max_sips * sizeof(sip));
+      sips     = (sip *)realloc_check((void *)sips, max_sips * sizeof(sip));
     }
 
     /* Add to table. */
@@ -2835,8 +2835,8 @@ close_connection(int cnum)
                 connect_usecs = max_connect_usecs;
     */
     total_connect_usecs += connect_usecs;
-    max_connect_usecs = max(max_connect_usecs, connect_usecs);
-    min_connect_usecs = min(min_connect_usecs, connect_usecs);
+    max_connect_usecs   = max(max_connect_usecs, connect_usecs);
+    min_connect_usecs   = min(min_connect_usecs, connect_usecs);
     ++connects_completed;
   }
   if (connections[cnum].did_response) {
@@ -2846,8 +2846,8 @@ close_connection(int cnum)
                 response_usecs = max_response_usecs;
     */
     total_response_usecs += response_usecs;
-    max_response_usecs = max(max_response_usecs, response_usecs);
-    min_response_usecs = min(min_response_usecs, response_usecs);
+    max_response_usecs   = max(max_response_usecs, response_usecs);
+    min_response_usecs   = min(min_response_usecs, response_usecs);
     ++responses_completed;
   }
   if (connections[cnum].http_status >= 0 && connections[cnum].http_status <= 999) {
diff --git a/tools/http_load/timers.c b/tools/http_load/timers.c
index a6caa826d17..772d5e4182a 100644
--- a/tools/http_load/timers.c
+++ b/tools/http_load/timers.c
@@ -146,10 +146,10 @@ tmr_create(struct timeval *nowP, TimerProc *timer_proc, ClientData client_data,
     t->time = *nowP;
   else
     (void)gettimeofday(&t->time, (struct timezone *)0);
-  t->time.tv_sec += msecs / 1000L;
+  t->time.tv_sec  += msecs / 1000L;
   t->time.tv_usec += (msecs % 1000L) * 1000L;
   if (t->time.tv_usec >= 1000000L) {
-    t->time.tv_sec += t->time.tv_usec / 1000000L;
+    t->time.tv_sec  += t->time.tv_usec / 1000000L;
     t->time.tv_usec %= 1000000L;
   }
   t->hash = hash(t);
@@ -232,10 +232,10 @@ tmr_run(struct timeval *nowP)
       (t->timer_proc)(t->client_data, nowP);
       if (t->periodic) {
         /* Reschedule. */
-        t->time.tv_sec += t->msecs / 1000L;
+        t->time.tv_sec  += t->msecs / 1000L;
         t->time.tv_usec += (t->msecs % 1000L) * 1000L;
         if (t->time.tv_usec >= 1000000L) {
-          t->time.tv_sec += t->time.tv_usec / 1000000L;
+          t->time.tv_sec  += t->time.tv_usec / 1000000L;
           t->time.tv_usec %= 1000000L;
         }
         l_resort(t);
@@ -249,10 +249,10 @@ tmr_reset(struct timeval *nowP, Timer *t)
 {
   mstimeout_cache = -1;
   t->time         = *nowP;
-  t->time.tv_sec += t->msecs / 1000L;
+  t->time.tv_sec  += t->msecs / 1000L;
   t->time.tv_usec += (t->msecs % 1000L) * 1000L;
   if (t->time.tv_usec >= 1000000L) {
-    t->time.tv_sec += t->time.tv_usec / 1000000L;
+    t->time.tv_sec  += t->time.tv_usec / 1000000L;
     t->time.tv_usec %= 1000000L;
   }
   l_resort(t);
diff --git a/tools/jtest/jtest.cc b/tools/jtest/jtest.cc
index 46f5f4c3967..7fd8433e4ee 100644
--- a/tools/jtest/jtest.cc
+++ b/tools/jtest/jtest.cc
@@ -90,20 +90,20 @@
 
 #define SERVER_BUFSIZE 4096
 #define CLIENT_BUFSIZE 2048
-#define MAX_BUFSIZE (65536 + 4096)
+#define MAX_BUFSIZE    (65536 + 4096)
 
 //
 // Constants
 //
-#define MAXFDS 65536
-#define HEADER_DONE -1
-#define POLL_GROUP_SIZE 800
-#define MAX_RESPONSE_LENGTH 1000000
-#define HEADER_SIZE 10000
-#define POLL_TIMEOUT 10
+#define MAXFDS               65536
+#define HEADER_DONE          -1
+#define POLL_GROUP_SIZE      800
+#define MAX_RESPONSE_LENGTH  1000000
+#define HEADER_SIZE          10000
+#define POLL_TIMEOUT         10
 #define STATE_FTP_DATA_READY 0xFAD
-#define MAX_DEFERED_URLS 10000
-#define DEFERED_URLS_BLOCK 2000
+#define MAX_DEFERED_URLS     10000
+#define DEFERED_URLS_BLOCK   2000
 
 #define MAX_REQUEST_BODY_LENGTH MAX_RESPONSE_LENGTH
 
@@ -245,77 +245,78 @@ static int post_support        = 0;
 static int post_size           = 0;
 
 static const ArgumentDescription argument_descriptions[] = {
-  {"proxy_port", 'p', "Proxy Port", "I", &proxy_port, "JTEST_PROXY_PORT", nullptr},
-  {"proxy_host", 'P', "Proxy Host", "S80", &proxy_host, "JTEST_PROXY_HOST", nullptr},
-  {"server_port", 's', "Server Port (0:auto select)", "I", &server_port, "JTEST_SERVER_PORT", nullptr},
-  {"server_host", 'S', "Server Host (null:localhost)", "S80", &local_host, "JTEST_SERVER_HOST", nullptr},
-  {"server_speed", 'r', "Server Bytes Per Second (0:unlimit)", "I", &server_speed, "JTEST_SERVER_SPEED", nullptr},
-  {"server_delay", 'w', "Server Initial Delay (msec)", "I", &server_delay, "JTEST_SERVER_INITIAL_DELAY", nullptr},
-  {"clients", 'c', "Clients", "I", &nclients, "JTEST_CLIENTS", nullptr},
-  {"client_speed", 'R', "Client Bytes Per Second (0:unlimit)", "I", &client_speed, "JTEST_CLIENT_SPEED", nullptr},
-  {"sbuffersize", 'b', "Server Buffer Size", "I", &sbuffersize, "JTEST_SERVER_BUFSIZE", nullptr},
-  {"cbuffersize", 'B', "Client Buffer Size", "I", &cbuffersize, "JTEST_CLIENT_BUFSIZE", nullptr},
-  {"average_over", 'a', "Seconds to Average Over", "I", &average_over, "JTEST_AVERAGE_OVER", nullptr},
-  {"hitrate", 'z', "Hit Rate", "D", &hitrate, "JTEST_HITRATE", nullptr},
-  {"hotset", 'Z', "Hotset Size", "I", &hotset, "JTEST_HOTSET", nullptr},
-  {"interval", 'i', "Reporting Interval (seconds)", "I", &interval, "JTEST_INTERVAL", nullptr},
-  {"keepalive", 'k', "Keep-Alive Length", "I", &keepalive, "JTEST_KEEPALIVE", nullptr},
-  {"keepalive_cons", 'K', "# Keep-Alive Connections (0:unlimit)", "I", &keepalive_cons, "JTEST_KEEPALIVE_CONNECTIONS", nullptr},
-  {"docsize", 'L', "Document Size (-1:varied)", "I", &docsize, "JTEST_DOCSIZE", nullptr},
-  {"skeepalive", 'j', "Server Keep-Alive (0:unlimit)", "I", &server_keepalive, "JTEST_SERVER_KEEPALIVE", nullptr},
-  {"show_urls", 'x', "Show URLs before they are accessed", "F", &show_before, "JTEST_SHOW_URLS", nullptr},
-  {"show_headers", 'X', "Show Headers", "F", &show_headers, "JTEST_SHOW_HEADERS", nullptr},
-  {"ftp", 'f', "FTP Requests", "F", &ftp, "JTEST_FTP", nullptr},
-  {"ftp_mdtm_err_rate", ' ', "FTP MDTM 550 Error Rate", "D", &ftp_mdtm_err_rate, "JTEST_FTP_MDTM_ERR_RATE", nullptr},
-  {"ftp_mdtm_rate", ' ', "FTP MDTM Update Rate (sec, 0:never)", "I", &ftp_mdtm_rate, "JTEST_FTP_MDTM_RATE", nullptr},
-  {"fullpage", 'l', "Full Page (Images)", "F", &fullpage, "JTEST_FULLPAGE", nullptr},
-  {"follow", 'F', "Follow Links", "F", &follow_arg, "JTEST_FOLLOW", nullptr},
-  {"same_host", 'J', "Only follow URLs on same host", "F", &follow_same_arg, "JTEST_FOLLOW_SAME", nullptr},
-  {"test_time", 't', "run for N seconds (0:unlimited)", "I", &test_time, "TEST_TIME", nullptr},
-  {"urls", 'u', "URLs from File", "S256", urls_file, "JTEST_URLS", nullptr},
-  {"urlsdump", 'U', "URLs to File", "S256", urlsdump_file, "JTEST_URLS_DUMP", nullptr},
-  {"hostrequest", 'H', "Host Request(1=yes,2=transparent)", "I", &hostrequest, "JTEST_HOST_REQUEST", nullptr},
-  {"check_content", 'C', "Check returned content", "F", &check_content, "JTEST_CHECK_CONTENT", nullptr},
-  {"nocheck_length", ' ', "Don't check returned length", "F", &nocheck_length, "JTEST_NOCHECK_LENGTH", nullptr},
-  {"obey_redirects", 'm', "Obey Redirects", "f", &obey_redirects, "JTEST_OBEY_REDIRECTS", nullptr},
-  {"embed URL", 'M', "Embed URL in synth docs", "f", &embed_url, "JTEST_EMBED_URL", nullptr},
-  {"url_hash_entries", 'q', "URL Hash Table Size (-1:use file size)", "I", &url_hash_entries, "JTEST_URL_HASH_ENTRIES", nullptr},
-  {"url_hash_filename", 'Q', "URL Hash Table Filename", "S256", url_hash_filename, "JTEST_URL_HASH_FILENAME", nullptr},
-  {"only_clients", 'y', "Only Clients", "F", &only_clients, "JTEST_ONLY_CLIENTS", nullptr},
-  {"only_server", 'Y', "Only Server", "F", &only_server, "JTEST_ONLY_SERVER", nullptr},
-  {"bandwidth_test", 'A', "Bandwidth Test", "I", &bandwidth_test, "JTEST_BANDWIDTH_TEST", nullptr},
-  {"drop_after_CL", 'T', "Drop after Content-Length", "F", &drop_after_CL, "JTEST_DROP", nullptr},
-  {"verbose", 'v', "Verbose Flag", "F", &verbose, "JTEST_VERBOSE", nullptr},
-  {"verbose_errors", 'E', "Verbose Errors Flag", "f", &verbose_errors, "JTEST_VERBOSE_ERRORS", nullptr},
-  {"drand", 'D', "Random Number Seed", "I", &drand_seed, "JTEST_DRAND", nullptr},
-  {"ims_rate", 'I', "IMS Not-Changed Rate", "D", &ims_rate, "JTEST_IMS_RATE", nullptr},
-  {"client_abort_rate", 'g', "Client Abort Rate", "D", &client_abort_rate, "JTEST_CLIENT_ABORT_RATE", nullptr},
-  {"server_abort_rate", 'G', "Server Abort Rate", "D", &server_abort_rate, "JTEST_SERVER_ABORT_RATE", nullptr},
-  {"extra_headers", 'n', "Number of Extra Headers", "I", &extra_headers, "JTEST_EXTRA_HEADERS", nullptr},
-  {"alternates", 'N', "Number of Alternates", "I", &alternates, "JTEST_ALTERNATES", nullptr},
-  {"client_rate", 'e', "Clients Per Sec", "I", &client_rate, "JTEST_CLIENT_RATE", nullptr},
-  {"abort_retry_speed", 'o', "Abort/Retry Speed", "I", &abort_retry_speed, "JTEST_ABORT_RETRY_SPEED", nullptr},
-  {"abort_retry_bytes", ' ', "Abort/Retry Threshold (bytes)", "I", &abort_retry_bytes, "JTEST_ABORT_RETRY_THRESHHOLD_BYTES",
-   nullptr},
-  {"abort_retry_secs", ' ', "Abort/Retry Threshold (secs)", "I", &abort_retry_secs, "JTEST_ABORT_RETRY_THRESHHOLD_SECS", nullptr},
-  {"reload_rate", 'W', "Reload Rate", "D", &reload_rate, "JTEST_RELOAD_RATE", nullptr},
-  {"compd_port", 'O', "Compd port", "I", &compd_port, "JTEST_COMPD_PORT", nullptr},
-  {"compd_suite", '1', "Compd Suite", "F", &compd_suite, "JTEST_COMPD_SUITE", nullptr},
-  {"vary_user_agent", '2', "Vary on User-Agent (use w/ alternates)", "I", &vary_user_agent, "JTEST_VARY_ON_USER_AGENT", nullptr},
-  {"content_type", '3', "Server Content-Type (1 html, 2 jpeg)", "I", &server_content_type, "JTEST_CONTENT_TYPE", nullptr},
-  {"request_extension", '4', "Request Extn (1\".html\" 2\".jpeg\" 3\"/\")", "I", &request_extension, "JTEST_REQUEST_EXTENSION",
-   nullptr},
-  {"no_cache", '5', "Send Server no-cache", "I", &no_cache, "JTEST_NO_CACHE", nullptr},
-  {"zipf_bucket", '7', "Bucket size (of 1M buckets) for Zipf", "I", &zipf_bucket_size, "JTEST_ZIPF_BUCKET_SIZE", nullptr},
-  {"zipf", '8', "Use a Zipf distribution with this alpha (say 1.2)", "D", &zipf, "JTEST_ZIPF", nullptr},
-  {"evo_rate", '9', "Evolving Hotset Rate (evolutions/hour)", "D", &evo_rate, "JTEST_EVOLVING_HOTSET_RATE", nullptr},
-  {"debug", 'd', "Debug Flag", "F", &debug, "JTEST_DEBUG", nullptr},
-  {"range_mode", ' ', "Range Mode", "I", &range_mode, "JTEST_RANGE_MODE", nullptr},
-  {"post_support", ' ', "POST Mode (0 disable(default), 1 random, 2 specified size by post_size)", "I", &post_support,
-   "JTEST_POST_MODE", nullptr},
-  {"post_size", ' ', "POST SIZE", "I", &post_size, "JTEST_POST_SIZE", nullptr},
+  {"proxy_port",        'p', "Proxy Port",                                                              "I",    &proxy_port,          "JTEST_PROXY_PORT",                   nullptr},
+  {"proxy_host",        'P', "Proxy Host",                                                              "S80",  &proxy_host,          "JTEST_PROXY_HOST",                   nullptr},
+  {"server_port",       's', "Server Port (0:auto select)",                                             "I",    &server_port,         "JTEST_SERVER_PORT",                  nullptr},
+  {"server_host",       'S', "Server Host (null:localhost)",                                            "S80",  &local_host,          "JTEST_SERVER_HOST",                  nullptr},
+  {"server_speed",      'r', "Server Bytes Per Second (0:unlimit)",                                     "I",    &server_speed,        "JTEST_SERVER_SPEED",                 nullptr},
+  {"server_delay",      'w', "Server Initial Delay (msec)",                                             "I",    &server_delay,        "JTEST_SERVER_INITIAL_DELAY",         nullptr},
+  {"clients",           'c', "Clients",                                                                 "I",    &nclients,            "JTEST_CLIENTS",                      nullptr},
+  {"client_speed",      'R', "Client Bytes Per Second (0:unlimit)",                                     "I",    &client_speed,        "JTEST_CLIENT_SPEED",                 nullptr},
+  {"sbuffersize",       'b', "Server Buffer Size",                                                      "I",    &sbuffersize,         "JTEST_SERVER_BUFSIZE",               nullptr},
+  {"cbuffersize",       'B', "Client Buffer Size",                                                      "I",    &cbuffersize,         "JTEST_CLIENT_BUFSIZE",               nullptr},
+  {"average_over",      'a', "Seconds to Average Over",                                                 "I",    &average_over,        "JTEST_AVERAGE_OVER",                 nullptr},
+  {"hitrate",           'z', "Hit Rate",                                                                "D",    &hitrate,             "JTEST_HITRATE",                      nullptr},
+  {"hotset",            'Z', "Hotset Size",                                                             "I",    &hotset,              "JTEST_HOTSET",                       nullptr},
+  {"interval",          'i', "Reporting Interval (seconds)",                                            "I",    &interval,            "JTEST_INTERVAL",                     nullptr},
+  {"keepalive",         'k', "Keep-Alive Length",                                                       "I",    &keepalive,           "JTEST_KEEPALIVE",                    nullptr},
+  {"keepalive_cons",    'K', "# Keep-Alive Connections (0:unlimit)",                                    "I",    &keepalive_cons,      "JTEST_KEEPALIVE_CONNECTIONS",        nullptr},
+  {"docsize",           'L', "Document Size (-1:varied)",                                               "I",    &docsize,             "JTEST_DOCSIZE",                      nullptr},
+  {"skeepalive",        'j', "Server Keep-Alive (0:unlimit)",                                           "I",    &server_keepalive,    "JTEST_SERVER_KEEPALIVE",             nullptr},
+  {"show_urls",         'x', "Show URLs before they are accessed",                                      "F",    &show_before,         "JTEST_SHOW_URLS",                    nullptr},
+  {"show_headers",      'X', "Show Headers",                                                            "F",    &show_headers,        "JTEST_SHOW_HEADERS",                 nullptr},
+  {"ftp",               'f', "FTP Requests",                                                            "F",    &ftp,                 "JTEST_FTP",                          nullptr},
+  {"ftp_mdtm_err_rate", ' ', "FTP MDTM 550 Error Rate",                                                 "D",    &ftp_mdtm_err_rate,   "JTEST_FTP_MDTM_ERR_RATE",            nullptr},
+  {"ftp_mdtm_rate",     ' ', "FTP MDTM Update Rate (sec, 0:never)",                                     "I",    &ftp_mdtm_rate,       "JTEST_FTP_MDTM_RATE",                nullptr},
+  {"fullpage",          'l', "Full Page (Images)",                                                      "F",    &fullpage,            "JTEST_FULLPAGE",                     nullptr},
+  {"follow",            'F', "Follow Links",                                                            "F",    &follow_arg,          "JTEST_FOLLOW",                       nullptr},
+  {"same_host",         'J', "Only follow URLs on same host",                                           "F",    &follow_same_arg,     "JTEST_FOLLOW_SAME",                  nullptr},
+  {"test_time",         't', "run for N seconds (0:unlimited)",                                         "I",    &test_time,           "TEST_TIME",                          nullptr},
+  {"urls",              'u', "URLs from File",                                                          "S256", urls_file,            "JTEST_URLS",                         nullptr},
+  {"urlsdump",          'U', "URLs to File",                                                            "S256", urlsdump_file,        "JTEST_URLS_DUMP",                    nullptr},
+  {"hostrequest",       'H', "Host Request(1=yes,2=transparent)",                                       "I",    &hostrequest,         "JTEST_HOST_REQUEST",                 nullptr},
+  {"check_content",     'C', "Check returned content",                                                  "F",    &check_content,       "JTEST_CHECK_CONTENT",                nullptr},
+  {"nocheck_length",    ' ', "Don't check returned length",                                             "F",    &nocheck_length,      "JTEST_NOCHECK_LENGTH",               nullptr},
+  {"obey_redirects",    'm', "Obey Redirects",                                                          "f",    &obey_redirects,      "JTEST_OBEY_REDIRECTS",               nullptr},
+  {"embed URL",         'M', "Embed URL in synth docs",                                                 "f",    &embed_url,           "JTEST_EMBED_URL",                    nullptr},
+  {"url_hash_entries",  'q', "URL Hash Table Size (-1:use file size)",                                  "I",    &url_hash_entries,    "JTEST_URL_HASH_ENTRIES",             nullptr},
+  {"url_hash_filename", 'Q', "URL Hash Table Filename",                                                 "S256", url_hash_filename,    "JTEST_URL_HASH_FILENAME",            nullptr},
+  {"only_clients",      'y', "Only Clients",                                                            "F",    &only_clients,        "JTEST_ONLY_CLIENTS",                 nullptr},
+  {"only_server",       'Y', "Only Server",                                                             "F",    &only_server,         "JTEST_ONLY_SERVER",                  nullptr},
+  {"bandwidth_test",    'A', "Bandwidth Test",                                                          "I",    &bandwidth_test,      "JTEST_BANDWIDTH_TEST",               nullptr},
+  {"drop_after_CL",     'T', "Drop after Content-Length",                                               "F",    &drop_after_CL,       "JTEST_DROP",                         nullptr},
+  {"verbose",           'v', "Verbose Flag",                                                            "F",    &verbose,             "JTEST_VERBOSE",                      nullptr},
+  {"verbose_errors",    'E', "Verbose Errors Flag",                                                     "f",    &verbose_errors,      "JTEST_VERBOSE_ERRORS",               nullptr},
+  {"drand",             'D', "Random Number Seed",                                                      "I",    &drand_seed,          "JTEST_DRAND",                        nullptr},
+  {"ims_rate",          'I', "IMS Not-Changed Rate",                                                    "D",    &ims_rate,            "JTEST_IMS_RATE",                     nullptr},
+  {"client_abort_rate", 'g', "Client Abort Rate",                                                       "D",    &client_abort_rate,   "JTEST_CLIENT_ABORT_RATE",            nullptr},
+  {"server_abort_rate", 'G', "Server Abort Rate",                                                       "D",    &server_abort_rate,   "JTEST_SERVER_ABORT_RATE",            nullptr},
+  {"extra_headers",     'n', "Number of Extra Headers",                                                 "I",    &extra_headers,       "JTEST_EXTRA_HEADERS",                nullptr},
+  {"alternates",        'N', "Number of Alternates",                                                    "I",    &alternates,          "JTEST_ALTERNATES",                   nullptr},
+  {"client_rate",       'e', "Clients Per Sec",                                                         "I",    &client_rate,         "JTEST_CLIENT_RATE",                  nullptr},
+  {"abort_retry_speed", 'o', "Abort/Retry Speed",                                                       "I",    &abort_retry_speed,   "JTEST_ABORT_RETRY_SPEED",            nullptr},
+  {"abort_retry_bytes", ' ', "Abort/Retry Threshold (bytes)",                                           "I",    &abort_retry_bytes,   "JTEST_ABORT_RETRY_THRESHHOLD_BYTES",
+   nullptr                                                                                                                                                                         },
+  {"abort_retry_secs",  ' ', "Abort/Retry Threshold (secs)",                                            "I",    &abort_retry_secs,    "JTEST_ABORT_RETRY_THRESHHOLD_SECS",  nullptr},
+  {"reload_rate",       'W', "Reload Rate",                                                             "D",    &reload_rate,         "JTEST_RELOAD_RATE",                  nullptr},
+  {"compd_port",        'O', "Compd port",                                                              "I",    &compd_port,          "JTEST_COMPD_PORT",                   nullptr},
+  {"compd_suite",       '1', "Compd Suite",                                                             "F",    &compd_suite,         "JTEST_COMPD_SUITE",                  nullptr},
+  {"vary_user_agent",   '2', "Vary on User-Agent (use w/ alternates)",                                  "I",    &vary_user_agent,     "JTEST_VARY_ON_USER_AGENT",           nullptr},
+  {"content_type",      '3', "Server Content-Type (1 html, 2 jpeg)",                                    "I",    &server_content_type, "JTEST_CONTENT_TYPE",                 nullptr},
+  {"request_extension", '4', "Request Extn (1\".html\" 2\".jpeg\" 3\"/\")",                             "I",    &request_extension,   "JTEST_REQUEST_EXTENSION",
+   nullptr                                                                                                                                                                         },
+  {"no_cache",          '5', "Send Server no-cache",                                                    "I",    &no_cache,            "JTEST_NO_CACHE",                     nullptr},
+  {"zipf_bucket",       '7', "Bucket size (of 1M buckets) for Zipf",                                    "I",    &zipf_bucket_size,    "JTEST_ZIPF_BUCKET_SIZE",             nullptr},
+  {"zipf",              '8', "Use a Zipf distribution with this alpha (say 1.2)",                       "D",    &zipf,                "JTEST_ZIPF",                         nullptr},
+  {"evo_rate",          '9', "Evolving Hotset Rate (evolutions/hour)",                                  "D",    &evo_rate,            "JTEST_EVOLVING_HOTSET_RATE",         nullptr},
+  {"debug",             'd', "Debug Flag",                                                              "F",    &debug,               "JTEST_DEBUG",                        nullptr},
+  {"range_mode",        ' ', "Range Mode",                                                              "I",    &range_mode,          "JTEST_RANGE_MODE",                   nullptr},
+  {"post_support",      ' ', "POST Mode (0 disable(default), 1 random, 2 specified size by post_size)", "I",    &post_support,
+   "JTEST_POST_MODE",                                                                                                                                                       nullptr},
+  {"post_size",         ' ', "POST SIZE",                                                               "I",    &post_size,           "JTEST_POST_SIZE",                    nullptr},
   HELP_ARGUMENT_DESCRIPTION(),
-  VERSION_ARGUMENT_DESCRIPTION()};
+  VERSION_ARGUMENT_DESCRIPTION()
+};
 int n_argument_descriptions = countof(argument_descriptions);
 
 struct FD {
@@ -344,11 +345,11 @@ struct FD {
   int next;
   int nalternate  = 0;
   unsigned int ip = 0;
-  unsigned int binary : 1;
-  unsigned int ims : 1;
-  unsigned int range : 1;
+  unsigned int binary        : 1;
+  unsigned int ims           : 1;
+  unsigned int range         : 1;
   unsigned int drop_after_CL : 1;
-  unsigned int client_abort : 1;
+  unsigned int client_abort  : 1;
   unsigned int jg_compressed : 1;
   int *count;
   int bytes;
@@ -530,7 +531,7 @@ append_string(char *dest, const char *src, int *offset_ptr, int max_len)
   }
   memcpy(dest + *offset_ptr, src, num);
   dest[*offset_ptr + num] = '\0';
-  (*offset_ptr) += num;
+  (*offset_ptr)           += num;
 }
 
 // End Library functions
@@ -675,10 +676,10 @@ get_path_from_req(char *buf, char **purl_start, char **purl_end)
   char *url_end   = nullptr;
   if (!strncasecmp(url_start, "GET ", sizeof("GET ") - 1)) {
     url_start += sizeof("GET ") - 1;
-    url_end = (char *)memchr(url_start, ' ', 70);
+    url_end   = (char *)memchr(url_start, ' ', 70);
   } else if (!strncasecmp(url_start, "POST ", sizeof("POST ") - 1)) {
     url_start += sizeof("POST ") - 1;
-    url_end = (char *)memchr(url_start, ' ', 70);
+    url_end   = (char *)memchr(url_start, ' ', 70);
   } else {
     url_end = (char *)memchr(url_start, 0, 70);
   }
@@ -804,21 +805,21 @@ send_response(int sock)
     if (verbose) {
       printf("wrote %d %d\n", sock, err);
     }
-    new_tbytes += err;
+    new_tbytes       += err;
     fd[sock].req_pos += err;
-    fd[sock].bytes += err;
+    fd[sock].bytes   += err;
     if (fd[sock].req_pos >= len) {
       fd[sock].req_pos = -1;
     } else {
       return 0;
     }
     fd[sock].response += url_len;
-    fd[sock].length -= url_len;
+    fd[sock].length   -= url_len;
     if (fd[sock].range) {
       fd[sock].range_bytes -= url_len;
     }
     total_server_response_header_bytes += print_len - url_len;
-    total_server_response_body_bytes += url_len;
+    total_server_response_body_bytes   += url_len;
   }
 
   /* then the response */
@@ -856,11 +857,11 @@ send_response(int sock)
       ink_assert(err <= (int)(fd[sock].range_end - fd[sock].range_start + 1));
     }
 
-    new_tbytes += err;
+    new_tbytes                       += err;
     total_server_response_body_bytes += err;
-    fd[sock].response += err;
-    fd[sock].length -= err;
-    fd[sock].bytes += err;
+    fd[sock].response                += err;
+    fd[sock].length                  -= err;
+    fd[sock].bytes                   += err;
   }
 
   if (fast(sock, server_speed, fd[sock].bytes)) {
@@ -1095,9 +1096,9 @@ parse_header(int sock, int err)
   if (verbose) {
     printf("read %d got %d\n", sock, err);
   }
-  total_proxy_request_bytes += err;
-  new_tbytes += err;
-  fd[sock].req_pos += err;
+  total_proxy_request_bytes             += err;
+  new_tbytes                            += err;
+  fd[sock].req_pos                      += err;
   fd[sock].req_header[fd[sock].req_pos] = 0;
   char *buffer                          = fd[sock].req_header;
   for (i = fd[sock].req_pos - err; i < fd[sock].req_pos; i++) {
@@ -1257,9 +1258,9 @@ send_compd_response(int sock)
       printf("write %d %d\n", sock, err);
     }
 
-    new_tbytes += err;
-    fd[sock].req_pos += err;
-    fd[sock].bytes += err;
+    new_tbytes        += err;
+    fd[sock].req_pos  += err;
+    fd[sock].bytes    += err;
     fd[sock].response = response_buffer + (((fd[sock].length * 2) / 3) % 256);
   }
 
@@ -1287,10 +1288,10 @@ send_compd_response(int sock)
       printf("wrote %d %d\n", sock, err);
     }
 
-    new_tbytes += err;
+    new_tbytes                       += err;
     total_server_response_body_bytes += err;
-    fd[sock].req_pos += err;
-    fd[sock].bytes += err;
+    fd[sock].req_pos                 += err;
+    fd[sock].bytes                   += err;
   }
 
   if (fd[sock].req_pos >= ((fd[sock].length * 2) / 3) + 4) {
@@ -1333,8 +1334,8 @@ read_compd_request(int sock)
         printf("read %d got %d\n", sock, err);
       }
       total_proxy_request_bytes += err;
-      new_tbytes += err;
-      fd[sock].req_pos += err;
+      new_tbytes                += err;
+      fd[sock].req_pos          += err;
       if (fd[sock].req_pos < 4) {
         return 0;
       }
@@ -1376,8 +1377,8 @@ read_compd_request(int sock)
       return -1;
     }
     total_proxy_request_bytes += err;
-    new_tbytes += err;
-    fd[sock].req_pos += err;
+    new_tbytes                += err;
+    fd[sock].req_pos          += err;
   }
 
   if (fd[sock].req_pos >= fd[sock].length + 4) {
@@ -1423,8 +1424,8 @@ read_ftp_request(int sock)
     if (verbose) {
       printf("read %d got %d\n", sock, err);
     }
-    new_tbytes += err;
-    fd[sock].req_pos += err;
+    new_tbytes                            += err;
+    fd[sock].req_pos                      += err;
     fd[sock].req_header[fd[sock].req_pos] = 0;
     char *buffer                          = fd[sock].req_header, *n;
     int res                               = 0;
@@ -2086,7 +2087,7 @@ Lagain : {
     return nullptr;
   }
   start += taglen;
-  len -= taglen;
+  len   -= taglen;
 } // block
 
   while (ParseRules::is_ws(*start) && (end - start > 1)) {
@@ -2278,9 +2279,9 @@ verify_content(int sock, char *buf, int done)
       // to confound the fingerprinting code
       if (l - left < 64) {
         int skip = 64 - (l - left);
-        left -= skip;
-        done -= skip;
-        buf += skip;
+        left     -= skip;
+        done     -= skip;
+        buf      += skip;
         if (done < 0) {
           done = 0;
         }
@@ -2401,23 +2402,23 @@ read_response(int sock)
 
     strcpy(fd[sock].response_header, fd[sock].req_header);
 
-    b1latency += (int)elapsed_from_start(sock);
-    new_cbytes += err;
-    new_tbytes += err;
+    b1latency        += (int)elapsed_from_start(sock);
+    new_cbytes       += err;
+    new_tbytes       += err;
     fd[sock].req_pos += err;
-    fd[sock].bytes += err;
-    fd[sock].active = ink_get_hrtime_internal();
-    int total_read  = fd[sock].req_pos;
-    char *p         = fd[sock].req_header;
-    char *cl        = nullptr;
-    int cli         = 0;
+    fd[sock].bytes   += err;
+    fd[sock].active  = ink_get_hrtime_internal();
+    int total_read   = fd[sock].req_pos;
+    char *p          = fd[sock].req_header;
+    char *cl         = nullptr;
+    int cli          = 0;
     while ((p = strchr(p, '\n'))) {
       if (verbose) {
         printf("read header end? [%s]\n", p);
       }
       if (p[1] == '\n' || (p[1] == '\r' && p[2] == '\n')) {
         int off = 1 + (p[1] == '\r' ? 2 : 1);
-        p += off;
+        p       += off;
         strncpy(fd[sock].response_header, fd[sock].req_header, p - fd[sock].req_header);
         fd[sock].response_header[p - fd[sock].req_header] = '\0';
         int lbody                                         = fd[sock].req_pos - (p - fd[sock].req_header);
@@ -2444,9 +2445,9 @@ read_response(int sock)
             return read_response_error(sock);
           }
         }
-        total_proxy_response_body_bytes += lbody;
+        total_proxy_response_body_bytes   += lbody;
         total_proxy_response_header_bytes += p - fd[sock].req_header;
-        fd[sock].length -= lbody;
+        fd[sock].length                   -= lbody;
         ink_assert(fd[sock].length >= 0);
         fd[sock].req_pos = -1;
         if (fd[sock].length && ts::Random::drandom() < client_abort_rate) {
@@ -2596,10 +2597,10 @@ read_response(int sock)
       return read_response_error(sock);
     }
     total_proxy_response_body_bytes += err;
-    new_cbytes += err;
-    new_tbytes += err;
-    fd[sock].response_remaining += err;
-    fd[sock].bytes += err;
+    new_cbytes                      += err;
+    new_tbytes                      += err;
+    fd[sock].response_remaining     += err;
+    fd[sock].bytes                  += err;
     follow_links(sock);
     if (fd[sock].length != INT_MAX) {
       fd[sock].length -= err;
@@ -2629,7 +2630,7 @@ read_response(int sock)
   }
   new_ops++;
   double thislatency = elapsed_from_start(sock);
-  latency += (int)thislatency;
+  latency            += (int)thislatency;
   lat_ops++;
   if (fd[sock].keepalive > 0) {
     fd[sock].reset();
@@ -2675,10 +2676,10 @@ write_request(int sock)
       printf("write %d %d\n", sock, err);
     }
 
-    new_tbytes += err;
+    new_tbytes                 += err;
     total_client_request_bytes += err;
-    fd[sock].req_pos += err;
-    fd[sock].active = ink_get_hrtime_internal();
+    fd[sock].req_pos           += err;
+    fd[sock].active            = ink_get_hrtime_internal();
 
     if (fd[sock].req_pos >= fd[sock].length) {
       if (verbose) {
@@ -2718,10 +2719,10 @@ write_request(int sock)
       printf("write %d %d\n", sock, err);
     }
 
-    new_tbytes += err;
+    new_tbytes                 += err;
     total_client_request_bytes += err;
-    fd[sock].req_pos += err;
-    fd[sock].active = ink_get_hrtime_internal();
+    fd[sock].req_pos           += err;
+    fd[sock].active            = ink_get_hrtime_internal();
 
     if (fd[sock].req_pos >= fd[sock].post_size) {
       if (verbose) {
@@ -2775,7 +2776,7 @@ write_ftp_response(int sock)
     printf("write %d %d\n", sock, err);
   }
 
-  new_tbytes += err;
+  new_tbytes       += err;
   fd[sock].req_pos += err;
 
   if (fd[sock].req_pos >= fd[sock].length) {
@@ -2918,10 +2919,10 @@ make_random_url(int sock, double *dr, double *h)
     unsigned long long int doc_len_int = doc * 0x14A4D0FB0E93E3A7LL;
     unsigned long int x                = doc_len_int;
     double y                           = (double)x;
-    y /= 0x100000000LL; // deterministic random number between 0 and 1.0
-    fd[sock].response_length = gen_bfc_dist(y);
-    *dr                      = doc;
-    range_mode               = 0;
+    y                                  /= 0x100000000LL; // deterministic random number between 0 and 1.0
+    fd[sock].response_length           = gen_bfc_dist(y);
+    *dr                                = doc;
+    range_mode                         = 0;
   }
 }
 
@@ -3249,14 +3250,14 @@ interval_report()
   }
 }
 
-#define URL_HASH_ENTRIES url_hash_entries
-#define BYTES_PER_ENTRY 3
+#define URL_HASH_ENTRIES   url_hash_entries
+#define BYTES_PER_ENTRY    3
 #define ENTRIES_PER_BUCKET 16
-#define OVERFLOW_ENTRIES 1024 // many many
+#define OVERFLOW_ENTRIES   1024 // many many
 
-#define BUCKETS (URL_HASH_ENTRIES / ENTRIES_PER_BUCKET)
+#define BUCKETS          (URL_HASH_ENTRIES / ENTRIES_PER_BUCKET)
 #define BYTES_PER_BUCKET (BYTES_PER_ENTRY * ENTRIES_PER_BUCKET)
-#define URL_HASH_BYTES (BYTES_PER_ENTRY * (URL_HASH_ENTRIES + OVERFLOW_ENTRIES))
+#define URL_HASH_BYTES   (BYTES_PER_ENTRY * (URL_HASH_ENTRIES + OVERFLOW_ENTRIES))
 
 // NOTE: change to match BYTES_PER_ENTRY
 #define ENTRY_TAG(_x) (((unsigned int)_x[0] << 16) + ((unsigned int)_x[1] << 8) + (unsigned int)_x[2])
@@ -3912,8 +3913,8 @@ ink_web_decompose_url(const char *src_url, char *sche, char *host, char *port, c
   while ((ptr < end - 1) && !fail) {
     if (*(ptr + 0) == '/') {
       if (*(ptr + 1) == '/') {
-        host1 = ptr + 2;
-        ptr += 2; /* skip "//" */
+        host1       = ptr + 2;
+        ptr         += 2; /* skip "//" */
         host_exists = 1;
         fail        = true;
       } else {
@@ -4481,10 +4482,10 @@ ink_web_decompose_url_into_structure(const char *url, InkWebURLComponents *c)
 
 /* types of path segment */
 #define NORMAL 0
-#define DOT 1
+#define DOT    1
 #define DOTDOT 2
-#define ZAP 3
-#define ERROR 4
+#define ZAP    3
+#define ERROR  4
 
 /* We statically allocate this many - if we need more, we dynamically */
 /* allocate them. */
@@ -4712,8 +4713,8 @@ ink_web_unescapify_string(char *dest_in, char *src_in, int max_dest_len)
               *(dest++) = '%';
               *(dest++) = hexdigits[dig1];
               *(dest++) = hexdigits[dig2];
-              dcount += 3;
-              src += 2;
+              dcount    += 3;
+              src       += 2;
             } else {
               ink_warning("ink_web_unescapify_string had to truncate:%s", src_in);
               quit = 1;

From 15c39da93d5628caf71d1a482ac8ec8950954916 Mon Sep 17 00:00:00 2001
From: Leif Hedstrom <zwoop@apache.org>
Date: Wed, 1 Feb 2023 17:39:45 -0700
Subject: [PATCH 08/14] Updates the release roadmap, adjusting for delays
 (#9360)

---
 doc/release-notes/images/roadmap.png | Bin 226553 -> 110057 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/doc/release-notes/images/roadmap.png b/doc/release-notes/images/roadmap.png
index 656c21ecdf8a23e0dee093eaf0ea6cbe14cdf079..4f3c2618a7fb3ad96f80317d3e5c9a723e973f26 100644
GIT binary patch
literal 110057
zcmeFZWl&sC(>IJI!8KTLC&7X{Bsc^D!3pl}?!kk*d$1(9yTjrTf-Z{$x5eF`!<E0}
zy6b&EJ|CW{d#k8DJEx~-`gf*fy5|t8@Lm!P`2{iz3=EpIl$at64E!(*4BSgZIH2XS
zhPDOxf^}4s6oDxlCEf;p#2Bkfo5;z*yaKKfVV=T1g@J!0fdS}YvH!Y;1+HJfJo!&M
z42&u)(LdKZu=M}ZhnT}4{6%8|d_R7qfIp!3U*GUKu>W$*f%}^pemDpI?`yc1kKL9}
z)IEVOBs(b$M;I6soX0;{n6wN6Kok^nWpyWYIaxkKTWe;0BU=MwW;biQ$6hc3ZhXL{
zwXu^vxtq0>jU%6%Amx83_<-xjW)@2F|ByIY3R0@eDUgfWIvA64F~4ShO(}#-PEIc1
zU}VClC?@e&ci@*GrJ0kH9UlvetE(%sD?78TgDDFuFE204Yc>`(HYR|A$<f`$N#Bjh
z#*ykblfU_h89N#}nA<s-+uD#n^3^x6b#@Y@q<kFcpU>}kI+>gNJCcp#Ut$3QvOL~l
zVP$^J@(*vItH5I`pQ5p&t(Eg5dlegVCm}Y0{}BJr=6^@~-AmrV+!&beV>cnzzq<U{
z_CM)GZLRGbj2#^x={f(R|Fi9X(kqzRI@tnPJD3|v+c+6J0G<CD?e7Wx|5N<MOMvAO
zu0P=W{cQfz3OpPkWC50c9<&hhB=QbD49puCX|cD;Zm`hIXP=D3Ywv9@dPY*w7~Q2Q
zhnN`&wK3rdNy(+NFP~>0J{N!Ez4Pv~{PTg8hi#nK0<cu{QXE*+jVRb+NvP?o(EZ{4
z{Pzz_-<rIOikeO9Op8qGJU5CnTea(VCch~ywQ6597mbw?4H>cd#bIK?iM&BXgry)y
z2>b;6SQjPN5mNa{{rlIyw<yTtN>BbI1a2h|!p1_`;9oiaOZFdj)S8=*to~@FXNRK%
z8$VUv`Og^t-jJ#r{b%IgtqLXxVpT(^Uni0N`$nu)Cj7ts9=YcXBYrkYCRF%_^XEvI
zz(9P@{(G1=saTi;%<MUebO`@-L#)af{a?u+x%;tEk;iG9yeWA92PD9a&qlk%|0NJ6
zoUz0k>gM53GMWD^Ddxa5?_W^<J>9{GPf{+au!($sWBk{RxKhXe1@vG1{}<5zU7`P_
zA^*2jJ|VE9X@l!t20Jn458VwG1T07Q{d0P>PY}{;e&2!t8JRzfKsO0s>y~|<Ch**o
z-QU~Zx-Un(qv1+O`I7?$Ty3}A@CyfBEVt!S&asxZFx9cvN{eg~y3WdhK7-1JcivO9
z?tjRL>W;8BKzba~fC_)Re4umq(dV!kpO2p(qD2`mQy{R+EJ~(G@vqJDqX_&Yb&koG
z0?(dc^y)5NIB0yfUhq_LsBnadxwB>&yzS(n*OaLG#|X--aLD-IRsy(r3YY2+Bd3To
zy>%_qAp1T$Q{65^V>XnrdYZsTNr{~&=_~%99Z>){rX2F?QZt2by$Kjrm@c>T%J&8B
z@!So>cXoDO5D|f~(_2TNN_~IZIl#7l6#%R^!$FF2oOns(9i+V_%W}M%rBuhEKd>^=
zWuv1)GKv`d;|F<MCQ9t_AN^wB6*u45B35v@m{w^{I<sZE|GH9X)CUh3DMkyQKmGEr
z-|$-w0Wdh^-|!~1ui<jB$rEmyYcZcF9AU1lugA$?ipva-{*&{gJ^n!jH-0?pjvdaO
zucO=AI7QPALOcSyv(4fD>p42?0DJDqLw3g$A^4HBSz*7jp8rtaGizadJoj^~$Y*8B
zf1U%XDIjFX$@qaav~kD~e^9WMZDD$GS(?jA6U78yBp>@981;AncOsY(?PF^=rVTK)
zail!I4MR5&{{<E@KrnU5O_BM-A-xs=+!Se6pZ8GSs3vK1MW@n`B0|{VDU|?3GGc2l
zI*9(8*gq?hAPaCx7-Oq#K_Bp$qqS#$6*#A!r8n_bi&vq1Pz?QNS^mQmC68GPVEXnI
zj;BSa;Qdx6IM8_as81x}Ps!vTCEK)L>iQb~$aI5+;U_|vShTQ3C-lD|_>1tsdQy-H
zAT+ruoYmZ&b0qVf^aua<JcA$S*&WapL~&6i;G#c7mrPru=R(2w3hN*6gLxlS?-rq-
z%;#XpaP!@>&ItzgkFT3C@e==a58cFo0_yv~tzooZtXG~C1iS&jHu&-{*uTB>R&WPi
za^F7fp3CDXwErKYY;oNxCiU%4ckGz~Qpx@)zT>0#S4cmsFAEr>7fSsg<A5|NU;jXT
z<58LuoE*sEI{-~hqWZii)hMhV{=ho}>nq7<z|5>8mYem}HLhHGp*%q%l0T}glzfrW
zZGj>YWTMevO>&0fCsVBx!Vs5J1nB}O++3Y2y<V7$iwm^c6to*0=km|G@LLXe!x%q6
zC);g$_`;k5E(4>)vsJ%4IFUh(S-Z(;>bpvIL-k8}XjK5j@tr{>f!7OFL7Vx8Z%Rd@
z8N7~jHRh{*(M5sZwWQaB{te1r%VNgRd8QC=DTW{ofIKs0Y279HMxkF8&Ezu$>m@ph
znwt37IC3dQKKQ?ig(})7XZ*XMYA}IS`mwKiDbJ5EUO`DoY2wF^*A|ms$<@<~rj$$(
z$fwWF&a5mgEx}O)tp2nKRAk!&mc`otD8(B@)Mt-4cYoN25ZFtJrs)qG_C?X)AlPo!
zUQk1-cUTQU5yZUM-y^9tk2$EL<62bzOHmKs0*ZP`yc;Kh>=#VgooFw<nzVrhB6p)L
zFQEGo10BzkluzRbRj?vngsyZ4n~GMMM`8Ddtt}V+I|sc>azHV?qMW6v&Zvnz(Bgxc
zaXxC#GE#yUA!uWuY&o2{uIk(wOq*D!$o!uxgzRzVW0lP2`IyE$H5d<DFU#hdzk17Z
zy|*Ob8nu$*B2f?*2^dS5EC~GP3BppmUVFsMA*5yr{`hvbx!ChVu=-kka6-HXmTKZZ
z$dV%j<HC9HS*w%SpsD_&=s?)1_xiCrYQj{=AGCoT6(Rr-|4aPaMEt*v2AA92*-Uxc
zwMCsMYIrVRSyECGkxj#LtR(69(RXBo;2rm`_A0&G_=HzmdC_dP9NgTJG@?}O%46NR
z_D*3@lt}|dVX9vh5Zw?A`gBvD^>S}&c3vK>7Rja8O}yu?q*?m$BZf{jwYmAA?Z&da
zmCJIvL`~PbmW^qiuQ+(8VU+)%CEd2Iv92yD4>VBc{7YG{IM<_vqYPO9?7?a-MOset
zE(zMSTQ*>HoPEEYZPU1(q!X;`tRi~srn2y1E57sC=mLouNlg&WjuZ5&UPU-10~U44
zo=Lsp(+7vv`38H#QM+Oxe&y(7kcxKEMvQ>YnDB!D`_pFzXFF3<&OCKydqA5ev9k)w
zq-yP1_k^2|*KCD;ca!t(beZ-L9^F!cm4%fRaaM}iq$sZ6R#BZgBbRdDSNq?)#Euv-
zU^8Zc&QQP6{&08Tdp(hTe?8N_KTymK*b??pp4D!$`$O1g#0s47@wp;7j}F`uB*FPR
z0#O)8q}R&-f+26D#g{2`GRz(=cs@&Zw<RgaY89BwqU*EZJTsEceGtY__9^r7`O6Oy
z|D~LEkIG4$aRV7DNY?S_BXLbATOZQBKgRIA>=vVh<)=$rREQJF`GWaNVjPlZ7aPXM
z%qD@T%m|mp@#_2ss%W=ZRq?N!a;?VWIm`0B;#}dY0r@!ygrAQuXYQM_jB;~1j7%Fg
z=I65HM7;>BzjvVud~jg{%p}Fuv{&`*cTDvMO-)VUYSV+p%`8A<{bd0}CriuSG)_w$
zpR4tG<83@<Eh#;uXc0<yrCeMAe$p9h73QQtH8i+mBejv-xZK}R`~qYt^T&Y=aWYzG
zZiYJC?A6=0-<@Mx9ux%gb?3I`y)f`T>cw|;aiNTU16ckoz}Q9*usW<s$*6}Q6jD}U
z`+bvLr^0lva$Z!u?~Duj%{C?+*a0)Yz)cfgixH(9isIcMAUH3SOP`yYBcEX8g+mFw
z>;s(D`K%$v!4)k$N)g2^k>87ChajrV!G9wFfL8)O>=TRx{4v;ZF8AX#Q4GP!VxQvy
zx|woajBZdX+Q2zN8aXCCN0f!ujBV>#QnJ@Y^Ag&C1nM$98~-s1`sZB5R|tcVZ=669
zu5s)8Z?FHh(Wr<34j70f#%dnBrS(3);K|6>uFHMz7)GH~Q9K5lnXa_Y^V{08zFN+5
z4X39-pOL!hootMp3OQ~Jd!K_hQ%$q{d~qV>8u}aTR~K&<FXC95trh7Jo}vRmi(j{D
zTF~PXjR(aDl&J90$3k~_>_SLf2rMJqG&N9fHiaMD4_sKZn@+n>Scc=>w{k<!g>MgA
zMD~zj|8ScLB(Oo@2_!#ZKd2`y4I=%bZRxSi^Spy)Rg(#NlZyHI{bZHblR=||$-g0+
zWdo$LCCsCs>huQ(n&C9<88+Ox^hdmhCyYZBqxO`FdLMxOpD4_a0?1LEV+u7~i3aH7
zRH6;gVhzi6@gq)+CQr0IM)hk0Wi5u3;lJ_9;eON~(IST(#EQiVefU_?MWT^umc_m=
zlodvbVs8&`uhy21rLtbJfL5bhvVu*??sm<+80r$)Wi==fjxm2BoYRaGX3^#R$05IA
z1~kE8T)_uINgmf~eZ*3G!Q#FBuEIhU%iP@D&$`-JUq~jWKkJR?TLF{-<Jm(i-TmGe
zBR^~6Suqn&Q?5Wr^`YWk%)b!|IYQtYBp^;phEeSO>?VTRs#9;1seAomLLf5AD)4i6
zzOKhM4O>x`hXplEC2cNj7upr=s%u{GAfg|#*e9GR&GiEch94rSf9Jq*=z;K5T>o2-
zh}(%;+c9p^a(AS5n0HIWMuy|)Q5@FW&eTYZbS9dLy{|3LgW|B@0-^yhe;JmM{*JhE
z7#}C|1O%(r6>f6A<m<a4DszBDD~DN^93p!omK!}lYZfR_n~+?l6!%+S00|yrwE`eW
z(MFbm=xnTnv+Uz^gA901KVwl*+Ke!lS;mzzDQXT?M_Yjx&JE+AJQ}sNfqg=vDd6cV
zAi&DK5P$Pwoa-?}Ac9>=wn6G@yIAzR`PpS8*y_?Uw^$Ojo5rNfZvbigUT#6dg76f_
zZ_9%>CG$JW-z)A;60oTc1n3RHz2W$h-oG-kgnflDII%NE;=>aT08et@G1J`7!O1Cj
z+)vfwlzEFKNo)@`POf~-mGHu5FJq=Q%c8qf@If_4D)2j7V)Uo?GlRksRSLh2rvtFp
z85PeHIccQ6Nng6%&@j#H<u`6S3}U%m!EZmr^F7TYJ4=;sIvr#vzr7ms^|@RQi59vx
zlj3T7Ge2uJ5dWM~F*iiR1Xq;&*eKixKS0v>H+Bk*i1gI;4$*Q(geZoRSArMw)wQ*_
zao!+8)5|V=Ez0~rgpl*0^AFB|Qm+i0Gu&Z~?G4C?X;23J4^#8F;ja??=o2(iBp;oy
z=rF_-81yF7bU208c}H3Iz5c0>Bz-;0>AkIbtu6*+!m<&biaPNdGQt;#NM@6YeTz~4
z?`Ta7@GjK;UmV!^_iB`k=Er=_tNHgERs(U~H=O=_hrzd%17Ml{y^qur3auV9iEPJZ
zP!+hCchqqMV*5kvFO}Y(KYtOUL{0og38-E1mfnCeg#r?y+0U<mdE`U_j|RLmwW1rH
zpV;fLGd4F=Y^Ah*(VvgZb>991MZ$I4&A#V3*fj6T7&=>-ClM(!+zgX<{56#Azm^*O
zV`c#cR@0=mWtUZrs)caulp=(f4KQ!>$Md&PaJ67}unrFEic;C9W09O=tj{*+xXg-I
z&)(tvHc@~QQ-T}Klx?yuV<0xoXk$)gp@-1o^0u^3G4mqXWP%<XL(wtO1a))_3VR~@
ziHLq-;^dTIT+3Y4ztgu0&;2NGOTK0x*Ym;^W&2#`hLFl!o^=JGEdTgnOzL73YlU~*
zd_HHH?XmMRE4WAMdz8R&|H&x7E#PvEc&&TvV5@>kV%E^-H~Kz2wIYGzbFN3{uKmlt
zSqA~~)rqv(-gUi}QYw^nKk!@{I*DRpViGf{eoY2(ZCNELVHN?k2b-+*$9|PaNxW}a
zO3T4oA`J50Rrx8Rr%Bb3nalmw^q@}Y`Hn84@-x6_eP884!(b4vD&F7`Wy=|AsjbY-
zg~jJ|@f@pRF&&ce_0fl#saWZXGXVJpIr?vDutN%eD;EI1G7|uqisRPjj$r2a=~B(j
z<U!Df5oTM*KzDZ33^3LJZ5%=}7m9gzKM{~?p$w>ya+xBwCEUS`QIeta|Gl=9UjjU)
z?0@~5s9*Hht#3Ok#n<&3f97X3zMmJxw-Zcc^T|KjPMX>?{Ihfp9H4S#9RZZ_e_8S8
zz;b%`)*LeAwf#=F>3ERg#^@OZr2xWq_q#)*>Ts5M$&^#+=)ga=jpPW|VSp#s#ezIN
zMhMYz9O3ldBan$Cf=C+1(<z9dHkT8~_@q;j%b#-zBe3cH!kn!!pKxuzS@7I%-2|ee
zkJTn}e6=G<>P)uO`Yp7hhS#14trtgqB)<1oo2&aTdtMXY2)27~7l>QVlu4s?%pSCy
zj2=f7)AE<CdXTCuOR2DBJPP5T_i(uyeZpv{ix!lLnL6@Zv`WFI@R?-o&3DOT5j`SG
z%vh+kSwIsW9K2u0Uj35K5e+`sonIbH!`iL)CY0a$T3Lq;l(+5kmW1>J2LANG`Cj%%
z*V@TT50eX-giXt4i{8P_Z13eV-9<sm3ym2a$33uVb|y)P_uMSY{X8of&-F>N&TG^C
zwuwTy>R5bqT9MAD*+^LSq9(qF>y>)F$BAP?H(e~g&KLX5V@-v6T8)OvI*6YD>~J%l
z3XG>%(vbSQpKM^6jfkldWRt{V<4rBLxU<i{@Z}21(r2fMADAj^!TgGh5Ftm8<d^H;
zQQv;DSMI%Mxzv8(={dGIv}MRx$5jowtU59sqXe^k9IFux+wQL&N{=Y6{W2Jj!N$qH
z;#hRReK89r^E#hYLg%rzo|r=scFq;{SgNel^?C4KTC!~ytnPEHHNI76!ik!ZxxFCO
zL#3vB5AsHD6Sx~q!OCVeY+sFn9F+SCT0g+Qx3>6r^9|b2@?j3yPYYN(j^kf{2$ai5
zGxGoX1i#;QV>8Q+5?T>M*0%FmMUw49@OljrzP>XSB624<|Emlkg#s?3SW&%{iwZFd
zp$0PCrM>XU_LxA!>Eg=?I@{5jKsm}LXev!C6^Q2QpwX0T_2TO{?5oTTXor+A$HDvn
z4&CaQ2{ilu)HI2u+4lN$;H^n~<N`2yTbZ`+NlfDF;LLEb<^5lSW0}p}#|0N8uMenj
z78-_SX($vPk%y&DRO^77_1vqS`63?v+InL+wZ%Aia(Y?<6)DTA|Cv}m{gX~}Ia~oE
zRyHA(#Y>~uM;+5^Ab-PnERL`1G~|B}nX%aLvKpz3py|tiSPR%szfCiH;CQcs+8|zq
zQrO_*s>+4-5!g^@C{68A57|*3T(3_-jNL9ampY*Rw_9H(ajD1XN!@;>ANW3)$_pIz
ze6io$-!f+}!BSXz<4k-Hgq*wgDp40pzQWP{hfkdiq`Y#tPG7u`bFiPeA{xXE(<bRt
zSH%<k#4oC=b;?zxj*^Jv7bfwEjs)YfW1i5lu(LulKrWq)iKp87osbzg!N#PS*KmFE
zT7*S)>R4%s*LacjCfjw<z0XT;biQ$dxEmC?fNk`V%_=~SL6tG8H~Mx<SbP8bM+4Z}
z^Nap&`5wzCzKi+tChd6N(=mCuOqam}p9?eE39FzDbd2?f+s&dvjVY?2>sYb2Z|1#0
z_&S`P?a}+K7a=TdYfVv6XJu5A*ZWP-qhsCM8CyV`2{|I51My22nMzT-F1}Ib;@OUD
zHV_KHV$^lFu?S{648HWeT_p=8^3%!oIv%Jt8A*Gs4_8AKR>Pc64(vwAqMb#XG}>7{
zcFDtnz29nAK}Z2NZS9L{^i~7wa-_AL_wdV|>JtW@`pmq!W|IYsxJ5^6?xa!2^iZs@
z;ge5o4_RyJYTUZ6I}hY1>%v-!O1kk3OI3vhQYukCaOelu2cFrt;4bIz^up0Jhqb<F
zx22+`Rnmgt`puwc4=#Pi?b_!nVIOcL_fN7~N85G+sQRL};_o~&xpqzQZ=t>qn<eDx
zsoozaKsNa0vL-u|PNLp>E4@ShdO=fsFo#FJR}9>hGSkKnSBvD;Uf^Ri;rk;T-J1hX
zO$gu8)hH-sW;KmPv+cf5*oRG%6HXs~M8*A%UaQeywKGJk(nM~EkSt>+RZ7Qm!B+8G
z(r!8b#E*0C6OAinwlk>XyEf;k0O6afu5Jv-2p{Fu6570E+3hoV$m;iEU%;v+r$xkJ
zZbbpQ;41LS`2cuYmz%!#rnV%NWaTZ#gLq86CqU|uM+!(}eW`T6jrF3yU;09d^m{w;
zrV&&9^ye4D^YkTb4$nFhqo45>V<oxC6uZIKgahXW)6F<T@pRaSMGy9UyYg+)-tU?k
zlX_9B=Gb^uMz$lJ-)7pT7e9oMwR?A#j$P(5-9e7Cz4kYY)yjCcj}0SNH)c=fwOQ^D
z%!Q8)NYeR9@5XV;1+M0jA3W^kNHW@#Z|Fuy+wDb9GVW**Qa4H>-_!8F?SQ{(hO+4o
z#MO>k%lf?pLY;Qu`yL{E-P8R{K<D}!A8vf>h4x+`K*k98y*-Epq5g}Fn~RI379WWZ
z8i@RGT(1YbZ(B5zm>`FcW?>&FtEV5^hvfR(UzNLMyh%d_WrE*~Jmv#^A@g(FH)-6q
z!S3^!f?2nkMK(()!(dy1V$AE7IuUXVU=0eqdF6CrNOm)OGA6u4w`%wCMv{~%q322D
zk9jW&*-9Ca92p?z+AM>fFwBVSS2!id$^O~FZ2QX(E*j4<)@+UP?|IR6_{WXJgL`Y-
zj0>0jD)KGYA>1>JA9rtTMmc7l)%J6<So)-VUuv&38RyfjeL1U~&MJ~o?0Yt}i??Wk
zdXpm$^_^`ezWn8TzkT4^dR%1taP@0!goM*vd5g#O{Px@ugPhB_T-x+*E1{lL*WqH5
zRO{?Gt<UGY=bkLhdLz+9IM2p<FM~C}uZEzwb|`j1>Tv9O5TSXG>mI|`jS93E!XQ%=
z;Cpki6h$_3m{?AXjq*|GzS8@>u=g}NdmoA0;RQwt_X4XGU!5*IaKqK-@Kl3cdrIJY
z*tYL^D(=NX`xcb_g7=(2GL1bo03*$1X2Dmt-sWuWC6(izw5ekKyu;5xdo&iNj~C#v
z1>YZj@!IO)WM8fKbffMjOnatFG{)Q#0^d*oK~GSMvev*{t!1`5trOSj0FS(aL$=5B
z?tPq3*ozy8myT}f=@jsRz@pU?v8hxy$}`96ttkmdJ)&!=<iYtYXusa2w(k=_9#efF
z2oCYTT{&H{(OGD^*lw0j=U+cMVC=88Q2L>j>}O<})Y5i)MAWQOYs5AE6i+&?_#stS
zSdy-m%3{fTz4I*3V##q&KL#phxdQggTDl-x!U9*{pG6KmSR7$X-uAsU+>DxY-OrL=
zy1zYcFY(&IA3M0u&19WVe=%@le<jlY^~N+WZ(iMbxbbkrMsieJa4KJ;IkIVUaWajw
zxKNg`b6?)KZtDtPRre~AiuQfSw|QRQdurrtZx@wUnY?C;Vm36hoDu%Bw^uk?Qx@OR
z^IuiRE(qKS-?s-n*S3RQ?P9V9ad6GeH2_J!3;{5Q<gs&YCt=Z;(L-*Cu0H?4C;PX*
zaIg2hcA4EH<n2Xss1d?|!yekGiO39|(8|8s;aR%o&lpF$MysGg-Y9Eq!Xv0qC;c+=
z+c%rmLBxou<Gu(<Pi;eFBB0LlQCuHmhw@!_wa)Xg=8J%Be?(qA<np*sZQmncVSxo)
zX}u}u*xtl#V3}p{(c|D1a`Kb#)l{DRYU@p|V*j^7U=<adNrkxe&?JqvS-9lBJ$8>X
zdi>57(bonZhLEsxAPxB*Q6lyAOPms|Dv+t+Ga7u;MUjWu014)YcNH$u6LGRG<T_mg
zkUJ4BLp9>O&NAwGMtg}h^|;b`Yqh-Z?~+>BjE@6>;wjm~*;W*PM8n|(PaJ;wXLzIK
z3EMb9J5oz7#=;&s6n(J~|Dd)oeU|}E(PYxQlXM)=42h5WD;Te$@8+#cqk<-=?eJDy
zSZZ5F-6Q@_Y@>-Zn{W1sMl5YEux*H4EI*lHUCq}GqQC;F03hZ=f>_sU8?Db)8n$0g
zmG1*dy4NPE`1)Z-yP?k&V?N|bSkG2;N*a2`MH=Nx{wGqh+wtH>89V%5p$n8bL=d=)
zripY<N|*&YM`Cv}$SH!VRa5m&E73TqR=-W35?wHpUS&1S9B9h0(&R1bW)qCFo`fsq
zc!d)23l1#CfE928ysIWHE4tg?=en;vtSdj^bid|i<}|e%$yYa$Usy}4!|lALA<~jI
z8%v|nAC|reoHi=yK9%?X{xm(g#^!VBMc@Q-IGF6`?tH9CT2<WpcFS#gE0g*KE7PMm
z&YJ_W=Bo|k^7ghXN#WV%N?4Yv`kp!zyxF~;7I&VAX-LMeyEW!&yWC>FPuFNR`3tA*
zw=zS1C!ij};tLLA|70DD7o2QD-XAqFot_UW9iOtxouCs0aG@4baV2GN3+XOSnNcAi
z1ED{2PyUJw5V-|#&#}z9&gzF`+I1m~jEo4>EH5E!lbHrOZh}V)SACeQ2Xp6oOi$Qp
zq?P$G=zk~DfE-6*&Vb`Yj5$Bcx61mGVvb=Es00E|6iMs3+Q`s>Cj07lq%2u^9-C7T
z2rbsjvSf;=UC8V^l3upWn6+j=+4lx<79x2L&{orqEKV?%Qz3S&;5Tw<Y0vKqiGk-<
z@2guf3kqeGGFhDyL}UY;*yN&VC&TZe5<VK5MjOMqxi=WeNNJW%N2GHOK{c9;yfrm%
zi*-G{+rg1!_X^%ww_Qau2TkwpdXQW^^}3gJ@k%NzD8sMUcjb$IrgIn6)!QA?vWyiR
z#!9B4^XQ4mMN({M?lqpb9C=7iT(7mb3oy;C*`bVA*r2SJDoZ0i2MT4)i1dl7Jw%fl
zT?fhSw=}`6x5q<vmWUjV2;38mSme+RjnPP<ptgD26NDNDgjd9VTP=xn&0Wz6!we*T
zoSiS^!Cey&f<oLtD^8+}J=(*Z{TlL1l^^#XH&=p&xbMMmL_6;zOVJUX5!W@@nCJX{
z#mvs7C>ak=V0C}BaIT;w?KwFuGEEU}YHbv(Dl%*hdP!$O>u_e9wYVQr=dqeL$9hYg
zW)9Y?X*MyjQUOsi&v%Ci&K-Og^_1lSK~^*E^(*Rvtcm&}pYR`uaTrz@ZG(u~C#t-}
zkCW0ty_j5iqF3iprzk8nciqAqPdh)Zy}Yn)Jau+4>H2PPy?Qj;A6r@Qj@y*27%fBg
zuz9JzTsxU>Z!#?ls&N^ykUgCKjGWQUKs9h-eHQ23=KLj+-wKec!|yBjDP!BP9NgY~
zx{+?HW7qlQWOK~aU8qof{^y}poLv0^4vP6fWglrn2hu1gUas(~`h~<C4qPITWpFVj
z!O&1bM_9C|&v_y_FXEhKEZOAf$}VZ*j|JPdN|UW^8?^z_+l#f9+uOscen%6*5Wi>v
z`6X4in*H8axwc`!pSguVvs}0~^F*^f!>ii3mFcdYLW;Te>sBPh*~&&<;+h>2B!9-_
zV<PHR)k{p9#hvVEAaTv4WchOD*Ge<^$fc&##qdHgSFVgDZ;pQ$HOtfI#6KuCFDhch
z*VR!nT~O@#0E>Fcd+LD38|S)u(S13gcaHG7oTe_O^4G4jtS9p*nIwA>Rs4MH59egx
zkZ}Ab9`qe0H8t~vYX-KQ4%gzJjzYcD`RBOB6;d$x`?936fWVUeF*Wc({Z-lFCwO%A
zN`oNoU5ey7vlSp4E~F#+1m&WV(n`Fl9x?5AauYuCjW&M?_~fUT3-a<1pKJ-T2YxZq
z&x3*deQ6`S7vN%dc@q7(w_92+2pr($Zh@W5k7<oYBmC7Wr-+SW8Y@{*Yx0ql+_#(k
zY27<>>hCbKyu4fXaUwHy>&autNjZo)DC;<;?|HQvE7J@ucE`+QN6khV$BfEQEH=3c
zv)`HA8^wa1L%17Ao9XF~#i85<)TZ)3#urt0GbZ*)yFtlv8x*6^7Ns4(XOR;RGwn03
zHNDm3jcy6*&~J1{3`OVOrq+@~q-MHX1om|n=WVrn;O~9evShvvea-06OU{z;$nrw0
zCnL5rEKNM@586lRJ~1CJoi_MqW+Gn%c~#7`?G>w<>Uf&>P){=s6h1*wil;LzeE&_7
z92)+LNX%u12y+m^0t3X2m_T$XA{#7)bn0=sH9qgM+8wO#neCd}?fE%EwVU7zVoLk~
zO=gqmDI!L*e(y@<92XoZu^P%kWmZd28MvZLt9_rWWq(%hM36{85$zy^V6GUi`u)5t
zA1ni>j}~N6O7=6p<04pnZNQ~wv4%!hI-it-%=$Ll(h{RYo_ID^D`u;urS*hp&yOn1
znT}&xo-9)*LsoE$G<?3TY`-Qp@*%_grhH@4aA3NX+oN)JcJ^~MsCQ03O`l%MNIv(@
zDMT<U(<6=~PQ}(Tsg$x}B5F2C=qzEb)x~z}HLb1e+zUR3n;BD_{x-vM5V~vh@{pW6
z=9=o&aS)1o2J5Wp!CX|7N5bt8okb|!)&0o8fwwTHwFT6-O>kvWX@_slkU=$HwQLZx
zOwfY5d6e9A%yF!q#EaajZFIK}hW$&kpz1G==)UfBQnj2&%q<`z-i#7Xkra^NHdDLg
z5!K~IQ^nSUe)@wns<{h&kHW&K8^y0u3Dk=>Gc7yPc=;mxTu4tI5)q$v!IAy~qZp#q
z&bl>>;QV&A83cmp)oCAx=DQb4*Jieuw-n>jgyw6aB0RX7!YfZQBZtPIPdiPE4)*B?
zm#*v1(2|<7?+~NBc>jWPN0>HOcnT}-%<X$&U2E<}MAK}r+pa5@Td;Pu=R!(xA!Zl>
z-(<Z}do{CEsSH<CMC+Z)NR4^jD7o@1;&;;?n|I4I_r>Ry59UcVk|ms)y_>knGdf2q
zYL<(}H>P`;9k|KSjVlflTf}3k&if&|qj!h&7NtD{UKhdFNpjm88>bP3c&7&IZ(r+c
zjX=s}#THqi%$_=4AY`UjeYKn)vggZo)4YqdYxxA-k7uoFg@WF2BRI5eE)3Qxogp3?
z8JU{Wp+ayh*?6jZD~j(M&}U$`CP~U9eZEF|MhjlJd3Szq>ee6{jdNXXnt<%nM^c4!
zVi|RN${H04cQJfm?2W?{$Yjv<T}i2=v$CZrC44~5p9!^FKr#enHne`TMyri{_?2>G
zI_y-!W5Te2MeMMCIlQ6lApXV0#Jhxb|7<2YG}6t&z${v`KYtl|v?|2IUfDn;R9EQY
zK%&BkV{q<NUq^QnE6-#`DrmCi|K!M(%;tzlLbW<lF1GrmaJP@k>-9LYsT6R-;&2V=
zP_A#Me^l%F{FE}_1K@z<77F>det#5}mKgDJ4P}JI`SJ12>GG{-&gY@vLE4gxnuq%v
z+xZ48gOPyf5_u78>Qt(N63nk=2$b?Ji`&}c5<@%`KiJ{O1ddJ_9^6DnU@_%@%%rsA
z;5C7fOm%1fBq6Vh<}p02E>3ag_NnB(;U+b6O_2$oA9E^<T2nzASm~s1^6j(X_KS;X
zGOtgqH-hQ&TgL=-kTWVt#=!<!T)Kx}WGi%8P7*FW*U#Y=fV%DeQ_0@_$5gJrifFle
z=<4;^t_EFmYb(j<9#yHJXVjJyM_5u4-j_=A&!2P+5eQ=w5y_1IlL`)q=y<ZJdw6E6
z9qUzD?NdL_MKR$$t&zUlcdi5dJnT`qlPKR($J?lPA~&{hJL-LL2?_tE(L4=#GNc_z
z*|j%Nv$VlmS6V^2uIpX88v0})`}PzF=EEnoYac6EOp=38BMHjR6v6uQcg8oI)!x>N
zdNKKd&&XP--P4PJ4c!?zW@cr^)s$f^BQBgEWyi_ZQsX}8g!y(;T5VsGzcQA6-qFf6
zxcMaWlWuzPLeuoQd6YE^NId7o`h;921B=)FG{h#8%X$uN=3%Ue<@WMHi`V+6*e!Tp
zLw@tRl0iu<uX>amS+Mn7_dzCJ7m{#!8N^`Iyr&vv9^I#j+f4*mSQ&wP-G}QL+m<7c
zz|cI@lCe<?<ONh>?{C^4_)#J34#LuCG=*^JZ`N$7k1Kxe$Gq*xK1VgB2Mq7VmKnKb
zNC&TJcD2RGPPp)WW9oywTlf1_{bW#9q<vh3ibR`raleCI-c0P9vwl}*YxAc2Aj`7$
zqz{JoyqjKTQ#-h(nHN{K_cx=>P!9ihFW{YY9fg0CY1`SUkfKs83#m~Y+p<_cfa+&-
zeD63-o9$EG0mlFXOdC$>Rn8}~7&8@UDOX5GTr8EONEOm^igm@k(rFD|H1|DYw!{@&
zeoAnnqk_@nF*O>>!^SZ!4(CCa?Cas6&{n#>i`3cIj#?uP5~>%DS(bg()zCR5yGcb;
zB3*OdizR^tT)Jo$`r67oM=)p-MUEtV+UEgu;2yl!c{MMd{C>gaIw<=p+56m#$L{<y
zNxf~x>#}M3I{9V#W>xe`1K~ll!`!bo1Y%dReAR8djcyt@y1KHr)*m4Cwzq8rF8jF(
zZT~vB7jbCy!TOTBMi`NmSQPQ(Kjy_pQ6sU;p9=yhLKpe|uPt*}pIoz?R-{|lppTWU
zZSJvhoz}F}(z$2rdz($w3oeko){DiyEU&q%i%eYtIX~f>{P_3hhV6G{$={8k;|)>#
zSF_Dwk(Oq}LXlr09xJn0!(mE6$us;O_Si9$ZHo56=i}sLuSJdc0(K0QLe&W2L^twF
z+2)P+$tm9;lKYN^2!3uwH&UBtIy7Y5jt0_|K>hy84{D*{tTx&p(|$hHvkFw0mV-AN
zR-=U<ZYjA10>XYB?#fa(V@F>B=L71Nd^{OXPy?9E*9Q~b>wrUlRa|5$rKP2eJIR{O
zn^~Uw)nh^>68^$Ou>0+)B!{N)EO$ex#XmL;%{^7r`A8ftMEv~d{S>R;Ae$HpUlU5b
z$^?ZkWc#58X8z>OLEN&#pl?wWx<s7!x!FtB@;YLbB=g?B+8hJBE^R9n9V>g14ckQ{
z$+Sr#1V#r0hu?=KG61!XAl*gpi~VX7ZO6S@Qy{qzo%8L>{3AR>;|^Pfooy^WN8zuB
z>gu>eilw84?|CkA7$MJE1vfJsg%15N9uEhhq1ENL%cpZ$dz?+F**5Rh3EyqYCtyx_
zPkxXb$BaY6FT#CGRiQHLQrA1})%9a_Tg=n*MeTiKcj@@gWG-3E`B#|4UG!f3GPmqo
zK1451_V;|yU;iwW4I<Zj2BC?CBJ)zR<uM|9Z9<mr4}fCG{eidbxsGQLR-ff`3OnS1
zFF8F|m|?9`YNmRuImT)rWZ!pr;^eC18#@(gcI6Uu)dZ-$PAY9?xqO_MtIcjY?5fHD
zDOQOC*1jHbybkM=;v1G09DJ5Dnq)1wZcxHS>w$On?Hb*;uIzC5bZmJc^5k1mr>pg3
z$M`0r0c@Y5=KJei79at6aAzF;N>NOs&Ox~{4K+FsAydG$9}NbHy-rcZd?aT^%jMVU
zvXO<4lcsW@bfP7CE4!Bs1$_^7_Qj`!LLJ4&Labk>1Ps}Ek?=|C`o#jb_wkyZQn=@L
z7B71PsX}Z2A#5A9Ov5jR5N$a3W<)meP0;u{(%PPk5JpVP0!7eR28pYd&r<6%ueJHm
zc)FqN%#+L)9VI|P*B|0LbtwK*)3&wNW`VDK<e86KlPvD-Pul@E*wsAdJK(I;#RojA
zSh}lY9~<_g7xerQctI7uS{tjNND@v9<uc9IY;CcTZU3Ui1?#{Mo-TwX7gkm4r1=vc
zyfRMJ{iX9Hq9w>J%7!uDkT)?+#*)BEDv83t`Z%|&eF@LHS~`&1oM}wL>kFxlvPf^$
zTC^3NaTZG#JQ*Df)cSbbRfMsLVY&dnbP2i<z5(ON3sfHZDSL|!J*KF^6im?~4MC=3
zujhaQ9>3!CuK<jyEa6;oc9TOK1!9><m|>!@D`0yD6h2F>T3@ryXC+El4~Z#d=<@Eq
zHTCH39le3rzrrC$Uy5wn^?iz&q1LIzcWC`Qn8u~lzMMSjNkbD(X(_pan(mmal7|K4
zM}&iCxxA>TbtV&eFDCSeN|8~*KK0kD1xjhWw;k_clbv|Na`L{s68l8M8I{WKx?f{X
z(OtLAv|H~IuQiR4d1j<!Mm^|#8L_t4fZx}*VHXnpq+#<{s1j&UyIDXWGhZ0FbK|^D
z{9SS>xWOLO6WVMmY>2>`DvJK#U7zj%y?5lrU}-&7gcma>2QnR`QcgFyL~v+h0o5XG
zCSzG7=3PwQ;qUA$ZA7s|gDcPk1{HRsB8JiVp`QX$QQ0t`V}GCB7_`zRrHS#>nlU?n
z{`smnFE8_#d4&GL8!Lu)k|~>~ke?L|HSUYC&k6`(KCrleD|aI!a|%K9RVug<=!+R<
z2U2u#HLUiQB!zRM`QKLF4n~QYYNPF}T=vEX>le}{S$!?HwE8-5&lqE!FaKD|e$$TG
zaKPQ(=r-!p8HRiJQ_(t-KYn1f-P_QU&3=K<l(=Hzz5B+)ugX4K_uI-llhKySrLi@+
z*0rCU>0FUS;|<GAyI*vCE-zOffb$-b&F-mGCVS^wo5I;r1^0V1?N`1S!Y$wOx=|v?
zSXXYZ4%%+><K6N!b>c0S1idd7%CFDL#jBnz^Mn~;!1Zf_gEp&Puil+QY;P}*h`6l!
zRRVWC?yk=oY22@P9XH-gv{GT-%N<_{R0{3!J@c#W;7Z}Zpz5j<9CPtt%giJZvr!0A
zBf`_^_qdtNbY7!(&e&wi1&it3oNLTPC#v_OYAtQK=(rAuRaMtAO{cEywHDGN#=Yzt
zY>k65OfXUwP<?<OKrc}5q>i_+-u$k>ZSnlQO-?|GCe?N1&;UsnHxJpkbh@kEvm)0s
zN`%3vj(6dBBfJ(qKYl{B@_l4Z*p)|<kVY)DtW#Wtf__BDP;HZx;<EVekv*K=h=&vW
zd@4dl_uftvMY8fs<N9&)flvI92AlEX-F;;8_8dB4)7x1Xr`8%Uj+`Lv%mJOx^#mD{
z7oVDms3wGa-&gOfsW5%)HYYK?kiwy5LpG(uJ%wL={TU(<M8Lw;p;}O3aAchA6qgGD
zWje~PO7XpTTDhiQ{wO~%pBUZL6<E^GiBpxUm-tPsDAk3ccH1R!b5-?+2FaM-^{0w;
zQRe4fy4ALJH-D{T!s{xQrIT0<2)S-bv1%GXs0-BPOI&O7)A<p=Ac*6nd58RQc#yF+
zl%s&7ZUb?-Vn4|svyvmxx#4o*ECL3b1$GmiFMe-3NxkJMvOGP~sM9VV={tq4UGEI4
z_H?#AR2aBB0mEk<l;57i-HGTqD@~wo5Y18}EpE`_CA&JsAoY6((@04)tI)TbEi`2d
zTy#-|FZnnfVH07QpKL&9*_S-8Q-g-o<{Qn%o9eiVyOOaMJ!i8DN;^W{#c~c;fRbXZ
zLN=QV-(TH__IXmbpUvWwb8u2P^o}2-3K$@yrmlj@G#Xd>qVx~Aop-cNGaK(_S>>5D
z&pWdp9IguG>KWA!N2rzr-Pfdwrj<jI`F80iZClkNi@yi2ath*=Y)?sVg7V}DftZ~c
z{xf_LTolp=i3dsH>kqRaAW3Ju7*X514;*wUFD`2ev%~6=ipVy>K^w5CbZ3Ff98lJd
zY%L-|-bD*oje5cPf_87A6%^W?;J1X+<Nrx_3{t&pWi6e3&lSKsVp5tCWZYeCP3ah5
zr=*pE{I$+;0>VSWz`ZUOI!P;NSf`PMH{gcp>bIc3RAKhz6b?_8bzRlWVh`yZ_Ckfa
zwA?GD?qV8kX&0dpgm2XKnASW{$%sR|V3%NnYXVG!FI4>Ga|OzXsCaN2jIZg6)9tzl
zC&tXUMl@b}8l}`&eGFs6edW7pS+0F|%1&@SC5qub7R7I{4sYA$eWiQfMPJ5ytZi#!
zb#);80DekTP&b|9p0{W0zf0<C@PT>i9Ze)*2>ii|17mrCtLEPD*oT>bjm(N&=CP8G
zcc~$yCKoZ=6J==+`(EzpQ1e|W7re0r3rkmsHFxypp0D?4Jha+n-hT6FRhFk;;QAcm
zv$5oU`Zcu&*JjRXcD6E^%;QkownbX9ShXxez#W^=^^@!(=l8)?<0O9FIBnU)r;n9o
zzrF@vL9zK2DzdBoZ@`hkhr5d<!0-$uv(Tvq!eAS)>m?zW%4hJ{cLgE=#cIC$%T-sf
zF}|UnwYAmud^xv&mJgeia>38k^FVDXz2SyRLEB)1l`)BSU%Dv6CN2}-t4~qYTHK&F
zJ@!_fh9ylkfer@&v~?NGZWw40Y5W*Gt?5Vf0bcAHKT5Ny<ybNcafIr6;x`EL2?ypo
zn)2BbSYX!M3b<3Q;t_4Wh$6CeX7A0qPOEBdrINqZorOaW9pQSX57W$f^bx;%4|Q~K
zw|WUtEF`ge($-j!9N`tbUqQGizZKqYCp9g{sC#>)*eiJ-m#UM>bv)hsc;FP4{Cwfh
z2hR<28PMeP=)PHc!h0{rC0B*Z(`z(g-KKd^rHRU~p8osY5^dF5dAgI4WL@hWS%gfI
z&bay}xh9*I2M+UjXZiAl7%4C4{WCmb?=|83tI&4t`iQb`SIZgRVf~P`ktY-+j6?ob
zH!h)wN6_KmsFII(HCBh02gy>0Mi}@(OD*>x=B4)Se8P#SG=ZzNy+SXm{kG}v-i{Sc
z)k=zIeZ_qzBYydE;K%v^e?I&d%wSm0?x5i&%A13B;qW(=h0oUFM6ivLOAiPXfByVw
zz&Jr8RZ7?M{s-4xO*y;yfo`Bae^i(@Xki=K^$e)dP)tyJL=(i0k^fv=+{liAPEb<Y
z`~sD>hJ&{_^~qj#iDx{3&-UF?w7<1T8!48QMMlV7>igUCbGytu8IiH-;&`dM)2qbT
zE=L`KGCo>2`l_>a#4$<WB9vEkL-QA;kTP+fT#S}<R)mJD7an<@|M?2R)KoR5?86a;
z-1y@=9#i2Rpfj$3%Wr*Slo7o$0$5O?3N7jEi?c+Ec1>CyGiXXXNBw-QmAl17W{QCC
zF3-hFC0Z^Ui$x~Hw%3NpRIP$ZNYdvUa-9;Mt}Ls9u3cN?T)}hcy1o-qF4*#QhOJm^
zHZ2W(?adb@)mgsga*~_SXZJs#Sut0mi`6Ct*u85cIppA$HlD206`Xdue7-wIAuhzW
zi>L+Rs|z(ZmhP45IwD=qcws)@rF<l{{mNY*!wSdG#4N&#n6Tcc0ziEhKH5Ij<CBd?
z6KYV9glLt$VZ3B(kqu%@NdF424{(Is-Z0yJBlXZ>i$!y+u2oi;$zQR%nxvLf&PeLH
z!Bb}I>#l-G!si~rB+elTx`7B$QEEg3i+lQ?toQc5)^(U|7}eJxw$3t%y;{HB;@!X6
z`e;lIX|C+P>gh|i%Z}r3hrz3)1v6-x<@H+k9qLnA=*8Uzj=X2<f6YD9bQt&b)pNE=
z)N1xIlWC_yOZ|NxJr}x9R*V5}2aF`Y)V0|MsxlsJB{r-x9>=w2zoM~-Pr>|(h>*ra
zJFCbM5L2(T(0loDaZFaj@9<sBLTwT*weM)pcns7zbdBm=vdBm7V`6>G3_%;Cj@NfE
zmF>>)?0krGAN}#Tv*wRHF4&hTnb1@HkFt2bpSKOH`qsDvn9h==aokfG?lepD|7`sG
ze*tV?%x#a35m<2_JA@jz(e6FddDl=GuWdQ%V<mgnY;thaIwf~eVyiJ}gA$?F8?Zb5
zu+HM^?UlW7PP(nbD?lBUOw_^^@OZM59CqQs#;tJ}IKG@1LhAAP&8A|_NH!2<*${9!
zP4h?V7pxn+`k|#L_NgL7fM%-*Uu!PL>T6xJ+Cbi1|FO{;C=$u7T{keF?txj0IH*J|
zPWDAH*NSD+@V9L3SG}ov>{YIskmraCeUW=6b9NFv<655yu;xtaR05w?$#BgRlcA8B
zEs<MghZ1%(i?o^B++D(8qp%$1r%|#`oSD0$pwTG?>DSZ7`E<VJP9R|Aw%gANKA6L}
zK%@I4JTjZK3nkf4vABg0`;D}`U68}FYIcaiy2jqf*Ya!8PS?_^eW1>!i>c@DI5y?V
zXX&iPLU1k7ncB|sOx42i)RiL&f1jSZ*y3_wM&(($8^Ck5e;z{3k5yBGwC)&k0DXWq
zq>+`PMbEn%x;r?@@szYIL*lu%`VrEn@$fr5_mm(_<Va7dvZkq(b~QX-;dvPvjHtwe
zSmX;2%=a%rb0fA+g<SbRg*7T~+l!*Mf8uR?KXVf|)%hGC^c4HihltgCHR<|X8SChN
zdT4M;jM2Uw6cg#L_P(vzWB_ot)5xoi8kSJ4+<kYbIPp>d5>oqm6Q7!=hz8mtqNv}%
zRj3G2&>f2-ZE*@tJpCN;HXf~0Tign+9z5wC=iHj2B6|vEizjF62~YEi6{A7Zn^n-~
zwhv~@jUuqILgW~_a3%{Dw>4EPVMz&{DyR-mzvOz|{X^jbwLtSTCfZr5)BMec5-zFw
zY8SnX`sG7fl3>-IDt+BGc{)A%8Fzjt7A_2g)NeGZcE6`CJ`IT~O*Lic3%0J!L}+ts
ziP2T)+t<EE(CE@sU2C(m<gdO2B>C98P>s}*JEYA;lX7<OJebg<Ht%TVOYW=8_fAe_
zOnf>5e48xngxNxkPIvMAQxReOwo;@*`*A&9i(sUF@x!$c_452YLvK?M$EOE1)q=M6
z@rb+b;k0f^5bd*0Nr`6%C1~iHR#hx@M-ax?dC@gD@y+zUw-8uy;JEvnWv2AwaF(_P
zdDQf%+@h@QxT7}3!tG-=T=`F7JAvDZ`^kqxp5$zBy-KRLONf{Q3qRf%y{mVX07_^T
z)TEnJ+Z$t1kYf+()$v=$(6(Fji5y%W+b|?>fGF2?TC9ywZI@LQFK2qrkXxO1f|T+;
zT^_=4iaL&MS-Vw(DkHy$l}j=_fAOHu2mMwPH)dR64{OGKRiykbZRJ*&jI4H}CU)>(
zT1d-HaCcy)m2{!eES>8X>Jxr184<m&<UeAUbEBck*mB$vqsZ1P6@I~RHZ#fY((Pvo
z$`QBbc@*GKT#XmE7<s#V_8KYQMx9P1^@@AVso85uQcFZBEZYTV48~r8_}T5S)2VIe
zV_K?vXAfuSW=I6SY^3jE``V8&kj@fl{>XBt!P2UtZSdjuaYa2dU9KX%T=EM(TbzI*
z`0H88*=-P<Xcnc`?O|A2@TVM)^y@u<)GNk^o9&#hgZFm8+S%wf4m8i(^4bd7RX1t6
zOF6%<tge?}*m7y<r29R-b&wOol&6EZ1tjAjYC#}=ZNz8L`4g);ZxzL`md&8HW-a%z
zm|x+HJ_h4c*4FBZQb}4!Rp%b(=jT!Lc6(YDy~qn%K72SOkt086D4x}tXvIU@)2*~G
zKouVbw-#C~cl9)b+ieD>J|eL<Mbm}CNmYF*oc21y8?k;7(PxTdW83fAs_7TV_NuB>
z1W873_W3jp`_dFMWU-baf~YX+`h`yXL>0J9!M<Hp8qIc6nL1Rsf;Z+R1HyMw*!_I|
z&obc|C0y{=SKWn3g{a)|v(UW_ke$v^Gp$<eabMK8V%_*HC!B?vxmiCdqTI&D^JX41
z2(^K8X5DB!nKO^h;xo_>^Krt}Qj{c}U0IRBfs&y~Au!gBL_BL(Bid233xV@_)pW>5
zCE?i=kFl@6X2)~A0_ABxMVM~g#c`I&E18%lH_Zx17^_$n9#s&(BL|a?#rI9$HSpev
zY3>|krd}|kEnRLAy)Tc<<o6K^IZ;qyymxn-d+jOc+rdXVR93ap_ieA^@h#Wa4M{4y
z21$q`wEij40>@I6SwPKNQ}*aFecFR18Dnl?;c+@Hsj(0(K$EQPLP%<GFt%~?6nr)&
zWWt$v67P<Dce<jKyW_E_sH4^gN5$;Xqbq=1K#$a2%L?g>iFwOw@l6z-a24!Qt>;+t
z?h1jM(K-3m>fHI*hApyJzKc%ZWCbQtCGm$wXOn?4Ea^pILqeyVjv;j~E=xGBS!C*<
zQdz8Lw9D7)Z>49rlnJG)ZKG>XR)(F{rtG~9=vA>_#7kjIE57?WmPCr-JQ92f(nbuq
zB;ah(_wR671+`^{$(66VmO#Cm)3t8J@bDDlE-aHqgc2E+6o^_(mGAD-8RxI^S<yBw
zB5C<uwUjD<42{55xJ17#C32q0vFeI+?h$$4HL-v1wS~HZUt(5Z@6Fg?a-AaEvOj3f
zdEjojTIjS<T|BoLWtE{P-+Ke*4Ue`3dk<+X_^Hr_wh*pvwOQ`|Xmbb65~a=E+luy?
zxHhtOlJoe;-r>_l6Dz58cQnbC-mliOWoEG@(WoRmCH9MHLv<70$st3$-FI#Ge7IRU
zz@4}2Ml;QH#@h|?T1L^m>}BzJOF?~8m~KM}-x#RkdmNwb1*BEMtt(*+QNVjJW2#3q
z@wfh@-e}^VNqh?q_~v{Z+l<{OZh#Z_E_3E|b!$lXg_uOh@U?ltlPklZ0y+9RM+Y&^
zD?;HReE~np3TsWRK=%<E;63N%qSKAW<WfZJ@M`5{M0|VL_yeomz|FM4R$?}lZn<X5
zbmX6_MVN2Q%qP;&bm)Qz;0Mmxl*I{CoCYsl>$lM67h@b$$&cDm)LGi3r$y+!J!67(
zX42AooRdob4^!vB9a#gl+1R!_wmY_M+qP|WY}-b~PRF)UaXPlq`0D*;X07=PbywYc
z@a%ma`L8|E#LXZK1G{VU6XF<}qp<?sZ=qk1GEeUK+)joWHHBa&Bil9g#As8JR;^b9
zk+W*=$=)t}KE8#yB{A+Ffnab6IeKeAifs2f4rh|+gCVotnmQSC)PRz)V9lky@5S+U
z=_v)O(D^mCGZC*<gksh#*p_o6XE~|&Mi$^DGWDBJ0O`sMe_CB?%~U(*&c+&sq?zsH
z;XfDoorV=J-**;7;C&mu$bTjd5to^Y+^l(t+E<{vayAF$7l<9br~LXaC<~f7kK5ZM
zho<C%eqGSOl6!LB_pIQ@x1g>!BXO1AoX&CD1Jz{>GcH3RsJ?}Uo4D;hW!(x#3#S-}
zytg&D!c`CD6shGsd_I+e0~egdIndHQljY5F6u|QO;l+wW2!Y8o(gtQf3I@~2Xo^Dv
ziR)~{?MeSEGazx}YO5<I_ck%AT|wR$bMpFd>V_2rz7cj#O?Vc+d4Qu$){bd7Y95Qx
z-M(OybqZyOB&)nXLjx=76-Jk-PH}{0r@d}+9!ds17Pu44&h|FqPiWs$C*b*BP?q+k
zS2x3HKF!P=jIfdA0%zSZmJ7LNpX<!W8xwsxCW%6=&+Pm&rqaIy$c>;Y0FSbJ*U1^-
zz>LK`%*kz!a~E!0Wv&xM>Ov61bo9dW`1ZwLmr*m9Te6scf2Q7Jz6q3V|CG}-4PIMV
z)eLnLPRJJu^eaEi)OY#-AzqUi{^RlZ>QzdH?RMCjSpQ+F3X>}AJe|0&qSP{{YI{Q^
zmg7jRf21;{@pZb4l?Y$+JuM@%@?@xK%r)zoQe_;Dz~?{x1Wu80xFIxe6uPVuDbF}a
zuNu|I8&=rFT4Xz#2knoSOdpvk+|Bdyh9d;=xpRq?Hl?PSNGSs#c5mTH2OeC=&@tU$
zvc;M<q+{^7y`DEbdiKQFI!F4Um7Stcouj_{I0bU8mX8N*w;8AR`!!8I+J?!dPD#Xi
z?{IKHR9>0dIFU#3@tisOik|#FL0T{>^IyHuVxl#QJMQq2e93woJDV?QItE)H6KPra
zc@X9t_~(kngYpe;X%c_l0vu(YcrZ(Fwikb@7p{JB08Z-+!jbBZh$1R6&oolmc%ewr
zkvOTHCMaMCI`9vKTo40jWVDB{2-6EshOe3h8ksMEK(a(kC7#1&c^1L*;&7iaKF$B=
zWe}}0mq)5yuk!$OU+^`3=UyH4Z!zsJmzg59IPbyD;(`%Lmo>1Lui7@qfaeq~jKVoF
z)E~K<GYIslsc_w99=8W_Sudnn=Vd3bol#bvCzte2<t9)uTQi>(MRCBV(#2O4UkhB=
zC?#G$J9(A^IwQ)i8*%qlv#^8qp}KIVIY&Mb8pshZtQAFi2InkiQ_26HuXU_rq6T3w
zn6qS@DN5WFP(zkkk7bl(*XCNFjzOw*usuj}1>qOISJeL6Oa1mMdqvJsCB;qR*6^+1
zF5ncisLM9%B5lstL_Pj1Xom)0%?RGuJ$z<O#_0X|EI=ns=J#=(yi@Os*1R}>NjeN(
z=w)F83|_vR>d*g+#wiQFq;tcWeXi>}i<&0!-|{H8(EU)`_udce#(9#$BO32&PWZ8P
za$|jGkOICia(&U6Me8`xcGczLS9=qGy{jal1Ga_{y8X@?@3f5(nPR``x^g|)lGTW3
zN&+L6Ip5Pa0yS(ev9qFMZ<WRE9Wyd^!_cs*)9BlBgJ}M7Pj91{$sLi#Xg}N#>2EZZ
zG?c}UF22vAaYPc?)}k_wZtET4b1pbXk%9b5Th7S|%QwMX2kn<|C6w7=;-q!jLEVuU
zTNC;(Pb%yFL!Y7E?Ty#8MkqpLjP&5=@Ga#{tD*vycnDE`;5@Irb_3t9qqv`c5_i1`
zvHuzkac>QD3WX--HM=7?CSGE=V9IPXo)j>YBBC9tU;p;4YrhfR*K-}=+;D-hQsxXq
zVf?Ruk8|#Bdup6WQ{tmrh6xVSCUKi2`))mN(BomNQJ9w_=+7kq<f$p^W;Il696UG?
zTzleLq{tZ#a#eIa995me#(KTBh>iZm(WbXP`>IW~2Qw8EsQ8}hwUIi7!--SvSil!{
z^=Oy|cu=3{F9?vZ{NstlKqs}y>8(q&^Bd<tysclU!-)80ve$cy=Of?E!l32RBHx;}
zA?7Y6l~x&kCfmh_;3nagnYY60(1kG{mZ~|%`cd5P#&VO-FwyphWK72#Qf{yp06Fle
z^Qw*`Vxs__i#eER1pTsX8l7|?pzf@+M6`uB1UKl`J*`UV&vlisp!Mt|q%_AhpWVqQ
zUttSt6O?tYqa(S?6a0R_Tf(bmI$y^P4Jr+t@1c1W0&Y0@8RUL@rNvRh+)c2pW3ZR{
z74pBYK(_0ld{NL+0`sQfF7AI}$Q#U}cc>%*DZPU&kaXeYhtPA$a3t<QJ)>|K<x@+_
z)pZ^I)FS;ds|`Md|81y@v)WP+`rwNa5&g!&wdJPjWa+YL3H&`FdmdJt3oJPLPNKHH
z=lX*=F1>l(ZLFnl)+RS@$48VKZ|xes_zivQ2O(ZVdNA*BNz;_=@!aJqANbBf`;Mox
zE9v^CtqYR^Jw_|GJo{@{>~C{(Eg0fTzVW+hCGif=*R)3USCU!Q=EV#uYh?Ra8cgCo
z&+pM2Xmj)ORCQObvf=%9Y5k&fe7NpX&9<0Ly;oe!)z~HDk;4HLZrhGzSK|3!tE2W7
zO2rNTqHwkWkw%@h1f}^uL@w-DGrwE_O#QNBa>JfV0vF{VhN$;9+($Tw2<-Q37mmiZ
z2O!l+L1klhfY?z`$MCgjp45N*`{~CZs_2?07KnO1^(hGYya0_ZXb(3KahXs2k604w
z_a_J_HjMn4hA7e0VZ^Z!ZT};iKx{3AHpOU{OG{)^GRztIHfH6$zr!FN)Fc+RI85PO
zOQ4VezyCiK1D?7eJM|jME9^lNIML=%shKm&$ao(wc_SK!+((t4S*!qq^60u2E{VLZ
z+GIcf=6pS=6A~|vBpIm!o^Kx2+rNRk@PVU~zL5Cs^YX+9{(sJg>QO#Ne>hUK9D%xP
z**&e}#EDDy?(Vb@BN{b)gWroBB*pPnYB>@NOM6q>xm}TM+FSa-&KqAs;zc3L09p-G
zOfA?jy3<Sw-E@nyX{<T-!qNn1gcz30v}WjlY^Y5f$0I~CcaD=8$!V@Of1$<+%74(;
z6~4i>=efQ$!UPBB;^7vM5Yn+#_A-CK%Y_}woVAoO-GbAzI+<ubK3^26&g1{Qf@~4*
z6T*p<B-Q`zwy8L32vX?zj5Nb9zzFG61qZ>hWCe|xmec9f|I-*e_E9*b;{QOT{Qm&i
zapAxuKyT)bXI5QhXV@@%PV0*u$W?W-cjhtLm6(c0F~hPcMlLnoiqtysH>D-o@$7^1
zuCc#cfdBm3dUF%2hcBJHNYk;1Ib^5()i75csKc#!+GKTAP7%pUT_-ttnV)|(+R{j=
zH!{l6MX!DB7TUiZ#fotx@_QidAvfN%EX+8?&{V6nh7=($st+JIX*`7r1y?K!Ex-rw
zdZ#8gPm-nZn45>PcO>Kn<#Z#*LshDZYXubTJVNMfU3?U!J*>>#Z|~~7-plHrk9kvj
zC_}43<0iGVB9#R4+0A!De4Q;Y32k;rR+4aDtB-#{e6CU|<E0wr*hidg)%+ia5D3N1
zhcsX*nfcF-0Yc25Kzp-B!`{r7R$U9+EbJ5i$CD{cYK3gjmKfx<xX1SOI?7v|Zekl&
zL1gI(7Y=eD6>X>Z=f}cj!VA7bAyr;7Z&27OT;*4}t<KNG3g!|%l$PRP3fODdmE>ul
z@=t6?eYrFUO*>rU-lErz!<hb4<cyVS;zhbxIZIN|2BqE{zr$w89PZKB#H&9`Q?gmf
z9k9Iga+sUlp|l6M#rgU!$jocG4h_qL4<P8Yk3JS;7_^qgSnyH#Hs&R*374Y`9M+1L
zYNxy;Byi+(ek)=+gD;C7&8V?}I#{2Z6J!R=nMMSE?W_V-?_W&E5B3B)0XBu07NFfK
zXh|6Bv=kTXC}|pOCfTxUslpzy!99zjUi2U0{GU@#(;ZIt?Gsdo{2IIH*Y5+ZXP<-!
zj5Hxlk07QZGZztmc6d}Y)B13k9}eF^%J`Z3$b72uOnAW}kv_V<#=;cp>pw&0cu+gp
zE1iuCjL^7G*?KK-5I%7BTwKkGJI-G-L&!DMwIt|AP?GqKjZiCvb2bMa_pJ}Y<n53-
z0J~=q_s(xWmC(u^$+iux7J>SMsK5IbQ?q&qIi<}T)n3&`y?QG=Y?ISSf62z$J1}MT
z=tO0&>*TsPbq00y<E|LFkBFxVP+ug;E3G(YCM3GCoQ-pRZ*1W|b)fQyCA>2@r==SQ
z+$3f-na;!CPGpAGWNlbq2M1pXyOD4GnNT4BMeOjPKp7KQ@Dp~Ap|yvTH04Aij+MA^
z%bCoFOHXDisER|VsJx>`vcvmEj?^1zaClMzsJ(awPNjh6KjBtU+5yMO^T%`43Um`f
zhCbez5uQ~!ALlwuB-Wc9);(K()4e|K9m(v*dzzMC^F-<=+wVwQZT&~%^%Vm8(Q2J}
zOy9jZ*yrP}^YU<L?jYL(l~demT{Ogf4;HISfrwqyDmG=O2?A3#e6f@hfYw0%GDZND
z#&I*B5zdrM{qhbT*N=Ahs*#@-(&YHZbg~n>=!elR%UxL>PMD_!f&)tzDi(e8m+;^N
z8erLfsG-qT`c#mE`a{IsVH05}OI9ONPVy%?Y|SAKrTVLwKlN^bn}LoR5{00@Aj1KW
zQLU=fG%4gX!88~_0}Tvh1n^+>V~g~Zlr!B-fhp9X@ra-y?UwqSp``TByDy(CFJ#vl
z3s3A*fvH3ek7)0Kt~p4(HC5c0%`O=;7eOrvYW6dtH&Tb(;vx&;QI;~TL0@9p&RZ#L
z2vr~ECH|KnQ-3$xTP)5itv>m+cQL@g6;2M^ENqk_E@PPP)xxn0i&u56THXd#kQv=3
zw*Uqqv0w02Tsx)mWIbJ~2V^pRM@EX;D-I~dj92j{BMkJ1x}MBDyYvR#S<u4kdrA)w
z@_&Kb)YO9s;p&4pmkFX%KKwyWBv~ic=uSIge~cnKc2K}cjDLY64Qvph4?v8Do(L*W
z#eiYH?E5L1JFWH-|0Nw)`$P|wf*0MKJnIj|FuLtM|0mKs)ciYN-NinGo#UNP^i035
z*x{z@36_H!b8A>}5bot$eh$}_=lxT$;DM5viO$dl9%09aVss~(i+~U>j#)uP3vtu{
z?Jyn+en(2o0YO{YDbq_8^2a%8D(pAZxCMu&ku$}$jv`Rp>kV^o$Y$PP@OW9$|H%LR
ztf@~AK^Nx|q@9uiGaJoxZYm0UqGT||-3bth<88YMoZ<Sj<q=*rjqhlFB4@==0p;0u
zhpc5vo(x1P3%5%?`&2YPV`09acXFoj4zf8rp~{SqPh(=g^n2!50l3ERFzeC&8bJ?a
z;6|`p+8n5r7s{H*?yDMUjQl=B2j|YL2dpK(w8xc=b9TKOika^BBHDZ}zft5^uc2y+
zDwvlMEuX%HVXqeqYhp3T8AS!NeTszbAduW9Npyhwfpy8DXq4K#RFSZ9EqgCuU=2$u
z+6}}eVz?%ls`=%>wi)o)Yq_<3=mI}ysmf!Ke&0?a925YB2n!tx1OkbOgN4<Y4~0g!
z8K%E5a+4pyLfy|E4*Ilw9|O0?{uoF({-NA@y*X%Cq$)obqD-w|qWwsR_0gg}HG966
z4mroOtowYGH3o`)K>2moMBGKN1!2Gv$RnV7?<>%W5<DW*QX*OHK=PE3pT6-K?dYpt
z(fq?$eUl#*UK>%J>BUV*UtizmhA3JE10QRK#6-G3cn*5c{@`)BEp|QkSqcqmi$T%I
zumlxH2O&(lEu+3Avl<Y>%suDiM&cs~fqM;;+?n23#}j&OHcKO@!T})P$tPJqNb?X-
zkz#sO7BQ8(x`4lLPZHfQH-9S!@yor=C_)Lv!AdE@O#H)u2)?KT<p-NYbeEwpUTMKN
z5>w%+sT>47=|x1k2#Z+kdh5_QEqZ0jMLUX1_DDys0V5Z-m8^C7d<L(yhfGTYtTLp#
zZr3gxPZ3APR)>?_*cje{bX5%JqvqBrI2)zw_d#wp=T2PG>ReZ^k3I1Ow&|Nwiac5?
z*nI-moyDtd)=c0vyCJX$O)#u?h9r?=sxea+IY18#9yMXy*Rp>%|6xCK->bj8i&xg_
z`a!O9VV7{sDsHVuAKlv<t26V@OGT)0qU!W(l!&So8u&R)DDV}y(5T<Z+!-MtK<eKU
z$r(WRWYOV=>z7g$P^Y<+Yz!z?yiaOShae^7s%NRV$!0Up@uZNwwJ=zezq76s%#}T=
z8<|sfdXiDT!;c!TzqJ~*n9u61Q(YQvykz|`!*vm2Mn*7D?0P`Jo4PpE0M#H8+(GEQ
zG33KLT7hqcoU`ehULf7Bug@*sZrTZO6wY~DUD8T_!XBh&E*5mXlA(En{teC_1yUc@
z#%FewO<f`M3~rIj!I`-D_x2Yj_+nf9UeHQupVs)#%&O^9Zsd1SF**J1-}?jzPNMNh
z1zEy^W{3Yi$~ycCWlj-=`PeWH-j&pOyee@e?vP{|NjY`QIP6J$%XM`@2T0#B>WuC{
zd{`DX7n#l3+6_38$Hv$n$PV9U@G*W~SBY6HPhk~m6ZOMwpe@W&-fp%EdgCpx8b!%u
zjdwf<eDCgt{)*Sv3pb-&Etk~|Zr#Z9U#mcu+IdP%oRHFN1a9Z%m}aONr)J6az+ov5
z7&ez}v*|d;k_`b2OK94e^O`GK{`3L^u?3IJXmBdXj>~#l$2<lRf?VCrj|aWty!11!
zHn{e<{M!>;?a39)Zu?&vrEd}Lf9oG~KxdlBmhC2XF+iJ_v~zmp7bv6X(x+SwvLXr&
zabivJ;eW}d-|}?a?!|OqMNBLq(Psu|kJ)M9kRPbtz$ca(_{OzCI!0diRWbXqoVoC)
z?)GZz+r>C+*`*r#DeDw6DCGOyI^FqJR%GH({E|3*p2CM;dvfL1w=nM~OxBNMJNGEY
zH)lZf2sv(&;9`2xL^-PhI>}GF(*S&*sQ<dqxGO_cUH=JSmaXCU*QKo592w}R1rU}e
zCMq?S-~Tl_>ChPyNGgh}1N?m3v~$T;-wnM2%VhGR50w)Kp()FWGU)zpEJ_NA3gEN$
zv%|n|U-Blm0i&x2nksR4*Q4L@CabHqvB$K#UPk~W)<9U3Y&LEAWJBp;hoefo`HPEA
zY<50_-Fv=l0`bR@A>)x5ZIh!{mGa|(@z2==eZ;BpkIVGsb=7HdJZVYVL1c%}>9!<s
z^#u79c}g@ZU@C=`PEh2|+b&+9*X+uQGSR>QP&fpi{h~1sLGLKd3(?A7bt7MGlXk0=
zAptO3^u2TjNlfm2<OeeLExo6fCo8r2rq^4DqiMsI#TJx^Xp_B*p8u?%-fORj_4J;I
zahjDP2BjhYSKFb_?-8@OYFPUY>akP?&ga$jOMer@Z_=2ZimwdK{5T}Sg^vmz>#J*+
zx%-Y%N7cL|t^M!Bj&WoMD7kUo^jcSmmT*=NpWw`v7;%YKcZP=&qdyjV<C`K86G#N{
ze$IDK{!nA2XC6s{Q4!SgyTDvvZmc7!sE?Xn3zdgAdi{HToc%Z+rRKCIcLyy7Ts9Lf
zbcp;CzNF$?;c*GH*epS56#Z>6^b01PyghLGeFqhfOWgofJ4Wb2e6!lict-}LxiMj;
zsz8tq+2E7H3Hq2Z4m!=T&fd+Y%8|=%ca?DozY4ZL?gs_HKNkA$pD$KQHloQC%z8po
zq+6BCT?nmMV_aDwhX8DlRh(D)A}mZ0;21LO8|{(U!~L`)K~~In3sH&()-SkBPdZOZ
zFX?QmtAjW3q=a)6<OJ;bH8E@J5AwEsC0tsUcjY*@3AhXAmZ@1()ZgLb#9jMX<Fd=1
zwhD%oS!SW)@~yd<kF#sGti}oM;?s{Bxo{A&yc7W>@ST<>IQdSBrNVV{d>_4majmX9
z>pWFg#k;^mM%;5guT#CdM#NiNJ~Ku)JPtIsn;vf~*OF#H^1MYQSB~xdPmHdpjuNUj
zMx0i2_$H2r4o4{B?OoZBpOzA6BZwMBhn~EB3KQ4TFtk%i^)Van>AU@Ll3q^+)S<_H
zU;~cdJ)j&_X{Mh+g(IWj)LV$12j5Hfg`~A|AU4wk=Yeu(X*+Ku8;SJ^VUhZ>dFE5%
zN5jM=yXIh8@#G&37);5SH}q$9&79mFGj`_aVEbn_GzctiC!mT^R6l1WmaX{$Cl1}M
zdx~hACk@^_#iFhK_oxPrS#(-kX2MfE$EQP3%5ff)az2)iqgnuUaCBAq!%0c}*MRUh
z@j<|c+>==@_nyy);gp!aEj0J9Be@3a%?yq)*!fyY)a4=Kl8t29{5%O{6N|7#^s+D<
z#p@&KVn-alBY5uByf}uIl#Miz6fo|NGpoWi0+_udhuq@rd1Qs(QXB9K%j7D0(ysp2
zo|A)C502t`&7+Y{WviRgP2Xv;Hn4uMtA1m~8JiBQXyW3>%gB)ntz*}^$@Z9yI{k`G
z?^3nG7<JmAMSrrJ6tiZ+qI7V8wvw*;0GQt*b5?RnC!zlAuyGauO659Qtj`i{B5@Jd
z(FBa=tgii7`vK3U??^~p5Hr*e_;WWKf74Wi&yX-_YsR^+MrW|-8|~}T?4EDVt;24<
zlg%?YrN^M`QSU`1>rT6nymW~1A$*W$@s9-BDSgRa568faXLS|22Dl%;bdK3c-HNe%
zgBA(T_ZL5mGR>xNEDy?NmoaISfTbq~aQ6i>{YL3~HP)Lz)T}*=WU9`2e?uEeiZRUv
z%<;facnG80z5`3L&q%3ADg%)D`ERRq+z)$6+%vpJIE|sM?n@%iRn?z=Uz#ZNKTv+Y
zAH^*>EzN?IWF;kgUss)rJZh?kqRgWth{LC{;(YVvgqM!U&R?cUi|7-8c(pSDt}|ZR
zMBmhQ01uQrX*ea+=7(uRl<*w_7qc}-VsIlRk?F?$gQL2Y>(FWGxU-|9cnygVa3mc^
z!OVgk@*ia%gt31n&uJTbe)9<1LB3g$r<J8`-PN)TyTsmi1LFi*d_=5=CHi@x{k^1F
z;NH0H*420rlhe+}&)uqa6H$>ik+5FUhgin85j<995vip;k2tb;v;}XbxK5oqm0%mY
z4&kzSlbNF+Ui7_rS}t98^U&@}b8s@+^~f3*O{+Ld{Pryq(|aq(pj*<VX+YQ2(et^3
zX?Hwp4#7UXe(Az8di1SK8Fj$M!9c%p)lmM)PY>0RhRJlL(|1LbKli5?vRprx*dU+x
zha2!#wKz<pjvI@GL(%k?Y?~B;-aXneeR7NAyXsR&{0j$vui5uqYL2d%0-I$9)Gbj<
z==h-ghF;cbUX3-95MT-Z3$sXd34A*DTvVPF1(O(i##~0Teymmrjo}vZrcfKul_|s!
zz$hV^XLm>cHbF2?JYZLbKV;E4KNdGRSfn$P=tEZ8qpe8V8NYG-YY|stqS4V-1RaZ)
z()tc9M_k86?iAxVDekz>#;<)V)<XwKPRs6YBi^CT->h!5$BBKpH<d{L#|Uwr-FDGT
zB^nRYqeTAG@9nj%m;m28>*WN4I*)KClFgsc5V<n@2_(Trp5f`Da{lHzt7XY^vU9bj
z2T8OXA)5EJj|l{H2jYcy9(WJeGwDpwROM3NxE^u4eC_zqx(E8ee-G6{^HyNr=+ZsC
zLGX-t?H*a063=0E_zq-<wP5dCUcRk9r^3{Umn+|EX*8B{M1M5B++3Z_8EnYH?&fFJ
z0@AZJlGd5O2jLjShvxXd6!v)p;KQep9_m^7B7@{MGAf6^-P^i4vV#ed^dX3DD&8rY
z5mDOKLR-fg@FvwVyAN<m^==U!lMfJi0`NM%@r%FG=+GI1GuyiuHyZnPA&)ZSdY9_H
zEBceB%Uk24v;Hhr`$aLB6#t)JV((+#JJXE5?(2b_fLT4@EQcZh^Azrw_D`=)=JFSg
zWmizE5;U%1Z}Pe;ogzj~f}=zfpnWXc)vl#4Qau8IxZ1&~#<)I6#qRWDX|&59PDgt*
zV+Sl@PIuaB7=vP83br>jj*RX0B3!n3yWJIW_cRI5$zNHK`=K#v*L}Q=3@G7D!(PA~
zvL)#(ZXEY_(!pcxFTXoEpPj}g($wpD!k92>Fz1gh7H%Qpzf=j^J7@*;D`{!NC13RZ
z89jHiOGL)etb)TCj#F2+&p(Fe3G!F^RF@YYbCIdvq~RB&JH-Ed?|>+7{#}oh0~|F(
z4|2)}CVQ@!#qa$=KP)8o%X`1pF{B@--`x%IdUYk@U(Vs`g@wbcV(K(wq|m{&Ah<5L
zukop+SlZiOQX=x9%*a@`28T$#9tI$6g4Ml?w)?t_>?a?WMChoCb^CuVe)|XE8Ax}q
z;Z9wuruVLc&Z7G{j8f4%CEsjXY{^q|C<VDYBXWMGKh>>@E##o^0{8sSZ(?=?NnOr@
z%PhcBZUS}#_UF!hHVbz%NOVrfX~%IEVB81O!9n&@8hNxibDo_X1h?T25s7Fj;ILlP
z6#5*2+=o3NwxtN<mIc`$dHyAPPGe&wflBSP|2ESQ@_YaOzELdPr5f<$I32XWC6iV{
z+L%q%-ozrBx*-~T_kAd9x0j0sGbLms(Y^}U^pZDWcD!yf)kU-;s+ui#wC%qZabWjs
zCLez>V4tX6QqHsZBVj)`>wI%+XnaCxh*?cx)&|f!ZonZ1_oS@d3fPg=r-uZ$F;J4<
zS5Im9Fl2fKk5od<EKM*!gk#gxI?iqmTx8)p-xkvh=+Ni3!hlL=TAml$7?g8hA>ZP#
zT)UYhs?FD1nG6d7dh_&L6W!iYN4SlrS#DBGiB&ClxImgOi0JuhWi&M#`3j{j-J_Mm
zlbT_qSa?nJ6T#Zuhz%O<sB~@&-e}Zw{W7{Q)FcYx3w+HaLUamMhP~k}bVy?p)ER1s
z90}iH(W<&Q2UN(hPIPy6YaTyG&nL^YvKvh0<vOgL+^QT@+h47;c<kmm`z|oWBnv|N
zVS~H`MiKfD`C+euTWW5qR%=*A(}tpLFsqp`S;h;#N#+p2KZ}+f?V6h+sNAK?)ws&2
zbp*cuH2wFcI?&z;`wGL*D6C_T+Sz;ZbM{ZC9U4anQ#H<B*{SE8!Rq#QhvW%w*sM|n
z(!-PdA%~<faEd3t^LK`5cAdcHscz|R?0-CZDar&+{2{;Z{SYk3hq(9qbh2|s7y+JP
zE^f{Y;|&wvSZo2XOJq&CqdcvDZWU7Z=T|7x9}^NSQ<^AIyO<`gxF2{Uiqw2;xHAd=
zM1QtQWa!Q=D01OgG2$|$R``vl&27mm>R9BOUS9t)^qz$$!s)(X?7f;<6qna$+E(Rj
zooiq|nygN{L#FyXMkR?u>(^iG&<$<nBW~n9*IdLM-;Sf1>vMw11$c^<a6XT8YW1B7
za0vbe@FzPdHsGhWk*kcZ>J7Hq!gIf}=W<|vzt`)|@+ulHiJ87=ocHrCv?**oIUOl&
zBkrr5KX!QOm<W#GCo1}3dWLT~;HZzuW^{JPiRN{1sxyYM>lLhimq{Bs*<09e=hxzj
zVQIl87;>EX(AfHoQ^iC@{5y}W8hpSFS9GqP|5(9R?Fkwff)Cfi-qzfn2^9(f;!Vaf
z;hRjiN9YGQy>6*-GCoVEBi*iJ`|SCWIbd!<@17oy38`K=nLIw&BCeciL(EF@M7AP-
zS)uIwj9`hT&aIbW)}2V+BB<L@_dV9eiuz-?iL9%;mmkNAD84nNJG?9k-z(w5JSn~a
zvVgyFSir8EJd1tn{fcu(j4IuPEZX%n>s65Rb)kLFSRsyH<B&_b_&sIs)M_e34C<Xc
zCEFs$E~n((Zm3~5-Bg(H*PPjVH)t!kMv)}2JhKwv%sKZoir|kQfiZjE&+41PI;C$(
znJGKY!#yJBO8nH?>g!h%LY3=+J5q`5Ce_l=5qGZp_g||wHJBH+=4Y_{+ts|3R|}d2
zt_mqUl!Pf5x~1!Aq$FAdzNZEe4koeZAT*XFy7WhQDJ?DgBzr8vWF>7JBZ1b|Fg==>
z*lT<5{@;IrXF&h`n~f&^rnFlnZr_aOK+ig*0zS{ny`Fu+H;oMNAplcUUjk{ORDuHK
z{loC@QS=-#k(h`z99r1E(G_sN(Lr1Z8J2pE`s!1bkzN9;w$(vA<w&c;OkN#qxdA0k
z{%@Ld!5N%<af5Rj)WOJ>?ocL28YIw3sbhB0T8lpNRH1zV(qLIV4Fm{Fgz$}$Lc+_s
zl8jSO>GtrB`u;m{(cXg#JYRIw-)`b5_}e-s+sXx&MSr8iQfv&la#`?xQqcJj8xT#8
zOnwsxQN@p=YneicojJE;!`RnRDS#jCL?i7Il#1I@!{Hl<y%%01au9|us=l0K9kv;y
zVNtMz>^NW+$9$6)taY-j*$V~2^z>u`Ht}{`1Y5SY8Np3~|8@i?@gx1NYT^gmoccAt
zs~m`l6d$k46QR2Vo6uU`OVGnC(*~N8_bEPK=8C$JC^r`6zATeN%;bkFhTio<4{-W=
zDN11bm}v-p`S_{X{xNpO`|h*-SypS0U7ie$P^G-V-&2gU4kccg8&E0%*EM^Y^CiD_
za6QD4!DS~wfnj4JSg^aeQn?1!)XEt6XZHI7NZ-fMWeI|Bk)6?;geTTXVaDVBGh8o~
zN(Sit@;!xIfBZG`@3~6&2E-QsrylS8<~%N>fJz@RbWR%0h(`+?NdaFvXq&SfRWHTw
zbO@J7i~}<rlrM|G%a$XR%>KSEYnuN|N>Hp}%C)Ik_(o<qsilxkSRtJfEx3u2+~oIb
zG5)>STC&eXVm)wlluG|9O$A+uu~wqtaQ2_Bsh}I<#26L9<Q&L*^`>1yiXIYEp|?tc
z<f3L|7Ae#DC~r@9)^Qol3r*%F?m5YIFiwYKgL5%+pD<*BU=L3jOAi8Myiz;hQIKOP
zGaGe8&~`YAD3im@GIdjQen%eY&W=K(@YKykV@JAmYZ~X@2v9y?Zl{}5iN1D&SHUXn
zJ*Q(YU}Nf@j$1t_o-u@#IIgi2xJRzFG)rQm=!`zEsXH3N_f$S>2xY>yfd9ES;QFWc
zaXQM*pt=f)07Z$;)y2FSDo`q4GTg6K-|nfSDH*Tl=@-9<Pz+PLZr0aq8?bq|)f*lf
zH-?6u;hAz(k7Vm#*#_@O$hn`Mcp7Q<@n|Wit)a|3!dTo!B3CtZJI@&fcEu!?^u%*4
zH*&kjfcDd9UJ1;)v6S8n%6-!iH8x@T@&YqnNL3Gwtd1mNZt@4~OTR%(YSo9|eo8d~
z(jwT_njw4kJRzw+>x-1NZe#!JHt5iU<5Viug9QoYf1BO^3PJW3kkR1h0Lb|SQl3}v
zh+<h29c~RW%@NDcDbX$OvZ7}YWW$MzKNp6`z)2x!V$u+!QI`3`T}0C=4cwQ7(F$(J
zX-?HUL?WO)rL*q37nC(4Vf_A~22LgnQx)zoSZYa^wY@T#z1%|C0YQ31A@}Fh@gZF}
z20FuH4Sn3DUD-+x&_>$Tx#{96V(aSM%Z(~YAab|L^Bl3XK}c?4KO~=mGTcF_jLHGG
z?0JH3yJ{>WQxz7^I9ZzHaaomF%5g0KjYGL)luDM<EY0BX9iENLAx#W+rEHMf_1&D}
zO%kkN*bP#z63Yjv-{N3SH<|bqhRf~sa}**eV;AUFob*%9Rmy%TRd+~Tu}^NZ6=QtN
zKuF(ax((ptJ?2NE0W1;*Eoq}$_uXb>A69Z*3%eq6bst9Q=O5~8c_1M|C7ih9UHpts
z6i06*41;+(nie*-#sH^u0vmDE{iK}U4JoGJWLK|vwr@CV=@#Y~=w*dRNFAqwEhNv^
z^&X<H?-|D0H&U=tsy%M~A`OLpm)Fwf8KXM-sKbeul1d`J{{B(88Jl>Rzuve~<N4n<
z7~}nRwKV_vqrb^`YllhkHWalMid4J+$L68U8qfG<Z?3#8b(3@wu7lP^AT8cn!?@E0
z;l4l#uq(aXp<9q6{`8k8C{rhL(+H)CK!JO|y}#XU9tpvOmSn@F2_;&c%Z6wQm(Lz?
zVS~8kYeq>}bwJ%BVjuehT2iHq2^;}2Zl|WU&WZD^@GKqTUTQT4C6;!uT)mJznUTYJ
zMDfvn%}Lah)v3>Aw4ygU{+*um48tDaYNabu3(!iNOczZ*=_dPjQJJPA*2)UMY{^Tl
zL-1=2is=j&;mi^pZ-wu&fkQRp@WQ|>a+sRT0b0kGl3oc4<yOHAPTxYcSXy)wFgCZ1
zc|4qK*1H+;L_zl8pxcXWo-t_fP7($Kw5RQZ(qQ|&^DAbALC@x}!>*peHn#j%_QdCY
zzQbV#t=|L(g5F#Y*VT3lUYDVeMxNEwtHSrXy{<v$_cF+>AiK((=BuLwra|W$dOH!>
zT~dC2yYzlx&1Ss86_7QfUPl#oQi>LhSKLEb_Kbr5K9`=0#Nw%|rU;%z{zZJs=gC*^
zaA%Bjq+#bJfkCNzuM36`k&~sC7LoS~YKt}AM{7-~hc^uhC#@FvPB*-|&m4W#C-57&
zTj{7vAmM$`rWm{hR%)TYE;95q&iJ<(swJz*|Aq(9lE)0?OyEp7&Qvc$(+lO1MH-_R
zzMichJ{7R!*?V&<vBntVl+w)NtranLECnSbQn4WMXt5$T4eN-kT(2E=k@WC0*hO&S
zX9Vp@>5nYvk3G-1r}#n!F1c7$ah$-#$Nj4>%}BIvBt>@Gwn*E-?eF;Yc?cKjMW2sM
zn|Xd$Q9qf4g0<1JgIk#^_V_!y*T$<b<}_!J8YxXB<qnFST9LetMkiq-^Mr(_z(m}T
z<142?nz}2vjZRTU0SfwE8IIZKg`f7kf*uPVydmK3Sxu=O<aM;L{$e2x_)bC<W^|ES
z%P8)JBtW_6BO~8lc92ul_q(;|Jf;{*Zppzt7n$U^sE6B;BUYsa_;VH6P9uG@sslzS
z5dQ4n2+4V?@7&PF=~8#Mfe2_aYG|yZ0O@us|2WOJe2bR>zIe*yfpxDR^DaU%L`k3y
zG9u0*WVVM%^k(|gZpSf3of?52`hI6c9U5)&Kf{$TI_OFL;NTZhaX~AGD3eB)t6UNu
z&*@rUX^&C>CSSCYbI5gLE<Pn4a<ZTdUuhcNyXjBR%d;SruZUITxO$hjVH{tX7>z+3
zo||lIlz4ZYlz5ObD-=CqP&`zfo(82a^J6tE?)ZUJ(jt>#`=CZX$HJX}k={k?%64yM
zg}2n(VM3L40W2>>8>_f=#YZo_MrM>&hEs$Fk^9;~5u;Pho)u^^*ueMx9o#j6^@-Pt
zwYVPS>58kgd_^*1$Pxar{TH!a9v>bVF`xumQyjAe6YJiTi@&GH4e6sRmJ&tEOwP6+
zodUsk8me%@q25EiuGtHP7N6=Q{3AtmNQ5y+1#@8cBGs!Jy&+N#6L}C2B5TB=uW+K-
zfgS@jZ`TB0TQREs3+GfwFRJP>gAB2c`S9PIb-D<@QFs<rLJoLEVnCyc0;;oRrfY>=
znLW|vDwsJ|)7uN$liF^9H@G;COuA*?)nV(DD3{n{%ul8LBcnqmXQ56Qy^0*#bq~Tl
zmlqpr3Y+@Ip6Qh&!jDrGZO%aH(UInPWvbmZ*{ao*3?#Ao!Yvx+M?)&nsK%ItbkWjK
zm`M^!;w9O5(7;J3XkPvjbjD|pZ;KJn4dm1W9UnRw_;cgD@3rHIe-Qn}$_+XT14@{n
z;&K<N#eZR$a*(m(8Tq2q*%bf`->1?&#8&wRk*m;0RU?EERbA(8bV_BfL=m+KqAmN_
z&Z+2=M%C#piSzKOF-_y6)jU!3RMf1ihE<`pdQYGcbHh1FwK6M_pJ`kNCM&=-860gs
z&<;ug^`a-mX8r9v9qkd-WR&uG%h6kL8DuhcRu0me(`rJ$+nc)er-(cCYTKi;Lv<9E
zYGJj}Vtts5GUrV)OIQqSMqvWTILUc!@rJ#=VJz2U<&c~I!u;^c3UG9m@ERAr`8%S;
z<D1-S$eq~`K4X$`o*p@}rCh!BLQY)^wQ+0!zS6<gsVA#J_&idCNXw=oU8_Q0Z##0>
z>x-wflfi(~BULR8X(HMfuScw7*ki2|mC~z}jI0N7>!6oLGU7nI*S$t?{*m7crqBLa
z|8GWQ0m(n_iYu2-&US2#ZxRMwwg|ZGc~$k3z{oxSx@npqz`q9cOl~WNVIl;CvQn6=
zZhNkn3&lI`wY)%d^uNcfpG2~*AaPP5Xm~N}$h{JU<M@k>!oe)GA_W*fw>cpq;*yMw
z{jCjse8A?tjBeC6nzS^sYqO@(gG4=0Xd-p;k)B#P*sF~RUep;px%H$GHe4TO6f6mb
zs05x(NBi+Iy^s$23yQSB^gx-s8d*t7D$E7$R2R1=*Ei|RNQ<&V%0wj38ry+!MdSP*
zIS#c992KN5hp-x#!%iJgFM;T@j}%FMrW|F;D&fS$E_G8<an8fqexfp&78A@6>Zuob
zM~?~_%<_e19t-kRu8&n^dMg~z>|!ma${Y#7-m{CnnlhS3I9td4ouyg{@r0eKbj~70
zS}=&z%G$ffEfGJ+#9N<&ijkJY4(lg%h3rWxeJq2#sUfUAX=glMB3R}Q&uSewT1n$A
zpIAWIMB@p}P`J@$u71XF7}9J{ogC4mdQ=TxojFJ2k5rtOo7jyP4LwQqs_OLZHfJ79
zvkmv2ht75w@sBfyX_a7DM>#qW(0WCT&ZYgwA=fKBqbznGl-oP9IqzLCSupudP$>!7
zRd4|EQsa&A?U1_XNrvtS4MU-5mQ@*I#k`}Y!iCZC99+bg_cL*frt+H-S5T$~lrUDR
zZ8ozy<H$cQdrDB>A%%UvSyqzPQ)Le*XeSO=kmtz92e_tIt6<eE>Sw6>-N32M#E}8D
z(ZP3z6-Of)en>mcm*dQFH6S}FxYQx$aj@!%`I*~99T&MUIX*&E%f&}3-B+w5N~^>O
z$J9qCaz~IRY84=uiEm=183LObbZgi4IEYM-^)bjDKsQODZ(B|M>-u=gEf^w`L*XvZ
zBuWJ(>mVYCHSN%U)uR1Nl@tO_u0f><Y1Uy|?mUFGn~YK&5MkAc*!|dfRfJM@ZWja?
z<F?$`BV@mLGBn>Brw!nKI9du2{MaTi;i)ZH;$72XznJ<hiyGE?^*l5P?6no`;3e~P
zGUc{jYTs213R@~PErPD?rN9F`^Yvo*UItH`YadeVes(RH8wz<m%d`wAJRggne8Lfa
z<dwk?kop7OK0)VG!W5$ivu6muFA%!Cf)0Y=W)bppS0?%p62<eu9YiA&vY;m>B3<Hn
z9L>ToGqYm#@S@R-UY&9fa35cg(BNuktEu-S&zR0;xx=t315|^E!sLI`NT9Q<ztDms
zVbIH4(y{<9qSRRPfI=ZCDGo=D7Nt;fen3nnX;|^jr5tHeTqriF`>da^Fb2*P&j+g0
zTffKXtuzCA1Uav|+)}ppI5pyQ8#J>ro4*es=}UiY%MdN{rmJ;5aKRe}XU;e%eV611
zm#Add3`f@k>V)rvrDLC~2)9ilOrz(j6IW=HhYg2y#7Nkmn-jai<?Q$p&U3+MDm5K;
zA0i>IVC%_60qDeP?Uqo|eI1vT3hdH1WVC2w2!=L_$n9i~51Z_1L_XETNtq<cOy#H4
zGBY}JoDjF?0S)D~fZ}Nl711$*A^u_%!EAF`WrC-#QWT|nnQBQ${D(`jTT}wWxtGX7
z77UmGE?GRJjTEwLKmD;WW8*7W#I<ompvY!;1q*B)5$H3n<4>I)H?@5WHC%ih?OWH-
zf$;rB<&64_Od`Sn!i2ybqH58da-IVAr&Nmo8$CY{MYLk{%xRL2@?EZEEGC#gd&7vD
z;@q#k0rj{aB*;3Tb((J2PDeuTVS|sLm?2c+!=<RMTM#P%n&3Nw!~G;%gssVHEh2qA
z^DSPdx}y@^d~+=pZbUi#R-Wm6Fs}<C(LUaw;~WNeL^1@FW4P9lx2OT1Mn8fb6ACf;
zJsL;mvKx9z1a%qvpNfcYWE$N8X_iC!_5uxRNQ(*%nv$28oJ9iWvn)?&bU>o+5dF@f
z@yX$B*FVYMygHLymNF0<wqvMM4N5I!6#)WX6~*#YZgrr#Nm64u28UZy-2l6;ew2ee
zHaYBmJ;E&%UjYw~zooBnb5&lo&bFT9AoqmYVSW0UBOBNJR%NgV?%vppO!V)k;|&+4
zKP~a%EJ#THrDEo=mxpBmn>FvJKgzj8Ja-_vDP!{{;+?8hh1!j%FRn(x!Le9GU=wov
zch$-GegJgjNVj^we*kY7?!N<0quHFT_)zePRlbel2PU6P&b~AMsZW$-p-kN=1?hQg
zDB}GzA&ZKZ$7?-uMG!6?I?7#_m;oG;qFhoXR5+w5GcCtkJg~f+DjZtdgV+(Gq^1AP
zwUh~b!FTlFk0|BD4L>cHl9Qb^xK0kQ>5g6|?87N*<wMf++O(pz31UNnTZ!b6Qp{3e
zQh44^Wge<C_oPaXB*}d8hN`9T2O_dor;R0X8sf~9Hucz+=v#ZRGccnKRO#V%B11zQ
z5}gQeIXczDb8Bb6m=Xc~f+c9_l03?35@B7tu%}U$NT$6$N^rwgIYLa2AoDL}p8~K3
zFmPO$3YH5yZjBBdK|PT1FiMH|FXO4LLudTBLYIW9k~I(pFpucFtPN}+-a;85yhn!D
zJSv@+JXdD*^Z9=+fOuQAfn>%??wp#n+-E5v0Qcc!O4;@0F4SB-L84!Baqkjd8p2M=
z)hQuSiFWSE^jXYz9;k1mbbb{@;HfpLb0*86mJzjbubK*RCT3L*Wx4U^-_Kh&*HfWi
z>FRjXf~>D>L`bLT;Jm&PYw3VqX>IIgC08UH+o4S40XIA-i8*r=9Lm_@Ob?s`-3bjM
z;-CkI@I_3;)>nYLUa451SX?5hcz|Vg`*-g$SN2#{%3A)~MIL^RxXTr&A+T`**yL)i
z!M3TGT&;3JYIwZ}{SHUS+EphAols<6sIjrFE_0zOsY8d*9WauXT9O#rVM|Z!X1EwW
zq(OX<S*5idKAH?oIe~?J#XfOM0_)v8kup);vxS%k4=PWyonH~_<|9g6IY_1tZc4rF
zkR>lSp%QqaRZ1<1<IqHg$B00OR|&-wN)ZbW9PWzRzvY=!;Oxf@YRvXR6=|_G*%$do
zl_?M?RFza6I-CxU8N3P2rL;4JCvlz)vQ>TrB^v~bul@nOSDxJiv<K_SemoDa25I#T
zj)pGZ)@N_IR0#`A%$pY|kzNUIx_{^NtDgli?6R#3YIHO7lp!oPLpVf{?ns5c*i;&~
zIwD<e5D?6A8$co__aF8Uo=^oQTSh;_Eu;L^Z{~;Zm9J9eK!a=w=Mom1wb~jJm=VJY
zki__104YQ4-`E^V2`3Yc-v(7YY{s;KA*fP%iR7=k8pn%T!ZVNDNk@ze(Xd3eNOJ51
zb%G%Sy$!9irX-7{hb!{*ySQ9kPRmRSydv4~fwel~!{xZnL>-CO^V@9*L=gf58UyCZ
z>OXN^5+bdJ&1$8&at;1bs6TjmlI8+4;E2@eZuFuuhWOxrJKWSrhmN{}%)z}Q6kBSa
z&>qMuOd8qCH|oPY^rkJeXNM=j`^AHox8yM*ZpNJ}^eb3hHMf^(f32%Q?_T{HuWc@S
z`H2n5afY72-I+?bOl%q_2TssPSOs-a7DvsM#rVWtuEo>9wm$T)-q#~LR)5l~o{i)@
zrAaBk_0kr{M5p>;Ck@8saZiJkFnue{qFKN{Frh#ni<?sG@+u%jb7geFbhyoj`trVk
zz3|qxm!p^Zjc;sxvu8WfS%XQ`&+u3ZCz`;?`%#KrKiCzt$ryN9e)#(xbT9cObxoGl
zba*rx1H9CSf_;+%G-3;Hkp5I4DW)+d!MAjPI~Zze@)?D-0$#LQ;ZbCDSDsM%^`O>|
z##HAVT$}OfPv-d&bxG~a)#A&Je`3N!Km<VRL4Jf}n;mDggbXJ}i!_D!)*+Q!bTNg<
zK`4RCaUlI-cSo9sI*f*~PF2ak6QN`>DHX%XAS$#HqMx0j7y&DNXb(?ryPlK#!M39y
z<;x`do0>Mfov=w6`Oi4Bmb`?XvxKF1j>b6UQI=H=iG7ye&_h4|K6dB7>GHmIb=bea
zVMoLdXtTUX-F#brO4>Uz-i%wikWhWwplUtWjj$*O>+mps-^@Cv$CDQ|1@q+F)rCT9
zY|(NCDc3$lfN^VbQMVZ^2S-<$N>}iC8GLU_CA&}8Rl>;q02`uS8N_GVVSvWaG3*A@
z!dW&tpV_{82=`aK$)Qqb2a316g~UqqvmB&O3;rK2_(w3ybvir62UdZNB)|_;>*0C0
zU9UexXzlY^KR!DfF04~v69qq|g*{*SDddfHKkbc#Avdn26g}-hW0NbbH5CerK66`P
zC&_rCS*XkTZ8nYEwUO2cE_R=8LH<GML7eL?g)j%Z)HRh#BQL_!jIw0|p)*{7rPx`_
zfpxLw>@cI+uN1p31c!8)mcmSvOezT=QUHH@NozGm0rYR=VSPo7lNTM|CZKCIg>weH
zYS~zW6qS@{svSC7b1aqqK)wZIGj9$voQoSd2P3wQ{%^d8?P$2Zwc+Bqp`>^4Cfm|-
zjVE-O&6Q<dm0A#MnasI=$jI1-kG>tn=u8-*7J^2*q&#e1lMiVsZA3l~PC64I5z@R7
z4OdR+4?oix>(QOA%Gn;qJ(MXt`zS}fe-*NvYbFLG<?KoR^$zevN&EJFpox;PL2z6O
zy5B3+7v^|D5x??Vr^~OgTIajsq~}{H^2VJ$er!a?`opQ09bmex!;Mj0(Rx}GHJerI
z>V@C=Ctn^}bi3l^iQdYqfv^m;De9(Kq~~$B+n>jcnhG+}sGv(-y1X5tR&C?ZYqFA@
zsO0}0Ssh#6m!JmPfO>7qL9@y6jv>hKyp^I+U@34}AendUU((>D5~0jPO~O)0*HvS0
zqfT>}!~y35;WE7QDu4dz3WtZ7OQg@wu(q~*$a#Vb39a5HZ6Uv-foN`s=<gu{0y&nu
zSQudjw9zYgc;rK~NvovqCs2vg0FQ064obfk?OSPB%feqLa#f(nS65Ol9jpMwQh_*9
z3ao-psEJqckQQ5K@%G$tNHkYu%{?-YD3zHBIToNDGSe_(;$~#2LkUV?O(kh`OGl8<
z4@`<spTYRB*6ULFcFvBLi&QuvF<OkdN)IjBNktr6L7D_P(E)1(VxZm1FSVT<oTnoQ
z5g`?OJqdK@Mob@0zdMse3(aLMsZzeOO}p<xk<P`-3+n-H?wB|vZT^0n9g>_57vg$7
zY{Nk~$F!#CAdLRe4>u|k>8-*YIhA&baz>1-x1&sOg*_hkq{MA!9hGfl{cVE<F%Lyx
zvf~Evx<${pwTsIx%whcL1^eYUCD-*Q?N><b51E2ICpU03uER^_z{PE&mU|j!LH|~F
z<Fb6kUz4jdR-BVx3ZU=Fu66CTxYQTuh-AHPYZuv8d`J#R6t>m7G+`V*jh#%K<NQ+G
zai{fg##VthT|&0Rv_*0!t_q9I@WYHKl6d5YA(lCrxYkl5T)rGfMOwhX4<q9bWQ>Qc
zpQI94A)>SCpD1`OrHmpOPjEZDJi`~@MWKrXga?3XavLJ(I35Xgtfin+h=9-#@)a$1
zsPJ+0if&__rEDUI#UuOVHUc_5Rdm91Tm<jcMh`Rk=n`(9?gONM7ijh7_teIe8iX~8
zZh`2dYdk+@&F%zJCsKLEDCQ=Msvx9B*c+S7TKm(YS*K+v-Mb7Yqa2;ZGd#v@DCEOT
zUZWiA6`q422rU8D{CAe54!GkvWg?y#Y*>9(bD|E*ee2Uqdush2quRS->N5(6gZBM&
zX%44q;mO?LW^`E_g_)|+6xRlYW8iDx$xmFnj7=CM`;i7=cd8901=Xtu@g5!?dac2j
z2vcWZNSK_V4#Kiyi*}^F%&&0c(T0+86C20d@^p<*y@_>r&ogw`;JJ=`R)W801X{T^
zpYYsMoxcVVF;MIME(wu1qV@K#)fA_wo@H0Mw7MpJ1=jj9VZ!wY*t=k0zN-6k-Y_AF
z-m?c2EW`oGBUU|Lb0Q+7Yoc5+uKIAg=?Nh`Rn9(va>TU%L(@4$Y0`vAxQ%Js*0gQg
znzn7*wrx+_wrx+_w(b4?-LuzqRj0D@<Qp0B1SwlRtZ^agTAqe^SA(-=XX>ccz)TDd
z^s+qfy*(3<Yh$X&-=QWU1&j!AdsGuV>9a-o#A#W5J%>QHoCzshB+BBymQm1u@ANPM
zMu-a70_HDGhO(0LWc)uMr{JR|?{Ik&hNQrOWZ-ZMAv^<-IcbHin13RQ1t5fjqN$E8
zIJn~nU_zbs7ZgCq>Oxu65W&IQ$j}d6OI&|%hxIe~nE9II65$CVOAjSCKw0Z(OsL=7
zwiKck?m|7AWTo38x|VZlFyXX}+n99eufj)Ptha<>sALaQ`y4Ui6|-;!))L+JD{2v|
zs}UuNK>ebeNQoaL$*s0wIy24kk|w6!1gbSyT%Tx7$#+!LBBahU<1bd0X3opvIs&PF
z+fSTrMT>g%X@*z|0f(HWKY-OTg~Rs{um**0xL`Lb{F~Xb{W`bRhz<FQ&44-TR76M3
zO`s1v0kEmIL#woJO8!Rlw`E7UnPA<nsf>h8RC*5#qd5@crI%>3n$Be9sbc@0(C+q3
znNE;3#NIKCqJ@ZH!!~qY0vxT~md5iX_LiSI(>fC{^latACcBa0;a7Qf`{ornD7*I=
zP$P8gmgH&Hx3JJ#U~#S~i<?@E?WArik0;b{K1fXU2c0p+gx#_1`+{K!qr9QDML~8_
zF+ujEOjMnK%w#_VQ>*JP)7ef@eQ^y38&QheAAWUtm;kOtS^5qPV(+JOz;DmyH2Dps
zjbwc5cZvJD@bq2NLW^IAsJr;``yyw9<RDCSm;<ix4S7=Q3;f4aQrbPW{x&)U1ag4k
zV8ISWLNe{15ciC93X|JMm=J0qF}Xj~r(5q@R<mY6$t;W$k66&#45<o0))NXW5>Z&w
z1>~0wydbMUL33l*XLH;TSD|4#J3xV|8x5<s#cOiK50hkRZM|qB&wBxxH!Ua5AE*!2
z6K=T1TG1~>s)a-2Pd1gU8o`(aTxpAYmAkCkUnE#o$okHtwU+g=wKG5gjp4Ie{sWQ_
zsuT><7wP;wudpYv$yf@~dU06}`s|?B8Q-hUzn(>1fFQdVU1NbfjS!dm`c);NN{y})
z2I^F*0E4F)=W9-QL&cKXO^*p<Ij(Dmjee(~!}k48t45H0?!N&wVA=ia>FuM2#9Dy~
zJ<$BJED4&O-;L>jguYYYDgevjJh}R3%$z(@$SZ-fsAL<g7gl}0Ja&+VAT1!ydSmNf
zHq~*IKQZ4OC<8Db2c&-?h<OOJ2^J5nG)z1-6d@Cdg6Q5D#<3!zQq$hj?{VT|YuYhz
z{Adnf)A|%gswxZ!#IEHv1|#qEk{!enC6nlNN?gk<`H-Xb932%bhLGL@xq^AZRT0sE
zwcimCncQvo5W2uaXCj(7{N&P~W83u9Z30wvcm!^cNB(vpw-P-|MwB|DaNws$wM|7B
zLGHI9P08d)U)3TLloU?sxlhOW*F=-Cg2Dm4?h&hw!ONbMk{Yi5Xt$dFTt=0z3A%Vf
zO*w<lab^-u>m_X1MBhX*p@Sk@*|_jBHE51&j$+Ffb8R+oh9%&(YntUkf5F&mlC>es
z(y}s-il@<Zqjt!pLH|jaxq#_@)_2>i+6TjE^O{3Y&Z+A8WZo3W!cMk5)B~5%mA`}R
zELvhSUEC=6uX|Px6RIt$ywaBOty%t=SK<*YtDj-}>*0DQ^44|u2up^PI2rna68W#n
zQ-XBCp?d*AZL+~+@^_#bto$?A#u!QkUuiPe8|xT^1n86NEl|W_8F>k?tqwsHRw=Fl
zOzR_4U-14d5$ph@6TOxaeY<{yM_EuKNwH|cuQY|6-w_@b(XSe+g#BuyDFfW8Q!>mI
z(k|v6&Gx=UMD(|0vtWo?!CiZ6LzcFEZBVgl6^yGDJr|F-=(%jlLYB#bU=;Bcz9r~$
zdS(L91=@p*wb(90{+f965KEx(cNncGX!YUNwVwx@s}(d=mz-hzL8kEcETRwrUTa;P
zDDSYKrB$T^VhJ4jU{DI{s?>?1$;4Xp{9<&$lYWola{eSbhOuqRL#smaIb!(Bs4iHa
zgH2q1IVs_Lm^^*eOm?wu+0qdx;p8I|hcx8{e@xJm;>VE-NiU3*=GxXKq3hKJ2186a
z!(dk?h=@rDy<=TkCY!&6vqKN+(2JlZ=QKi)i*G6ViL%JTKu6!=HP`34IBnK=d}+N4
z5^Z><Hj{f{71SFpl7ZX<R_n!9G~|p2Lz|bO8;BtKY>K8a$pr)y63$!ng&DWGKlhQe
zz}{EMP)t|uHny@wL-A_XCyM7tsH+OJHPxd!D-r||1YifQtMz%6#|{Qrc3{S0O+4T3
zd3>(o@aKx6BHd48fPPUt7R2+8?d)hY#rBi|MwlhUji(4`>vaCicA$zw5jAan^N1{%
zW|bp0xv=2>MAmp$lmn!IPIzt>H$rxtK(X{fxq>~Q;)jTlHm=DY#<9N!FiX%>qXKx8
z=H!1U9k9?cGZk1Pur|e|hPCVaHkoe)>dikwac+f}r!*%Ftwmbl1B18KfmkD+kXnH}
zp1F$qY2iQ9Vpd!%72?WF-XlbLS0Xyw3hNvrFGmF_eN_}r0*ezG*-ldPcl=8kikq4E
zd_l_}LV4gEAV3nrabUBsxiIMCGBS&cNxUyVDZv?r`VfZ9z@UL$giwIj?h)BhEU1zF
zF(<R*gOZ?`=_Ffe9OMopXbqY3wX#59x;mn~+poa-?d$THe+HZ2-dx~;FX6H5P3n|L
z%$CuWnt*L_7qt#+YV9Br#s7-m;2;a@uFH-)lk-mDHVFB;>t_LXLRZ1I++P1;vJeno
z-aHEeV{e|^DJD@9L95=pOZet$RRKXvm&q^$Pt<PVUD;%!;aem`*7qj~O+BwjI%Y1J
z5AP`JM4Vsc`qHC}RNkDKC!7n>(1F&Dyj!N#>#3?S+(I-ME`8fFwj593$iIo5TDY4~
zAA|w2L*i=*8o_Mi2>fPO?%Yz9@T)h^uRhp*i@a<JW>UZ#S$Vc+t8&TSlH^Urj?B<D
zf@rw-0>B>_(|=**o=-OF)o8bNg*jt$2>l(onfqViYWsWNl!U?7QACOu=hpasA9d5e
zAxMq2J5A>5#&{16CV4R>$tug)tJQ+aqMfyxVE{!Ys+v<30LIHOG(qkk1QLQ~sjG$Z
zEl>AQ!2o`Kt}K4^k5cdo2}KF$(Py8-r-_jwgOaIOw4VGuZ`g)<@F0t->R`Fn1NPZf
z7MqPS6?l19BtV}sd`ejQN4!!ORRS7h+4LYV(IAUuo;idO2dGS>z@=7--;y)xj};|v
zJ5!PX8iT>|AGVAWA2QEs`v`UP+VHmx9`&w2v9H_a_3(SvqvsWx{Vgl~=@(|kfH=L&
zZ)PD)=C={tE_M&C=yVz;+8vk`FJ&Z5)r8hY;`Z*{HciC19~Kk`m@2rnY(r2N+ACqk
z$jrw!4WsxG(9T4BCKFcwSnY_lcmttVExJ}S828_IN2C%=f<md540e7TdAB_$F={$T
zLzzpJjEsSs0(P#np|Ft8t-g9lt=QJl&d(M-)qL<Ej8EK<E2B<><)>}ATSJ0VE<x52
z{YP_4A%tBaY}zxKWLOCG{k2*Yeiv{s`qyyO9Hdfr6+s{3Ta$JFtdr<5|1ei3a456>
zr=N76xZ5*zz`0U}1$qk*{SYEzEc+X=)<i;qRVY<eSM{yTT9>EyTU#J7>Z8lUZUQ%<
ztA%$l3Y56t9)(!Ii9v@B#C$J`oAgTvivcSy5u<UI{1e0tnt@;o$RTXGb+7=L7#(EL
z$IT}a6Vz{605eobkn0vJub$O##YPt2-sVC>)ljI1`IQW*xSo%wYLmZ{`VTRj?JOo>
z7zquOxjpwNupjG!{@J=)6l#jP%^MK|8GK_8Tr*)XU>Za4Ji-w!I^49%Iseze4b@{s
za)$igYS5nAOE`8p@+tHUDwRUx(+=huj;sPbix~DjMyYL3@895<@B{~N<0w2%pIOA*
z5|YPAqNS#mTS@;}Z1P}{)IN=kn}m>h!5v1r$Qmp9CYHtrnYko~`fzT`Ff}DEqDwj1
z06OHsu(J(mzKzuBl28N!EZr!T%a502yERjn%F5K3mmPm$HRCm%t&1m}>l%H(BEapW
z%1d8HNeH#|qd>DoLt77ULi%{)nl49-HL}K)tJ?HD6c><To9~o6LFP4N{<0WakS<_e
z<UQ>yBhufoAcPnEtA-I!aIF@7Z;(ln>$DnE$IM6sM?+e>CiBZV!3<JRT%DZ4VY#Od
z2UI+Yqbx;>2^vH#G!9k_n2~j>OaJ$pK|7-)js#c)R(hbasJ;Kpua;l)To}G^Rr4SR
z7A8+ugEYsA$Vid?U3=(czk((jz@*?`lfukEomhgLQ~(~D2>rcd9smA;NO2xz0^bdW
zv>k~l5x5z)UL*~@B`~W{Npa;51rQeEbm-1ykqY6OgMS2M+#W~aI6NOB=ePxiL`rh?
zJZv3kLvWUfQyh)ACzbgeoMr2}Y%&*yhJKbYIw1GhtteKe>Jhyw!DjWIg}+0Zx24QT
z@c6#8nL)O>q&U>=!TpP#Ao}!Z1Yo<Ki<^wbBPYU0>GfoOIi`rV7X@{dqsrLPn%Uac
z+gzP5?~xomvDEcXt-7dC!ZkJJCjmA}q5<?7(qFbCw)fm*PJ@9kkh&B(!F4EXXdp$d
zvT>#9tj?J95O+iUD5U_qe1~NU4SbMzML!AjY#I`Yn4>iO_e*?#VH0~7DJU;)?;aW#
z5Zn;L&61j)j%`4-CAnO-`xsFe!*odLioSa)tUttiQRJzlJXkiEJpXfFwzwBn(ulbl
z(Dvcc>zEpZ0=qpLOsg>Af~Mwz#&S9}#|->yKzo2;^Z+q4NkvtafZ3)TW=gYvLp&2D
zZvBK|E_isxFtY%uJp^LfePC(sp?JG&r8Z(6%7$TJ4z6_mJj8CjWCp5$@x}u(spW8t
zG=!Ut7Y5W0V)8KGVHFXaH-=~I(vgZKB4vLbc#&|t6+9Y{{N>s-%lbAj7=(?7-74r2
zoS9lC#LNi&aGhg3)JmDSK!pHR4>F;@8aBTnN2`tbSf#!*tzRP5KGne-mM0hXgCmkf
z;7SZ8b#+4Ea>fBBkwz!^?aw@fAZp6(=i(1xnDLb{Dd*EkEOm(_3OtkN=HC?I9zxss
zKg7mWHbzoOsxJqXP%dTU0ggsd2$D5Wj8SINcj)#U<BK*&Ol{fV(o?_jjTK3xS&PJ@
z@Ap$QKbXae*^cTvidip=qa%Aymy60NkocZ(8a*H}>+r@pQSj9qRc$Wl*mL2f2A?!;
zdV`qkEdm-f6p8~Ht)3CmTD`zn?OkQRtV1IJ|CTXVPS~1?nvTmjS=v+%_ex0<B!EP?
z8{mHlC>6WScA8l;Nz-}Wa@(o(KB8VMk;P$x!vPC4ToUVEZG;mK2*hQVWLog3v5y`~
zhQ{^8t%I{~E@}o=s7W@fDe5^0qE{N1VVa*0H4|a#=obhRtxF&*_18C#F+DpnE}+zy
z7&p^8+hdIB&$juoR>GA=Ni;%9g)gERQAJ?k$Z~Qu(1@PMG=o-sNE8Fz9ZZKCaBdPy
z{TUU(BjWgj2)Y87d+Wd<%>}bsZ-&6ZJy1nt_hsprSHi<JLmq(KAbs%XAfkd;nOMbn
zWUUD{KhN5L8<R*gHL;{EMB&PQ08BU8p#vln6#Jw9Wax6OUR$!r=A06_uJP&5zuAF{
zWf%waaZ)GMD4GLI^O>jM6y9l4MG=|F3H)ECZJ8nBiD$?#xAm)qPJbh0bisgwd?HYk
z7ix$z2Pkpf3j>KO+DS?!<J%FvFAAYfnwB{j5Pre1AMV<9)i>WlWyv-i=J7d!Aq&aH
z%<ylYDWZL0*SjE`iw5J^jXbwJj?ijZMO$me%T~6o8ah{XdY&VWgaHtfRqFMBnIN7-
zww3U0-|a7)SYYLKG3%ZluRzFon~f!o3JA7^xwx3zzs=`tf~U1WkswyPmKabqe?sWJ
z_X1()PN^v6)%0W{OSkxGv^|be_&@g$<oVu=uU#E4a5p<0x2yil{Q+yXXq$7zM1_1+
zMouOo9OED4Jk6L6bbQn1Qn?SQaPMf2wVtRR%#9%s^`FX=8W*Zb#w9<+CC#{ioWruS
ztLkJdv(}RSW!Bh9m@*b^DViud?LUNR&$0;_8x6UG1*t4Mbe|HD!5K!0$#1>p0P1*o
z%IN{mZ4w{8)e%JLle0$?yG6(uy@_RcQv`b_B%ob!6q}p4rnRpL)yLjR3h_;Zm;_#=
zO4MgHLNh8SZwRBOIc<s;iFsRqnevDE0wS<<P`h@>y<R8E62mvvae7`fNmcOHAZk8n
zYP({)qNa{vk<Wg)OQXq5M!ASAVSp0K53Pw<%mBhZo3*JKT)HH>USpf+w4JlNg%<&8
z<Yk>}W|w~Yn2)yMRX9O3k$Pe75LS8@hHDT5E~xjZhJyC4r=ahA=r}gncsNnjR0BI-
zjoSu8@)USSXwN=B*70w5VGNr4*Mu|tmuHpV1PR=wfkBKev_<6r>z!nI?w_udhK+yZ
z8bKk~`VIPaM10ktX0_Vw3v@xAnX4&c-;2su9|O+Q+heFTbm@y(x8kih<5w|ixL*ug
zslFooKHrH-#dJNjs>LjFkSYJo8wxJstplICko;v4b(H=lNhjLg`$%*?d2dr@+jp^U
z)~#EvyZi`S4YtMrQDztOWeK8jEQv(GlacH1080vLa<;Xpkz7eXaNTO3d^j~T&({3R
ziVv{%n4svHcRPuqxd}|*+%t4tXj3^_oTj(SbPu+p4V~qZF-?YM*Pvxk`Y@oc#eg_0
zh{-~bfdMafwYGYl=#q@UmRkC1*VG?}It?=uA@V>ske!8rok=IDKXYfQ6buVeq)E9H
zBza(MIlGQ;F%Zw5bv$Ka*V+={S4Tn?_<dE|n_nTD;>H{ahCO-^yoLd-9LT<g9hiPO
zmC3tGz8)#R97*3?q+6TWIaCg)r+tf7IWGeHHF1<%Rv&y15{=TpN5~V{a9UzOl`0xY
zohFG+tUHo=SbQ2V16>kL|C)mqAB(br`HH7jo6zdFXhgzb)&}>lE4*QY%lz2W06G?%
z1P&M{!LxmbO+#byO4(JDJajR(D=6B=1-%;mZPEKF^xKy5BpM+h5sdU@X&NOGYRks+
zylvX566@HsYoS?`%b`m8z@EK--8?OCf7Gyh5}u6kO@S}CGMbv3<M69P9)NiHzwhGy
z%dC1l90N!xMPcKZTMoG_7LINj!d$!^GLThh(HQ_I`0Cj-H{N}Xn*lONvs2n)HN3n|
zw7MT}xAFMG_VbDfIz*MIF4EONnA3`mo6n8c&c~U&UuG*_?pVt&V}{J92p;be0kxh(
z?>q);hBFE{76Dg&%9gk_UFUhxEr&x+v)aj=Dd@iITEDN0*VNr&+1(aMZun1z^_(eT
zVmud0e+j&M|3jfEinmVK^tqD7GR>&W#($YUzh&5(SsGup`O@Tp(+{7stY^|5@W{Fl
zo07r$5i#emP*u#S4X<MLp^#|GJY0JU9;T$IM8dBcS#!W$7<HJEi3A)BF~BA!5VBag
zVTHK@qSyR+K-+A2LNjR?xR@~n%`4X30~5J#<q4@xpUGh`W1QGzxDGDsR0HNozl&&!
zg-8=8u8x$6Ze^jy;dUrkoKQbyD%4^`+;b1;1BSc)+TVlmGs+oRK*Tt*hFL#eNP(Iy
zin}|MRWTPS27GCq=t3~NM6u1IW}FJKatU89Dg%2T-~}P7fI6X@O#u%aQOP?d2Z1OZ
zX=ku+9iw}wkziMzGv+X684>kjPPM#6wGBBNgHkuE2_UIr6mW3{41oY~Y5i{4;&Rta
z?=18$axWDKoP<Fk2)Mrop;AnkZalP!*|LwXYIHQD`QVt?T|6r}P2f$>M*s)a{nx9F
zZHE``3P35(<}!cig!No7|F}$CGrQ*Tm>}y!R(w(k+vU&)@BV7hcI45cHJ|h1|4?b^
zf8U$XX}W!)!1wxeTiL3+>9P9(keff|<9u0sL+13Hj;Ht@=Yo1~^-8DG+dmG+la{n}
zxCzfWp$}_s&*{Jpym!wM^!Kcy@O>Wdem<UJ0F=VPm)@TsKttfRje&rT(^FN)oM)E}
zmq~>n{zwcCh8Rw7kmi4f^s>&;kU{>NVGO-T4u}dsN1DTOmB!EK3IA5h^g|Fr)Q$HE
z_jt!u%f>eV?Z-)$OX6>b?9uXeAiJzefDtB82pJV_K9yoBfg?a7AA~Pdb|{y3n_i@9
zNsG2h3$mg`+um=?Sp8(Wz181VewO$u+?rBHEUq9ua-hwbMzt1P-`6C?&ITuqu^yG)
zaez;*@&`Dlek`ytf<xGnDVw$m>m^@66<?wY%sd0NZPlp)TzORK7srJ>7~VKd68y|e
zppwz?x%*O4qckVS#$9(jO#bHQAF%hY@lvTF1rD5lx^xW^5_3G%zYj4RF)!w^(ZSdz
z|JgJ$96Uwl6ndl5L|@MuHKUqY`R#<CKD8Kq9Pc*DQZ}y#MT9uup>S{0*qXd(JNnO7
zTk^rPxo?Pf7bVUWIlNg=H={KVlhig{5~s|j`S(I}QnS{{g?ld@0GpWpp}7qcT(4zI
z66z$}+XP93Xjo((3}wX<26jVV-JKR$fpyQh!MP_!LR@L&(VJ*;O{CRT*%@J!vui&}
zW%aOaKPt*R^GON6%2!j-cD@rm@qNJI?><`4d07=z(_?CH>JnMu?Qq>JAz5g@KBG6G
zRPv$r%mI^(-5o$>Ef*xP6sD?_=kFSnmz+s&7>yn*CHNRqBv`#DQ?XLbdCn`9%!wHK
z?{iPv`5r850g|roGr5TpG^#@%;t2vLQbd*-Aj<}uevrAjo~3fKvN>E|;Up#e_hX7)
z*G~lis2m_@Vv*hi%_II;9HC;@mSIG+%wPp`wTs4(vLHT-8s&w|@gCKS!V)Vi{NDlt
zdp}DM$B!uL0yy2@poWW*xNo`^Q5eY?SG)i<YJl#@M`()dKIsPlLrMnyceZnG;O49x
z^sZ~yX=#j6ElWP*?1-KC##Ra$22-p9$RB^5V0U7?v=b|@f-w~6k%9ErxmNO30gOjn
z0WAe1%7lyG0llEvHZ=CMK!rv~7^W&dXd@1G&~J8QH8dy<gLJX4GFE?$>*mB25D912
zgNw58R1qX)HfXzGZa<mk?BuKRGgY;$!2nGIIJFVSgg|Cl<2>#Qig5YyPr{_pypSZJ
zV`3M^vm;fQEuhkkCGL@7f$OJ?yz;El$k}*Y0bp3)Wk<i0Z=3)arZN|%sY!mmeG<m0
zm<?Pzs<Rn*_vwKU36q72c#I-fd$!GAjvQx)Tp(~`oyoMV7%<b-7WNEVVBoG+`#jX3
zf{LO|2Qulw;F;18QhU~G7lA;Y$HqE199os;gNTQ4Sm@U7AXOR^IIWl3saBMNXs47p
zwwuQV?*n?)e@pXR->+)7c^oE!U5;1<8)`6vf_%?z_fZ}j_1Lr3hh~41G(h;2p;K1Q
zJ~mEASKH<JJwSWq@fd7^;Tt@zSd`{`uLo+C$YjL--gsu$)lxT8;4IxHIafS#I2KZY
z>iXdE={qx<*?ezSvs-gomOL1()JbH@I24pATPLCPtTL}sV#eNs`(JxK2;R7%PeL;H
zRTB!luFOTto0!z`@eu7o@5a3Z|L5%>p0RLH$cA2yBn8kthgcPM0^FQG^&DdpLR6oM
zzncCNQ*05l)QFO$s&N?(jm^)HqIV{<(2(fz^EAc+_?zhOgcRQOsH<J7E?+p8ene_h
z?o%qgktG&B@<}pmOl&@Dfl7@o`c)Q+(8hq{9$vUp=ERskRd5t2F8XpQj2uDp9SR_)
zK~^MEOYnbA1_pI6YOoy$4IQ8u+)?y#cmN%|2Q<L;aokCLttz^|2i7=JMV8{jwM3LH
zhK8Xyq>quCx)+@3PsKC#xM#Om!e>9CKLVpFhgowPgT|9RN6VG3QUcT0%)%lH9wk*C
z0H}88ECI?P0%*x#jB;n948772{4<j4_GJS}a@o25>q#UE@|h~}g$SVhy{4K%hRw@m
zB&Ga^+htO82VkoLS758`r#;G58#e3c&8~#8R_=Ko>({<%&nnBwU7n+$ZL<^a=lgbk
zEWTnF8;@$#NtJ`ze(g#{Z6k}hG%0kAbmV!K)9SbnVgAP%H#^Ro=)sxY%FAp{GoH`g
zVx^L%P$(~-uOmG1JfaLPTg3Ur$PGI{Y4DEI2*CB-gJ05z-4tu<X(f7a8#?!&;V-~8
zo2C4I?+F0A`B-l4G0DrKO7aahq1jb&ylP(YOtQv@o`K-ZeduC0S~!;Ix=Zc4)4Aq~
zw)#WQiIm#Jo>$W>AWyGS98>_Ds&eLx($k$OQ<_2&sA2bc7zK2LoZ(C&CY_IF<#3n*
zhNTaBcl<WM(zR?XwcY;wZ+;)sU)0_;Jf%NG*+Ta-M{T>0lY5rSQ!`agO!3x`YAsW)
z#Vo4oLotLLIJ2*Zh7OL>!v%6Stj?#)SpUuj62@w;OQMHq04TOHn;lV$9#j&&7=9V2
zK6Nbe23Vsam;X1=lD=Z>fi?Xw5{X+SI@SC}T(@cki^TfXj-s%H=)HlXium=pXd7+X
zK2sli2Jm*sou)fz!UYt$Q`Vve8Gas2<kiu$5Yb|$=_0Yd1LXCRhUe0g=3ej)8&p5L
zX4;l#`sJDkYFH$H4<}HS!#y2phK%Hj7oGTKj{|u@rAXDVPCCX0gOQr^1*0j~wa006
zIWsx;z_ISZ$lUx+@U;Jx68$ID!-`HPnadLEX*(387{8M1j^nZcGyh$LJnnlg7PFZg
zJR%#rzZlZf`asBJsT}v)VG{iJ@T}P)Gh1JI(oN6Bog2RQF~A`^L+#5b&Mw30F{_uy
z^M3m9{W39&cYlpVyx6Avy#YGw{StUV;CcEso-~^4@ct3Y|4oP%d$$sygI`pwv*CK%
z+4I@b+Wq$T=f$G4Q#M%hQSW_$9*`T&_3L?M4s|?&9MlQ%ec2+%_g$5#8JzX|evq5v
zu;u&jnv`g61#n&|%!Le{^#ycQ{M^O)WiuK<+)j%69i^zv@c(#UF2kVHxIeF%6+UyY
zgu!OZ0;OF%bn<EvXNncovJk3QQJMphf58M272S#qx}nC2Tb3*y$WBjlIE_+94CZLA
zE(WhpQ3R@789wXIRlLEPW4H;&^Icl`a87NnlPJ)k@cin_qpeaULJ#-}RRcRUZXuKY
z#b&bLh%aZ+&Z~-tif+s~07Z+_93BNNvtC?c%v`c7Rg>J;2-ln7O7{;Le+pPijI7Vl
zzGb7}pt^B9oT>hRU8p1341s+Z?kd<!kjRu6-B>PkJN;uG8=g#pONowAd{O3gfhS_9
zV01>u0~5pmRNl%Zt{cI*0<!Ev`qku4Lk&$g&DbB_i90vNyw9?}N`R~14Lxa|y~Gep
zjet#a^mFRs7d?Z+3ep@iOekuU<miquE1dkE#n!SS5Z8r`)T;*3V)hJ+RX-M=wnI+B
zu%7_y3W)Whv1t>Y$^kxt7vbyI7J+Z;>?Kw$1-cZoloNC5p7j%v8Z57Ta1<Mmla%tk
zz+$aN!!snoJCaJC$LL8Luud)-jH)i{N5{#v7tv0F-{PYM!S}P`#!WXINR~V6;m<Io
z+O(fxKV;8mZ70EdYUY*CXA4CQ|49kBJRL5h?W-32_7MpNF0)~D%U|5rXNcdNB|kc`
z>u2jqHQkSi2gnhk%k(VDU&Y+D+PN$d(9p8AT@8c@>Sfv&EKoB%7iJkUi=2Agq>8>a
z{Z`a|Z<8OhU&qrnSM6J_R<c}q#`hf;$GP_VCR#SE$Djo19xq$7zK26MHoUaWKi}LV
zZ-eoE7t5}j-=n2JA5#~39?wrG@~cWN7A#MbCBz7MsrWwD-){76U+Wk6n>TpeWyF;8
zP#tpwPLDGf-ZyS=@w8|*rUmavJsGTi<}7X#$&^3$^goU-TW+0g9LE2#{u53oQ)!Jv
zD^6J=yFRvVMx3u!GYfN{x;1_g?k|S_D+k60^`1NtJo?T3X#$I&8xO+wtzQ;Yp6g+2
zZL|vyI_uB!puaHiCpXmq1taE6F#d$G4pz-tq5h3?mrE$8&m@~spjhK_?U^7SS`6%R
zf2IGMmB|hVq0W(duDx(|zG}@2#0gW~0UQG0S|-n#x<E-nCXkU@J2rM&U!GS2^&q6o
z+uSR678m4>7<Fj51*mn?R*$!^dAcp0(1vCirxugw@1E<1$^T}qR8*3zX{nkiqz9Y6
zBcY%hq@*EiEXEhyE{n_?X;Z4%4E4fvefcfJ&1LxmC;c6z3VwMBGnn=RQ*%ha0(8qz
z1bcd2)y%(Dx#9`d^+Q&$$RpAY3lmI)Hp8ykwxPwq)0Z?s1)7+guw4rJClD$|#bO&h
z?OeX(>$()PT%=6LL0!cND5z6#SXUE!8-rC7sj3~NqA*Ye*8bulPU?fl-yc(59%1tQ
z=CX#(E-gCPz9FwBLV6$IWs?Gg8{<W+B#WX<gpZF~ta{zwA&}pa)0I(`ne81Y<1I^9
zCzoG2&C<&r^fR3w?RL2K-`SmfjaPhj#KR_0lRt+x57!-+y6S*o-rdH-inYA)Gj8kl
zuvlDYZ?oZ|!LNJ&`vl+pdrJJo{s_+A%W8t(_dQ*OT5UF+k4;e*&vGmHDEN*vW!1K`
z{^5k4Hcf4jPOUG7ozG?Gi+<+q5_rRU!*O9eP1j>dctVo2C9`8VnX*cuDf1OT`F=kv
zt=Y8gba>fzIuDK@QLE-LKW}oP`*_RwxFPT*WBXPBVB?a+eQ!^w><pH5Q3gAxR=_zq
zf@1JLj$CY>IT;etS*<LI18RFIH~RQl9Nx@i2p%36AF|C3+B7TxcGoa5x1UQhe(qg=
zP;}Y`w<9i*Z9uwFp6iS>w=)(J)2UEF{0w3o!V<^^MZrboO>SaExEn%N1&JR{-Qx5*
zSx+T|R}vH?H8nmgg0_dqV)gfEMHn~*2dtoYpts^ZjmjuG^(FV<!aq%*EO2(>vY0{8
z_#}ElX!M4<H`l>1_LIyg4efw6#%%^uQj`%3a_D_zZFAFux5&GtAvt(yvXun2OJk<e
z@LT6hGFe00>2(REXA4u_z{Wx`Cp;4Op0NdLK#{sAnK>|`^*H5pR<I0KE-e6z6)aEJ
zbIc~LgoWxB=6LwHf-tW^6wd-m+?idNLS9ZRaRMo6oH4?QpOG~&9qKulY3vSp^Z-9V
z?4=A=j0Oi!l`d`Uv1lV}v|w6}ST*kevY&6M8*t=4-5Jm3Ty&!DNV*ls-<C?Ut0GuE
zH}uQ6$#)p0cvuaophZGyxqWx&l}u4(<=C~u`!4eF-;gGQ0$9Nke+T3hyZ30)xwB1y
z^aZ~%rqH!-iQd=xc_&@lPdk5ioAEZ&4PKGWu}f`s+k^N^VBOu<`z`%8zvcZ{rTphr
zrl^(O`*HQp^T$EuVei4Fmu}C`(#iL0AOb&LL~OHUw^|t|<C`7V3tL5c+vMv(&1;|Z
z%XF{9^HnW><Kec|_0Gf48R+tM8&ApI?!D;!W3q^rmhHK6axcWw#*vKMY2Lb)+-2Qh
zI`_3Z<2ZE^*&gxJQSBy+sq>_U*;STI)!XanHlVwU+m_enaog_WOt-NFbD-qzh~VpV
zwo=vYbN`-%LN561oY5$e`-bPcI8D9AxS5N0<fqyW&*kd}kJ(~j%+BYdwsq_Ib1Fj%
z%ta72DU5S1P0#mmb)Hs!R?BtdQtM^SD^Q?CnLt-C=d4slmQG`UE;pub?f;f)+5zLh
zy*DI*H-qcNlN8{T$*l*Fzb`K%5uia)9z6}iMxW5_5Uq<Kv^N~ci`>Ou6KLck<PL^d
z_s<7Cg>xo(4D#iSnV|Ch`?L7Jn35X&e}GN3NFn0((R9xH_<>1mDk6?(7RC)ovK-XL
zOr<SS8|P5Spb#f5vuI5;oD0{;4>fXmGZIPcBY_0hzta?vZdqcNrf7^o@;K2RSpFp`
zofV6u9*sDdLW6qYF(D*tq|-QrA927kpzvxfn=O)ML<%k`f{TF}AE5y;dsnIstCkFn
zAWwOVe=`0>4^NW0sitgcT5$tP)#|^)X3vLO7XG^u5xDCMkC0JPl)4NfYB4XRb!46U
zg3(>0KsA++S@+T@+1Vb#iTn(qzt-*zeZguyS8d92%vz|JhbQsxQAJYJV;8cKs>`Wx
zl5%(FtvP1X5)I5b>kQ#q#R>#SB<(bh&gCgqSCpnkSzcuRS-$<W65;HI`={T`?$eAb
ziR=6LrIeY+W3rd;9pM7K^~UotHpxt`>t?_G?ph;DeR>M!-0zWHKK}cdq;=<d)k0*O
z&1@vE=XS+|oxiurMuS-|&G3H5ZG2}Boza56wVJNBBGK;%rc&2SBsJ6T?VPXB6n@9&
zm<~bjD-PUG@A3BM%V-p(g{V7{Z>G2R3FTItz9aXlF$nwMrSyHst`yG=^DZnaN;<WR
z&tadTp|;(1n;&1#`@8jpfE~Ti@wyLmH0kxUu=b(eJWu1GZ!UWwp||UPzFbMH>*q@e
zIYMRog=W3S`Ajq3!9FhJvvr5BdFxqg{?;s4<8!$+mVm8l`s~WFY;18end8~~X)MQW
zT-0e<w{TA;SRpA_^A+_NEat$p_`jGq)7DpNYuC};D8bK_o!>{+&S&Uw9q^pW-$u-5
zc<#&F+?TEs04>94nPf7qtrp5QGrj3)iGKh^g$$?ks}@+zw+rU;44+@@&ub7L7nzV?
zX%#61Lw=$HvudG!G){Z4yC7#^rxT}^N+3EX<1L&lzT2^>7CiXNg#o22l-U|bzrwQw
zOBV>qtrd#bI7YxanW+efaC1^*?$YIKBE(q(q*IeJ8&7}lu7$rT(v+nyrRUs6uyl#$
z{@GrGMJ7dM5Dqf9nHlg!KtBgzzODfOMHy;2s{4AoioZqG^c3RKdiV@M%s%p<)avoT
zUJ68<Ly{Ewk7>~Q_4^DnW)qwd3KY;Z3UkzhXQX80rsh4s;{9p4!0BE4aNlR3q80Sy
zIiF8R4=UTG+=O<|7(Xq%<|9<6s6@Fwus*#Zp(UPhHu23Ul}E_%8g}pCF~|2LjTtUZ
zdCiV|%;H-dpoT&Z8CiBp^Dp`Z&I~<)e7@1Gks>s>|0Z-H&2^049q49zNZ5^^=_#I8
zjkoi84M+FTxpdZMtLJJxLvJVLH4!qk*Yn{*L|3+pI6g<F$~|Oy35Dd@f+$2{aT^yk
zH|J;Sls!(FCi$e=>?&C=Wwv^T-=qJ5lwO`j3CYpOVE&V=e~m9hZL+q{?;qbFvY$Ln
zPVeTM+I$qp;Z4H#qWsVfX|^5Os3pQ7V9)H%KmUB2mCI&GbvUjx+j%Id4$E<+3N=0(
z&ER>R<Bz!Jjmnb8c0Vg_0k5t8c<r@Il9|B>q@d5xZg;$DbMU6{Y+qQRqKDs<qE<82
zb2nHT{r1Und_ya}k;`p&(!=i-1>kn76PL7a?0|o+PrDOG93JNX8@OY7T&MgUGKcE|
z=4qrv)dAgR)CNHX0V_24107jI&^#vN!@j~mT3*CRfe%>NHok?@XFiIJ;_ivy0YtqI
zMt_9cN>>y16-HE4QvRe|Bnui2QR(U;5LQ)KkS{}{YnJUxV&hsz;;BSsY<^|<jgm7+
zDe#3val+2FRRb9V$KRI%_)R1#Qzly;gC3QFuXd=@8zODEq&5oZZ5b8|pfey0s>u=q
zQVTS?)629CQ5&9=azjW~4t!eYeSI{iRid0-G-P*4{S48-xiQ89Z$-CYsXGz@V7d@2
zUyNlH_eo%D4Pr!x>dg;ba=SpZg$>62k*mb~NLN3^H#h=rZ6BQHC{?2}^l8~bNzY3O
zhlrJg=Z2z*49QYL!<gGm`h{;zNkP41;YccWzf}DlOZMo}LR>(#ZpT>k4DeMO+J9<j
zYUh@WzHC=Ysg+)0n?ySxDG2cuN1U#7H}u~V!b}zhm4;guqFTF{K6R$)H$SPK;+gh&
zGrX-vm-Vv8$P#-wP6)kBJjm#^hg%G7Ii1o`h8^BgBG4pKvR3yJ>2iD9K25J{B0rP(
zc|)sWhdCkFY$9AzRJ}5c9q&GOh0RCRTZ+uqoroC)(_OYc*-i+|DU0GB)HMChOPPO;
z%m*!73-6tOk{Sl#xjan16M0``bY0g1F?7}4hG*SuZ2BX$3-Y+t=&2e__aIvXH}*2j
z{+)L}8{SVy^>W^N6z*<&#YvE=RiM|yzFs_2QXKQOMYjMJ<A)ACr}AbF4+3wOH(+x^
zjz~dNn0s3(!6+14z5FkWCR{Sv{-(k3apU*%0k{MR5Qc&=4GI>E!;dL^2G|UqJ|AY2
zI+s+nt{Nuk{;NrHBHMx(*%ZHeS^aAQ$zw9c;?9ho+(VuZgb(EVs1yfU7hIoA0@AP_
zFD-gmum?umK*)4}PQFUg=(xa%K8l{Z$O&#6Ob9ts6*yo>#uyNBVbsFwUWP$Bu|WPA
zNH9rj8ku?_L0BFxm?slAwXaj%{5Zu!6I7k9c{*lgz^#`CI>kj3v*N5Vg9h$eJP#`g
ztjk{9_{+U!m1xj$H&jqLdKH2=X`nG<34QuV)77H-WIA)v1f5WRZ2O7{hZ<hOHi<3i
z>^N0*TC!>kCGqxNV46wD4X#bCa*rlsT3h^s#vk_Izjf`k_Ud*M4qg>bH@bgDUs}^i
zLv$Ly*SNQgYl#e4lcsOHIYV_8OR446$V%UnIs%m@7yEyI<odcBUha{keVaa6wbEpG
z_NzlK8pUC@SE!859$82?d7M;9(3}`X<H9bdF4NIlwFbMQuQt_n`13=*wrPHQ6RWSg
z=onr(%H}9@6MtVwaY+2`i;0stY<`Ht7#11_>`87%J8|#z9h~aBF#~#)WZsCda5rs*
z$JjkwexhDp=NBhE3_fwoDDu0aZ75$s2-T~;ol|Y~_h<#sl`Bxc<uhai=UP_3p0-(6
z!JfAuKO4Iud!Z5|!thaLcD&HB;n~Z}$Y!JHjnis>Pi2PW5;a0#`b{jy>y`iixlAVQ
zgDR^B67KoZX@)bbl-sM+?|m^ZmaW9&tT^o&fS3eCwPH8jx(@INt*18d!`W#73#?IC
z5N}M(KGismTl=}t91lIX7{q%HOGPdGOJjHF&Rw|+W>9L4Ll%>Qz0ae--67y<3Pj^q
zgsK?M_AjXr!y1yb5%A6I+-kXa2-QbrQ+4XczC|A2-{?d98JeSxTUhrtZZf3u<eBQT
zos`46PaZss3pA$HyQ1o#V5Zs0m#6xmyEoK-gj3BVZxcx&2@fu1DEk<EsTC$j$p+Ii
zk{4w+Ide1*(f&CUp=1AT&`C9{N@nv|>QitukwgM^zOHei#+A7$*>l$<(Vg#0972Bj
z?dd``=~@ovIf5K~GRBmnG$Hp9z~`jQbeAPE`p~Y1?`^ZBcXYGzN%Z_nuj-d<Zu2;h
zF})<s(YkD`Oo<qowAF-n<DnI#hz&J3BeYd%^*9Ar$3z|iyQB`Sol!=IDBitY9=87D
zFm)PB%tA`LWr)6;r>3KW;W+t<e3_r}Z0yT6@TaHS=~%B#>wM+Qr<$71=OAk>Esgef
z<Gf^eakxMJN#!Vk-Onzh7D`0%@=-(r$rJJ2x=@d4U0u(&j?c7|ZYlq(;O1T%1J|8f
zAS8ii#yF|#j*-saX!#bp=y1R6@BXkQy++f!<^XVc(h!VVNdyxT>rm`6o@chf5rhKr
z#^I^*(p+q4SnZJuY?w8_pBF!IDDDZJMpL*m_8sqsf8|Pe21er$#*nig;WbED4cK#p
zGt9%WDlvqNfmV?lBw*O`u#r$&uZwEM2ci{iOCH#aaTPUm=5cwy6H3W!WzG_0wFes>
zCnloY*lbrUmSLTV+O_*zb-{3XtcS`}Y4)BGMp3bb$=YtYEA2(HJH-ggX;m<Gv!uYO
zZC6TeCOVv?rXz``1vWr8YBU5RpAuJ;_G)L;>XspIh;kP=mjCrh<K6!f&{MQMxtQ-)
zPqrxi642udFNaPqM0uE1CyH{iGCUK+o8$uX*2y)bTm9NSf{(6EZ0S-VW~8sbtZz}d
z;yk41!$qXQ?M08qlf-2$&4#N<Cu?_^jA>lt5cK$)Eeuu5)4;^4=qCG3AawOsUYxex
zpU;XJ$%Q(5&~L$iO0l13qi6kfq>@1lrUwl&q$MxS^Bm{mL_pK~kbf8eSvAx0v4QkO
z{oany055NN{HQGs85I`pJ3-p~z9+uy+ysNd|D=2tNgZ{=&%|kaxd6Xdz|OrtoBsCF
z9>VKt#`Tm)yoHK|6y1BiJA3G{3+%(bYV@+S7TcV{-HhW&{g1=iRXm#<^Z!`@|EI|w
zr9bun7=I(+;C{QoKBIVUG}>huEIPt$S>4B(Ry~i!^nzmMt96|fr!kpAdg9@5h+@oz
zO8dFUWR4c?_#J;dJ(WpkNGB>H!Dfdi7Rgifn2}I2Lojt(71LpqEW!EBJ%yH3Xu9-y
z@0I4pJ?F&G9$qb!TdZ^hr5^2LF)n1Yaq@s#%Lu%bJRgc}u7NiG`qT*Vi&fZzw&YPw
zQeJiuoZj7Xv}u0|_k8AGhduUJu`m<QE4H&chR`gAjtl8$u`1AAsnJbMrqs|E^RH!Q
z$N$zQ9(1ydb1pG)-(zq8WL<ZuII<f2!|f<8p}!0=!Ca6wD;AP^4FCB%@u+w>b`2y=
zHjJH}fVqkRpo26!zClJDXADNh9ZmWn4cTqik|l|XW@+-5_@#DUnzx2T;f_|y5A^w~
z(%E&&-nDG7+UI<w$h2%hfI-*L#QJ#w<)FIlR8wxmB4i@B?$FggWO3K@l(0C(u_%@I
z`uI8=h7Ym#&L`T)Z@&nfb>GZ>Px_YQ)Udm;7wR=M@%$_e6x>LfAqDAU4A6DDb@jA;
zel8A<G@43c9`mVZGZgSx7?yx)wZkATh~KMcbpZvk4w#nyH?@H1=r*U2Ah)*M)6zHq
zd<mn)qvkoY%(GHPEPJ_L*Z<p<`+!M!H2XRdw8r`n%CG9;yj0G<gA&l@VDsuSz!({S
z;ZXYGt}rAh(bZLU)n%HBFT91BQkfoHs_4RMiC}U579u}gVMRW`P^P9=Y9Z;aDK9Iw
ziMJuZne!H&9*r3fb*~dvp=XHbzmhA;lW+0)uK;*^Ds!Dx|JO^pg;IR9I-;AuX*cdO
zM^gvHdqB_A?NA5*sy5g0R*#v8k~oZu*gfilzW5v4X?5Qpac|<r^T^?dSdkCG$|F0I
zLaz%y+xg9TP4^asE}b^or*WAF7TQtC%BGd%YOS;xR`#={zuKC*G~0AHhmWcmQ(>Vg
zd>YpLUb1)F106bQ`zE3iv2yVIwk%pKPvTz1iZCwcNvee|kZa501|EOlYzk9swu8~7
z2;K!2>A0JXznJ~E>g9gM3O&qs8l<h3kHb4`>Awuli{zVf-Zf0FSebq1U$jPJB!zEx
zgEZQDT-02H79t-dCU%4oBquw2n<+Q?0|i9ZX1d!>pYBzal1M_?xwRxU==h)Go?EZr
zGFKqkYsb#6&J|fCnk1;uWHdwCkk|+SZl7nw(+hxf!kKsvsITO`sA>e5b|v;V+f#~F
z;yCuhZvd7d=`_0G%ES6m{GeRugsUs;S`W6MVvc+38W0tv4L}VbFw5@gblmf5qACwE
zFgO3v@92S~kw6MhZE@aeFk>*n%XyO%VCpzEJOi{+ZF(P-yWJ+~7$mHzPSyG5k#OAv
z#80v5XvdtCQtqVq<q3_XPE`!FIPos`p}7PCup)D8Q%nw+!kC?H3;n1FEmA!TDfvj=
z%TvP6Z7R*?WZSoAJfC;G43`WQXjgO_xu)+)bjsrsWTEeJp<TzE8Plo69EoV@=<l~f
zRz3AUn!j<}97P<5(ngx`Igs@dlywKWfq8Ol&4Ar>h>GX-NK+t<C%LqyARzuJGv-{I
zV}0+*IGS`^g#i!9-TdP@4~&qN#ahNL4_3$xSdqVb61uoOoTM+MkY6S>#*uKg6Ae!p
za+<Z}da;r^3s<N_;`s8|G3UCuNTt4LfD??kZ?UuN_=uy8LQe^eldxutL=&$EJUT?l
zlIL>(D`gT5liB`mDM`ySfL#6cQ(w49&(96-DZGm2k?XA<f#)4%4^09WTJ`$maQHM_
z42{wfevgwdEe=}mVD@0~s9<HWNpYx@_l^pcCEB1t%N+<MZ~{Q*W|3HZ;sKg);TzN%
z5Kq^e=NJ?cj||FKyNPbd7X==@V~FXbmMA0UT}~5DlW8c9!|9uIg$<;##mX7Uc{Z{a
z7Qa@T7u;>hYQl8j7_Pu{sAHIK=rFKNTza{5y9n>76eaHvp`it{$s6Q9tQdywHp`Sr
z8v3zUEl${bIouo`e5)Eu^vNZ9nG{>-*uP;_&L>Ea=YKCFJSttA*5q0y6RqJE6s|M>
zbPS*RZAslXktL?5%H|&Dh{e2a4Gj>h4$+jB){`hVR6Xq{W*CXb@R?o+_(~)BP%$0_
zFarB+7%(tX&A<0?be5^l%U#)U<~Hk>qMe-lDO4(VXc%aa%VF>0U&py4MIHwA=s4~5
zxjs+Og3aS*cj@!>6c&*D%K~0*KP@rj?DIINK18plTO1<L1^S-uM`%FnaXd49-SF^C
zY#u!QUtFCRjLUnHwl%sao89g|g}c@LZhw-llSXRO@8@eY7H<+(Lc2cC>zY%36fNt`
znDqYEbeSYT<<ozitwU54Cm|GqO%-$=4NbIyBT#$QYy<^wSOBX%NDYa5z*QCaupZJz
zMXC!B0C`V%bf=Vm5jjCbiyo6WOKsN}7>mibSLTTvS{pf#6Npqh6sHJJQgMhi6IEd$
z#wiRi+Hsq5yKZBcW*Yak0q;62KKSk;Y@e%7;}O*2My5axk(J5Avbl#$wJloz?a^fM
z54Au&i<dKeJ?q=a;f5EX>rMWp+opE4r)HZ(1!_aCyR|4*uG@qbTjsHKCjmh49hKUP
zsmu6Z1yvxdvDB0F2+J(nVHi!Vj`TSa&9tO08bAX_E@ZuZkMsLHxB}>SLzrD2`k*HE
z|7MOHUoC^$Nv4n(twq?{Ax=>PqXg5C*xDt0s0F%26>;s)8o~dzD3xOqK*)JeM3WL>
zNl9_~C{K(_x&?-BlaL|@aOC2UiD`&rJ7sek<7Y2H5Euw)@Y^yZiS@%R_fh8Y9c7*5
zskt+ytr-;6fL*|@iJ;Z<iyJM!NQEo3^mav%GI+C{eyH%Tovff8*K}UiPr7b=P0RCW
zY&v+kv8;TdM8_=~h33;1Ge@Im6vMK;pXAPN^S9piu4Efxs2$XK{NH=~H6j!E5?Wt}
zSLvHP7e>IyF84zc0BmhPZ%%n1+B`X5=5@Nvr$8pS21(Mm3`i7KLy)?lU4T6n^#(h(
zJ`8Gq%=TB$p%z$@#!lbYku0-yp&U>saxJu2fwSRFl{=FBozZl|3@4Y^qZ}^15RWgm
zA{()=CMbz`?B{$4hTndZd@R4;ONm1j=r}8Rw2hBVT4Imd?+^^uj}(KA@ir=)M{_fv
z$0WT}pRXoA?Wf90a{1iPAG)r?e~Wy+<8Mi$af7)w7wR8gOc;h$C!e-(3~n6GfVVB4
zd?4Vr*{k(+L0j32?}@`6uuK2XJv{ixmS2o1rA`t27RzeIdsdVrU<C1x>!|UDgb;^R
zoN5*ts$;>KieXHy$(^Y)2n@oVHh#a5dL76vKoHIi9Fo8W5>Vd|E*!PKzJ9w`Z<1?;
zsE(X7tZS!<m<B#`u-niH0x+{~yWMfb{7KU)ld9#yTbQ<k;s?Th9lIm&@EN~w;^Q-0
zS9`HqGlf-4ook%K5d>mtP@yIn+ST?&3xw$2ivB9fyR5WQ)qWlN(SG&ujHG)T6PI)M
zxf?j(yVKiwn`qgv85E+PPy2n7JwfRsp2&+mus6^#i%ep`j`cNJ>+1dSw-`hBm48&L
z6Jqy|oigM9V{|MhnZ2Gb^}f#4{&U5vJll3&x!#Xc7@>oA4>xW<mazLAk`NGW8AyF%
zQs7uS9EzCoOhPwFxE6N=n!4VL^-qNMczNrDKx9L?%i2Hk?540&S)1pFLbUyNnOkeI
zD?tFcP3luT&v)EeaA}&y=d~~-`Q!0k{y&7BWmlVB)U8{fP)hLv#oevN-L<&8yL)j`
zifeFpin~LC6?b<n?!jGh^1NrfAI~^{AQ>Zf_PY0)>soWR8PNRkB-~_kaQAVqSa8Dp
z$&p1|U>EjpPCN%K$3_CzX$lOhBEr_4tsqK%fW=V+&a$^0z~@ql$ix?Y^6m71)`54g
zaaQ;`g}ddnVX&6lVV>_N2e>s97@TKyQ@q>pM>SqQ(gO`%W>QgyQ4`NlXX<h&@sW1F
z$;kauiSQ%X&C1@;3Rdelo(Nk4pU=CXFt2v=QFlv03J&`J2;wC*VmaD44#%Pa$!8R!
z2e=~vQDQ@OE=dz-uCKf{AHIHxJA=33$XXzG#!uvi^4rV3tL#Fkd=45x9CM8%45~dc
zT7$fTC5S(H2gN<i%bB(MY?3J)A6Poazra$S-+IRZUQb6QsZ54gq_|IQ`?hzVmFHy%
zU2=Yuq?y;lM1aow@O!qy`Ijq_##eN1!PlF1YB`Y8vym3n8^IXb=EsPqVmdso8VdOz
zMjbv1lSD2k=Jt(1V*?EHNopiJ7KZ~0e0IyR%5-+X-GhNwgt}~`;PVjW=H%^vrCr~@
zcUIt`++J4WCTRCd6uKRba}~+uTdz}V(OnatjD$n@_jd$wz02>^XG=|YIJ+O<l+8wO
zQVo3~c1l$W+s}Ef=nR@{=NW6-f8YNn;D7UbaGv^_HZN^1-;TkaQisidm`I+d)kC%E
z8-VlbiKY(s86UT0*^)4}Z%bcN6H1Scj!P}^PbgTmP|D%&Yy~4vlq%xYND04l8S5AA
z`U<@KHeT^TlgyIO24fk~g3f6i^j;FE=3t-cG*k+ISQy9shObj3q-oKxk2`#jjCqc9
zksPcx{<xOqN&Hkz2@Kf$zua&_%1Z3`as|Q3>(8k6cWYQYJV$NiMn<iNq(Gs7-WsQu
z*($)(8`KZ_umc2oR;>tG-I>6^<219_tnY4~h}2E(c4lG?jrD6EKjC>!YyOF<e@Z7|
zKkZq>6?{6}S$y3@ZJDV)hvwOVAELdN@{ve=PoKk-!4%g3bf01+JQm%XL(27L!Hq7J
ztUC8c*Uk=iyaZU%OxtPws1mPa!)I?&@NR;fZGtMllj+a##WAY|kJ*RI9lHYu(A?Ws
zZY~2muBZ&clvDEA@il`q%kNXB{eNjj;3$n}KdJ=&(FsP-mgS>+fo0PC-VY*u$$M6b
zlMBXJF9<4GZb$xATPJ=}c8`dvUB}H$>ArclOV;lA+#E<ac~(Gb=niQ+c)Ll-Jp~Q2
z{6-tzow>q#6#G?4%zrE+7~2RRUM7zup#u5$M=5DmO^v-oKG*w!WKiHKAN|y0Ze~wT
z>3MQi-$__~waev%SvXtB|3EqMX$`MYBOXIlFGvt&9l;C@liC5!=Qx{>lhfn)hB7wo
zZHQ9(ylpWIRv5(V@(l0{ZlImFRc=mTkHe<XYLH0L`Vsz~Qg%WPpT!eqm=fS-y3p#U
zBN)e#h=Abh)&I2Cvmr`?w_hL>p6ec|tnBrMZRmW5WX)lHXbcAtDY&qc>8~7!vw=Zm
z(p9&f1e5luv3!5kw44wi1R@rA4vBiKqxC@k#`->$m2AEpk7Jj}Yipqqqf@k=4kd8f
z2UDXumZO>k>!XVY2V~;w&CXz3X8(tEo_03A&Z#K@9R4z^70b&cEtb=7)Ytkat98hD
z*(K8k8}OpY^+%yIy}~B7U3bUKz7tP}50|1~Md8<IZV~YD^mX)qpC)+EH@pg2+(9HI
z+!;Wus8*?+{BIZ6zj`LX<N;QF#<F-Dv=)@Pea#*bP2BpT1xx*sRA%>o)!JC@;%~kt
z$NvHPRgje&5Pt9%TzabTeI(?~RE2+_0Q{V=V$FR{+)~qBOj(2@hM(n(|Hz&BtDfGc
zkBpjD^hYpF*vHq};VQf}*A4uz?8^zyPPd7yNumGc7WpM+)|>j1l|`3=!gDm&0#+Z-
z1166e?e0$5H@=<CNVas^*<bB0tUA5kfzbtn+N3!BA!j3Jqww&jgsYvisUx-*E6V@1
zS)sO$#-rou>?K+s36H+LwY}%BH<3QShiCLXTj`GHGHRGDplgy1^E!SK`RRIdINkn%
zGrGy(nHOYAIC4~;MHiB8;!Diub{st%TdP7qLdI9$h)=ird1=@+PK+KayZaY9kFU&(
z(u%`&W$)cfAFYtfQa-!oL>3X5y<HZ!^H$HET1mFwl`Il;`=G(11#N>B%X9PgfgfGy
zx{%cW0H-T$XQcI@MhV9HdqaKq4$!>sKgSQZ8~i^gJ+)RZegI~j(&JT=5&v^J7~=E$
zwKJB-bisR*FTEyoqM7D3weu#*uBPK4m-X%QxiF=3U3AgJDEOS~vbNXqZi)p{C$%k0
z1$=s2)>HChqSOFhMEJl>7<^bjs8!vXA}eyg&JRQ{eTIPD1g}mzpZj{zGly?s<1xTS
z@+?3a66>-vaQiK>{`>w-?iDxV#D7<FQ08MSOdfP|`VcelQEHd&CPfxH-GEG;kM<@j
z-wsiOq!<*xV`FngD8`;{8Tw1?#V@u3F^734qVgYCLWZ~|-K+JSyu^hC_1|@MJ>L5Q
zem<Q<gp`g#5V^+*%F)QOqCv4Q6u&<9LJqZ94Pg?v4QMId(~l)vmY+$l)3{%wp~e@|
ziFZZ($gPljx8+3Iw7#*55U#NP<>DZveJhh&*!e7I)KEvrW-tQD-w*1U>+_9M)ObGq
z*UzViGbMe%gaS&AK9A|zMGHy$=p_tj^Bb!*9PS!b;WzXhX-YM8)u*T%Dz9xp^acNO
zpZTLISA3MLg-eBnl57WO>dSLonQOtOaNu_qC-K+>8xg+jv7QUxXL7eR9sFFa;ym(8
z7(S`a^zDgAb!eJTL-#Y@U-uM#j>qn5xow<#dp<wh*EWb5aGvhba9X{Gy;B#6e8(#F
zJ1<^IUplq*-L}w$m>f!DaJ;o&52pwB0r$UGYdRo*UpMN47${^I1GQbA%zztviMgFm
zwCjy18&9<F;l6`*u!niOZ{$*$_#XZlNJVQaUdIaUXTqNA`fb<aXShYm$?wt~kKoPc
zvv<Gj=O*F%bLo$xq^zy;0RK&pUJDn6_D1T-F@+Zd_%6EP14}$Nyi3GeU^}S(Fyn5k
z7t=xyfo3D$GtTh)Ri`dkvrDM<eNrID;WKqSw^*Mow$#!gakxEtI?10n>YQX%ktNOu
zYrF>>jVbw7RNcmytYApr4yxE>4(uC^#W}y7A9;r<2s^{zuR!LD)c0KAVgZQp*k61Y
z`=y>~vcvGCTIM&dRRh=x1SE77H-hM=5p<q2V%_fECRV6V^as2>h3{kFCvx2ut(sR4
z6fl?E-nt$h=G|(1mWB=ex0|5Z{_ES4a<MN1TUc^S?C-+<7XdS0_E`3<ZiOx*<p^KL
z^B!4#^Y6F<ZkmmiCs)8=t4z9@=3*XUyHqlDQ}EfqL~d83z9F$jz)p<Px+gTsO~|*K
zYqdGc{i;aI@HQ@W+4dM$t@zKs-lP8y{3T3Z`fG&A?*%)RRlD}8m{2(2!36xyJKZke
zaq|52FO+D4m^igWo9_RDV1WuI3zcQ1T*^|(@W8t4@BU*WkX33d>~3cv+TvPWzbt#Q
zBb~!Y|DFKv{_j||?UsLkYoOp&Wi%}&A>fs$x+@<Vz8$d-2nn9!m)H^!5_rM?XV(`d
zLOURO=h=CkjShI|Wg7hZW9h%(Oaq_0LYKTdQs^aV?$cZeOjT_2g$0d4z~`1=59v}e
z`};AjMk}Q(g%wAp>67aKS-2V<w_2okKX9ukMUaQ~kz4*oy#pB#wL>(m6p<1An+l?k
zYNE{0DI|Yz>Jtm7`iLwkqQ9S)w1`j+S;V?5qX@^=>IbXxwS;Tn_`CmLFZ3Fh(VD<q
z9!Ls_ko)QqMKN^hLUF?ihY{`@TzKH)Vs33~x*ga|UEYvc5E(A9wjJT}W-u#znW{}O
z)ZG}C!Eq@Oe4tA$5z&0wK@j;e5e&w;C(o!gtl~@Di%Kmip;`F7T2RI79tGahPQbUu
zad;OlJBxoej^Rr9I-;eu?*I37a{Y3W`Z|Sy)Lh*#Teh~wV|#*h9i>N+vq<RW`W~3Y
zc9nq*09#J4WOjO=biG1ad7%B1OuiRdVoT32gE{99V;e1iGghVbi&G<(r;}C7Nuuuo
z2r-R5RFet^8;Hw&1_Pv?{YZu&r?;2}C%|hu^}V4lG>7(7)Fa@e|A<-v@6pENf9NiP
zdZ|*}&Yp~?lKQ<qH2&zeomjj?F|QxnFh?9MM*?=xUS-3b0?mToi<uMb{zu%B!{u|{
z^6FlrqxRW^()ba^f?t=<6T=4CLlM{}AfK_c-3fjm;D|bfQHS^ddf1EN)aJ2qNg8mn
z6^3uklDgSExl8EiXS-bAk4=LH993h$W9@nwsw>pX$!R%_UT%Rj+#>|qd!<7vDd%wF
zU(||!FZ$Z1Mh?9X{g+)K1Q|KFq&0-D0oDVc{?~2wXnfYIC|!W1=G7}PijmwGbI2r%
z@9yQG(ShLZCe&d7*1@Aeh|-w#TlXs)AP*-U*Qv~Q&x`k+k7iJz>u&g#z_;t%uCum-
z)Xj_M9fJwl9BscV*bm<B1f$tKouIu@(12S`rI*PM=dc*dbMWoL0n~30*3BJ{TLEsn
zR~-Q`{M_d~Cg3H}_q^@CO-+dRB+F^d`%+T6-G9>ti&G^>@Oh!@)&DOsK)~kVLY@jb
zM?Xw0r&(%|E$;3s6+iKq%)T;cfS)~h1de5gDQw}=AS^9Rcfq|&6K?KFOn*D-!$^)q
z-Zj5prY4$>4v@?0eqY5vy)3c-U22A8&>6B|>u2@xLy01iWBjsh56*3vWMp`MGoZde
z2R0!v4%{vMH^F~?x|;E>iP#(pxSN3g7Q1Z^^<_xeHKbZ)8~7ScKhSDy_OS!o2QG9f
zF;3(HFGH5x2<szhM~EU>@I?p)T=3oWGwHW{kg<K_nemRH#q9<Jn(2KmRnY;S-zdx8
z#UHczd6x~V-^GIL{QO|AOVdt-;Ya_WsbEFky`)S>5Hb|{x(Ti8Q6Mao#AhIL*swlf
zLD$^!Q!OF<)TxlpA|)gHiPSG&>B~>WlJjP1^lOA~-=sU8Cn9+l-IKEthprLwevX1)
z^TzA;gsgPIA&iWS4+m&}Cs)hcpTs+VpL{2XjO2M~N**0GBbZ5D+(`@esy|9lI~e^9
zV*Hbgmsc8wk*t|N9VJncFzQdDpOlh99T_Fx74TXY_ab#$W|H7a{*2Xw46LKWHxZ1(
z?00d|;(TA2mZk@q&!8hgZ_w1IaHc~O`d~`ODo!uM7Hw0#rs}}+^{>@U0+EWOnW_rG
z7rAXYm(x5)M>v)VzdqnA58HO#f}5;bd3YSxkX*3oC*YP?hTk0a(_xDDsG<H}nmBet
zUfJf~0-V=H<>T|<Ng`oa+rMG=;~tDP?jsGoai<qOR-I&iso0)tM@XxQJ<+2j?XM>Q
zR`0#c?Tqb80nR3jSCqGNx3P(lQNF_z|EHT#zSG!OvSrkHR1_n_#sgmLq1NzZCRROY
z`U<N{w+1_+;#teVoWX%`r}b+IA)Y{!^^1<#bddut$x#z&LJ3sOb6UhTKhCh{KrFws
z=RwJKW@6{5<K@R}3UlVCPjjg*IbN>A1^t;$ZAZWI#kJL|g&&MPK3(;MWM*XavKON#
z&ub>Vy-tS|etOP!SIyr^a*1GIP*K4=NKtRSg}$nII6qhF>_**HL=TT^xRo&LaqS;4
zjt}IVG95Igf0H{{zfZa3_g^97sCeefm?<;ep}51|&SjNoGWnq_oh0X0baUZ#9!^PW
zQvCCXT1~5p0dQ4jVYevs9RNumf*vorIfDKFzJCTj?Xed7KTL;izTBO)w-?K?<kZ{S
z3~xybHF&$-BGaC#D}Vb>gb=*FNtNq*n})@+c-=ueGisleX_+j;gx(%9Kjb<P8BUEM
z>^Ci@G8yQ)k6i-y&_^@9M<(P_t2J7rYR79t4H?$}UGdm7&b#jHTTys5PZOQ+bz7q~
z%^Pm#C3r?0MNUS#5-}68^`x_AVTc5}vdEcAzgwMcY-BZXLW+pS$LC2yt^02_T%-7;
zQf0&wN7IaM<H>f-dUg=<B2yoZY7UD9S}3Ur99BMmk}2m(NR|XjV~P6EzWb~GTGoVn
z3-QBO!}ehNf*?Eln#l3`wL;6CNi@MxcJfJ8l8jtMMk7CF@$%yr+?jRhHQ27CA56}L
zt+GJI!Z9hi99H^J;c7bWbXPu~Ax$tB)W5}0DI^&YZQ0CJ_fZ}FqQJL%MdDB7#PJ3(
zFLBvND7K9s4v`^iu!*bLVQ(9~r+sDf=g$5z{1{jMa0#YY&p(21sgJC&<a(aswJuW6
zZ{>X_Manm-Loei_@|EArq|umz4amR3CbU3@8%_TAmTB{wfsI>_lxrP>sW=8KZ(3W`
zLkbv=)6^uyp0)Jn%c`;V9;q8&r|d4UTh~fMLNeIB?Tgey6c;`sdv(D2VC26E0JK3R
z44qX^x9v0pM?V(YpO#UVtX8v3T+pzWxZPA!8f%f=z(+ZjIw)RLF)z@y8NJ47lB|69
zIUq?7WO<Z#`AV6@by{gubytqMQV87-7}>Eu-^JNqurGzd2xk~2xu5=qWXIT1Tz5}J
z56o{RACmGEo<AvN7jX6$7$H!0Rh^Ykkdw-Or>LV*C6Zzz0IVt6Dz;jV*Z+PYuVgm#
zxP3Njo&-No;3nK63NQ;hy|oOT3T6-TRMa`_jU0QNR0Le@5R2t=MjpAceqms)BI0WV
zif_z&^mRbbozhbvU8I~=IGAl3`UPkQB;S4=yz?<qh!%7^s3zd}X7}>I)?{0~kA?Y)
ze5#bjnlO7Ssz8f%q|@GNew~ux3(4@Co|LBKvQ~Z-Cebs{sWaUxFBjgZGhUed`7-P8
z8}I0LeTe_8DfE!~n5r*uliKy>e7#?em%DjhN+})JO^$Ss6R=-$KK}RumIi9K)xU%t
z*jqVgayxlDDh~8Te4CrUK5$yn)%SdD@_pHlH1NW8J35{89yA~Mli_a}tp~CfS5xcV
z0V?zj&8SLRbv+{PBAHBbF8cL^H3vZTie{t4zidss5!TK>r-?fJF$;b_>fR$g;~!Ow
zN_;?P$cODi+xxuEMk4GVPTS`eL0#*YHK~iJB17<A$TDo1YJDGJBQdf={{4HodbM{|
z6@?cXl8L*CFfkYAHcSF|xojt3GaHD;GxCeqvq#%%UxMWk+VzH_<^tZ@KK6DUh3B(k
zhz@a2&>b0~ufLzjz54sh<?Hz*%<E3<3))FIDiGBqnWHSHt||1JdZthYbzshnk|;-h
zkB|<cGiiamey(aFxQg7ijZMFedT7tgF|9R^9CKU$l!oBTE^83}hjHhbw`4*~&FJDc
zGwn**yb)^xa32n1Ivqj|>aRK5TzmtYR*6ea6A$LJBVtM{mX%&bsF^F<vn7WHca4{Y
z$7XMRY8NPlKlp~fTuIz;{gCmKbsFmZ0?IH8YN}-@TZV1MapXLK!|YV(j52cB9J*OX
z{#r3-W-pkd)V+yOucCRw5)B34xBi;lj*Exd&g<jv5KQ0Z$_T%@nx8TrX5npNJD=4O
zv&uQ=3yebk6<kRHsDjp94><IRlINa0<P`*acLvI$=IxqKo3svV00u37-t&}Du&*Q9
zXq{=qQ#QYr0&TI<<i9@{KAA;w$quu{dpujJM}^0>nc=PX8?R}0r8If!3@KgiI{h27
zNaiwm6s!}AMtJupnJPR9MLL|6l9_rW(3cPWvn8m`S*i*@=YXz}X3b03(=|QV`*OFD
z^*J?yF1OLEWhNrfvCY>v6q5I^r@zl29loc6p6qU=?FSpwR9@Zhy;-})>Onr=zWI3#
z@SmsDXm`H#r*ggBwD(W~PsJ6d0VBiyT{@ui+Wh5QzjB7*jad^Ef<R^Kjo$^siO*IR
zDNakuEiP*7o<NeP)y?RSCw}8b${a4h0NyrRVc5b@KN6{cwlkqXxYFd!qop@858%;a
zUQMY6{07RtLb1(qju{LHkyUcWFw$mg=Q0H(aA8Mnq)i0E^hJi{_=#)+N=zWWj+!&l
z(}OI53CtGHT;>S_o;1k!hFPxOSLD*6>-FwGk8IjpKZ@oVn#W>FN(gKq&q$T&Om|yR
z(|J7c83@Yz<&H4pbF>ZH8=D3Sa@Y&jQ#Hadh(r6aSr(%BBl@4F#)B=JI{zYK`EYCE
zZ`D+t|JlL$1_xHEHgWCwY+6+^60eq97kov*_hc6K$sNmJwm`d|p)YKC5E$ofot8|v
zBA0ox9PuUbgU<8iu;f~6r8j#5H6f!W4r*Xo&%eJx*fHV#ignxBk*{T4NlCVlV?h5h
zMe36w-6X!NJhZ@SWU&imG3Ov2ERW9H4A5a|XP_`5jua4Qb%|up{=D$3|If(&4>62#
z7Y=sITnS1isdD57i7F?}UO#`ept_P_74#{)Oj{2b34n&%u1$bTE6?gMl_Mv^GVbOQ
z)6?r|sy%s3eR$CQ$(}>@tW26^FaLSvsSddKPch9-#z~4&PLl7P4#&La)%AYrX`@+g
zzWChDyAOLfw&R`7RG22KpE>{l<>{p_8=i<}7T-f7%&>JdEM|Y&@_T(pz?bz|;dP5F
zQ5YQ^Q<oVr1;^8x_g{gw69$fE8+5J~GAOO-Lh7y<8k4gb-j!Sz6<izrY2QA<XPfiB
z-6IBY*^L9Bj{P2sH7{oX;KMoNr!3`xRHL%bIUW;Qx(2(nB}#`CHS^{>jcUCABs1|`
z>)Fzalp8s(_bc?+??U68sC9%mUi!C3a^K9qdglro**sqY5kI0;wy@~KbQg5Qp!sr*
zTS+~_yBt_s*%!e(n(7wod&#+2wc-dq9c9_tLbU0x6E@W(fabS)<SMVK_R;H(`Y51w
zFg6@6O|Yl^xSeB3GiRj7vWT;IvBj}v<s*QVO@4yuiRpXr<}0KRTZsb{QUdF~I}4?O
zhTxx7$ezA53K<A>zexWbV)nIt08OK7bw9Fxa>a}Ny%QmffEn6XGihqrVjhO`<B9&N
zN7ugPD~5ndUaw3?=~yZ5Ao6gmTd&D-VW94p`xIpJ@0oCs#I(wC>+Gg=B%}~KtQZZ#
zib2}oz&Ol!i_E!WC0nzvbux1bi2h9W*SG?i9yb!tQq4Si!Q~PdYA00;zoJiE)v|zk
z`flm|kvjrAa{+2yJ{wQ<fQlH@W!f+<etVDbA+2D_l5l%u9GC9qS=OxYWOMqMER2kk
z9~o!#)d-e-bvZ%x<ds~L;cxpYwxXcs_Jt)it%8(pLMiUnTP++Z+#c>!hhc*56o|8A
zS;2aGp?GGG?O;ei8EgJ){4R%zMh|%>Ne!#Hi&o8qDLOP}T~y)SLM1c!zBBTckbpGc
zBT0kgBrnBPlgD@z-l8A$`E-_9j70GDnGw_#0Dl6p4atF$01A?b**Bp9iP(td*=k|e
z8B1BXy5MF8qK(RHNc*Fv!}LP2n&O1K`DFVC+haC=zF*G&BI?C%?4~;Io(~wYRA%i-
z1)tCG4BMTTPMqcpJUkxHtJl8STaSOhyV2`xzk4uqb86FZ5{cYSN#AR~j`dl02CF2a
zP2zq|Sef{M@?$W1nCWXZiRrHy{`0wo`LGftGsRBtH$U4}w|{SyYm7vlZ=n2gkoOZu
zY~zXmAdq3tX7(7>5u1hsa3Q*0&`+2X0J^C`N1YgDj0M7XAA-t7WaPrU-Jd-?;%(O)
z3FmzyZ*bnX{A%InEfjH}wrcqF+KgPEgC<S3o-P_@)f&cN4j6)s)RoZC^Bppoy3gKV
zQ^6dM1)U7ubmP6POYA}5zkGfSpO`SYmp)aj_2aKv-+~mnMJs;|T>-=PcYkT$eB?>f
z*%m}ZZkkD@ZcjZ%ZT+J3+1omfAW)8TS$#W@@FSJ(SaES}GbT4)-%M|gQNhqVvC3e>
zfml>7a$D)dZT!nDbzKM*RyZDgz}L2co?lJ`{aW$zbTVSHuO;yXKz5?b2l)W``YW1u
zA=YBiRu)x0u{AI_NnX1d)7dB#eJlG%6H&+h3|7-r*2x!QRkg8aZIz?q&>^(jWX_^U
z^Vt~t10K1os$8wqd4`#_Mly<8M{UVcP2}*m;w_(bADf*P9O~o4F4Yp3D%%~4-ji}$
z!kD*<3z=S{jyw)Z(u6Y(CRNl16ZPwnl_A1F$Do)1f$h0<>wptmE<0gQij;q|HuPfc
zuhs|Gk{WIYA?Sis?iZqa9-M5m?-;3tJq_K&3)wwf{T-Nh4Tte!m7AF#Dho8bu<qxz
z#(@GW?lTej`Qnkbg}gYgt3YHxXKQD*X1tut!FdhL1iLT&@wFU8;8PwRkc<em^A&p2
z4rI5PyaKKKfd8<Z=Qub*d6Zj2x2`pkY*z(SR*(VbNdtOL+cs7M<VazgKI6lz?i*0g
zW%S7^0)ao?XP^~gPwOOiBma)a$W1OIUyuFptsmo7xlZdgw7O=cmF?cppv-1cVxPVK
z%A!$%f#}$!-h#JefHH={N<)2T^YN^AOyQ^OeDUUmd4?OIH;MHOp1S(#;vX-*@^n>I
z8kA@}r+l4l<$Ny<I+?Wc&H>K0k_HYMa71&JIV3sSWxOFJKhMs&O;JU7*EseJDC$0W
zgs-eJqY4CylprLg9v_#B26<f>8(5JW%l@<?U)}Ptn#g+0KKBbdTfE*M4-ywo#UJ9O
zdWIp(pq*I$C3!JMY8A)-fGfXm_G4+^GgQjXC_c_+IcHBF{fSdc%c5BxmMl6CYpRtE
z0*rBz9rrYcI3rC<vf_%!XKVZpA>fYnQU0<ioKlJO)#t~8vkKZj()n{o>7(y9B39Gs
z;pUVBONf7Reu!}f!O`UXm1-%7u$BVI#og5*$n{?%WXR>k#+X8U1Y8Aj)k(_cXFh!+
zRLaDiA>sqr{pd4?dgiZrT`coP1bO$tu_#rKQ{(R{{Hm-B%z+al1LH1yj(KnO=n(No
zuS36F?+3-KjS$n?jjOm<4nyi#Z~b!dnS|yZ$Ch1Xq63M4qb`mE)VVj|Y2PZ7oplI#
zk3Z(VBIF=iHl3IEl_00g&QDBbH%s_te2o<x+JLY%>}g@1o2v&1a&*L3oQQ6pT2Vf;
zPjMAb-yA=7({<b_y}EdEeo&;fvvs^ah}rT~-%RcR#41i3=$XII$!slsbuD5&$p)=t
zFmZz8?)IfLkz&{Lk8ZiYT!WuRggiKpllV|oCEgN&qF|fJ2ptd3N|B20?4RyG*Ng5h
zX){U`N9@t~xz}grx^mrKn|M7q^U;MJg&==G@b{BmTg$M8E_bnqeLX@}uz=r1AU^u5
z(`@_W)-z-TvdCJ|Jh1FAxuTHSyXlwB&7|5qvfXx_adq8G`RR!a<9piF!rkGON>8Jt
zQYS96qtHV*h(1yLygj{y{p6Ih@NPAEE5yz1=hwn3kJ~0x&-GcaangF0H}AWlt#Lvw
zuD9*Q@x49#kdXA6_8-Fg@)Vg(%bWb<ezR3E!fj-JEA;qLU9OP!%;KF>uqPL39ueE0
zqeU%_`Ng}fzw^*H!FJP->x&?U9kXU9pPj0GBvRL<8h0psOzs5g!5**KVBGA~?+>W6
zcO!Gf48{kO2a*I<sV>VN9{GEt8dY9b!_o9=Y{iP2>pc_4f^)?{VV9hMcJy;9?ov=G
z%5PssBBB&^+jS~EPfUtHYi|Av(=wD^f1-JeObep?_cI|g(vM1QDkv@`L7z5ApT1%|
z;BIDw%csFh*Zm&;@6fn<d8BgmGF0c~{R^jz{pT-D!aQxA&-tR5_APK$@?yx!n&%3R
z60^9!9Fi!?;p4{|xNgx!Yp_IOj+S{Fe$a-0GlSt+pP4utX4bUBa)s{^_qD^&8gARG
zHcBTl(|Sg7rl@DaA1t%LW!tTjhiFCef{7_ja5{2pqF7nw>K9yMCK*)9=0o=bfN06a
z?tb`f2M>KjQutAfxt6y4<G-Ns93MEx1WcgrBsCxJVyqy2&f%O|uBs)`)ev|-!@ca=
zZj{lzL5tD(c<IeBLC+fJr*#+pH6<~&9fd!<5OABw`>p*CG`vh~j{325TY@NMgi>Tl
zm?P!WNQq^x8Yq#G9duLuton$i#VK0zfHl5>G9R6@;{H9N58u^ubvdraQEvz%Nv-Dh
zEqNkIEZ!QGmMJsIw>iU-VAo%6UH&#<(l~?6)z-@VBUDb5@m4ZMyK^B_-$l*|htjU*
z=C@*9=}EkL;N+RwQkS=f*({;$rrZ9{<>iu_@eVS5HxKVwq?mbdYJ|46G2Qu%Xk`>q
z9jTzXG#ib%`fAPffS~(faacE+S#8zh?zzPomymRgSgD>0teM6wZ~kV|qVIjhx`n=x
z>H<-!U<JvqXK-;|=kU9Rp-o5_ZwPQn^7x+SXlM<}Qf@){grllx0FQP%xzHI7SBb+n
z-z&v8!=DBY*1e&{F_}H~i;%@sxyp#8>&Jo&|GUuf3M9;gIIfmt!E*au$I^ks8t-eH
z(1|`|Yh~Kh)YK3yKSB~V9u8M8DkBtJx<F*G=yt=D8+1LNF~I0~=UM}Qcb7+4i2FH<
z-7UYrVPbNvwhngC3Ev)rO|^U#hTCt8*V^@O1-AYQTNvI&9bdDQrbcfD$U#{6@5xaP
za&Vpw6Eoy28$hRiP%6nhcDC$+P$6@-9h&}iJG*7;>a~O1#q(xHoKWrjUNp3>n;)~M
zMx6Qp1xT=gM)e@18@(ZE4E}DiYWBKDo9JCi6;DoV#;4reT-M(70I4r!AO_hQHGfvK
zK!n+rjJLP|DUhgBw0U(IKZirE$ET|39jNQl@}44E1Adc#23Hzo@2Qy7g?Y4Xd=cD~
zEF7LJO2cAPnIzeQbnLqY2iwYMR2y_SWTdJ)x+WKX`1emA3D5;1XzEOQLz(rOFIc`f
zBm})^gF-)u{XNP&gbQXc36daB;SfMR`n;MjA7LWDyhTxV_A^FS(ZjD^QT9F~JhCn%
zHh`AKQSM!)@*%$9^mm*U)KF!I+)kW3cr7XUxwdDfmM-eLQeaN5HjOC<&(&gI^7{cd
zZb;E!0PwTtbh>p9Mye9~H*4MP=`RNf+Y(rPV}fFSOja^767^*V_Ci}tS}Gre-X051
zy;$RLMRE0y2*r~I2NN`1&pM~j<^Q2y65j@okV10;ur&0?u#5{1j~PpHR@iEdm90HA
z_djY`q18{rGg2TQVI*2Z0+u!WN3wjltohrJ(8fvwmq#+{7{H-YO^6Yr<p***3{-BV
z?1unp%@-fJYs97j;$yty`^<b^r28;zD-MZ;ZuXOBkrAW~&iZX`NmMu6FCJ*TytH>G
zp7Y;sxaTEFT+BHvEa&&lb5e*I#!EYE)W81Re>i>Lf^&hHGxXa>@6PTdt5_kX&0oAi
z(;}9rYyy8Su57(;#Qat6pNE!}!95aA!GysVypH}&!kTf=C4s+I6-xy)e3IZSi`$LM
z(LS^sm8jc_Oov&kCBW<F9r`3>ut+y@;Ri`8SV@w)qJO+lsw}johuCT;Z%kt}l%fXz
zXOy53i*lf?R%|R|bE#3P;4#Ii{mR-{sFPBsA}{?(()sNk3%;n5qN3OQO#Xv>C&}vx
znFnPCBp=Db|HctgtT66zJ5d^+&f6C2!>`CaZdX0ldBwdoUy&Jxih_!tCHrJLA8n&U
z+L_p3Bj=V|IfW5Dk3ZP`dN-c&d``6MxkO&5^b_%FN!IfD-lH${NjHQLD){E<QJ?tF
zxu?z_D8vS|3WG;VuuE<@$kCc)tbVZQdRnoM$Ma1R${H}4ExxEVIp(bjPB-#l&T6~4
z?Ea<zPaX;A+A5@lFh8|4lY|Wj8xtlPLz$9liLkZU0}BM2+~U4U8z1y}6iOIvb@fq3
zurYzmsM#h%OG1BD7{RROW9BtJb{ph)ZAT!Hcp1OFJaUjEGNG(W6MM`R0)<A3<B2`j
zT(<ingrBB?JWr(Wb<uix8@vN7aAp;LMTa_GPTeC<E@aywrHP>TCk1(^g|nsK?j{-P
z3FFPeOSI2@T{y~@KR?BMFYYB^RHh{HZ|Fk^R%W%dQj3w8ttkDpqgO}iw5=Xj>m#cq
z*bU*Y<i@%Yn6X?>_2ugh?oSkDzi9l>XrCXm%r-BotFqsxzlZ@%kr{tY@9a#g8;z^h
zN;A=R$#<0MstZSiheamHAgjug_|=Pp-{I!su!`J`$^TsTNZoVewm2u{rT)cG&RcGp
zF%m>yC9W<qM4yGtd&D+Z%B5tNNO9$_`1RYx!<qWW63DTq$b}`4bn3qCcd^2)@^$pt
zlexL&MH%i5x{ycrzga11RdXwzOmRniqH0^)wW&BxkP=<0g=|sR<S*q7T5-y|!ytLr
ziLU~ObJM65Cv1q8mU~uiQ9B%c&EZ@|&+#@HdK*q6n{96FXe&kvy2^R>3-QSXtt5#e
zdRN{=+lv@1YP1g4*%5osd!eI0IDD!5yPuNH;U3%EP7u+CPU8G-N8P>wKiEs2t^MLr
z6ygB!>X!qHTy|1M#dvf77BK0K;(bQZ&<b9@Ok|oUEwB9Kv@++l9y3o%oXcHYYg879
zVz0OJ?S6J8ds(yKp8J@u3{nCN0zRFS{LzzX{KDLF7{D3qa)t2KTz?>*rv)3a42SWn
zACta2jR42aR$A9MRfcj)$Fw5?)376VutCu;r>Qj<zF${1?QSE-qlubob3ejZ^Rmy~
zwZ(x2hYz&)o#{xGN%CG*?x!}n;#j0<!>ZKBj)<(N&&)qP`EK;z43I_Mr}9VgQ}-MV
zH6{exZJi?9I8Mk)%&xD1rj<zQrb;IF_(M<Azw-=jyBh~lo>bECrO{EObbAlMRzM@{
zzJM&~l(TZamKp#bIC~Y-viKcU1MYsK?4YZ*zJ&*N)w+?wyE8;m3?`G8<XosJrFoA+
z!TgDZ*?N*HQBn0s_>$A(LlQXS8EaImxx6x6vBjDo|68ljdMV0YP{ntyPCrX>LW3SO
zxucP`1|p*k2f)B8s@na_#HiEwx>d%CD5i&(S!wfr6r$SBw91U)TT_b|_Wjy<6SuEy
zXWAXf&ow?F%cfP9<y1qS;Ol}fr#=77M)sOo*kk$1_lT;j(`oJ(yEbJMQ{@Pn8XdJn
zDz!Q$#R-8O<m8S1h&0fC`vl`!#XsbZJnLp_Bv>Z0(|&O5Tzu(~XR4<C_A(<MsVY(F
z?HV!p;R9jLo$M^VG*wFr{rZmsgiZp7c|i}6s1777a=pdt&AcGb&^;l(I(-tSzYYG@
zxxmoY7Gnc}<e;)RPfCnn^XDD-;eFBk$ym%3_APHwue7@I6G7vNuXz#1FY_o{WyPv>
zbaqme3k#r48N0ULH&Sko(0XixlnUM8g3dp<Zx+G5u1tMLfq(le3;6hVSi`4(zf^?D
zrY2kN0B@Bib+lc>Qj-pE^|a!kBn-!Ca+=;&20SOBdQSE)^_`QgZ=W1~7ev)SJnXGw
ziW3=r^ik?b_!Rr~a%-UGYOcRcoFS3cZ{itoowcixCJP(5C^TWP5$DhK9INjanhq3_
zsjv|5La!CprE|GpMl@$(cPV~#oi1nRpXwXL67R>xN7U_(Bb*JJ+uwGS2qB<*X%NQ@
zB<z#a<c?WNw6zf24f$tpA*#&QH`xa|CHK*=8@Vs*->D)UdRL=<Q7@lK*4k}vx=jj3
zV3|%?=-)TWw@&-tuOo4WT@Dd&jT5HI$a;p%GKw0J6}K15vhdl;5(<uSC`Tn$_N!tm
zr5r`PTuwhcX5-ITV&!}RpCmlxadlGh2&<%u1s6>{9w!ru>r&7()Q={?2b+yXbzJ&C
zOYN2=8YhICj4q%6FyznCi&z-8-A!1#Zh#xio~!0i611~6``P^^+W~&~`*rVgCDu;k
zC1zhs)bS4-TT5a*CJAu_l6E|oA~>O+j7{|VS{JeRGNVqo4ciajo}nCm4;Lpj;K!>?
z!vJU%Wf-c3pkCKWnbBwErl~1w;sUr}*%tlcR6iA$UL}?dvPaMzC=+nGx(om{)gBx$
zx{XL|^nd1D2+Jh!62a`!kBlM&lwXtFQ%!NLN-lovYZmeZHS(};xAv|F2#yRf^%4_Z
z&VJ?pX@H;jGT6i;wUmb@*`08T7SiCBRJYLddnc(eh&<c>Zh5vui8ffg9=UM&+O>Bp
zj1=wMdnbl_EQ~yrNe6B;e|*-u$Zo2Tew_b|DBbkr>q5_}vrt9<Uj=F4lxGASoVl=z
z`%^)4e16M}>E&%>vcz^D_zulFF+NQJ36qknUi~XRgYlB8n*bu4TVef?q~j#9EoE{Q
zHR!(iWToTZ*(b+6YUH-!Qy+xh0o_g81qRPDgT8sdKE9RXO8w(i?ih*x{2MR7^KlhL
zVunjXILUN~=V%Nal5}$Qjc(q-&|*#1lFvbbT{U<gHXoz$g^d}0OfQU=KyLt!ovx>`
z{G~f*)_(}7=e0FR3R8CtpDpr@T1=Tu5I|Z1^D8Ta=k%bH>Q#l#=DSG0GM^3HiHgOA
zb?5v2lNw-BS!6;Aiz9$8WhA&-K}ycTOmy&|oj#XJH7NLtT9mb!$49snbI*^_*%iAm
zdXF7h0Os8a+Y2T-={)azu0{}xSR($5EM1c0!$4Zhdp*XE$E4lOEYvY^hnSAro9<j&
z;qK_<E?7BS_lVPs3QmZ5pMjIMM!TnyJMCJfG-x$YfT{hPjMCIaCw8GQ^x}{FDXvNA
zdj|M}2kIW&-J)`90%9cYYp>uHoJ=#^1`922A1t%^fyKE9Z9~HWp#sOiQo)EHQFg%4
zx$TM0-FnOqy?}t>epK**)#-N*tDC$r(Y7o|iKbiO<N@crXh$$cx!`nU-f{I+Nnv}&
zbMpLr4WpgDx_Zl>!#hGp92y2~1LwEO7n5GV{WCPDR&F9%*4wOkl$dSkHb9ap)ph}M
z9E1XoGq>WA@7Kz!ue#CdV{m3=#Nk)hxWC~Gbsc~`(v8Z_=pcoITw%MV+O00=Iu5qy
zcs5s=6Z(i2MwZ7$=0asfW>@Q7R8iC7=7qFpdNWHxV{3uhl~uO`oBeR;<hOi1Yxxj+
zBZ!CVwA6->2G`F|AGH&*;j9gai(1pP)+ile7Rt(2Lr9EGSQ4XQ3T%x#`SGM~W8cN<
z<F{}`co<ECck(n}q&SO?jF^IZw`zg%qOHR)w#$5x?Fi$q#8nxT=Cs|<N03|IA!7I`
zonI>BDG*N`Tk!joas@IxlMdqZ!g9D@AtnWh*1PdJzJfwpL-!(it$`uMoQ08joT7nV
z{2>tiWpf;GzK%JxHphP{KkSmc92Q&AT-4a8D<rr?2=k*m>3YD+YybduFKP}zumzRm
z-Ae7}&F9jqj-0HTC8GXNDu!9@;eX`!ws`uT;#BxOJc^z$Pem)<(;gI7^Sz<Mg%WPF
ztZf$JJYcl6UYy)CzQoLkJI{arMxH;!HF1fxF{&HZ?OUOQU-sNP0!1^ww3zls!j6V&
z@ZO(qUxAe-y%oli5B$xy1igH{K}|eAY4Wl@_q3UK)DJlvrYeCP6RO;@ow?3aZd8^Q
zs)DIHtHKTZb2GYS;=;|<tV9S)cUVSL<IT&Z+P-ay&zK2f{#DC5NNL;M5f!?Pd(7XU
z!>U-NyYQ)nt8hoC5j31u?7SP+qAfWUczf7Moy>V%??ne(+^v?Jwpne3W1bGmQ>X~`
z=sgC1)b_&?D|FKKqxcrgZNJv)e7Rj>=w))?vIA+oo?xHg>5a)!>RP~OT!#Fq>N>%!
zr2?OPSK{l3p;_tidb<19lfuybOee*3wtkGf`3kK~*HPw+1do#iSerR!jb|JCH47Pu
zKI}g4525U@I_3}PmJRptgR9HCMWBo(KUn_ncZOl7+Qyfguc&!p?5W>LZreMgdBSB#
zg8$bGpqPbdujIhSrM?$IYM<SOosnO5h{oc5O^knFf{R#<bA`7G1;@ir`2ruAvZE4?
zs_lZ=9c`3Btgl^ZqOllc1{08vZ11nFPrBvO1F1AiH*P!**8QAmU6M3mH~)2RNXJ1A
z>@5Mgl_t&RF!{Z5_1@g?qeP?#`Z@!`0b2Y+1Vq<63J7jqdcvp_ni`WrCE~H|dW~Io
z>I#8vLf@vDHRIwKxL@{TWg6wis&MOPc*z5-DD;$+#9_ssMA<YXBm~xZ{LA8X>(k^i
z2Rv+r4M3{&S~_oL<o0L0Vg;^bw8Ne40`e7ja`zo5el{bqYnSv<rHGNs(!0}Ll)t?q
zU94~@Bb>(O2~q7PzLK$HnEQ3dQ~4px9OEJ+U*BReTlQ*Ni2r12x5Ok6C^Js7JXH^q
zCC0=qtfHV{@O<63L$E5$Z>oJ#M6G7#TNU(bvB3cX*V+8|%U(n4L;WwQQ!4@I9X(sU
z*^!@$l<`D%7yZj1-veD@wn-@V+8VD&L<CZCNzuu2MjZ%q>CFab816H8-LwNbE3IZr
zj)c^<uom0+!&>3EYX3*`o}{aRx$}g()o?qmeVtmXGaLL5#^um5q2;jOfwMgn_|7y<
zgvM2b_Rd5vib<R%nL;P1^l!62+7iuqf<Fh!ml^1wf{Z1Zl#nK3XqD{G3LMQA?a5;z
zi}yU3!^PI`s8UQC;3lx@hdpkhF<EKi?3s5^Q^WhN{w|k@Q1c;8|KZ|hxAZKRwnF_x
zD108AD7wLaC_?CU{&+RYqIdBx7bP9RaVhVyf$JUimsDJ{0&>VZ$7!nQ=;Tx}_Fp=F
z^6PQB=9jXa9bZDTxE(=9LvpNwTfx|A#_Zt_0=9+sGA10S-4lJ~$Ih_s0OBmeFG<cX
zWe9k^?S+A^9w%JbOCE~`k0X4WIu_{2(YW4Q971Eo3fb9|-C<L9+B23KGr3;<3I>UW
zT}2i?jENSxMQSQ&tbK^21<}8tpJ0fi1TZti@iPKOrG|JYfpiB8=4{A1Nb-Y*LI2v{
zZ`@t3mnB1|!ud0i8mhi34kPh{c=G6D78UBVJHOZJG}Z@Gj*l|};S-+=GOZIoDV1%l
zJ^h!-bPhY89=kG4p;aFXSmuUUe`7)_1u(TkyiS}MH)k)lf>AVL8!^iRkJl;pDhLdI
zU(F||GG>*pWKi2JI?yu`a=ITroJs9n4n)x@kMsECffj1iY^I$~ltvy-dE5V`m8n^m
zbUpO5YIiwv8v=84V&2BFtyz6J;F@`S<u4V|zL{KZ_fHDmudz=G^qMSTSObro`(R5M
zur6GsBsYL>w3owjnUTUS#c|*$VyPoF>+1+T-4v&0)38{#w}4;jo-=?A3GchTyoiiD
z568#u{6I#`AGIA4QD8*DrR1>JG(F<&@7_lk4s`FYxxU~0+1nc2#iRD{P`2e<L2?W5
zm7JRLp)s42Duxp~38J18RE3LAC+Q<l(bCe>n7`s6(<F2J*q4oC$MEv&J-j#bU*_wP
z>q+P~|1)25vI+>NgMOFZ2j}qw&HcIUtS#vyM5JYNq-7usveT;PSOwEnue01r&Ke6r
zWm`Vx6Is57fSu7MJL%5^?n4mpX29LDI1=o!${<f-3WJ^HB>VH)+h@W^RNWZP-tIPh
zh2O4&;-k`pkxoIQ&wvMbQn}YxHKo_1ac;)K!AW$;>U~cyde>c}TElLk0sZo9LIy2p
z%^3;wx^}C7XZxr|tJHS(c)$uiWrO1Le4Xk?#=2|qB!emGlXTML+DwX*S-jW;<IYh*
znXWVVH<*qiQxj8Bq)4}0)s?<~38*p9t9v7K!@37S$m-zw`ar=2_wVLmMwJSGh{U3)
zGD9u4XsW-;<v1?L4XBi&hs82hYdRdh#YL<Rx}bc5BoajtWq)$A`a<+@m>#rQ-auH{
zS}{bI&*R5aqz51H?>09wPK`7x|DTY}cdHAk#oJVEbeeBAxqrMJ77wbQVf)iLYODU8
zhL^Vq)M~N9ip*xC$4&g5mtZG+*BvyDgl(72`YRIW*66<nv5SU)lPK0!HC^@HFS~Nl
zQ18p4ibB@0N(Kg>-Pilg$EzqwEkn-InjD(8WUmD0P1_h@VsHv7f3nYYheYLNh0~aR
z8OZ_6IT7f0Q^%h@b9|g>=;w01Pz8A1YGYW-F4dcGt7sA=`8!mkmz?aGMgQ2_saqc$
zT6utr{C&s&rWIcK<s(-k?SH?m5*@VzWe_(<>?I-Er}SSA&cko&p(Y@M0GHq$yac%9
zzv5AnB(%GFjztbR%M@csU7VsS=@zq`eG_q7^@#Jvf}!oby?&)%@u@~7+z*mu!-bJ|
z;1}g}m$;CI5b3b?^52`!0p{0UJ!Cx#i1!9bvV3=K)!1*}Kgp$(!9$4B!&RyMH1A{n
zcx^L?wtd~lRCLGJiqKo~KSkDw)1x9MxvNvx(70Nu2rEleh>Uo7iZ+3$^UW(M1mPn!
zQbDe<ZARz#T$8Lf+lPBnwzpMk?+6B*WM}PBrcV)f1(*i)bsvWikvjlV`IyUUCYs?m
z?k}wKO7l|7%F`5G<|hjPzfP}-V~z6~!=O@ENxiJwV~Yh33k&Y9JAxelW<n2GU*q3u
zd6s<M4hFUErdZ{4zFqVtQB^a)#tRZo<JeKNQh|9-EA{M7d7Y<zb!9ncfe2k4U;h<a
zJk5UMCJE5)3^@GmGu6!u)w%N=ucZZkz3e#>UUK~ROKG8s|JF#Url!*Gp%>k01IqvS
z6!ocWNj$6Xp|1{*nZ)`z%%;R1m}ClkmdoAumch{)L%d^xRcpn;E8SM-Etr+-zq)7_
ztp<5Xc6=ZFe*B#LOazKygDhvv02dgpBJ}Vt$fohsYafrze5qX8P1msez8CB4b1WMR
zX)iC`xLiHwqWz965xpy7R^@9@{yUbe4chNg%}cv}dunaNDNgbUCd;%!;5&NjI{n}>
zII$4Hx+y81rXj$av1$L_ps}Rudoop9V|th5G^&e>!+sat&SFR>bwDZYW?8&9B{|!<
z?Fp}VWrpHsa$wp)SDHftE6c_wCgUNDs6rfR!lrE_Q6dA8(gJ;1hFEHM`N0_d5i2x<
za~=kUG8{c`8|B~P2)OX-2$Kh$kNd#ud2aWb$BE9c7<}==lg(<--K>)6^PM=_OLOJ+
z69B4Li2rKRtY$dSuZAMD^N5%8j4ot-Tx$}BO8j&Ov&e_6cmVyHFP=I|=#S{$px4ub
zPSu9vdrp?}!T}}3c=juP!{Bq5Hm9wjRWu<PH2^h9{Gj3<I{)4ts8!=Jc67wFCXZ!d
zYA4s9h3feR7DR_e@+Ua^;<-Ze$a-Sw?Ny53B*z27?fkE4bNL_yXA{eRb|B{Qv6teh
z$#0kTozM@}{^*P_qpRe1O4My<!?XX)|12y6ui<swi<lPr+N^?n*kG6N60;-0%RcP?
z_WAgkcbJD^p+h-RD82i5eEk^JI=cKgC4d`@ifO-P{)H*B6NJx<Bmtyb%yq{F<fSp0
z`ZocCFY~m%R4>1yWqZxqk%1@qn&0%I1W)*KoO?RvoPWHAiy&TlsT7(}A!SAz_CrzZ
zN>X|_*INW{Q*;8Y6iUb0T<uQaggG(fSM-B%<-U;&|LVDn33IZs#m;Aqbf7QZ0a4|k
zeV-d-G~V0UVW)4IL^|Pqw<(OvEM$KnA^>DDlpp$aS}E)Q^!X&yx50AkI;#2YWHous
z!%I&JZ*ZhaQvY^zBqJfS(8lxO*NaKqDXM@gJ^fMQ@M=Xo+|wo6>Smj<sEvQGcTLy#
z`@Wq?@13feAESpoZ$G;|v+7mzCzwAlC<GaCHuP8$`8caQXMSnWsxI#t4*w`WaV8En
z6?%QS!r>RXxri`p7IvQ-N|cHfaC)A`e6=<GSN%;_PydyHGrsZa@<J&b$dZI096iAl
z=FJB}sOM^>{cmQg#8CCeKBRKWnp}jZNn+ti;`bl*TRM~e+I024aVIO~tt=wWn21dM
z!R-NBemlEWnq^sP2DKV8eklpIYS+&@?XKv|ie$_6=(N@E0@bz3Stf1sa-^()guZEV
zwaHN}G%J$X*d|{H4K)jLM@Joz1TRJ##Z_!M_fO`P&*EFL90QPV!qdZ7+h1Cpy$0g`
z=B6Zd*4k>Q9U;Vq03tN31|K&{d)AIeT*wa=&03H)2HC|_5)6(Gx3x7?BbSu#)HITi
z-#%nCT<yAy51{UNy?&1r9^FAd<$SyW9ypX$W!{`#@A<qwca|mo{Fy<#y<Lz1N}4Z}
zlPnvRqui1b*>wIq92ye#f2jHg_B@{Ve;kf&+qP}Hv2CMC!^XC4yRn<bPGj3v!-oBD
z-rvvfIPUuaTzl>A%$_snyp)|1vyXrf`XS&jK7GU-VpaE}s`Kfb@~v2mfVXHTO%|OR
z8PEDW9&B3OXCGBYZ+AQHk#cSCEzF#eVTurcVc@g73dc4!z1yW^5%x2o6R6n3Ufv&-
z+j|@8-XE#om$J4ZsmaYmD5=l&4w9f|BzPrT_`4<=hX+Qua2?!Qh<=q_aa(_gFZf+W
z-7_oR=181Nh^?fbqw@TuGM@IbOVZ>|8C%y|SCCbm0V?Z~WC>^2oKHlD^q;Tteut`L
z+Fqi)*!k?xhoX&bOWc#swl3Z1Om@ohLskbCe0FK)7RHDdnv#{N>z#cz>U9)hc684U
zj<(KAOxOnll(r7|%grV&YFWkKRo?tjz8d}}ev?tDWVvVxLlok!E=={KtUV<6Y0S>$
z+^zszMSc$(sgBw4y59Y)xd}`j{^#ZTXMz$_e&P6Qs*02S+U@B-pX&j^;ma*8C-sQ6
z;yKj|fjqy+N($WzEkF9}?OzyDF1c$CGUeD$d59OMFm8~%C#N_M%CDqLFSWEE<9!2X
zF8<gI?X9rb4073`9!mKOCP<y5BX{513#cjGjVRXcE)x~p#_+hLDcunVu<%Ll?N=<s
z{m7D4VW1mGoR(F*&=T#@Bw@pzv1uR&dq}X7uy{Gkf1(dj+obm=Y{3%V$BJtWPThh{
zB#?^J(bM1iB;=+>&FQsJiWO)iClwn0lfuiaaki7A0GkYtQIBSR(Ih4%0-Y{3bze{T
zAU@#u2WEM}GwrygK8+t9mz<Bw$JP`kUXF<XmR{JpNT~#M-4@!0j5<JTV~vpRl*C@!
zwnTG_=x&BLkt2t_hBqw_Z6Sn4x;ym+IxHuO5j8__h%|g=z?wdK51wPJynvwGvU+|L
zrB2RP-b_sveduh1gX6B%BzT#dt4H6^LrrBd>ZNS1?8x6<+y6ZRlyQwrC_OX}Zs&gu
zpNcu{I}WxfO5ae(dVpaNa5{Xdo$#6Y>9Ov>J<7Vy=W;|SomM1xG#rKlDm3hf^mktc
zgCmr4!cBW}7-5BlLCz}n4t<U1YVCj~5qgeEZ#sFeOW=3-u+8JXB&UiP6+t6RNjp<s
zGmM*t25tu7jf13_D_Oik_nVepW<r7+8Dhu))dMJlp9~p#41Kj*1(7a}Sdo4<s?Jfl
zs!Dez%U=$-*`?H;9WLt`<K92QVayS-3w)NSDOv=(or*slu|Vmk9D+iys(qqdc}eNF
z@u-ErOYuz=`sTJ(<yy&CTlCybe(ctSDHf3iS(!E8a;NcS9bOd(<Ej(7|N5~ZKq`Hj
zU!K;Q8>B$pX3_-h4|C&RYu9kn-$DuR?)+klxOE#<g6@8{Netq?%DgVCtZ7sNr`J`@
z#fy9rOYJJf5B>N}ins9YHN4!C*QYucV5)O!?7q;cQ@As|w|)!;(&~I)=oEIygtX@y
z=6SJKb`k|n3)~pS0I4!z5~4u@v$DFn`lyNFSR=I3L>X?=APja1Wi{vJk)?m@f`zj&
z6w=oiS++!yo{Vuc5fo`;%FH15gcgiZrWk@e#kqRo-;<Lw2kAm?YB0Vx7^_YDWjsWe
zCpO8Voy8z{*(f~5VV!-X_yx!D899L`OFMsxXMAn*j(_N@M!&^kfDy7o+n2^9-D=Ir
zt+`|jG(W>=K+#dqVx*jRa}aUbxI}vK(BYR#S={B%wKJw6fH{eI*Os2=C~%IRzZ+Mj
zE5qAFWuNvWTAa#cFhtA6Hs3a08;PP1F@Oq{KRS6=^ZhieRiyX$`ft*kiY}`EEW<W8
z8%g4U^kFxKFWiYWEdJs+B#LBuiaA=$A208ZsKehyTT18e|4<IUdC1<)W1iiny~X&x
zT5i<0obKzEI!gVxv#D)r?(1-qKiS%yv?qVj8(&rtAYSc~JK<9=w42ZE%PgFS?j7%t
zs#Vp%o~k(hEzQWn*fvJ17TCna?~j+r%Q!-7<4(j7EpwHaJX=6n$*K|xv;G2Z%=%Xv
z<O^uN^`*;#n#B^T^#a9AcO0AMki9|q=dxEWy6!mS=FT$|z4$zH)-1#{3%9%V(~G@&
zA;HP|9w51Y+N(f0tvOt%GGRoWpfzk_eTxFqrt*z-<6e>F8cMWaD1VRs(@C!^JesU{
z8@k_^%LSU1!#O4ETvK@muM78QX(TooE2$j=jgZHAM&uins5D=z=pAxwK?pc&akta9
zUl5vziGzJAOVaSXAG|E9u<$J?QgQ1$Q6q_*NZxnZp@fY;@=Fz52eT9sGNPh^9SBz@
zTR@y|epbm3QCq?_14DDstqhW!w>^sB19;&co__}s%BWY-F-K8ZxRM!xXH44Lnz0gX
z<eU0rieZ)(hr#=<2O#CsX}8{?73^&E94$^gw^)y*VAYGaEqst2R4H1g=3swMa&E@J
ztMV(Yzqio++;2<7TBAPDXKVH^O>QXp^)jz3*~lH{db|+!gIRN%Ix8#r&)ehsl(yEp
z<F|Qni{0Q?3*vd<#z~v;Xf;Wi#m;)yRp5+`-(o3lwQwI=6>+7cKd3|Q2j4>5Mk4R`
zzwLoj9^=(QRW>h;TfCl%@*aWOCYmP~qUPb=<?S6WX6Ij|+pq(E!)Q2X(V<(ufM&Ha
zwTlSDu#fvlgd-F0!pgeILMQ3gWylmFet`pc?8!mZ@}Z{}&dn$l;Ec)5K->f7ugVV~
zr@RCDv{J47s%_ivA3!oD@;)g9PPdeDc>Vxj96qa9iwGXI3nC{*s6kdZ1^R#(!Z0On
zUH4vzowc3Mw{H$_+U;xl@0YsZ>#13jb;_djCyLKs?<~2Jo8ievaD}XQs>+m2xT05W
z(Ie){+Eov@(JG*xmriMJ9S)00nnS-RrMYVN2-Rs+#gb4XjaDLCoOj5>mneEeb1nZa
zoaB?<M&xgcAz0xqeraI)T}Ei7?>;P8425w&w$~kaq+BAPZJ*ath_?p+?^n082oL#d
zT4H8+Ekm_El2K=+yY2P{=~=z7MgimDVv>C{^8oCkNotaW;p|D6vU_()k?Yg43ivhC
z53lCtA9Bn~G@>KCjw1Q=x35T}mL^-J+e`VaXTkkS#Tc|Htq0s(+}H>NqiI|kB1;bP
zFm9aLt7-KPPKJe}H)dF!1$fSt_>S$n0P+>5F&^;S4!z!4lcQ($(}k$(cAUQF-}^PZ
z)ge}V)ojAT1uqvVzA5Sn6GX+>W~$pudDl8q*Y{r^!s4$Ie6E~lclkvMGXbMwt#GsO
zsr~)rlOo5z$HB!>zF!dwF6`(?$1HggvD4TMkvzQMc~*7d`OEEO_4oDQqZ%4+D<|aY
z^y;xPh}mUUOCkM=>fT!WcNE|!XE@7s6=u8}?LO;Mt!^WEkgC-M*%j04bf70thys84
z_B5JN2od$Ogz|xudHwkzLZ~U6{~Rxii;Kf#`lM!(KyhbrDZRoEb9pI0&XGA^3t)v!
zc+!f#b}4?=j2Eo71pA9%sm}n1=!yD{XdE9v*h)oxLEQnE+9L5DBmhkk3U*R#vb1`d
z6@E$$^*bsH{c4)|E5?!w`xoECIK9Vd>r>E$U;2`u7UIEWU%plvB1at8d@tWa|2q8e
zyNu^dhVsX`?whoQdF*(sI`VszWsIVMU3}3~Zj?XXiGN4s>0h-k(V%Nk_kN#k@jP3Y
z#?H<lFgAt%UY2`aaBSNn5_j(-yRJIV0hxD*-hRQFJLP(SnIKl+R!DDXljWxO0OH*%
zf7ij`9OjHu0>4g%z0OfesoW6Pf`8RWgm;aAHmw3g6Ac3vv27xl_%dbm7oW3%q^!;-
zJG_5fcA8FS?)HXYWWd`HDd-eM2#Yo2+35UsKAuWH1cq~`W0lJZXpb@J0SleiONiSj
zBKc)$0vCw$RVSdM{Zut28Tma^;>+NO7B0UPK~sZQ!K@fXi)4|D#A3obbU)D2x>s*|
zZTqI@_<xA=V;xyp*^O6VLt~0ZkyLy~ohlJ45m$zgOO~HDz_dL)Wn>g;{ji2un>TFb
z;K;el=LEvu8n*5=BW-b)AU_ZBjd{N1WBm4+Es~`2<%%T$P=g%4PiF}^5{m4*JfMX5
ztpQ<`fDJj|a5x+U3EvLMOq~<zoDp^NZK)}i=)3`@L>TB%p&5$Vrv#d;=gY1Q{GP$P
zE;)V~<)NIV$+jFVZ;43ulIw+cx7GX{-rPga+*o@_u=UkeF?d?%#J~FW?yhUy+iE}L
zjSF1oDFBR-iHS=yj#xNv{>6B@#!#MwJTQkP7Mjg>l63@TOscH8Ic0!{GDk1L-Y=F8
z_<wB(Z$vQc>AYNF(?JVtgJ!LsPT#vmkF#uUhHPnV+#jJ1EkU&zEru0T`zrAadhlqr
z%Mxz5>*ME}Xo(iS(ebs&foI^<M_Ak(KPrAaSCoA;Rh@MazeQWDbeCl-l9B@rIEb#6
zbmHA#ibZ^<pNVEt3#+5Cx2LR_lkK!|f)s#?vP9<V0n9ndjZ-^kw!*=t^jqQ(Eb3Wz
zPY$`#)>zGVyY44Tj!oC$bI{2r&#it`ZdK}FJ%w5<lkr5{;vD_4#D>RA1$_kEi7z~V
z20!r>pd7#7EgLzlHN&p#%dLq-2S^qqqZm_0Lr;8HxdQBIeP8<FecdBx3R6>4XJt-j
zPL=@3yd&B8i(U(GyAHF>IITdI&-`16v%tT%JNut`Y!*?xbUqJfi)|ZU;RP%=JHG+e
zd+f6zS>#a5gQDX$lQgSRx@@@V*JrpzmI<<}!E}8Iju`1dd5?B7q_bDC{lVCRqzLTu
z@=IuH?!8mTXo2~wdt9o4$wP7nxU>G12DY>7#1koTv|W$q3eboKnaq~bUlC;e{6uZv
z6`Th<*^K&XZOacn`Do9F>BZ)c7pu2Ns{EMlQf_z=MCtgRA|l(?a7FBMjeK3Gz%tc^
z`c@!|jfDlgj6firIT6Nw6gXo;Rx~$^{tkHHPnP~6@H$B3FxXvs6XSE~wm)Fcyu?HH
zCCgv2x3xW>U#`d9qEY191n!<|=qj~*Z`X6FD85aFd8f=We$pXg;;ZMloT~iVa3e5%
z7{CbQK+IUbJS)qG4;Mlb{@A8dK!;G(iIqp6Z=+@Zo3%fh_%aXK*C^<Iu>vqi(lt;_
zD4MPIgJ|nju>z4q0#qRUV#t0~ru1hKq-w^@5E1oPpffU#T?GU+&@q5@V}s5+mAD%9
zWnpiU3+7xLUv!r?)E-YJUF4~Nudv>}oYx`ab1_78e3m4@?u9wz_e=gg=jp~i#8`Uj
zsSXUw!l{Y`qF2JjqgKzx29okz6HD`wE^yo3$e^eAUiH#-E2O?=*TEIb2Q;V0o845$
zf=uK<9=i5V&p*KJJ^`*_&Ny7z^@2JDwQ=~|R~5x^eDC-3UIQ`v(w?fw(`nN)_WX4M
z-o_2-o1q|G6*{#hBqkn;wsmw_n6zVJN=lA!6T6$KzS%z{d&!JZBceg}8!s>m#m#o&
z=*_@=pg%v`n6D`sy@BA+Q~w>uPZ<+1Q@Msg5oBqOo4GxH+Z~y8OlLOwcvv<fcJ2jD
zz=s_Sw)<ymI^A2{lIqL}L!6tnMNH7KJfobSih2JHeUxk+@T+|W6}*V?Ko@$1dmUK!
zLp0^SMlFKtDWTC!<WDwxOYww*M3kdRM<^<MKc{bL;p|UR)3lJ`S}m-vA2*-h9zZ}(
ziBOu$!)6*I@pz^baKD2cqJx>qqM3Ot0n5M<p<CIR6{pKX$(N_g7C<TZWs+KMUaFal
z68^1|o&v5CRy|&V>u*WM8smlA@<34$*}X9uOAyGEnOB1P$)QAy2DktQ0WTRTt<agc
z{f~8ZcoLdEbz2y3=MZCj_aYXVj#r96I-Sj4nfqe3g*jcp(*5E=SNPCQ3Vaq!ht<`C
zPGX{X?Hl>CnBIs)Dy)y4%Zb4=6y)Ld%dzny67}jo%^M^(i_6KJi;MUsBII_e?4Yqh
zENyG|C=)4E{SxIPy)3g|0#)DF)Y0fgC}$VJZx-p}Hz9p$Ot?zeQDFG2ze%lWT4lpH
z+v7$r0k+kLFsN~VaXD=lNW%%l$kS1SxR5W8u7IR++}IN&XN1d~>i5TWr#lT9!}Ju^
zJep>6zEF(e4z5@QSI{uNGO|v+82cN{V0k$?+zwo|U<AMW1rT{7Mi<^Th>}fQY1pa_
zQX>CX&Iqxn3{<T*b?_Xa>vl@cGlX(1)xEJaPAuD~N*n>Z;Rc9i%2*JgX4W+mJ!yv$
zB|7PtRS?Q>J=MESW#{N}5dw9v^4lCJ8I4FX6gW1V*Ag+``RS|${Cpw`*&*i<5RtDU
z<u7X~OcoZY{LB*4m`;0pq}fE-l?`BEIg@7M32w=$eWRV7qr2~esZG9rOBYd)R*5*Q
zN$#>r7K+riQYk$S)ZL<>6wA*>cM3#<lT6JxG8-G`wAlktb4z5z%Zy?%t=U6fM6~v~
z(0V5QS&3RWCb?4EAqz|;I5v^mGK`#M`;zQ*L-cqejL!19G8Af(lF(iT7PO01l4_tk
zVRv|FEg}t#>NGj5BY*1Wr3hLVPgnl<LDpGOgzE?x_|TN2d9TTk1rM<Z;yU7TLVUlM
zXUK9_J<4oWX5z?g%@HHT6I_}nN2#aa_l=H3uVeo8*YpLZEfOK^7@#E7`909%(Y;C$
z`CPF6ZPV-hTj=XX(`@o=K@gMzO`0Mletn~^sYx*^lOdGy4PuE34Tb{sqEJY7FeZws
zy6^r$1v0V6nN7-jc!z06Bd=sLy`H#=hEz7utPSdo<r{3`EDeu@SPd&kR(~BonS>ld
zuzDY_H3pRm>QT~(sBV-K9l{;mYe|r6lL(Vyl&HY%Ps#O~M)8I$?HkEPl5~W1qKa=~
z<6(}KunIq9vd}Q1z&8*2@SE^N*dL*vQqt3hFr^qTScHXzWxR$Kdu_>FzA36{n=sy4
z*@o8SQb(XsYr77OcJjAXzE+g7N=YsbG*<|pY|qUlK@^#+@pQOrT|gu;_ANkL?pPv$
zNV{qIDTK}x&-gbKNE&qcs@rtGsnByu7=lXBYv_iDoOap>fkROU?j}OT(Xr8wC$puE
zgJ4+VLJkB#TG6?xu9=1c#*sZ$VcJQA(O;P10s8N`1xksPyYY&BZCpz%FCTICjt4-U
z{+>al*&8AQ9%jNm2#3Fe)s37Rnz(8yzyMlx8fFz>rC(WFdxyZ~!b(c^CXz;d+OCse
zmI@gX%i`y6yk6H=Vj*yYlS<#MHUwcCuS-iR`9!j&TQFb8A~H-d=?b2z-XE4;KuSv)
zwoud;(@qg9+xUyg(wHKtY$v9ke`dsZTb<0#Mk2k@xqPpf{Sgb*roZteBGhqx#{S?>
zmmW87Y@?U^nwyI7bzU7728J=drLndoB)Y*=hLfpFZkSmC%P{mG<#in%idS=JqG1Hy
zPO@sti3-Fb2wYVw$>gwL@zhE!WB8V&5eZKj`u1FrTHGqOz>g42J6bAQ$iHn~FBmg2
z>Dn;zCCJkFyqLGr+mIQ3TB?=!8Kel=Hu%nk^QlpusR;Er3Z@WzYym0^x<R&gdjCGa
zDGcDSSq`!69yjD3K_k}X<g#;$a3P$p^jzLYmC<`O<CCjSSvQl?rWozRi1C~DZEuh<
zD7~S6q(Il1eb`=ZHcJ*n^KCc(_V>n<V*j-lMgQI2=YCci*gi-TgF4RE&Tzu~E;8AN
z*?`J!MlqFA`?7WV9k;?cC`LGAa0ryP2aG(ggr+8HTL_T|9v6NUiln>eHSHjpZty1=
zEqt*YMeuBO%Ezq){u-#dtV2nhV$`e>m{~Nl<_aMg0|r*S$8!XFT1Jp~VOKjYTO|k-
zWfL7iynp+m^joB=Xe~dccA1Zkx>eO>-&QUWtc}p60b*)zMTsd03tC4En|*k@`p*gl
z>W{-+*&6o*D+>&c0!0+~VCR|=e;GqVBW`|a#xV``5E5~T5bq%8UVAVYyWWN|)G3Lq
z+5<Ou5U7BV!Kfib6D(33wcT(8TvLWVr86`o_NFvk6@AKvz{!HKmdbo<Gh%p7Ecd8-
zAADJR{Vy;rN)@E&2#t|+@gQl%D2Ew%IbA*}5Ir%Pu$biBZHpfSxAI&Q6PdYHghr{U
z0R3Wc3L1<OGJtIro}xBXgoMvX)rYr!FolXp%#&zCDG9NkB9yE1WG75#j3_Fgt@L5W
z{+_LAHN4w)kuG0h){M#3cZ2l@g+m4@qO8kbm#YS0$C@qd(E!wRt5KGDS5_1AD0#3V
zakc}tjy)=}gJ5K^eJCUX41NUYI{X@8S;gSHOj0^ex5N_biq5@}4D*K!F>X0!%uV_t
z!(#J{eUs*zOBeXy7K(c<#&;+MCQ-UZt&p}X4BiAn@+4GM)_X0nptr0b_hU$56x7Wc
z;(-oDaPA~3$Al0*+2NH0v8|z!c7iNfOE;T2{&yKha*R$^je5kQaD~j!vyb<ES6@7_
z4cUkuKh447-yM=DdDPe(H)+a7#4Tc$<O>c7G3(90nG#bbMwcP36%BkWwo`Pgo;J!z
zU{d-e*({PxXYVL5d}KT3jbX9z!5+aIywO5W*80_rE@kbe;e5&7xdb**>giWcHOa>F
zfWB_n0ZVX56q<1GBjMlMv2aeB!>~%??v)T=WC1X1W~{$;X<S>}9cBS*aC}^9*F7$q
zXMMq*VVf&;1L8~R(|y1yyz`DrCs8t)QNZ<$Xpv$>KnmsJqcHL}wPB2}pn7PC1%a~G
zGhvk;tUB98jP-_+Fw=gx7wz<>2XPU7$<f(ShQ^xNv$B%Oo1<5R3twf6986D8NiZW&
z??AD1W&?B~I7a1A)+i=LZs~{RJ2!@+c2-r+_(mJv({oI5dffOMXR^h%d?yQC!EtqF
zC}D}m+S_PcSVB}>#$nuxM6<DJb9c(nwC<Z!1{FN_%2r4N4|MM-QZ39VQu`JN+5}Y`
zs_Hj(a}T&5m4guU8Y)M%sY0Wj^)pwrF98t1y4d%{Sa(Jm7jzy{50BO%@Hp185rgFi
z=6NB^VC9A&2X*(@MJl~k*2RrtCUEE&4^{a@vgAUy4TP!rxIUc}$A1hEfAsDPcS40}
z5D<ky<C2oB&MCrlmjT>fXS*6j@pzEbu&`2lv`y|(g<mvRj$?$y5i#>MTSEry@EM#$
zRd}yzGvdFOc`A}GB#<}65Q=$s4gkWf{{5sxCKW0;9xgYgtddNtvKLDrT=9GfnsN^+
zd0{7?<k1XCWKl9K_#jgGEA&<C1x_T@U|HFZ^Mln{JA^bw#ILjn>l<ex@s&9Jv0%1P
z1cn{xVAw2C@!A-+EnKJMODb)uCj*rUD&$_vEFbhG8XAdhT*+c=Eea;_vO_7xHFT~M
zFeBq`_7SWI35sWg84xc9K9Wg13iaR)^;MlXpj`$f(V)mF1kJsppPiM!Xt2pZhD|<$
zZWr+nV8h@Q(~fX};Iu(WmP?Do7Fg`Ghpo}<pkgf`)$?%A2BC@*%#Q^+ny=2DVKhFR
zaay#J7DR*-kC3duZJrQ^SJnzKN>*`!lh_p&J<t;jj+PxoB(a!>es3IL&CV}noy{?_
z^AcOKRNSg5e_Wu~;a!0^dW0Q+pyCa}6qyR<CZVu2JMC=WLuxBgK4J38Oy6~3w>K-=
z3@xYWf`4mIjuyEih>zkjTA6JkUg4P)n0VhzJ1OgyNk`uab;gAf>7f@7R=LpWInGDL
z(5X0a{ToZIoi_ObLry|Ufo*k{BAc#?A6Lqp5BkBr%B-MScMd=BM}}89H`uA;CaN?+
zUq!(D7p`oegsxr#)($Jb`8?d33@FGs47{;ydf)n~ajZi%Mr+-s>s#u4VIZvVFXgHI
z>|w$!0~0ZqFrav6<!c@Nr79k?Kq?y$xfsIwN=v@Yq*$w!i0!i_aS;CXP_@i%KN$h2
zV!Z7M>NCj42i&&7-r5AjzXl7%mO7YUT9hbb{c0!;Cd0<jnanz@$v#sN<h^i{DHz=!
z@o`9HUmQp71oD<-zN(fvSfV>;AV?hZ+6J=?t`Vkp^{$i=wFN|Oec+vIt_S+5q0I0T
z`E)Yrq2aQbSLhFRuahmC{2IL&O<41cB4;zONMh?NS==p+6kBF%-Im7O6Ezv|ru*a$
z_>8e4u+*^0&Hlw@!?kN$cjPzYc<0Z>sKrM1aEWPY><kkK{2SRH?BnQS<Bd|>=M5ag
zs1lE=H<~wyI|s;*Rlq(M|0*p*M-=l{yk9tD<jhxzT>@Q9b0DRmP;QP4$JBHrC9#}W
zNK&MCr0e%p{JH|d#v!hgOdd6+D}r1a8T{`QTK&w9kVO)pz~RX>bn-Qtg%AZ}td^Lt
z;j^Ts3~@X-4HYJbvbL1`#-k=QKtUW<8W$Ay$4P*SJY+UYN~1eq-eC0jHciaioUJQL
z8P7@XXk4Q$9V#JOoYz{#<@jFa%wLkRk>&eVwtRLoN5S8@T9wxkJ^MIT*S)w3196tY
zw+>Ui4IKzjV-l9<O1lbO_OO`rtq%YPRl`Mjn<T}yP;rsb`w&?4Dc)lOCfE|$JG)L~
z^i6M7agbhsmv7o)6s&Ui=cKA=viPJc?4%trf=Roo>4&NkA>|G@e!*O4D)l)vAD6Ob
zmhM;?EvFjhfHl(JOpIRr-96f5dk;E3-iM^p!r79beD)p+%rP-rafXHx=LXHM5Tj7&
zij9lQYohVI;3upTj?@8C9X;XwXg+U4d~ZzFGD@=q^{(>|YPewf90^FQkxE+kAYd&t
z1(bwIZqAeo5WHZau6teY%J6s*pu{t7X7LQV*#xLEyW^#zD;t*-@e?c>rTq0AV@l!o
zvAHQO)vb3Z*2_3cUY0t)p+Mu%SwFO=KYfDnX-Msl@;L3V1b^`q>bsFe9yoYr!vvI!
z&OFcAw9*pO&-fuW@ClN#v7L_Kj0v`rNQc?6QIyxijPu1#LPgp^sl<DUGU3LGtaKlw
z>2?o65l}U}&^sYEO0Hmlru8=0XT~fq(0E6&W9TylzjdnZij!u<>bCXikN>q5n#;r+
zlR}0Jk(G+)Cv`iUY&4S?+d-I3pCIWe5PeVVjJ*vY=>C0#vKfFs7(!v*EBeCD<qyrR
zfo9A|<|ubS>Dc~-<Q&HhY7MPtdQW6cmEI%2BzQY2$=;&y%b4mtiHIazMJAm1FO;(W
zVlGb!#xdiPq+-o%a0p6+)989hj$mgIpEc$(deuRe`rGdZ5mO<{#i}x)_Tv!oAJ7G=
zGseaD$`GADt{#;Gynn3TdpBF<c#cN+>|A#|pGi%CDzk({?3~0MvbD?V24)?X)by1|
zdQ2;0*agHW{3OIraK{Nn06)rhw%1n*bQHS|$!}mLTVhF0=m}@Vhqg#eevsg?a5w;S
zm=$a{e4$5&Wj6?_hO~mc(ua_zWTS_lg4vYac~a(hGDJ-@zeyt`|C$Ll21V~H7QvSK
zf?f{?iubOdPo?M^P`RUk8sRYZF=r^Sy6fO{5|>~<m5fw@f?$ExKO5`&%GD8_{qs%{
z_X$1`^jnfgR`%rlC@r60iV8=u!^zC(uj7C$ez};V;815BKIjjZM!5@Y;?QMN;g-<>
z2J}o(3>kN~@p7efkNr%Vv=DeXJdTG<*}cwck7gpWY9S!#{bNnQqZC^;vDDAg@zt;s
z5gf5ohnEr-IdidTqa<CcJ{)e+6`O%98#Ft$F7wec{u2@=Qd1wpgR?5CE=n&9FG`eu
z3KtIbqh2lXsTRPI^Z2s-+fyN59%dzo-3%vKEqkTaD7de+u`!4>fCzui5(=|pA^?(H
z*4>;fOYQEY6t6`k18+oRjtV1E)udax5glS$LQa8)r+ur?9w<FvA|*Q5@Rqha3ab|@
z>M@|6GLWFlV6HiY4UW$ee)lW__*gJPM6zNPXjCkR7dVK0f;q#NUf}p>2n_``qczO!
zRqaWorIZSEqo^bz9wCh|!KQcO3>Yq{C^Dj>RqUD$o1K^+63G(T?FY0v6olH9es4vO
zgIek-;zKN$zxyXkMy*pLYtDk4V@&ACj-O1BJ#W=Vem}O_uNLWvVhf&?__O@XKh=?y
zg|#S@m;P41KuHT9r8o8K0xW_879n_PA_PLjy0z@E%pRODi@~f|z|%mHmlvP4_Vciy
zHmaCB)?~$aC`c*lDsL*fHMX1_edW<j_TNNr<uZl(KRcEHQ@oz|@^`$A@!w1^9wcVG
z;=g?Ux@}(y^pK8R>I|pNMi@<74_er!1%ta-)MjalxZa!;8nEb~>3#v1WhC{Wqlp35
ze~ZxZa=#iPodSc26p)^gHJS!BejPQ#)TbTvn?@sHZK{!k>g1n8lGr?pn8WQ(k`zgA
z;>GiqKQuUAT1$SF$jHv}6-gsD3RfM@_WUp<k#m4uNZWKrfoDH)8WM9C&UO;%9O_*D
z^7~@jA0(N$QkcN}N@zkKtZPopvnQbJJd6%rjbLsgQ<IhTM*WtlK0%Jnd^BMtdEr#b
z+VtLu!P!{Kc>ss-9<4pgNe#{*0Ww?S<&)3)k|G&R31BO?D-CA2iVp+rwrk~vD5{ge
zagkwB(7FYyh6fb(Vkda*q3Du;tr!0UIK*6)4ts*0gp+KU)+^X!0O$~cdVnkj6d-Fv
z5$@)~N`VAsBhEk^lH_A?%7pf4`yykh0%K|>6fQ^Vj5g+sc&IdNZxq_@uR+Du427@S
zV(23D1Y~KcWK@AFSb1b)NI7!m-5VL{HPChzwYq8F%!-4vFK~7@rdGNf!kVG2JYnNK
z1Y||(bRt8toH@SvSnC@anzsed##?F<sA(Tjz#Wz<eiME|K0G>N(I~L#qMoMe;1WDY
z+$2dsni8KMQXkdHmXi=k4_a^4{G))2`=xq4k~twA+VNH;G-FTM>D-h;gQg)4>6dtv
zIzCJJ6U%0$l6dXk{`%xg*`y%~6~7RxdBWN0`H`YDlqekO2yLAD>{4{`cqu*74HYb^
z#*MIY{Lk%$UL=i=CE)Di`{Jfc)s1}I%2ryY2lNHeO3>2cm`RA_eZk2hew&Q>+HP>8
zC^GpLZ>Jf@ajlX2#_t+sKZTRxlG@n@NMXmpJVm#Jd7pp-dlCErQg0e>hTY{84=oUM
zoI&xyx3@Qvqz1OxLK%k=OO7Z^7#!2Ifyy6*oOsX65O7R~`d#dcmUNJikdDs_Zz(*-
zUtR|-GO>=ycl_be!tT;#-O^w7p-g59`i$lC$!|X_spo9^O@@`3=1(fjWLtQOr3LC;
z=`sxQwBD)H@I$=~z9&cv?ND-J@w>Qnct2L};r<3qB{_=6gahC(RQ+t}q)DWODF+I+
zg=up=g4@d)r;=zv<2XqYfZ>E8-8ftjMHA%jlNAsM@1TyB1KUUbUK;{Y6DYyzBN_Ci
zc_UKSKVFLDVYgn|s;eA_Sr91~$qds$gCMuKff$rvm%~#a1Rfh3R4gL;rvwHl`m*<0
zFi7uSrxrM56#U9^+sFdfej|z`p?Hi6MDkinJiW+bDkX7Ql)C4Agi?sw5-v9>{t6_F
z=Zb82$;yY6)nvh9y@n7UBugLRzDiZHFkH9U98%4YnfVhJt7`e!K3MiO^@`U!RMzP^
z#bv;|Fgx^SZNp;8;zX_=ZvB%t>gOoin9QB-SP$RxBWR&myg7Ok4mxtwUj#zwD9+NU
zQHY2pHL<NzfguPG-U_5V5LND~d*Xl?XZ3wuhgdpV10aJFZ-|r7l{<3r@@&~AxB_mt
z#wT&cUTB>(Da=j02_%Lvh{Wrc$u$gq{7<Jn{N06z0d|CevOacFfENIxXr&l>6idgX
z);2uc3_~H(n_yOznXnHL<N#4DZR=^6=fS(7xye=E)W!$~;4xwWhBCymgXqRB!stSZ
z|H$=H&0#`Wp#`*2G~Db~Lc^v!Tjxc2TW$G1aVCD$4fiUnq*ye(4wegZSuU5-_yCjr
znRy~$gfCW3x-mg511{1_zp9R`sr9WOGH~QFHU_0u-T;ut(zw~31weF!C|LM8u(pD;
zns0-{C5TDEAF+BLZjVw<+!XAD((YXvL%C|BTT>55pqTQ_daYbQiaUqAVAfhh^}aXc
zfX!H+J}nQ%8VjFxiK8K*D%7rr)xEU*9p{k^vF!ZZ;<<5E)(YapY<K3Ct?j%3r{xI^
zdf<q=;60|pJzYkm#=Ba3rgKj3E`RE|sB)iV>CKcn56DK6pf-hbna9m>SmN@1>1$2$
zVXtm(@zA5aU3$Jq2sYBKZq~vI<U%QEV?9oufs|#YD0aqYy>y5cK>&t(L?p=)l*2R4
zb#9WzE>5z59wlKnHU$s_!L>W!VFelnia<Z&-wU+fonodIt+OQ#?*7`eELL0r2D<(~
zI1LLF04#gSW{N-0Km@DWO=AvEnt=x1aiu;`&>TRfSdcqRAshfu^O$rdkX}`g`EJSd
zzn=h8W%pBoxdb^%jgQT!d%tRxU#r_<3&4dy@*Bs|E!_bk_l7e7YT0l7)B*FV;slCM
zCc70{-bcO|3vL5Zv<Mjl!k7|;@c=Lv{_i#tT0gJYD!Kou7Cg@P7ZT7@5ID|pMHoAp
zoFe|X36B?i%vkrvfz^NejOzokGd^>CE}Q3-8Z##yX<duW-vv=Y^}>BjD|NE}yJ|02
zT)<{>ZW-pznq8eBpu|NS7?z9REVr1r21gdyF<H5?XV7oI0mPLl=n>jCVc+*Rz<~6!
z6I7TCZ#!A{cp7HA5=jz5l=^omzLcOA(a$BE(5@dqV^(i>8xZCuk?e(tTL76M;Agt#
zy6ie;`UoiO{@P>SN?=r7CN`x1@5%n(`_2skD2%xf_FW5GUdOpDEiFWtA@%jKUBFpM
zbX1gp$MZ@a^})3NhpUAJr2u}?@0Yg2Rif_~7BA$+S|xKmF*Tw8?^VG7p9DJTeD1F6
z@f7FS9dFqD7vXn60r_des-vUh;_}Dn;}+W$dm5llyaCU5<97h0q5&aH(%E`I8nvRA
z7q389XJ;0rvwR~W+tR!m@MvA-DJd=U|C=19sP)W3!=`iZq}5t=Smb}l7l2?KO>ON_
zFfO~fgrl}CZ@c+2#bF60R4*XFOA=&Po~a`wmdt)r${4_`S?rhU|J?E76X5GzT2&*s
zEt&oQ&bWfR&-s=c?r@g1JA&r*df7%S=*=NN3lIfXjo*P|qRxjr@3Ts>UQ4vJ>et81
zt`Q=i2oSxtNU`>d$uO^`jLSH?cdS4T>E0ja<zApVcMM=Q5doLnbM?xtI?10Biy|wl
zh>Rip1WHPP2fM2K-UsxQe}=Ffqj@p$kr2DN=$D-BP>oOVkT-M<(=n19youY;&f8#0
zsKHu0%d9%Is~P@pQj&Zsy`e=bt1VV68D$&Yd}k%G8I68@zg%m%z~9vuZlh(;1vKAR
z&ekv-ZV;O9z}TV7CYm6_X3J`Khxv=oFpjy4TfGaygZhLRP17;k)&7Uf*24sR&daz(
zV?ee{&`X`xFoK7@JPu&MT1qEf|2|#;4Sv6p<5MO1_xD6{=@7l_dC7}8V|@w-V{bC!
zs%n4-t0S^R_rEXkMih7tuL1K8ZGMkU`7N1T<#Enw5%w6*KnxlnJ>Rihk;oVDYW#Tt
zqt-WeO6Iw?U=R7f=lg_-KTE+{<frojM7>%O&}?rJtREL=g?0lU7$NBMj6%)9Orbb)
z`wkd7)5aQ`J$S^!Jq(0GYzt5_ihkB4{%=a|NcAS!bK}_@^c?5;p#8CT*ERaKr~xEw
znbg5_iL$JTi>^@iQ<J)W{c4^L1D3N99@EY-Ucxy<w)5%w@atwJ8@P}N0fc=IDl`WE
zf+Ea{;OZvCcfGN%y`!Ht?{9xbgr7EC0XBqQ$5%>;O!Rm6Rg3iew*%_0EUgS?Ru&e0
zd6L8*;7B|maB(2VPoyFq0|t9hcJw+v+yDOsuK@gWvV)6UIAa37+0Q_f@E9M5-jCG>
zR@(&{9CkmPCW6TkEz6sx-*{(}oe!y6hLPdyvYxA`rm-x?woOy9Ah#?|E@9Cg?R}bs
zfCU%Iio0fs^(?Z$O)sEB?r}Svs~ytI&h~ywe4JaKVMfH~vR^jv_)MZ?`gzm;@%}op
zgg*8<0T@g?EXzklwQ_v(*kWgAhl7LTX+H%xBl701_DuE>|A*m!nm1@GbP5B>AH>J}
zXQm^c38ud}mq$rS-}Vsh0z{g=QE+oV^@1ZGuye2g3me#si-5CR;m&CNHwcrQ!_`fr
z&ZVGUn2ahS9;tYYl5Qj5wS^OXI~nTfu%4#%iDMw>8=%fp8q*sWD82nz%Ygjj-r#D~
zcd>C^IS*~4*<`;cG&<jRuOoNl`uoVG$4p@deB@7n`E+qj<ombIkJoN|K~Ng7mikJR
zjT;;^{+%Z%Vv22<kbe4hDC_|rn@Rueo}Kv$DAJ!PZzGm%??8e5oO0iRL0E^*X>Ny9
z!AhHK<bWC@C5@>F8K^Q@nXx0_$P$U*WIJMt-tby;!4_6oP`1yNEGQ?Pi9WwH@Yw#g
z`LO){@X&K1WWy~<EM8c2gEf?n>5qjq#tccNz%Rzi*|FqDS$thpaG&hapIOXShNYC}
zJy}wRmG{_fQ;va&ZSZy%T?)44u`LLU&81!4hsEuIL9xcyrdt`qRO%!nOfm!PUYdkv
z9-{X)v%^^~TlL`zmE?FqcOVv`Tw(M4fKjhmBPs2@<-dhA5YSBUv#4)U!w832O>7}+
zhLI5Pq?N*k3l0<&uKhJxL5pAkTahowHeXM@xS|)&{z?avk!oK#U0EUX%9C#3y^3#V
zL`ySS2d5<w!|A4zL78l~nDuPbZnZ$JwQ)*%%dfDSmy^f&9{wzTr-N^a_*xXrq|<Y?
z*x&!1TEFs^i8uPF?ogEqSp{~nts^m_`-110Ho0x2zfx^lGg5C^9AyRTC6-7PV@cta
zH7idUx?nj00f!x_D8@`N%Sf{kHc(ZbC(w<lQ9i^d5)7UjOpvs0Nh-RRD?~)eaO&Ol
z>Pjy|5BEn1y;NG!ADpe4K4rVMy~x{3nFy0)K?xxz^DBqCEzeUAX2JUzaUk`k5%P|R
zfnhS1&AuDqI@trXFjUne@%!%R2KV;QZ~4B=HI<dip~n9IRUr{TRxanRT+%5YS2ro}
zu%LF)JPZ=S`5n(O78(h$nk%l0#r~w-er<UAJPDf6Edk~(+T6pUugnfr1~JgEhpc7V
z#V0<CO%;bL(}KP61u=BN616*k5KdYQBtZmq#$3PUDUU|j)U@yZ`s!gm|Kq+(`b#F?
zH}epa^GR7K4W(~O3ku>^I&{bvFL%>gfb)McJQf2n3(0kY_~XyVwI=BMYkd0YW%(BM
z|K|meP3y7o=MA3Oukq_)S%aChzWb>xyVX^AnZye{y&V$&n+JdwO$d7YQ*csNq1(Jg
zr#>R~e~T&4duh`)_5W{YA|e8C9+6<w+ai76AC{Y}rj<ya(Uo`tzlfosdjGD^4T8cS
zBAe-k5osL^Fw_aWgE~;+x4NaW3O-6PS5LF#tWHa{OZDykdQKKG+CuwpD)^t@Q{mIH
ze|MpCTOvBr=H;svaeneLwWj~!(m1vM-9{4cgxpeU9FFi?Jv<WM{Tnzt+afsYrjf*j
zjjg@+?u(X?-`B0B#UXNcCY}RoXacWUldyWIh7m>W#O=$J-29w}gW#vT?%G)MFch7B
zt<swGlS~2YF9)g(m&zyIPiaK&n_XeZ#Ljb($=kk8s|Fr`5F7iS*Lm#fsP}<Yp7%C9
zGZWuYmrsu8Uf#4&*Ukd*#{C>THlfEwUc*Z@o!z$QUG=|@OIP`H2fo*u?(Y}Rv%G4C
z{=SA@UbT%&eE%(VC<wr=CwO-Oyc9=e!MM`@&!}80o@GrF@CnX=1P%|EnIuDN@f>DJ
z*m5zJ=w`I|b$_vL)oswUtA2q>vx_&~o<;csFYWv1Y}u%1*I{hCYI^C$>Dg*~%KOhx
zAzmHF=gzaR^QZUyC8ub~ua|q@{CocXL9FJ^aT{nLdXIlQi0p`GjEL}U_#kfj*W$IG
zhF-@{RUjx9wE2jf&Cy=d{C)g@RH<Dc3%oWD-es-$nQNKP)#P|jp6Gm;`E@^@iAaMd
zp?==)=BYf-u-STcPBvMZR-OYd;@6*HHk`+c38c>VR&>~$Z@c%hY9D`3gtvsRRvO64
zBp0XQnZJ9@J^j;qZq62}?H$RZRSR=ARa0O3_+R-!sn>%6>svq%T}d<0)0?na<#|k~
zPcET8>R<cGNZxy(+_+6o9gf(7m|2`7S6;-XZivgojGRs%ucm^^bZlfH<3&gKP$!^2
z%<QIb^fFdw)C0IfY=bttgvWJXH02Ze+@bzW@4oxJaeVA`-}8R#5o$v0_0VS}<R{nX
zIFRuDywxMRy0!E2*?o1~>z_J;&+xO4LF-NsEcI2;zg(Y>ZkzLAlE=Z8e0|ree-$c|
zgmhv^bv|j~1BXa?%90iuv(2Y%n_tiEAi^^Icrc%~UXPl)onG&g>#+PA{^Yn)#nOey
z&_7@2HnXRF?{>qS)E<f*?|D8l?e~A5I4yFXj(oohKXjmtIzg_cRh01CBYMyGJ!?ij
zdi&dMHezKFR;Co%<#Wk;8yc$Q-~gUgEAJ2C?a`C?@mCLi6J{k9*tc|#BRBl0s4xc2
zMqK^*D$^4Ty<E*^!#-b)$`WjGJ!ygCs7?AxS)@mlp<WTH*Wy-7jiVB8KfmO|aqoSB
zJ|bwOwOT*Ww@&!=x8JDKbJ5?_f2!5X=$3I#w#xIT15VpLz;ao3!D_NQAH6)i$#Fdv
z%Ad!jdmeLQ#C426*t+e%u+@_*QS_>=<a_$oCgb{yP2ZZ$I=909uOk$~^3a0NZ6ZeK
zy%D*`>|dRs_LA~u{mtQ!PhL~@R$mR3n3Pb#`w2qmJ(^JBq9tmM?#0#iv`#~j`PQ3;
zi4_?iJ^lHQk9?1E1=`WcDpAuFWzEoW2_b?XR3(LZX0jx|;V>+M(LbL3FWuKF`D1Wk
zVJt$XvfC=H?S31og^iag!MITN%q!{eUvj|xn=8$xzF=iwuG0;rTQ-ePlx|}}L9Ork
zZx={{0+#j_GN=+i^h4NZ85Boy_T8$^i0>2<2E|)Gp(sdIy+o#g{_m=aXl0bY&ojn5
zh6+SqP*J`g*&`U3YD%1l7&NJynD_KyQnk;kKf7xiZxTqLep1&2e*f0R#X9%(yQR}p
z+x6BI6%`fGX(kI#!Ng>ycS1bw#99Db{oblTlK~089k2^{t<}zp^^gzK<p>c)h_{D=
z-xO9kQ+%hn+2=7_bKf)zxAm3CGb6|s@>;mcZ>&}3s{h>VWxY?#HMJgBfu%BDM;-y1
zAh<~u<~$LM8q#CsEuFDN?Bx22-=ddb{Z24rDQqG&Gn%~~4Dn3ADKxP+DOPb;XNcAq
zX@p6_;hM=_cyeh+auQuyLoq=3`6ejWrXTqxzPs|Bs7fRy-ShGeffeduGXy*tWo_rA
zF8n|otQs5FIA!j}fo_dNvY9QfoI%6Z6P1B#t|t$fyXSI{F(un54p8gw3odQjXl3M(
zcsM{1Ar-&sH~7^&>HQ|LI)F@twnUzqn3(S2e3ri45ClU479o<0B9df4osp$n;k5k=
z=*0<s(h_=dWq{sAi3G|SSVK!RnsA|INaCMxP9Ba>&mDDf7fP>ik||3=cyeHeoPTXz
zRw>ttOqHWdDgUZTeW!jrk5QAGO+PP`ZhmlCSnfaBilOtxK^T2Y_~L$?0VReA_lH~e
z!r>0~X|AC{4Uglv&X?6D+HHl`z0lJy&p*H~(-TxxO?lKCUQ_)Gh!%95<RN6E=jmYn
zS<dk^u!+%N%C-OG6SEm7E!8QVN}FiRcW1yHXun<ebB702ycZ&)m2I-ahWIN#9^2}1
zOw|3pRN?nd5@6u9OgOv!p0M4uy_PK{@z(Lne4Pu%CV8oL7qOl4{>E5#`zM%P5zX)H
z^gsRb<zT@n)moGz!&#9K(+sNbKc#hq7;ACv?=RumVV4}^8IVo2Q9va?P}?aW63mUz
z^cBewth{Iv)Dh+DLDHNVcOT&KAvW+R0`<iEaxUP_LiJDshouWLFkFw$%&P>b1O0v%
zg3{2)s~E4J1i6?p)!{PH+y@O%<Qk?r*f}vNmIiJm=zZ&NF%{8rI22C1Uj~fX`9`wL
zz;Ra~sF6=5DsS}PJMyvfztfGV(9()y$VTtW!5r>23Ti^<60Fg!9c*5Lb+2=;{~jtp
zgKLsYEAO0Moc^ZKlz#<7_~%C8E~RD0cbz(M+n*b~5U?h=lasS=G7MHgUYjk7H*@1#
zpYBQNb{+M+1kys$7iLxp1xpfpiKB1%UsK}<8a90XWi}g>H57{r>8{W*5fN#-Z5q!I
z6{?Swmmc<eZwncFTt1H8x(PExfB>no`fy+}jm(g>R7sFU2#`4J_sA~RO1XuHU`HU;
zVfu*`6*Mx~g@sP7%a8{y=wv&gFrywx*g|XFGq-$M>LPFf8?0dC?Q|9a&3$8G24k!B
zO0X10hqvCe#wEjllPUcr8)}Oo-O=s`g*Nmn>WAM5Qe1lmehyd)*=P*Yfk9W&f7H|I
z!97!Kr;1%JT(j`r5-~FW%TtmsKdp+<L$kfoH6g>idW>+1QN?F?zG?KZ3}^`v`e$Wl
z10LF|!94936%XPRe>~Motr)gDQ9@x?Dmy+k<>len7mN($c4i;a(QKk7Q*pCB4K8F<
z;}LNn(^+d3^(Rr<IO#%6X)hO#qR}MS;(n#59;@F;I6NM=mRgK<@v5vR>-*Z3YHgU?
zHB!8R=7McJ!xx9)|31jxQj!3QSJfF?KAm<tu(l)Er5x`0bMx4*XA6~=>uuKn>Tx`k
zn_$J}|MC47{6Q4S;*UTqE>C_izb}nn#BHHwtlF;GtX6M(7aGr!u%#mps7(cFj{GGC
zR?I8N#7#&Fka_ONL~9pNk|~<8>7><^?5`<ux#r*CbPCNAFWS~i6jOfE6KTr)Q#rDx
zhZwDLJ`H!LF-0I>J#AGxqzuv}p-d7?7Sh(ia$wE6RA2A7ZS-sP(D2ZxX7Y-r&A)`#
zGp2sb-!y4fD0s>DXYJXb5q$O6Y@#LB+}B%wc|`Slm4*FUB$MZ@3(-Z~xoyieutXP>
zmrNboF|<{gTz_Fj%GS7H&o<g=L#)u#B|x*<F~3wCzEh8_E%A6)Fp-vZs{qRM9R$={
zzd`j}V-A`?1pOTblwx&@Cj(I8c<ls2|2@awt(0a##o@vj{ShXOV*<N?tJ!h-{QL|=
zcx^RWz%#ghT^W$I2RAnh4-E~(IbN-&yWWcxDprgTxf2(02%}C4oC2lZk;etgtC`d~
zrDEz^%DtT<kq-S41H!0OoFc|9R?cNdknof!)>OgyZ^?%0Y!K1?Tr=ysuv@%tQa#H`
zUCe+}td^**X_DO~td^j3NvI%s4wn#;UzfhtDU*PjKn!Qr7lr1rE!#Ltbm#b*ej(nr
z)@iPuTLnc?xO+~47|BJ)&*o7ta>!nl7u{6f#iuN`Spmdjkhv$ROi@!Z%#ML!vsAI@
zz3yRd-8DoL_MnS+h|{k0^-9J4s-iVR=9uW{=l9dUCI%AiEKa|ETT^gv6}%mC*F(eQ
zP?Vm~4AmD#S>?4c=`u`t$-m!-<H1okwG|}f{BB0<QZZ?$SS6{4$aTGR!G&Erd56LR
z3Y`eVSsX~xMW@-KXA+<)d}VCgFm2JLr=uGmA4h-!zcHivo|h010FnWMul*2)h`&^4
z<bN=lsLL2U!^!fsJvF?4UedE$)5Kl^;wK8IaJ&qxgvFf7iVa0}xEb%0YnWv&J`Q<_
z>|jkh*+^0WMolndt1!;_BFbhjNnZ_yF3LHl<ttY817_3TSOWn^=&Op0@>wL9q(*{0
zyhjYPASvJKAGh?n;bb3<)o<OlP$vQL0|a^md!X4UwaS?fXXd7tcBpC&tvZ(L>z4fx
zi^Xo8?IZvcUv-hFCaqt1c(?k+2?wHImTSM0X&a|27ACn_w@Fi;$Y0%wOU2swE~hOe
zUQp%v%&ysIh2s?UH~h3MBbKC6Tt+rE<siH$C|-1?{kGCI&6f8u0hfSniS13xnn71B
zh<W-{?}WxJq5K*X-D*?UnrYc&cH4wr?mgaj2+|h{1j^(8TSqGRfg*Vxr%@~iMjG~E
z47-6x!zNKoS`X-Ee;IVS19&tiBO_wtk8@L$a@wnj&WljChyZSq-grHy`Vvw5891>p
zIoy4Bw6gD6BlWo{S#x~ubQOyrn=>Rzjhx{3wi+N7-ANd1{AF()V(U`L8IIK6qU_ql
zZ<Zy-Y7tn}$(j*zl9_9XI<K%2Hd^pV$79kKb0XKI*CROj^o<T|Dq)N$ml?gi>Esxe
z$ILdzIGWtALjqk)B0R2AxcJpOI-4mYova&X&}7;~oFQGgXX|a`=b9CF@RZh(@!>|t
z5!U5i<cwmeR&im$Xib?{e>Rs3H6B?)^@Z)<ZER=`Z_$3LK?&tL&0P4Go=vKF=bMFv
zQ*RzruY%upc#$RetYE_fD+vkMH|gHXxBri_w+xDF?bddYCb%>j+}+*Xo!}u@aEIXT
z?(Xgm!3hq*-CYvg-R(4Mz5CmH*ZHbWoqt_L(R22kkBo8M_ZW}veU?()AK=yv&gVN&
zRqNZ!^`!M`6L<$l+5s;1k*05=gBt<F{&y?0z<C}EA!e~|S(L5&OkIP>k}+SUhS+jd
zWSBiTx7<WG8C!<Wle>5s_M&Efe+lG*cusKJA$3c7cfP+NWS``sJJ$F8R&LWY(`cSX
zEfS&wys`C&HS@2Pb;bX-J^zzfLiUFDDjZ>$<&`87gJPTFSpQ85BR|zrg~ANoojmV)
zZ{7fTdr83>t5#2r9S{U4ET;K{H06&eW7BFlhiU<TTdxJB4kZko3;>dnX)VfUm;XY4
z#fnvwXQ%xW?TZru1)6jye!ob3$=a%=*o*NB)j`nr{CJ`2`M9PF4j%q^!^zdvwMMr?
zSy`DVq0Mr!x`-*Mib#lqV<+mu&UIZakBnq$2ZpPRkn+2{O;ibDEDc`qZm{phmwjbU
z93wTQXnAasn%ZpcKEso1ymE~;KDo%6;2o2UZdAUtvhSx?iFwzW45yVGZbgN1Q=)QM
z*(L1=9&5L>@2JnZ%x1g4tTpb6({QUH)HGz+*nX6cC$F)XCD2->NF==*r<LW;jBBP$
zKO6?ZJlwnW!GlXCF!+L25P08Nql~@rjC)Xpik`(isK20Yy$ND_{U<oGgzgzLHi+h6
z(Afa1fh8$Jra7`|(N~}#V(SNBY<1)$q%ysb=)pkwX$-QVq4%vVl%gP^!ND}BBvA>d
zkzRW~v>L6kq(X~%{%x&8axfs|_uVPmO`(|RtlC`mVir9f;HX_zu3AaT%-rnJaF9Nu
z`Fk-8G;Rv$0(P)4M8lnc+IBHEYHHZtc_kw4th6+4^BFRm&)OARKxv{`B_jGj&ffZX
zsmczct*J;^aUlUmZ0NSR4lg0yIvyEaJ_7cV5*lsjiC^(VROSE**qyj}n0A%$A96TL
zdj_@RSiAWB3v1NRDW3IY930MX?J*RJZVv^^KY@QxCQT;Yl>tOk-bgunqLb$gsiR;}
zQ<nn?jC4(cd_@)u6og#mQ(~Z1_yPwMZhDL>X-~z1>XN}Vo$T#dP>yqRi7=~*BN8YT
zN1l5yVB%|y-N&y*i8KIkpx7OQLE|Ny{M;WytUCkfE1I6MKR9@b%h)Aw{ij5$lTRq)
zv&1r~2Sp63G(nD2fBE4jEa(z#70e5KH%k+@%XY}~@eE$?HCHB|mj{olD~Ge}i<?!(
zM)Qo)kX1Ol*eEWS1`7=R?-{OJ+4!gk;S#ZeUJEyS?d`1&`yeAhf=KkgqgYlLO!}@U
zciyq?@bK^@h{X<gG?fRLV+D9%le?zGh05@C?xW#bfq_8j3)a~wYxJ`a<?ZnNE(|~c
zuMyrVJ5(I#|E-Yz68KA{g@Rjal|>c19Bm7mmte%CVKvJ<;7@H7!&b!@ET!d@f}6B`
zs4=FcdYZ9qr)%ZSEL4tN@c5q`W-k*t$F;<=7?<PH(^ZvC9^pk2RW+w*dw1!Cq1Hi1
z#)X4+$Uj;;MIk$R_3<psq@xY{vDWW`81RDHd^T&YWXmjLnxOmf`$Y<xkY}3gMLS>B
z)hji@C4}T~T%DV3*0-i5QpLY<z%wX#?xAFdAkLciT}LbVnqKR3Owf`T24NtRfR(+2
zAm3$p5-k#;fVPs-7D`r`48h4?Cw0D3r94$JadD@^ncd<zPWenOpf`SbS>|)&%q|w$
z_xZ#!A6bl&m$t+go!dUuS9XtpPh42yl9G@Uq&8Wqv=b<k1gs`>c!Cw`Ra(DJnA)}A
z>(<j3?3efA3?=ElsXhOkZoo7+$CB`UB@huW@6^WH0B<INKnw=W$WH-H1mTRH7QPWE
z?Y^HzKpNrBM%ef#TVB@S;9!x@xSH%!$KBmRnj%uT47i#8dYbiZ9F?RHPQv<!GewF5
zw>!6e)j2nFzX_=M4Ym!obSE*~k^-vK(jOG5=@0`4$qwr-cmJ?tW+Zs%pZo0!(%Ww4
zy{_Hwfr=NaM`T30Yd}4a?H_87O$FGQi!_jjh>LaS+2$}5iZfihF&ZwUS<L!Rd&KM#
zt@D3sYMHaRUGP(Kx}0Z23cj^?&J!MQRQ%zsKWD+Z!j_=m!BPXbaIt=EEhU2krM94j
z;~QvR-wj;)*RGd-DNwJ`MXZ15@i6t}U+f=gZ*QM2kR0sqcRJsA4X3UC%;RWwzR^K!
z2!P={iT-}_OFxt)C9oSBUNDv2a-pO`;Bcm%wJ6nJi3($?9cm!cJg81i=}>|xtLud|
zoZ8kJ&P^>dUqgFRm(+cu^L`=2V^dvIn`<|WdhIm`UeMKWp;D~^lbq7U9z0%=b`4qU
z#}^|DZZz<&)HdzNX15Z)Tmr(9$QW4yZW6cijaB#C&c>FO3)qzNF>LLBev2=RD;Oxw
zB><b=rXfQ2x}Dd6{F2RKt>x@|2hy7VkRO$mm7T?KXV<8t8sd(uG+N%Dtv`c$4MH|c
zxO)jy)^-TM2vxcq?UY%vXh`&nt4r-FsIlnmouIMMQEeI}Cd#zXs99mGXtp#T?x3k?
zRdKgnWq00721|<Y;l8Bvxmh?bl()1<kziL;Ixn9&La4XyGQes&bY;YP-I_cmCaQ0l
zpKsg;v2K>p{u|Q>0r&#J;;lest>)}}ZIBN??CdT;Ri(rf);~4F!^3@f&X?<<H{Mb+
zGCckW{Mpxn@q^TZRy*76_4uPMmdgMmWH56>S>luZBrTLVL51z7tIn*DX38qg);UTW
zY0wv5FK$w*ON6XD_PAYT-dBu>&9YNQS#qxM4IQh*f!Ru9WbpB12T7gTiZCH2YQE}i
zy9zf%F<`UDVqCsv^wO8*pX`(ff*lCrA82SbX5irnW1sEIh?gOi1@u=?G=qLmfhxp*
zEY*J3ClPCLIp07WCR17?^hvA=X_Xu^d4hl{^+i>J65j~N5X%*S=}xfd2)PYc4BJJ>
zAgG>5%UIS%q4TAe@?<a_`AMAS56{Gc#J769W7sBni@jml8wlGM(r1<SQz3X9VShk{
zF?E?vTmEz(tPYt%WYN5+Y$wO_s2*8BQ&;OsM?cqjb%B&AZAwkUsXT(8-(4)~vo};E
zb)keqiCx$S#sMQy@&WA)i-dijroou4^yg7Rf?I`s$@^%;>WEnoov1EONZU7ms#T~P
z4n_w(fkr-Y8er)TBsA_yzvkliMme%rx8a-dpfjPPbA+~*Hlz_>td49xDJV{ma!0!O
zU-Nm6YO<T=pwtv6IY?0ssU_%jnau`IHW?94gdO9pI!Wz+)59;Cwlt2{lHX9$_k3SK
z&bxdR%uzPqivIb_J9TMikyHKTfuV}3fUDSRZY!jw<NK99C2n;9zmCoE#ckoa!25xX
zh`o6`J{){=A7@;(vUvMn?INqyG}7L6TZ6}5|Fz@lW4zCr2+nKXgSZ+x^LP6>1kj_$
z2JffM&Z*ZMHBxnlxrUcN00-ccaGBPgYZz>s`#_<Q-6ByKQ)n2zK2#|VCaY9pz-JD|
zOwPXedTXvc$D=t|ircp1>NX-ruY)P#P&-i>*qt;`fny(oHfo{}c-9r{kSxDsy(hRI
zX-Eu$B7v#`LZlhQy-{JJ&WdZ+wX%YoADaX75%%_mw#j2fg+|vSrOW+TcKwBm!DQKB
zieTjojpYb0-b^#&yQjf3bu4G7F;4zo19oUl<@;zzm%L702JIMM>g#Rf`IW=<-~^5^
zHcLrQB-QAZ>dbid#ZK)Es;G=TJPEcY>*8-CR}8JR618Y`+29{&hWSxsj6Gg0%8&CY
zE=rI^SCy4@nQL_d9ot|u%LuK#XIT1Ci2kE*JBgSet6Lt+|9e(u!d-W>#u^eWcP9~Z
z(X(2W+Ck7a_o++4ACAJMLgM&3Tz_*T0EY0OlPzZxRP2@3aCK>7D@GQ!hyMjt0+TM^
zY&l5ybCU<L4;&u!iieFlj4XE46WmGT%$SU=eLt*Ftn@TlpS~S*c}Y(9G}Ul<tdr{-
z;PxSWzBcNKBZ+SO!c<OfdX|tNgr@A;Ky`{cQu{35^7m-)xzfw2PjEE4`dxoCY1RWu
z;*;(i0n=A(N=^BN2Un&#ys^S2js6;QOc)0URB=tHCT77jl{xyaZ{0oZAlc;lzN!Ag
zVQ#C(dT$(mqZkpzh30*jvMh&w!(mHEceRP0z>~;$Z|qG5s+~4#XD6}iqBrMTQ#L(K
zIi8csU<knpyO|Qn&}3%o)6(T%<F2UfCuD-Lu6IAZ_v<}G(U7KZE&BU2w#c2F`vc9J
z%Xfo>gYQq*os<+cp0~Tg6^ohLZD#<@>r2XSoVNTNhtmS@-d=tF$P&6<YO)qIaVBFA
zhJzE8f{PniD7inP5wdK>sHmv&vO&R)Cm#4Cj$~K2CW;@0IGD6^La$HH#A6!712Z~|
z7NlQs8VQ{SC}K*y2HJEcp<1|Zrdwh??9gMKpmCBwIEjEEmDuYqo!|`Q_eI9CAW6D4
zRN&Ld+CGhI*~sE$GCefDbzfW|V^+C)^20c{R&|&a)VQ?1b$~xrrzckH+`YLH@v_@4
zx_GRvPsc-LP?G}u#uAoSF^hj?s4*m!hmOnx+aqyz3U#_p0&LXW=W|`E=Ky6j8LNa+
zO;s~ZF1vmN_q_-KQ<R)z)aRMOF^zp3Cak-e{@uOT4T3})N~O-~e`r;aIU}tNGcr@`
zX^_9_a3Z{-Zq)EtThy?cB5c0ev9VsS>XhAx|5be7EapBx?KBa387pzOedgU?-hZDv
z?k`hOjxJ8o7Q88Wc^R25SQQs<1bIFR1YcaKUN0c4w4mN!js<nv0@1>{9AuU{Umwo+
zTc^Ju`F(!V^djT$u=`y~9tV6{wYAL2&X(rv7mCIvOPaoKMK~Z_ZL|~<3xr%j#^Z9h
zRU@8qJ;=#N#yrVn;U*{Q77K+%D5?HZ6Lyf>=l4%U3oh2J@)290$0O!LyK<DQpo|40
zaT)GuW2dr#43lj*f06^%h>&?9B==+Z?9~trsA#OcVT|Hg6-q26A~M&afOAY93oDtu
zhT_sS1AUejcZ{-=E7=8bs!e!={Vt3)U-X01t^oO=#faP?S1g6Ii9^bFlCsA6Ws8<N
zxyrR2Tn@$rs&$3+GQA|rm81_OzK+fk99D3rn2A`ih?Q~wkrxmcWvz*!xEfoBN1w_r
zxOXcPL|OkhG%2ybnS5D6Y=bN*;kd#CVN*zGnJaiX!ZF$G7cp5gSVWL4O4g_8eRY!-
z?y`TDeWSUGjHL^nk0d$jt$~f@^~>@o@gnWLnO?BV;L-Ng77qt<<rDJEI=}b+fc$eX
zas;>6irsq$Y@m@6D_MN9vq*`W<GC&@eVg+xI>xsR*N)ZtNyk8FuHx|}Xja&w8#bL~
zM(S6yXsVTDhC`&gq-1|4Zf`ucK>y%H-Blo7rTe8@dHt`~24uQW-$_y;y~Cxf`pLEc
zqz5(-Ht{ll@MRYLLy43-p;U&wu@{J&94iMQYllomyb4IRJMvri8vfoe9|5FFlA#*h
zkwZ^z7fMYnCj05Ufa+#>a7b83FTS9%IvIG6%wNv}pI#stOsiAlw%o<laV;B$F(}V{
z46mO+y{S!+IHO}cUL{>&N=4dC-(VlFLz75Dz8E*w593#f8v8{8rbq;KJq5)na3)bS
zd@^~2zG0qRuV`~zi$V!OF2$`Uxgm_jdjrCwN6;O^bXt!>(X!4{nfIGr>{SpJGEUTP
z41ap9zIO)l9wnUrWdM|<@0_kfly`r4K`u(7m?Z6jEmJ06T*u4(8Z2@@B7QmXR*RTT
z8~c{)lN#{P5k4=gu+OG|T{6S&)2uTV1toM@VsIv&tWCD@L+!<WPE?!}_2*hkm+$vB
zep>jiZp8Feu2Z>8Q=dG7f<$OS_a4GfrD?bwOaF!t)^DWFGq8+^k)h#JP$gQbJTJpB
z{3CaOLOM{!U=<_0Y!?1t&7)^OfruqV#YYTCMi~w!XR@N2LSpHz^@}F$vuR+qK*GmJ
zFwhTF%9P6xccwNhKonZdRJ*kk&cni^IJ_yh`sN`kP2*)PKSa;dFT|W1(FAG;dT?yY
zlDwnoU_}I(K~z;1h|WvB+4@8ai#Q?z4qgQ2k}=U)29ElZr?PgKX64{)42<`uXhgrw
zClzB4DsGc2)#=u!tSo<bOq`HY1soZ2owB9w=H2MD61f-$3Bg!fpn`gp+4E9i{bYxo
z{Q_=Djt|2gcZ(<rddORz3)21CGjfs(MwP_FK2y~Ardx<E7@u&Skg5y_3T&|!o#tme
z-9m}z0&uN34!6L!14BqdmD(+_=I^#3dz7F(h^7tCH?G>w;YbS~#;`5F$5q+day6^e
z<T;*K^Z$U@V`22RUPucB+}@P=)rN6Tas&j9>d{0&0WW?49{PcqzN0xYZT@@Dd>@0_
z1LltvNsdxC+SWpCU<-T6V(reE@Gls27wJuB+^TyB0GyOx!tNC<wsBtMn!UTcO7>Sz
zP9>PnWz26z)S6!mj?MD$G!#!r#~%IJ_fm2*pYiwbIj*HESk!@BQaYC*YV*oN0WS5|
z>)a8}hm4dMYv-P2O2Vxyvx)_^Q*_*a52kH6G_T0s;2e9jECMh+Xuow<#!4(_T{+%6
z+_FCB!EPW-a&}W*`_oew1Ur@JMfzN;jciWFop0*#)N&f!;*5^g;OM$iQ<ALR92EFb
zDx^wA&5e8Wrg|glT*+X3?aCIgNku`1Wkttxd2Mq^X|kz`3^(y}11B5Dte7il)``Dz
zInBSPSwyN8!pGzGTvGpXcrc4=Q-1AoT3o+<e`ZaNih$DCWvMZ^P?h`&ZSVc^)A7>u
zyE}hJNZw0Z`fDvNrdanqFt)}K^fY~#yfz@omIVX@&ya?GTIA00HPPD!$zPR8+Wdwi
zv0H}8<e0SrH0v{(=BYh#9R@r7NR;v>Ne;MsiCJ1*4548`|5T=mIwqz?R+@zK1g7he
zXV13#yGa4nEEsP6Rr?hw<GT1VvK76hpfbmWdSI%hk$c^_yj@iZUOCKYvhY5$Xgb-R
zbzN1yv)J3r&wzQi-uscjk&&u9{Ckfpx897CR%T_EviHHCCFaAu)syq~B0O$oX4lw;
zGh|e3Ne)};w)f8PTFmG%I)_!UCw1znE{n$Pw0-=VuJXvRVvwVn)?yKf4|N0~8a&{)
zI(<;msM?{Vb=5bX)1MJDvNcLB?srUD;~2cNCzn6S+QsAg<xZD718j~q*3FpJF5H`|
zi%eL@OTpWCoa|IpWn$z<&R0M!oh4iQwR_e;2NRx{(zk$M<cH#UfdU$x{D8vyGCxah
zCF}Egc={_ez??}(L<>Y*MZWbE3|YLgzSaT7AW@mJhJ>$j$rt8vn2wc7=N&E@6*J7n
zy-oL9L#@G2ZPv8o_fs2r8b&nqtY#*m7J(A{y4y!Vnx~jBa-wZ3g(cS;;KbhZJ6yzY
z-~G=5gno9d0}|kpf#0*0Uqc6;C=d@&p{DQPQRM7Gq!(Lgn0i|W#u9G(OyGZ}%G1bf
zad)K@zCz;#*whx1!5=RkeI;$p&v~3PH@7Y4_{rY*cYe|OTA;S;F5F@S?P$qNQla{_
z?A_rrLU;?;?ugoj8Q^eP$C$aomVmzFHv09CWD&2e3f@CVyI{`SiKCicV=fWBR_ObE
zq#1jk_QMR8o;0Om{3Mn+Jw=`q?T>Mu!Td=n&D6gIF{ivL<Q>@!=2a{if$MG79W_cU
zD%5vv&dXcuD)<R=m=Sh=0YR5-=jhbb;kv_#rp>m{=-O+Y0WU48hV?Yob3Xf%hzwv4
zH2s+HBwNQYLx0HJn<JrsX3C&+kCXakiJN3A1E!mgm?j~5MPa#uwMEvl+OEa{vZ!24
z39hLJbCodi)*{qKKex9s@xOJHgjd{*?G}7z^*a?yXn^$B=n?i4>H$F1k$Ucx!mHJY
zV5)0$DLs#CDAq4lYmRW}Q;`OU&s{uen$KFlRWoj#5^m|y^1lDbCn%a7fRe$Spmj6L
z)Dmm<(={zz!^kvQu#X@2%(FLdtDIWvs2DL&_QMoSbG%BNBasV@TF~;nM%!vr&9yW|
zJb}3)9LLIbn||3MZSZg%JqoxlJIAkq)Z#k?8Y@)09lA8xb{1Ve&?+Z_CdKUWf%Qc`
za?)&0x#z(bTK(m=l&g;AU(u)Rn5?bm1b@!)i_2K8a1dLK>By(x$bYV~wYn+W5bU0r
z)TevY+2%AlP;SlErr50$9o{GXjV!UYZ7)7vkw$!4CF||AKLy)mhjhdYC+r~4=e>H*
z44Vq!Y+<4C{ZGJ``vwa5ss)2f!GUJZFo9x0aM(1)k*lzQKy@N3`_IGJ2qsGhHVA*o
zzOf3`s6z><;x+}3MN|7!Pc=>NNHwE%<YE^hzbXEsxJbkjBhb^RnN*=^OV>?HanRFL
zM57uXM2s_w_%wVs$h$Te&7p6wHbD4Bw8HG?#~1{ex9`!qx^4C2J(i4FPxT;>)im+v
z&u-4;W4%zvRn2*8PG~TC_KZAP;fkb*!VpnJb+^aOze>NrmCMZ|*o<<I&JlmL^M&-w
z{54F{!v863ls3J%sH@y{Q<)g|Co~jAE0Egnuy-|I$f0Ya-1@lD4GJkr#tew$EzFg5
zbmo&p;}n6pgNBBI!)}zP@@j$x3rDo}sUl4gsF3W90k^7;mN-oc8H_leAxB0A(3KR2
zy=CnBvX-5OZN^^l6{l&IfCe#$`K+Cfnk8PL@MFt!0_>=ufQk*AT&BEpB)U&=4rje{
zFF_n*Dip@?WbRVTBHLYv>3lXx7hF4DcTpRt4CBE2ZSFN7z~y%jg_i!2U~)DX&}RLF
z>F3-TRYS#!87yDAB?ipzpa7}0J39u*UL{u@RvtD-M~Hc3WFd9s3A|VCSXpQCT^?d?
zBj?lt5yzdCL|B|4UFoeaLL9S1OJXjL%cRGJD>_g3=DWhg!ewRQevnl4B|Ed`RNF&V
zJ~XGgaV`QH0!oSyPC}tjGM<x3F#w#?SefNHy0a%I6e_GhmWzAs$5NQQI&J@xG}%UI
zRczYAcE0DzchzY8B3pbcO)cd<V9IM5?|2rkQ|`t;eEYxGRI+kmKsp+POJt|lo!)g)
zhhL=q-?6L`KQ&PE2|nOV9(A7yu4@o;JI<AbR5{q5RRH(V5t+}I*Bj|TfE0_LRlIDy
z<Yme0iojy^tL1)Dhq*~;h0y%)lsUX<x7F8iZQF$A)uLmYkvh%73H<q4iYBJ(&^Nae
zz3UYFn^ayMhAm2xtv;Aq4|5Aai8?P=^w)kzvgJ3H_yg#Vmm-(WbvW+wW+-ShPX^VK
z6ggvRx|7B-L!&-YZQtNGZOyQkb+v$oaW@w}c}K6HaAtoIyVRK#yfPuWIp(eD`x^P9
z9v5mtz08n-x%Dsp6_d`}F{4<SnutAemW;IF(SH5=0qpT+*<DRn)(#7vAQ0R~$T!RT
zr3ZM^;{rl-r)`EI$)phS!9q$(Q@!_Ca;aBlzfTCt?eKTU=dYN}(ph$MtaOnd3jM4Z
zJ{irg?pTZOtquQ2Zn=BC$5P0;8uD*0An7H}9?uRl3fp6AqMtQe5W(fTuGYGxaWj^2
zam7@r{YE}Lpgd+--_^1t@LgttbCb@G*}85UmRAD67vhUIe3vOR7YL(G0onx_(YV$S
zfo6L!k%XKAHAL^jA*KzUZoVAA4R$G5O2Z;Bgow0X2CI$%5dkXh@_r7V)H;MW+!vHs
z-nTri_xvUGms@^p!^2&HG?kryG!?0mQ^@Tes}wY~iY=Da-vJMxdUsD*0n*v49Avn?
zaS!D7;yXhSCLjb)GpettI)4rzcwqSm7Ts>9oW*jbfvL<+?sBR(XeuR3zr<*M1zCOz
zrV({=wBeVK=00^cUD2nrDuAE(X&&`z>*(f+)~adp(<qr63G-_-y4SBQw24~oOqG&}
z(D3jyj@z)aEc%XLW#1?dv;xa_Xq!hN-6eaD9U1p9U4m)Lw0QXMFx_BvwQWJ_)mLZ2
zIs!g}C;gt1q1uX1@Rt9eRaYbsuFmd5Wq%}skSMqW9dz+_+Ppb4I~x%mfk)!ykgbR{
z0rdwe2M7da@i^h|I-mRwL$e$QY<1RXUOxZnlLTp;zn>mDTT`v78LjkN6-rbp)ILFa
zFdKQ@>X`YsDyld-I;Jq_NJMs6|1H<L0N>ztzxm9?0a8F39hd*Sym)?b?6kcSargS3
zaq>L$lQemLuZ@w*kAnnaUtFk@a6szLjky;wDhQ;342a-7UkU({8FY9+E)rr+q_nG(
zoqq+516l=Fyr!m9GAn<Pg6fGDa>Ot0C4AaCSN8Vz=lmDf&0P)WQ{HDD4ues+`vMSK
z&k2eXp9M~yN=y}G4(B25<I48gvwj3+9#RmrK+z+RU<Ou$tMl&=|H@3rYI8aFJNMCS
zvfoX2yWSJk*dCl^3kKCJ<03dWcL9&=Oj#0=f)C)`ghX@0K^2Z4O9jn`0yuA%%N!Nb
z-TruO(!p$bd8F8Ob0T+GK!h#>l_<=*Cr6w3!=L}AE5V+(9`bWsVl(K5;}S2!b$<+Z
zNZh=bo@a61cUIN5*o~m6q%s=)=|wgfcYlph%b}oj`AZ+TGYfa0q^_Nq?mj5i?eYm0
zYuh?I3EKMdGW_9TCyq4X{;Z>85u;h)W(u;>_CTvCl5-37AFX-?*v-4N@}p;=SO`R~
zRC1%e+`%DcOXT$uT3Kiq>O}0xDTf@>SY?Os^0ZOk9D?`Dhdd`GKhy@llKY!hK^8vL
zzso47+5baqI8?Hm)P7T|n!ydD+5CQrM`ls&t{_0(ilMp0y8OtN-S_9(oKM$or~vjq
zI6o>J^g1PiaCxs$0S)e_k{Nr@zYinhfh`7V>49SzX?bkUqqGd2r&e*xg)u|NhE5LZ
zucj*(=Ayv}Zdb#HZL^sD{fF8JtNn$O`|!|t;mVxxp4ydXHG-QRSLI<8XzhS_2QNl$
z&nbkDx1kGQia+fzoPD7ajbDEmz~iUb8OeAWDEVz4j0ixAk2^#)u?SG2hu4RXuZNoQ
zmtg1~;*!_75PwWP`{EU>$NarF@K2wz`)#-ri`5>UORW2dw&5R(BT_--EyGRF;pH0-
zHuq;}Jv~o70UqsdPhI{25Ee<Bov%Z@4&ED$$F5dZ5#}m`k+_^F-Ml&81=Eh}w~X3u
z#)HUvf&-|knfjww>ur+JIP>QrgiZQn88J`{pi#7y|DkqMiBV0Nfj-!<mHs5P6&50_
zJod7+Cm8;oiCXzL@9RK0cYWax70gyA(oiCoFORnoO;!(94tIYtTPA+$ggAEY&VSMB
zC@y~cI~GsQ+9}v{8aQrcnYDIR-E3pI*eoyqny;gMH!yO#S%hJXKG+b0^K!v1N~uSQ
zHkE#*5I)8+XW_HIy5hrm*d|W6E-zKhiX0fUbI2YRbU^*H7-OHtc-6o5hv8H0pX>aB
zfWc_#joQnD_Qz3V0=_1jafH|^iuc!h^ZOUeA0i@4<DB;^4TlF0KI7)|GA$-T&*@LJ
zk$dcx?`~(0dNVP5ugBT64EmFh_r;aES)Z!?zWo;qM*$}k0h4Y*M#M}%!Umi;Gm~&v
zW`6!0W@MF~U@;-5Lza*rMbxMrc{l!>>bY9p`#*%A^YXt4zw{{KjG5ZmRg&?Z&%M{G
zrcw`ij1|w_Q}?o>jc2=j*TVdb&*MdNnXI$J&#{1Iy~zgw!DjujN}y9iN%1R?zi&ha
zk$RXu)X2`Qd#(?Tu~NjGL&rE;#%N@Y+|Tdm)JHKa2HvlU_x$N7gz)}+GiQU9J6o%F
z3T(QPuCE~GwMKsR!a9ReQXDEN5lO-9@qDst$!^^DGsA$`p}}&UsG;qn|AOY>EbkG-
zU14EE?Xp;;QQK6nB53foz(9N+?t~F)X$1n6*bMZRFi5sAV1!=&LHuh}pCjXYh_KCq
z5>sS9J+Q(x7?9me5+(JZ9&ml@i1l=KUijs*5a1y#x+1rEy)@Kp>-z*E{VG1P6~#X5
zlE;4EX;s62=xtsN{qhJf48U_9Jhy%MGM=p>saWDAitXGbS)JPXJY8+bBjWW6{p~8;
z{@6gV>Mme0DG7x5VT4lP0R;DKQt^I5;#8dK=yzwVrgywPLIq&WgoU0x{*4{a6U(jJ
zIgro}=N-+ao_HwcG(Oi$clyJBZdkh`4?7tigW%ukSW`FMj(?R>5gqQ*_nu_&h-dOa
zB_u1oqIMMh7;!nrytzhpv01;_k|*UYO%$oo?Ov}~B^@2?2i7kK$60mb{p&gk^|dAT
zjkDUsVQg4HgOTcf9&zgoq}>G<sbjN)ugIKirQws$*fpzlJ!$5AHDO*sg(gSvt`Z!=
z!lToD<ciXD>F5YBD`3^ve&6u*wMkF3(YgPJwKJZ!by%NU4LkDOp1&S~g*xHQBCX`j
z(&os0z4!SRUCF1b`n7bS!pOt<wGNA9gr>t{>%==<==RnD`lbG)^n<zggP6Os3HBIU
zB;DxZv^P!>rX~!bbFmw-l3A$$Rct2T*Z8L6NU>i53I)?wM_rtSg<{ld6tST&A#Il|
z42;rAQwH_D4P-*;)KqhyNW5;lIxc_s84e75k+#5@wg}1>K`E%HBwc~|w$iB5Xo-b<
zdvo(ry-srTB*Sq2VT1PYAOAdDyz~*s`tcC?#+~r^29iX9WZx4B2%NS{8UV{Mb_stZ
zQnn#(K~zJKnlGUP$*3`2-d$xQcaUU6ylzwo*5Zj?a&{xX21cosn<5()6&x*7U%M;B
zm)hV=Q8!a^4L!MhHpnF!*prfRkfUC1dC|OQx?WP0_fzWu#qh+?r=L?c!jItGj$P_v
zge9!IsjMs$O|cLY#8n_eR%`C7+!@{V_+f6lsdBskWr-${<FP-~#hdJPMt%HBW8O7x
zwRY0mOvDfUjDuKAuXH&2A3tNy;=$=p+$pknzQ!f#Tuudq!TsW8GCEQ<FJtDzQ=Vbn
zVK8zlO-%k8lSAe4&?DCCUdU3ndxfO%DphAJR{M{O7vw!){m=)}@<c@WLxsvz{}%cy
zhzvQ3E~QT}_fnHs#+eh=NReILP0b3Ld<(BEY07~;Cv<i<#vBrlLD2Z6dt`qRaihRU
zp^nG7Tgm7vU+l?x8i6HTtFc1g&!LIdXI)eXFe{=T>E+xr-IK+)V(^z4VKL9t#3oLJ
zQ$+~>KMr|Jo07Ihr`jBv_;5cQR>jBq>?yHx()f6`HfLequEI4l50|s)RokeeMP!Jj
zB$svI>pJpd$8%MOx!CWVW7#I_0#4YfZ>!{Gfh<<Z4cXoepK+dV7EtpN1$oRlA}AG9
zZ%%Px;99*mNK-=aXJ-x=yq<gI{2M{jDB$zl_ppEMKM^FLp%Ebx2od#RIFSgz;k_aO
zgiAA<Rx1>b*rRGfz_Lxz!O0vgas1i>#L%<%K?UjBr54Us)LEa77nQM1;o4Uyw5TH-
zlvlkB#=otkvFh#r%ZTxia%1}yg5m*j`qBQ=-{~+*5h;eH>kv5tW|E*FuGB*?$g1+?
zH`W=J^7^efu>xeM<YtRj6kQ5;Hn>Fz9e3#B=LEuD-rCY&`U$;LHIxl9Zne0;6JfsI
z{D@RAeSS=-b3p<fjlofC?2m)P+YrKr`e69QduWb<F=(Jgvo>v&!g}4JA!0^Nqa0?9
zOel|E<j068IXykr!t)(Cr$w`5GBmRsR^HY>GX&&<vYlXrqEEC&`G7Ytm8El|Kq?|A
zp))GcU4(QNp_MJ8zUmz-P199sa;K5wBHuWiZN=mljQ*x*%q8h5v}Zeqyk4AZ2c?Nu
zq-&&%$3ivi3K+b?>W98^E9#v-+)?9KVKE>b*GN$vOMpmSz}tv2&Qh>}m3aeNy;aQT
zL8``{cw|No(>qPs(!#1DM0E9Khp@ZZY=El=p9_INtEFRFqEQu_^zt(I`2@Y|MUSsS
zRuoeT2TWif-1{rv)^)#oh*Wgps(bNgLN@@#FvAWfv9_pEEH?W7PNGzNlAlzv_qTkM
zp>f00*p><7wcVbhhV>#X#KR4If{4n}d4jJ5Y}@_uNO&KX;!;S68}vXB3PAb@X$QG-
zF`^>6&87Z=<?lN)?9qK|%1>5HY3Gt569gU$GryDK3{Z$-V8cOzdv&v7!CDl3%AXba
zm&4vE%$T!|*TiDTzy{(Gi$Ckr2+|OpVSa}t=UpR8tuT288h##DXwITx1kOQF$DO3z
z^o-P*MNC_jtZ3iWc2wNtxXhE=f}pIIFv?u*`w3EkF~t1)OT^=@#NqOLeY!joGfbGR
z_3^6Y!zm^CP#B5ZkvZ_;QS|=XxXF^1_|&#RZraI;iVd?`H^$kNU^L@9Wi&pmSRmFn
zs@Gz=6&(U~m$Qc317fZdD9kvMs-Y&OjESTWwMZjYRXabBdjm^Sh+_HXxBvg3dTwaM
zxg5tj?HVRsYv|dPCzX)P0SRm+UUltkLtpY}Nli$KrdeA|0u`(mxa{$gsM#X4u5GhS
z@)g$fn{A37308P-M&ydzK4ry;{^LY<K!`n&tc=dVACYVnA^YhCxVA+RS1eM;GIDF0
z`O!-p2waEuGw^AHEyf0TzjcbdmM%O|Y?s63AC_pOC)Gw+#U#YlQJ4iDhaYeF{Zb$I
zrUg;f*xnvggNK<`Qu8#hy1yxU(z6s5Bz^3d$!9YZ({GFJho{^k6@aVtn7`?bGhX*p
zye_KW<O&^-9dtV#Uuqdhw9OXP59YpTKUEcI)Xn@MvK@Esb|eQexyIDM|7B0NK<aDz
zANKUGpW84!v?ct#V&CQS{;it$s5E)_K+|4kwNt9d#6&1b(vnVJI7a$@W<GO^)=wZt
z0%yn!)HNHDhH0UW^&?J^2i)1kIGLoFXoE0+yGJc|_FH)M(|H?W#fYW@zTC~4ePB_f
zABY~|%)$koY9*<;ES_J%@YdOugtnd~As58n#X>>739OmJp{+z3M2r_I62cm5#N`^7
zP13AwGhn0K(Qc`-7#Lvgf|QM8GDrTx(dSHh%d|lKm&<%L`v14fJX9@UPaGcdEJKOg
zEgkW$JwL_1M_b1=6_w+3#TtsJ&GD0Nb^a%%Rp}LmBj?F8i-<H9+YJU=rx{D{`|dMr
zrucFFKB$kH96azyBRxFQL^HaNg$Q$IDdwIi7b6fMiDlq)s{~{s_vMB)BGw;ZwQSVl
zWD8BO8VBpp!VvmeLl*R3NRzC1HB5I3VF9`en|cX7KL}_9qY)uf^tA$EG1xng?!5~_
zG8zWq8w@%`4&ovr5(Op+*XMc+K$0}%U0^$*p=b3_)36wJlTd>p1f*WHQcF>y>hk}x
zmBT;Iu#IM3X>ta8oCpDQQi#@0=hi#%zc!0x=}`&GdbW!ck>qFXMK!>vWpm>o$&8tl
z1apLy%Ud?KwnqDcp`wc1vXajz%8F9gCvRo3T)<|{_`KGrW^v1$JB(dikg?{fd*m{6
zDgx|d$X2-t9zJFwD2d$Sg=x7&*ks0`7Y7^#_~xPqsuqDrq(*OVOSd^STA>k!R@N~5
z1m;TjKJIs3A^bbU4e%P3?^jmAJiiK*r^b=cWKRw9bk-$g6Co~49%cb(>vwh~-W(3O
z#fEm>j9;QXGmL&vp|UY;a^yTPSTJY7#NMfmoP3e~wM<_K_hqb+8jTIEBYsc5ww0%R
zxsU6v{}f9FQJ5I~A0F8-1tf3Q2GSk!bj+6O`Z)<t`H>6%Hfw2VCxDpES5lXQ^<2N5
zt)3*!Nw-j^(VXFEMEEy|#S#W1UB&{3;RIPlr0Q^iRwpC8DF4S19=SNoF-=tA52fRG
zc?q{FF-*%OuU?`(rDl<$Vb*9NWzz&p*Rw5hHG<;$1%7PCh51!RIxROOm4Q!j_*Z8t
zpJ8R=O3jPxiAR5K(s7f{a)yab3!JJB_4L&5vL?CJG?eo?=^dZ1Cgr7xpoAHM5QO(Y
zJAe?t^Am^>39zb~l|loVY-#HW>n!5^i7@34>+!HnXj!I>ZW5f2D=!jJHxrxjYidi>
z={A~MJYu4uk;6_`%{B3|2da&G$B!qH9Uxa5F17dMzuOUuva|WV{M=3+Up3o<JH`1=
z<$w_A=R1MHisQh7t{4SibKX{iky4i&ju<T1yHO1~rkboyCKTBoNMsWsfPVgmBL1HF
z|2A!FhBwI-e1%8A?rPI#fJCodalH!azY8g;wK+r12Lq!?kQNhG)fm}E_tpiOgA7r?
z&m}<lrb~?Cbsdtl^EHm`jk?5EREl2C<An;n9zm`=!nRR7v((bW-}>q$4&yWiB!yOr
z^&Hq*(}!~P4$Y19ueyBa-5`7zO~^@5NhtW1-Tso<M#=YjCu_YzarDQ;pT!D?W-nU3
z3WClG4f&>Clf|JPxTBcE-oediI}lk0>IDRyk>-Z({%>_2Xvq84fC|o5H6-9pZ<rty
z<$YKfD4b_@DCe?z*@vfBlJiEC@c9CyNS7FJPA4++JeDM|G7VXY)$b+#uTE>>%>S#?
zTAZ4LQGqdw)lZ2q&yLY}zm-hSU5dcQUS{NXB;9PbXw&PvD&33S4`pQ!g*s-+ReW2J
z#W=JZ3ME$2*ww)sJkd^N8+4m(KkNo{+kxO)S&N9RHXsk>x32YcQ>F*zgf`O`{tFEU
z1dez4tw~;Zu{Gm9=d(3xJ+57e_tIRwPWI?*e8wVWYz&O~BH0vB!yM3QXv|bpL(Nk{
zmLE){_k)Qr3AD`T05yL(9^M?zh9F|s?QF-WxZi|EgaOgj7&*FH_UQs1{~FW*Mn;w9
zw1hn^g2ZjaJdLO<svd|0P%OrW$Jaf!x?@IDT+BA#I$A%FphktmlBNq_2bVa~Xc3<+
z(TeC}#YL$tU04OC3i`Zd)SFbjJ{@Q4w9TLcrIMM_G^=6A{4;rr@LT@M;N|IN+0r(M
zf~(abROP)q0);%+Vler<(>E`{N+KU(V;|mLC6PYY-cRM}_Jv?!Vem7%u}DIElr(^(
zLQwi~3lw{1MDsJBEjG4Y`;3JzKQdYdm&UWW!(Z)bWU4q1D6di`Hhp6m(OAzMx*!pl
zM@qG*2vuYkDzAEC6ris9)`wkokM9yFDW=c2>UPy$i458|Fs)it0zO`bu)cVaZnUp%
z#ro5->5q#~cKS<v{!;V;DR_P5^?uMz!rk<}QCFeJ1jrL528Str-d-2a5Y2#FuAFXc
z^V@bePK68(_ZzdZ$vsImujEt)Wx^Xfy_k>DNXnFtN+_zYy4l$wA}XbTltCY$gY`HM
z)bx*_o`UPrwLcOfwWx+|*lnR38TBO=xGD8@B!=c!SW+ZC8$@nzyz(53A-bRhKe$x?
z&OykX@l~HH!WOteETCI6%j1xC@nA);IY{6KPU?R91nPifI+1y3XsTAjtPySG5hZRW
zb^T$#yT*SuId%)x^?9Gy02cfVS8$-?N~;cz@F?)W|6N|SpsFmNyFxRf0a>_W(YI}g
z)!&>#|L*;KSJ2wZuhob%S2Q}>yn$M|c%98?>uE@kp{b-xP`;SL@D_RWUE$SbdjMMS
z>yGNT?d^00e9o?`@NpZT%V$tsK-+@ZPrJBUU*9lJ?e`~qm(oO;m6?MF)$@jQ@OkxC
z&;d?oP7PfX4{ICs`<a{GqVeP4ZIMNCb<FWz*av?YvO)LWWO^xPEdXjDWuq7tnj1#K
z$D>&>e3oHUy|tlf&3G?QrH6>8c`M+lpE%%It3RJ7y0$czK>6qVoK*5Hm4{raq~c6C
z>(oU70DHx^nDe9%n%0T;)-H}7)^jlg>V@=p@9dH`GcwYgOh3s;r{($Xb#~gIYwD57
zoA1d!mD$oF&<>lEI276^8QntH_W_$OzJrGS^Tk%)VM>Vaut`M7RBi&~rI_;KZ=wm$
z5t{Td@23=vJkdl`BCdoV+$;iNlQZjW+<l!z9?jU0(AE6zC$~<=P1#(`KJ(@Kwk>`H
zT57*#ookWadUe~UAjhbEthLulT-GMii(D3L`Lr})Zr>w61F_Lzl9KcCpjun?n1i$M
zu$oWupixEooQ;guF6ZCt5Q8V1tvx)JqT>AgQp}N0Z<S9ZA8A@XJEFHs@C*K?4)p(P
zz=Nd80RIs!{jX8K5ee2|W@4%gzdK4<HC(}fBhQW5Frvsm0->#{EAEDrh!BePht*{H
z%AmegUTSEOH2CsQr)B?0rM=<(5Dc$;JcU-#RfXT;C(yA#cL%=?FaAV*{TczP?|Nj&
z(oZ<Ph<$s#k8Z@qu6?rV5-3<{T+K@1bn25>@>a7t$rOexD}27}n?uz!$xe#NA@d_^
zjNFGyIdYO*7H}CHXn=(;dX_P|&J#UBA+v_Kp^uUfHx~D4yt?)FO3C7Zs&gBR5top-
zSa0Pk@^bZjI=siyZKSy>2*s!T$K<j3F@DaY@wIf30SKQa@-lBi>xkX^oxeftR*Dz1
z%tI+{KwrSBz>L;AG@0zTPuF`G*j@art2>V&2*|_7CTwPBM5f^hBAL>bri+~*?l+s8
zvacJ{r=mm1bK1YW&^M^KcR8nS)FRaCpl}*1^;oQYE@_~XDtbEitq99Qcm5&G;zlqW
zZ0we{il4p;Zqi(@15-vt3D+HamR&j9?Qwb<f3q5vU@iFUDR-<c`qyx9U_c;oDIOjL
za#jLagk~~Xz_)7^EBtH3onG%_AR-F`1OCSg<S}WH6eR{NTY0hK9lB9MU&ClIhe-VO
zEgSU$4;y1uu=k+#l2WM7NgpC3q8>Ld6PUES3QH8vm)=qw3B)K|B!jS$QmV)b$4s8j
z-yo5j%(HCRs>irSKV|If?FR({KnqJfJ2Bz?k=uQA14Mn%{$v;SXIb5)3R4eQ`?Aqe
z1W>cJy!wb*d}?}UjK?8x<}@Q*#NXfdd4r{9C_7XLRvWQgoh8Kk{re=hkfXcun7`C}
zILZe5Hdl6O1>J8|cct@FA)`Fv2~<Nuf5cDSB_FcrY+uNL9s|S#7+D1D6$-AIfzdF(
z%mIS#XhtrHB-yS+b1BJ)2d;qV?GaVuuWplP^6itGR2a?PmRop4oBdk(u&9@d2kClI
zcPi`2QD~&yuhtw2io*F2-Uqd9gvc&IpQ^)S9$9!}SWi3*3eGKoa(zqeG0-KbVV`9z
z1PR16$lBI~PShV=J*Y@_R^Ge>hDW}BQF1Ko{T)-o?gqsh!C~80r-3!JF|b{~qJhCw
z9@gdKN!Y_qml6RcQOAhIy*7FMu~G3Amrg^Y3`x7763J*k6lKsqvg2wIy-{*5YA4m4
zQcZ$aeo9%~Du^G#?<q%)u>K}9a+l53QV`j>?vSZV!hL8>R`=67Vz3UuWBg7oqA@{Y
zS+?e_DN+G)rkpEaiVa18o`+Wi@I8Iwja>C>T5faPiDOBM8Z=yjOQ<Tq-lBdDuy*-V
z)sCF(957veupvf+QiR$DiQb7(nu!ML{fDgey|!IV^T!NL@=AYA41qT(MQJ*}+PcWN
zj?a9s!%2;Wgj)@_z+tW`V&tkTH!|?01rM~~=^<IPDE579mEY~et3X>NIWhs~HgnCj
z=278fZBm@I>u1>A^}H)=&jILo<OtXuJHFJf08!X;uU6J>DLRZ+XX)Am@##YP@!u3c
znI8vVM`GH{LN^p<8`mSK;s)!>aVSiZPh`maUhrAe#w#Vv(a^&*9dy`77Am3%lNCfb
zmk;nr+uJiG1x%L7GqmC@A*A?#6aeWC)k51(>)uPM!j%jbXKQ_?7cMK`ULjArE*=Yc
zbX%f9nNVja$mpqu$KKG|38NVrue(DIYd~-l1jU9T)ynqlH~^Jp-JP5};FBWZ7M>9E
zXZG8%S(Uxf(y;Dbbc*E-nMhHc)XqKJAgNp81w;6kHLUW7ytT`cuxbSujIE1QJ-Rou
zLQgm6!oTHU{TbrXrzXD|bD~e!5*%^UbcyIf)#vPAgtB4BBIx5Di{O&E|MGcn0ms?`
zgthIMz+-<($w*=TalKpMmcpJFq|WjDTyRoFN>1`s>{}_~dIKDMk&&w>#OLwt=K~(8
z?(cLd;b5=XwIW^G|81;~$>M~9u!CrlqH)G?9)<ODdJIIs_%$MsipQQ%!^8OlJmr?^
zeEflGsH&&wUN$prsu`-HDjsgYMKhOF*Lb)oLGl`p5uFE4Gg;EMib+7#GAYoI!@MMo
z1A|A^CnJzE{P0Y}EJ#qx+;+0=P3`cZQtp?4kef=ZvI4&yzMv|q)Jub>O!`;9?SKXq
z_~uW2yfehbNT-eoQKfWjwF=1X-$V)-N9b0^W{7FAe?uHKWF@&`xKW827TtSRQ}Ato
z!M?u=$RJ4**Y-`bZ#{gJ011GEPb)%vF1F_@;1ujmYH5UuC{xB;=(+0eVKz2lD_oqs
zRxK7V`BX8toZtJ!D9_L2Y`BmUE}VgY6k4k9YURTzu)osW2E0swpPhY$K0#Y-L?Jp-
zVeF#*6#kv2l&?Z<mNQ)Cn=V0gJ`j|OUfyirw3x-f%2P;rWz7!(`HgDH?=O!xnTRQ5
zrJG}KkD)4{*H1h__49Bw%FV97vcQIbWm%4%(UV?TYi}cGX*;#%wVaW!dKI0^Vao31
z!_DHkVYE&p=%{qQz}li{7=5y~XrVk!(vQgl6dGV?hX>zcf376c-sXEaEW&yF0w+Jr
z{tA{1pr>;lI=JJ$!P)gf$|37GQZ?mg&xop-XYV|{J<?k_xH>h6(>cmj>y?`)5>?>>
z940Mc*8Jw#U4&AxAB%y8k0W6(hr~C0@FN}_9h^LiW}b+)z!SVllM(5(!0#FN<uOZ$
z;p|X$rI6s|Ux_nDyS9#oNy;zMDhmiihd88l_2eix-xi2iYBhv*uHAz8NNRCGDP||X
zx7n*P5g79jAwn`ZF_TU}MYrN)BI>21qD0OEO(35oJ=MA7L!kNGcO0B=pRP{n<as(_
zW#V%kaQ?EDNuU1k`+FC5$F_6X)mx3{G?-;$XLvh<(k*pY^e1QrF${#!gT=6%JZK?~
zN5`QnqZN1%eNGTc*<Qm4-s)ROo_FZ&(RMdgBd6gLU5I@jT96R<ys02u`R49jxeV&8
zm{;F<&EuQ1dA)`iJTInGBt{jj#p6#)AR}yaP{1R|<i}`q*BFSEt4zAqHGo#Ruu5EE
zJBb;n&>XO^Y$6!DKteu(wI#M^^_KPgzxPEe%LQkfDIyuC)o9$CbYD@?ckXy`p+1k2
z6A?+)F@7gR7YE>cWcr8!v=+DS09{Y7g>hC>@3mH)5F!4OC6qh6>@4hn(v6|sr9|g8
zhCC`{B~?G)hpo$iK~eq*WJ(&j$(-@5_YIHjftdTJ*%A$0ssyV@Bad4ycI0hPIu-Ln
zg3*$Q>9wrH;P2mJ0Rd`qAs_kJP90wX5k$pK>NSXYHve%{F{+y2-qvQ?v2pfa&`n>m
zA^XooP(VNA!nI}S5nO>$oa55Sc-J|>$tB4AEnhM2`!yOgNH2c}nHidVB1zqUaKm)p
zTHT~F6M}l=)@=IZc%Nwg?AgkdF8WtaHbVgDU!{iDPEFwRM7!<W5mLza(g9<9qvNb%
zx<h67{6DPopbwrH;4S6jo=@fv*J{w(&d<9}{rXIS!NL9!Jv}{2E{{jZIo{m5OiTwU
zf_Pa6kRV>?3gc&SzIqX>t{U(Gsf0R!N*DL-wN~fuw4zX;WN(TN<zkVy!-Uz@d!H=c
zstZ@y5e9gH1u%*~wVS$+1$l=4W8e4uXq6(srfEh)GS!aK9jf|4ATWU!00`HO3qW{j
z-#?-iLUieeZo?N1+M@Z9sA<FiF9e|f^A`LqutNk|WN_%%Fo0&dFkAg~Zc&`>5g+&D
z>jMg{R=Wn!I)ni)Frawrd0Ic8HdKg|*q3wvgSV(agEquPa5D4{tq^1oVN90y<GK4!
z@!}RX=#L(sB<DWFGXhBvt04$M#~^|5jse@qe11iFjt%$^+7-)nBlg7_-DBT4pa(q}
zB8WGTf5++_NAczp@PZK#Yx=zCn$H<36hP`r8TBdTGjAy?h<6<$V8D@p9$W#bFE(iu
z61Q_G%mXY$JlSIy<w5WysKvsnX$TUcBp@9e;&Y<Kr+`QX5{PUuApvt&W$Ggl04M_>
zTTX$(JqrX~Fv=hFSa6|CP5{6QLeL|QinDshR?WEuNH<L);p0TZut5SY+?NqPVe5!}
zJoj$Fk2o!7J6x9-;>{2AzpsXP)9_-s(;&~r^@kSriwbmyjBvn@nq{E`Vj?|8d?d*P
zY(IPu0r}wCL=Y(-y;o!h5$-=aLJWuqMH?Bq8ygBozk>GZC|^(0XiCIQ0;#TA0_i3_
z1X3P9m<MVImf-=ZrkrS|UqPTR*oY8v{^C}&yw`E()?qAF*Wn#HB_x)MP3kLLX2SPy
zz(Zok4YMV^ZLh>TDbRJ!2YjvxLhkCaxbCUn2lnj26X*V#l2{7{eG}*oKg2wWAVOYA
zfG0BOxn$$l+b7&!H$rbQQgfWV;r`lm(P{pjsx;~RXK)2X`vwCds)->4V!(76y}V(j
z|8X(F0~B_WJ6~>-Igq{V*BxZLv|YevrH)w2L9famb>!nRvmbJDaSy(SIKUGVyq(qd
zAn*Ta>pOs&YP!D(9Ye25AcBB2r6>Y|bfh;Wf`S1QlqL|BE`)$|qzEEN04dU?NtYIS
z?<F)L6a&&bp???O|IG6|GvA$^xifpSd+zQ%EoXOs$F%-@mE^5)%Tx)jp-Na1+HSM7
z?q#Bo8AjOMOx+4bedR%6wH2;fIMZEdVJ1-e`2LJb5UvpZN?;*M@wz5DUTnrW1C-yY
z;Y#8cmJ9gMDajXxCYfk%Jy`Lr3eiS4#G_ds|GD<4r@Wl*Cj0h{%#W}(sHUrnDuNT}
zvxWi~@APd}8>+vbg-y|-38cf5Lra$#22&@+iiTotL#i|cxi{Sw(zd4sxuzs0Woh!V
z9-ZNhi$9Vuo)-qFvOUyC)F9k^Afjx|OL1VT8NzPfR;Qa;tkLSdbz@`|r`Gf;Tjs|~
z8s-L#a#{Ar>HrIgswg6o(s{k|f5y?!B>YtYm_r7P1S6)^1thDWQ~7^8lrJKxe+9jg
znl#}pJ5}^*m$XF!RwNaafd4J#xdNx86nV>QO!mL%tF!{K-^w@cS<U$qfjdX6AsUkC
zU!9=>p$~U1b9Q$)?vnIiWlpeBj$q@}tvh)GW<E+pg>nDe4vM0b&?ogQqlLb`-`Ebo
z?gWwl+4Fqg007|++m&f$JQRxE9$G_E(E_T7!$@CdZ<+@iYZPBUljz7KE;t&4Nh|ot
zjk~19K&>@GBlb!8uato4gZpFhOmYhy*rMp6m+37;McVHeleUwMmFr~<*_C0+eXYBg
zL_K|HlO;f!<@^J?+Hm%=?H${uX`jvI?(Xj0-CY0z<E6E=v5`?@#WgW8u^TsT0K1Xv
zgb>=xOzR5egSL2n%Tv1vFQ2`Y7T62l5Zdt-EQPxIabMKoihHWL{A>14;k#X1GR^`v
zNFkSE`%*jh<i+0&b>BNPhd%Qij|o=xR@*Z_te|XT8HgxPRn2i0$bbIe<2Zm?@|FBK
z4X-S4kW*S(T0&xY7C}^jr-o>{CV|wH>Q#v9NH)>5{WgRUiqA!t#$i#0FNz<d9Gcun
zqQ9pMRGf(13^=4XEh2m|N3i1GH~T!>tq1LtY(-O0o<^r`hJ-4F8{fZA);9IB<S@p3
zo#J8o;fq}7jr~TK9ETzvKCRV3<zWFTdXfjc2;z##H8FZcMwFPMuS^t$0cj#=iPXP1
zm8hYz$ZqD>GGst~rUk2TBghHtMT3JfJ1TNJ(j25DT9r5jDfq~pSQ5M@z;|l~bdsaD
z{xm4hU&zRnYyHYA8X?RvJS}23ukSs&>ccxe!qBjnK#Aex-?Y`B4G9iLUG>IEGLK14
zMK(GJ^yT<X8hoK1nffJb$~DmPR|JrFHV#V;`pUAM+t^BT<R9kBK;+0y*i?J<@sNAN
z?~rr~YdW9puG1(RiTd3PR%JVVwp3g0*=zm<Oz-oOv2!{^pKCT}Fun?k1sY|}4AL1Y
z3$#e+!TmFwJS$rP&)?W>>@}hpR%ugEM?`3-AL<&cv#V<sdv%%??ImJNniv`$zSlLd
zce@_9+8rc#@7`43(|P1!h9Ti}yXtM20%uTFRTYO17vgLo?pSHW1{uJrV)nu%I*IwZ
z($Y`EY??vk1!6Cv<swpfBC=o*^JQY(DE)_+uWp}&Pa4z#co5WM+fhnjzhoUF5y;B{
zM?U;YQYDRr-Z5FLr5;{KX7K!Zn$wl1>h`DIqS9n<+vexyPP*@`$C=BJ6{MQGoHTld
z!~@@1Pmfler7}t3@HaABBEfvtW3x1NCzDSECR+q2`W9f*d`S(Ieg9SkemCKPeS&RI
z6>v0+K7M|R{V^#s01oIH1$vf3j}e)I@07>@rskC*q?40yhB*M$@o%=EM5%pT8?uJ1
zAU7HN4OHGhYmxXkj*dVWpTgU4x|ILD%HpA)r)`NsI9sBybSGkelfQn7E=g@iSfZIe
z+c11R$^Gru&z#pr06aAh508ut))dn93=@;!cT4P)B#Wc{lvC`X-T6xIs|}G))T7tp
znkEeNw$OTnXbevirpUuKyO;g3Q~K}HJ4IJVMveiFm%&4olQX_nwVrNkXJPK_<{e25
zRbx+WYfvMvi+rt)0ghKUNI!I$#1zm)E@eCtw76b8H}|}qnG9wtLy3M%{TUG&Nc=rz
zw3I#ti^>1pe<zE+D6U%c3=WW=nP2hPAoS#2_0q)IZ+JM@D5ifsB+GK56@vY1_RSEt
zDoL46Y-_B{adv!IQ4rXi-a(>%qICew=Rac6NCNdIkES78?x$rbBDIlVCZty1%?e1|
z$X1H>mbWUpFbxS%(4nhdvRL&W2W9YIC2aE&kPmQT_}x76TQm>oD7D`@_Uz=NJxtmU
zX(@Qe7gfk7FQn@aLsZN@msHN5e5H$am=y+0jG78HgV-ysQB3YLJW007Fp1xIqFEE;
zkaBO(-RRXF?)PgKPT%f@?fTP3bn~yVtGRtJT)8DCX%&bm5l0E#NF_5mWC}L`HPR?K
zLZ?6LPb4q@%Gv`$Eq`WJ0I^n3Cwl)7DUVr#Uc=dvF2n?8u}GPF6A9|mf&ytiv2U07
zYLXP=@8d^<y?RtgHC=UeiY}~74H@XJfZyHm>07)u6xVRSDBEFlfV0LSz%{OzGwV-%
zg@@<{%*yfR*9^I_q?v5x=rt*okO(efWH4a<PZ0(Kd>6ssJESPh9e2rk7hjn-D?dMQ
z1Hf`A{uh88{SuVzi?2UeN%as}6ap(#+$c9Zjl^@J?;jjUTxNaj&;y@vXHxD<4A*c6
zz%POG2}p&}C9c2L7<q9tRRLn)Ou?`zOuC>UnQ449Qkixe@CCWKX1>g8rZ<SGwYXeF
z_Te9u@185BcpvZMD9w+8)Th8cdwD8Bv^cJN&tl@^gXe#rQW92P2O~Ysi}_8*GIb%+
zmKdSr#TPn7gD^@;_dG1D-?CoU4->+~j|8x}(N1-D1qE|7sclm9PDcv2x3__0-`Du~
zUf?jkG^FsD>^<z3a(%)A;^(T~sY{Kd({zn>Uor*Mor{-u;YY((BPUQ>LvN@5#h-W5
zP$LcccX9MD7yY&9m=L1OFkI?|EBJpN;oqD4WxySQk~5ER|EHRZSXy5aN^<r=v1%MC
zFqC2}9K)n?+My4OQN(f~tnN6i=S+rmi7lCK<qfs_`w#WWQZ=ASwGxn~Yr0Z6=N&F$
zebKw_KU20pu1rpi@l4dBohn|`)t-!@B4*9?mf=>Vb!DqI6CHy!x3r&sJ1fXzJaf?%
zj*UKxk9qXU^E7VvSC)3Zr23*iF3V}TzZxE2ot&AA9TIhPbq(>Dh&xU_J8TyAbCKVP
zEzH_rySyF<>G7QKy4Oe8|6zH2tFzlky{$5ZN`*0qzfB^s%mw>YzkVTtwcu{m>{sP{
zwXMB*?}gUu--m|^7whDl?^QJZI&&5Gb&6cUPY?3$c^<telV$xbUnN+(WD_Bt8nE7*
z#|ULl%!X0w&V{|p+S{_9Fg`8`>sg<0{{`s{-P;1!XvjYKf#}IOweDI?8y1&bO13xo
zHN{_$nKd@ZOG)TvsnG0i(DNqty>q<dquB*A4C~Avp+1W(Yq~<AOl-OMs_$kA!q>8j
zr35MGnc2VF>5vo_J}SQ9D4JKgql;;5yQy({6e52bZ2}t_ZO_}=4KrOqXlxWnmoMsE
z`5u}!+%EFe)opM0l(@-z{5ssZ&2xg<&9kDWqRGl-Gh#nk5PdRp>NGX}yCBchtaOE(
zB|FRfhXXp2xd-k-Y(yfVRaHzSymw$fQs<RE?lFyv7*k!`JS;HBH8Pp6nx5-(yUoIs
z_?iW^gdOxF(_(BTpXDsNbM^`;d@+AAbaq`qcyvhAV(b7}*@c&>Xv%?}X$gI&qutKC
zt8Y)6SXc_EjM$ILvi3^2Uo36DVJF_-D?dB<b99L4_lYmx34JDKDL;b<yuDgosJBE9
zDP1ZYqVGGK`CMWcRB^nKN!?rY^~x`9A=TsM$e?i6*JsO2x|d(=1e?D^&&Md}gGzkg
zg_vw@^{Pb@>a4W!hk@1iQ(EUE-ZkR`?DauSMuPrrLFEpdS2kM<|M0O$N=u`GKZ?zw
zw9->V3a33vkvu*gm*nQys9CMY^ds%AvZmlas|MMK_VGrp{${9`<P@0$fX0J)3EaQO
zGlEd1r%pTLwoNe-xtSipT|7uQ_GYfBwsjO)|Jja(QpO{H-=Q3It6)(B57N6r4t&{F
zH44Ae=GibSb(%*atM|$42zvz(xkJ4XbHKYkvJ7TVp!O}4w1z!y-f`(`8p9Nklxj(D
zpdJT}VV=0T281p}O`og@z#^=!7_arb*E)}wjeLqF7vkR$mVf%r?zotdl3aq6`@M*W
z$-TL_N6ucgd^>609%z)hS3L${{!4snUIds5?^R$=&6=qWr=B%p#yfWx?eHaPdH%Ki
zN<lvl5`^27B)1p~xP!FGt>#OP-3>Npm6hAE`PAso?SLxyGjb{U9sY@-s3uzd<mj0?
ztMf$qqjn~#^7oyqTfffk!H8nD!p300nk!OHHZz?X-%t`bbFgrU*yFqo`ZMzw-ok@q
zfjBtVm;^c71L>>kQ`MOhPlawQo?x!YM#Q$N1NwB{GD6Oi+PAI1$x>{b8+S0&yK1M!
zt^0hu07%U`Zd-IoDeR1sCpV;w@}YIyL+DU-{%xx2NMQ(splb*OM+jubsv65=SX6CB
z@{N3aCAPq``2bAqrXs!0fHto$0e^$F2HMT8uYc{{)>U8H*xP<KPXE#zmZg5;XT}As
z|D*9hC)*WPIMxE`eOfvb$hsM9j;4iR^pv<icrH3=C=BJYsQgr`du@$1Fosp9)@J9-
z@E{wU-ltT-oiX+DI+H%F^jE(7K0x29NlK8bdss50X0sJ+{v!#|b+GX@LW9xcB(NOo
zoQu34)xw@S$54M%4xV(cMA&-{988v&kmkm{%J7ZNlXaK>)K7^bykOJ#ar)*lI?OPV
zE~EJKhsMqXUdS7bZ5md>;dceuUpKxy-AiGK>OIWUZ;Vj1X?!oi3eipXA7WCcLAuSy
zCO*6!NwYc9`gC-r@LRlMrNB0hhBur*-?1OOu?TTQWpK9+@JM#?;xos6R1%oRu4F%w
zmns)J8KwVh{ur2(BmTUTq~C2^c7*l%pBr~|sh-BLMH2SLJv}Rktm!PqYPQ?zyfp3|
z&&=1NI~&fOHm07>Wj9JgwM<388Ku7;UIJ+k4MMoSvBnt1*bRo2e+y?X9bFE?X<O=e
z6=`~NU6(8i&3vx$f!#wq+(sf_QjJ%<B@>k&TK<t$74$JoQISC)?&vBl2fsF-wJUA+
zIKG~)Yy8Q6_rZD6coL96z1MAO#ROV=+4g18`A`QX8T(B+6{km%75lWY91|QhKUdAY
zre;-%sRt>=(L=)bpVzOqfqxpc9Siv^w`L3s3>n|A=t^VdoUHFPwVkTw#XXUXE=AEW
z#)FBk8C#h<&Jj<3b8i-#E;uT~!8oG@89W-348CDPYk7Q|`>6d{PRrvrA3liN9n&d#
z5=Wy~*2l4a*fux(vPdf|>_bRt<5i6SPmfzUnrw>Urvl53aZBUdN050bu-mua`BZ*O
z327o68tIlyn#HrGLzeaO<@uQeGjV-(?0&pO*2j{90%n(vC#Y<`?W5El>#u#2@f<V&
zSFRJ*`b@johhLasfKH>$Pf{WC{Jmyv>(CBuGa1guRPGyZ50qTs0$=zX<y8X$(s&tk
zl!-gQS%q_0r}b{jzGc$O9Y)qI=hW=P8dp!!>cIF3;VU%M;ZTqIx}OaRd|!UtBli8W
zI(&J71=9ybR|@8l?w(s_RL&N^v8}X;-}zq9#esHtG6y@p8DttK9(tNR`Qi4pZPnLC
zH9XVCM=(~iYa)BkbY*|spr@KH>U`te?UB8b>-2|>kJBKSWUG8yDesK#R=gW$Ju1Yx
zx+Gk{K%gOarBQuaI#Ey|m^_n8{s>=T^K^so&bvQ?E%boufrht-7(c@rkL(b5<`7CV
z1=oZ#2u|Mt(y6;sq3zK}KPkSyM{InPQSm2yNi6`+KYC!9p*6?8QJa=n6aelNLhB<(
z-Dgdlyt^<C<ud+PGb}tb`DGugg}TacZT^mgOMkTHz5jw&*MmR%&%XN~K7#NPpMq2|
zVRo-hYz3#D2+2vSKcES#DEh563FGQi<Tr)Kkvvw~E{rHWpF#AM7`dPyti1HmyxA>l
zRy3QMpQo&>T>h=Cv7`0#*PgdOMqD&;$k+X?y$uma(M4yird1jjIQ*1H)O!%sx8D81
z2dCF{C044=s(*O8q{6`k9^cMTVI@9g@Pq~8cH+N<z|}kwf4i~#bHVySD$82-W<dP7
zpj5)B0XE>0iS$qdk|XFj%JoG{Q%5W7jblarN&k--F%FFa{p3BQ&9##6E<@~vDWyCO
zJEQ%oW5kPfR^O<+k-!JThRf5_3|&;{I99fI^4*2yrh{U_UzR*|ThxfF3`NxH8_FQQ
zd4HZw*1r+)N{w7{TgBiVIKUBC>@9ZJmuk0ICR)%^%pvG!!6z05{#RioF!-9<+%2Iu
zDeZL2+&Tx=o#rlZd*h?r0%soYD{jjlnITu1jNbHazuIiqqInJ{$W0~1qGlAc^K4gJ
zzJ2;pm=GY+d_%P<(Ry#oPh_j5@VG_jc0h;UwooI--9bhdct=;3V@0EA+qPZyr|k#%
zWmcrneF^8{fWBn<l$bRt*L7!FDz5h3o-*iy$wt?q(@0*ZNuCG`v{F!XeK|C)5IO~O
z_L*pNS<~o1{#gAn7HmB%q$cs8P9k*{W_;#Qx)f))RziJH^X#?VZ7rIbeGfxJEKaUv
zWZS)o#iG?JIb&+h14u7Q;>M?mmZea`S)~srd8d0}Cj$-Pk0}^>1?=e8<UAgjoHg%%
z`Zh*+IOzZP0h=B)SCaEaE$><oNgTbU(NUryoG=&pL6<9pI4w#<Amhs@A{Wede-XJ<
zGd5OHOSpG!H(zcvm(rfm%hc#yO?-l_MeUEaN{FJFFAn)W4rQ)0*X_o+8P7ng>aH2A
zoKW_(e?b5G4~wBWuMJjw`y<{W$%ZhB(H^ug-a7I$LmR$dpeidd{Jksi3v1_1$5I~X
zy)Hx-+{UT0_)6RCknCXcWQ>ThimDT0UXQc4v~Oy}u|z9K#3g67G3NYr&Wg?1MB4G-
zf;;yBu`z!Cd3SPfqaJ)&*`n^`%hPT*W~IRUsoX*38Sw`BjTs_Qwl?S5yh;2C&JDPS
zSm8*A<_u0fQ-K#?I!Jmszbxo*oMC$8e1ExJ>TNxDqMsce)1Ql?D&3=<tspNBU3k&k
z$nqG=o=U5;zI8kT9%HP%O8q#_?DoAsH!qh_yuAH#?s*_)b4i-jTS5%XntnB2M4uL-
zE=!|>9V4ikiU!&f-+4ye-RgSVEPiZLeMZdLql~;~wTW%ay=OX$YJ)rz%tlw4<7b^n
zSTaM4MGTV5j5Cr!com8NDJeljL-%(PR-*q@0gt(;`a3=gjB$Y&|5fBjm#kK1+s!mk
zr2iB}#*~<w4~mrj)uke_CuM)fXw%2qC?cwV3W^udBxx4!|J4{px(hIKeh|+)?*CBI
zMCp~QHjw|TF%i`gH_)6;eP8)Ml%k1}UWNG4{QET-`&EGE(1_K5|4`xu{eK6a^h%Cn
s9Q+?j8pO^&_%2EQGe%&%igdm{AS+yzll_GC84+-4-q%wtP`2><e}iFMqW}N^

literal 226553
zcmeFZg<Diz7dL!n=ne(xln^OFx&{#GknWHY>5_(_L`6axNrUc?6c|Nm0YN|-q@=rH
zc+a5s^W3jK?{$5Dz{ho9&YZLNUVE+eTd~*Kho>59@&ve4xBvhUC@S311ORmK6k3jr
z34UN=5%ho`=(f_T(g08qgLh_u0e)w&RM1of0AE%BfQJFV33v(q697DU0bs=(07O#&
z;F?Q%!##2EMwqp}qK&F5zyY3P1DFs@01Z5Y08sD`>F;w0cuobNMh4FST?qAm&P^fg
z|7{;(cR4py8yoN!{DE+y{`}_?nhpJ@1v-$8_Rl%A9Mx9-ZV5m5f#afJ;0^%X%&1?8
zcaGE}klRH&ZG8`YRTWW7XGd-eE9d*x+}@5Zs9u1$w<vh(XzgLa;O*$(<Syzh!F1U|
z6g)>==3!#EY~o=r!KAOM!657GX3ZeLeVdz?NfMWVfkE8O%0^W4&fVYL!EX{w4?H|v
zM0t3;yu7%*__>|kY<X^ph=}m;^6~KTae*zk+<lxpEWEj#+?jt3^3OPTtlcf$>|8wT
zoShg@<67Kz_VkcoVnPx6&(E)Udf3_gmy(nFZ?-@Nc~EzFZgKPS{I71--gf_wZm2uI
zx?S@1i<~%WFi}lwcV`Dr)U0%z>^vm-#4l<5dHKJS{MAd{&CVKR6V*-f*6%L=zV>H(
zS!YKVH*0ryRC|Hn?f-r4&-NM*oIRXD6}j12Dmr;syMdj5Q~PIv|L+$68Vkj@sD_=l
zwS&POJ4b7$OZt3#BD~@}|MS+LU1gmeoZYlsEG(^2TwZqh*QGyOUlP*)FCqThyh8sb
z^sigLyNdImknk^L{DR%(RS<WQxZ*tj!LTH5_+gm@0KfpnJJQ<TkhLb9bYq>=i*xNw
zqqtr*(n?~|kEGa;QCjU!*56!HxA~DIWLV)O0rzOg0$i!d$b39CjIkin=w_}KBzIs3
z0eHluGNjm}9RmgpgMK<AJ3)a<!&(8Snv(?^rA>is1)_(Ue#4vf0juJDKE3s?!bD#&
zLr59^I@s-@I@Xh-g3;&-@V^cONj4NN1jUI3{yek+2nWEC9Y1>Ke~bxsI{d2#IL80q
z>9-g!1@Wvn{>sy^qOX%N&Fm5Z7G4e(a=JRY5q~KmI}BR`qH!k!Lt5%8uA-SYY$~vG
z+In!<r1X(u28?7VL5J~gtqMT3fvfjoMpZ6e?i<M=8}8Bh9V9Xp(iX`;ufzWDL!%2l
zA7Fny)w(7%F->pC#pn3i*l#3qU}%s>M~Crg`&<FhRg7Ft_SY*_9DnwOLFH87xNxRr
z8vYCC@$nmGO^#8V$UI%2pTmxoJ2|SQkI}y7--*xC=UhyHXhW|mE>%$dIfe!lML$lB
z&jOj6Nc{~xTlVE@p`49&_cWb87ctWE1Sg`E^ywWdb8}ceI(uBSrNEy^&Ax+@&~;iJ
z9UT_e00=_$u;BQjf}rvyP5k1q>Q0lGSyGgdmy$Sn;?$Js^6F|l5{XP8MO?*_8^G5M
z{afG)IN)&Tv{xeL%bZ#lGj>*uOkbec3U%1OsO!nsy9s|MvGbjOHAiZKXL53KU~q6f
z0Vv0WvjAj(Tz_!!U*?j4vXy7~@pQfqOFD9&eABb9%~#82rn;7D#v>$Ar}k)LY&Gm6
zAj3qB1W*QyaA7Pk5>KYTH6^D6iW=&LALg~TGd)QEVtOiP@uEA;>JVnUB?Awr2vf<>
zzbRDqotdX}oasEEX`sH${RtGHM$?37%&1vy|8K#&uoawbPDHNObe#)1#)p^e4-|w*
zg?J*(%<&m~ksa<vIYr%R=bOvRid<-LC{Tv|_J8=1;1{3<cu6zFjayZuCQOK0*!k*}
zUUM9?c|y7U%WyCFDh!=W-s#o6^ZbbkZyKQ00A`|qYN$)yk=*|cMi864_@KBRL*ir1
zvDX=gfa>-2gtE!zyAQ7kblRg;Fv`g?^5zI$FWaDs^-LRMA>B}JB0!kpDcpoJc6k4d
z?%2nmTI{mtZ+6(MXPMSZ&-W6hPU|yQ+#Wt7(avYRuHH28rs^Vqba(_9TLqY3Jkfx}
zmeE;?{3Wag6iPLwKlHQ|7ApOCh~cu^)Nnj~i(uf*BC_T>!mPwp2lv}>#C)&gz0vww
z_19<?Cb<2ZlI2i16y6P-eezcMi&Nt3Fbr6%LT2w3SLd9I$6p*lq?uhJjd1dO8jscx
zhXUjFo4gY_(<!>IBNuYoM~4YO4L*PiIAIDWQ1|_52XJ&u5V^b^Onvg1`4|0K_Hu&q
zZ%u1YYlWb1ixlWzk322@P9DEussp`)Spt;fo12@%b%ABXt>=H)0Lt@c147VYWb0W=
z9uL#VRKenfyili8#<{vJ(s?K{ADW$Wcm7xcXY{LNw#@~}@-7!zHWZ=omF+KQq#zIC
z)<fHk#)ki#r*xW$XrfY;yk=NAuk->nmd=NF9PjyfN#Z=k?vsAC24?5^fHf?0T!0&m
z_x_&ZUs34{RK(U`$6&>mz3Kg}NTw2<5WVxL>t{yqe9I}}+-Tkp{A3P1iSqmDhif7D
zPM8mr0KZ0f&Kvc=<PQU#<oq!m+=Wh)05+bfc09Juqd574)yI(`=^hucz2>`)QtlTe
zjh;(EwUjgcdQdlh#B&Wk(!YWs4T#vCi3LHii#<H*I~yypJ_G`!tv!K{35TJtmEbxJ
zl;&po$&fHCE})!}!4#*%8le1Wb^FiIna_ZlP({_GXyD`-Pp&Q?G~K9V<rBL1b1cY+
zG*(e(OAtP0_~LYov@%ai2u=GY;DGskWF)T(&U*;$Kxdl!Gfu-WNVA~~F&UXp{BE9`
zO-``3G+T$#2scVU`nhpo`oM-PxB|xS%S9TeH-3M^5wMsZ2YPT3oCJK`i4}i?t1AOE
zC5)f55t)WJD_NNKhji{cqf@8~m}4+J#3;XSWNgMF%s_my%?kLdK;TV4J~{<~P8-V~
zcnIEM1yP@Qa_yscVsm>L3R@HPhVwsJM@y<M-rTyVExfA@>DOegbaR$@RBcHKZze$4
zVjyZE6gN)(G)frsE*uv$TFYshIWyxHIlA{gX`Buv$!aDSQdGM^MN9+v+|tvu6mg#8
zmZV<;fRE=Ewh(v#$Rs=sLUrqZj0ehpnGR8OF|*-+B=_QmPRQh0JJXqwr(ZcGETcnK
zjI^?Byb8L-gO*JOfARWnNC7Af&PpQIq^<&vexeJjwN2MOBVW$H3;tfGbazGZL=<6S
zf-~A6wjzk8Qi~6o-`vNZPk-{IAqZl;LsswQ@x>sI195$k?4r;&1$_RaIgfIt*p=Ag
zG4eqPfQj_pZqR$e{uWAxtAH+2IMUMXPed^UlcJ;@E!I~uQdSt3VhEY=*yMO&N&QxN
z1Q}z!+hVS>EeID4phg5Z;*1W8cu)cd&>22B!>!EtKQcJj0t!p*0a++42{|~$-*g^j
zaJLcY`sJ(4W_g(&$PnF?skE@w#y~#tqXvqBI?9=&?|cG(+Dig8Bp{W>#0dxXji}SI
zulU+>OlMCU)w{8n2BslmgaIZZAqd8Weh^j8nQeMV{H+tY_Y7?kf9rVN)u5S|X@7re
z98kgO|Nfo51|K2F)Z^%vD)uLhSlBJpd?T7d-W}>ZM7ESQs`sAkTQaR;T78B!DxDiX
z2vyo65DhRZ6FVL%FuN9~VX0#XF|$<A_r$b#yKBnITRq&6IWxMB<FmQ}N&Ws>7YI0)
zHO0|4Gvg5u5O8At_zK78?q4oN;|5A|TIy0eO+*UoM1|K&m4YAKUP0e0-Jo0k`7<Hl
z^q{k*hOmC`D<RpI?8Xqj4L&^eVhi5kw{+Kf_-)-C9USvhEbkhOLg9Ylr*{-qJY*3r
z!msJoA?9h2`#gXa(2vWYPTPC`PxH*~03&d0D`9Xs0b_us@|*Pc{`U&s-VtX-r6^O)
zdShb`tzw$n%A|cYN6zEVcu(7VF4CXk81Sl&9Jg!F)TV48#ENv4Lswqb-NAfK`V@vk
zyeJ8@J(c`RuyByhTpI90Bmuw)prv0sw5-r~J801pZS>74YSi;R(bkVaGzU@SrGEOs
z__VDk9h$Aw*Ocn-d_dps`i>eQCCn)SPlVVYXWyu7pz-1xVg3cRaAHt(M6?7fFa_J6
zv*v~LxFU&g{>d^;yXM>m!-w|rKXIc7`Gc@eh><Ta{qVHyMg3hImTIQxmt2U?*3mu#
zw13SSW=%>Vy;7{gQ12uV=F%~%mZHZ<YrnfnP4%{*;9lh8LPYbV#R{H`)BubGn5A1@
zSy|C`)mW9(Kxe?GUptGj7Z#KQ_+CR9!sD_2GFMkrZU9RjcaRA4z+NR@@jG=Kmtx1-
zd!q#H8S&$Qke$e;Ea=Gw>EmAy4|@AKPnrx{13d)_95eNNd_@D_f&abw%60=odF)bi
z1Os6(jf}6BR{WKnw6rvjsFvn6BEE(yLTqiN)<TbnAa+7+q8apnloKH#q3*Ye@#!({
zT2OtY29S-P5YF2o0Lw<tjQhiu0h|Pp%aHXU5CeGj*qpF{zVS3|S9g=GFYbfdkzN(B
z1~G?9hMnSEVeR<z^h!oH5eppWWa||%e2ZvWSxWzLqFmNrIYTxd3W7_42YnysC~QuL
zhI9t#Yghmr0d$J1-zG^ofp2aAz5Wg}ZJ00iSuXkmJ3H4U;<Hy)FdBasC#7I<p~TNG
z{+j4j5^$op{glK#Uq}%~wPq#u$IKfnfm7Yk&_vA~_!T4;86emSPA~PORlctN!)*nj
zeC_hp|B*LvM4-agihYYq^ydo!0mTorVi%(}z=sAFYwx%FeOu#WLHzqftaBoNVF$p$
zH*iv;$&rWipXQ9%7T@}_#nljS=<w`bzQ3~-1%^J9N8ooMm;cLIz@Xs_pm%1>uTuHT
zaYINu_)#jtPyZi6iG?wOqSnA(;f()F3vl!u)RIgb&DQl#oPx=<1~wR=u7-$qU;iU4
zgI|NiuYhLPhcKY|lRq%8`2WOWau9Ue+j#3$Hy6aMm&+_@!)iV6McUjQrrAvDtz|cP
zc)EN0a2CJFsonfRO5f7N&btX8b?T=RC-dn>&EZ{5xf&Q%#-tqr5b<i6SFzeU_xcj;
zhdZYGM!zq;nNZ?v?Q0+%&sr56KaX6(O3zqom{97Tu8VVb^2<zj?;ddz>h+hTelc;}
z_OdT};?~{X%TaqW;_fjnSFNR!lt+-CCEnEQI@w=!*Cppaz%Djv)HU^<#qbKDw=U1?
zCI}V)sjUnZxySp2FFovwuBj39+394<X>1(7LFyxAd)UU?Yhq%u^XZCu$Hru1r%2-y
z6Q?#28p7^Dbtx{RS|^qz8aGVmXc0Hydvea?V49F~l5M8XU8Wb<n|AbB4s`c9ZPT$Z
zF*`)kT=3GbfoR+S$g_-~dM2KUoJKV&gd+3A^%uxf6N{tm>~2DcrO#4^SJ$fuIu3bS
z&xErLua<7L#U5*Hh-JXIV{PYb1U<KMGIyfX#c>~Zv<Y<_ob3%O5KXZKQ+O%jo}2FS
z5of1BJwVCV*H?IpQsB$%6$)GI3)>9Oq;&5ePj?;*y_bHp_FcNS)slLjY>p=K^ZfWU
zvWCWM!j;c!!`Ns0^EFyq?kH-3fpgZnla(SZ%jnaM#=g%>yFM-7`J&-|<b4m=5lekp
zo0-(f#%_uab4BN#Q@GxN9yoX-kC!4`1d+_Fi=X3A5LfiLa#Mr~D){q5Hmwx?(F=Iv
zLXuH>3_Vf98ZmDY>k~l%fli*lZM@~p%_W$m*b@`(N9yu#?$vKJtZIr(dkm_Ed}!L2
zU4as{-9cck^hur;D+i6)<#q0lnDLY~pA?GKu3C1bKh;EkKG)6D!dVxgE_LoPT5T7f
zCL(veF;fW<>PiB?zu-50nwjpu)5)C`LFfCx`1sbg2DHv>8^0}O4om7NxF=1hPi`i~
zl0DBMb2O~CqMh#M^x2{i2Dy=o|0ApT%D1e&+2UtyLd}egkJjBVQbHISb8gl8qw<Wb
zY6IOVoSsaH@h^+7X4=}?-Y1*gz@Qoj3l6D#)=D|I#WvT&aOfl#bJa4GW~a@qzLu4i
zKC1Wh@DR?j_pQPnNlv^`+A)g7f)&wL-_$g@U}|KP7OI)Tg5C2{K)J?Y^oRNPO{Pw(
z82Dtj#^YA$`k}G0uIUeJjE_VpZT)oDCL6sJa2^FHFsLg%1AP(8kV)~{100w>pK8wW
zn=hf;hw6wj&-UlHO*XKP40bbn32ZHUq}7~`Fx^>}7+y@IQ`<JSxN9j{FX4XpcC>Sx
ze(DD~tiD0)Zf3ZUXnt5JA;u8{JFZE=h3~8z)jUVvxr+$AzN2f7ac!Pndq-YGN(j2S
zdFEnsqn;6QDkNl_YCns;mB~%xmt;(bij6UWRyV<ng(D0eG$V@v3-=IBQ~a+xG++WD
zk_6+UMtMQd`mryhF@Qv%KDYPmzYaCqALa5S13Hr~D~Z9`;3J2ZJ*>Y&8|)eUobY8<
z0|E{7W6x1>h=lbn6UwRmV3?ubaye)bJ_&pGtNh814?z-=KNeHwas-`W!lR3d1JF~F
zflCQE?y8Gm@})~P*9Y(6M?Su$@ZU3VDVlwRnuUMBN2*_;>gr>dj!vQmjt0d6=Q|Hn
z-KZg;{Uw;tXfuE_grjBQzQ_4)^~<~0-r&9pcz~qdFe6%Ce%-$BfV$33amg?214nDf
zZ*H>z^dm8S;3sEgF^Zb*WM>=5bAlLz(7&rGVpQ^SxL_~?hB9brK9`4vf+D7{`oMfS
zoG&yG1NK!fiR`zB52hiV;j5$hXgzGL402exZYT&Y_p@nmj>rI-qXbK$D%D?cf|;az
zTKcFOpm=(<>;=phWdH5bM~%xdm7s!K(hHy-ySVS?{K`Cc?!a3@eV||NccJiRJ(S^q
zj}r^42O~)KgkQ?~uNqND0$_%ga^prDbFef@oRu>qsL*m1rD8A)d0wk<`$gM_2|g`r
z2+ZRMM&7uIQi_gO<t^~mf*Lqww@r(hm`kNFXo2^vl%8!Xn8$)tLpi<gpim^I&X55`
z(Ch9Im}C4Fp*aouS&NT0@Eq-Wye=mgNI7a&M_oWTXkJGItKT@FTK!dyiNym)oDbpH
z<@7?4^&_eZ00*>|18@QAtrRm|0xQeknKlC&6gl0B|C%2c<TDPW{+<kV2dvJTBP=&1
za-rE_qR~3PR=XXdAi`{DZ}1nR)`QwGwyLKnW~70SQe?ow*JKBb%Lt43jy>bmPeTUW
z4UxpLLb2LoaEtX)Lg^p@j7_NSuj)rOHulURF)qLXd6vzuA0CIY7e&u&H<iJFzKrgG
zKqI8t(>|F*9H263nDv#JO>^r*DI+OCkoxl|YAqC2Vba(~s`TgW7zOxvzt`l!P|$T{
z!?z4PI#DN9jnQOa^(Oxgl=!5msK{hcWUJtl7~GNdKdC}+1*l*1wY8Kulsb0Q5H08o
zo8eWkOF)89=7m%R&TU!*i-mknMhRW1W>w!66uQ!Nb2R$u400gR8>{>aC<^en3*zT*
zz7v43pkD8*)p+{Cmm-3ZpbAk>L_>9MP@)v1qF3=6)t^Bd*kb)<&I}M1b6i&rh__fQ
z;wNY?yrQPhRZ$c$Sj^EfLv%yJf3GiK!JxQf!BpFP4P`K5V!0?234VWN2En%3VZiX4
zAZfPDdu*|A9S$56!8<|~aVUZ_Bs1^`uYYR0-slgIePY4rchy0qedV{ry)+XFkY(J*
znHc|F&%ioS1~K0lO90L_|2otds-f8QrRJB@!UyYO+p`_K>F9UCMLMFx-#ZZ{)@RQE
zEOEIZ+G5b4P<qP*Ep^ry8f$yRS;~p>2jr6-cTqkN3c>e1L(5Wnz(1~l;`jFvD*?{i
zDu%`V(*31h$;N>7l2iegItnIbFmH*dhO!6u-Y1JhS?+%bJy(H~1I)X#I=>orF~VkB
z+)iF{eW3%ns%(!Fxdc%!&iCi?y?FN_zlmvtq32`sd{nbY{7>BB1m~Os$~13a6R7#M
zN&wLFiI)OkP)lZz&+m1&$SyGs1_OlbV0(xM<ToJMNug)7oN>|S0)Gq!vXC<kage$c
z2!OqH7<&l8c^(B$-*T=^8#NUTVkphlRdlg`Mv{S61MH}2J<CKfIW1Rwsa|~2EglF3
z{=%gjLdg&lq7^p2$(RTve%*AiJ^;lVE0NUm6r~3@H3X)l2+tD?lotLu5@<nbbd@TP
zGJwc&V*zHTZN$6YMLAsi-NZ@>UUiWgcVC>80xa$#81U#W#r74Yg|A*DH-9NA77KbN
z(Sv41elH0X9lM>Z-+%<W5<$f;j8**}4DkTFpULTVHAV98vTlg{C8vAnKep>qI^P`2
znc3;aUiw8idgUGXvn|eGD?u`plYh4EE0_-YrmHwEGg{A@+C+aLavof!%+_ajiFcza
zc?(mm4)ma|3{VzU+z=o2>oF1qGlUyL!7R*L<PG9T`-}?)fMj#-fWvC8a1CEVRDnSc
zeeEz-7pQ0I@$XJV4fbo=Fay$==kf-RZc_iM>+@nluOi!lC`AsG8pwk1h*5~XK~hc`
zqglwms`MMPqfF*4p^LUR%@$>$i83H1rDeMsaA}jxiG746o_@?8$!*OHN(emK6hOaW
ziQaBSrix;8BTz6CZ1)ZO$P7*Yp{H%YZ~xC=gnov*?Xb}4uaHfOG8&ww9zoFT5(prK
z-d(vjM~Q#I+?6yN10f9I^N~Y&K&HlwDA3!n>!2+EVPD16FO-jhMiaWIg%e9q*z+b1
zHQH|@P7sGsZzcH4e*a}%5K;;($QhmH5j_@+wFH$wXgiEl&7#D27YL<oLFEIQtJ1^2
zGK@=ha8c^|xMRDFqQuJqP2Z*<<G%aL<FadkDB&E8wyttR#fEfdn@g($?b{pgj|#{0
za8SIKui9>-hS6YvB3S^8LTKbaem(>h+6{rL#d!KIPf;G}lUVE!%GGm11Mz?jh=xHx
z-|&Bn1PE``V+7L>mCO33&vkQtdLPa>ITVsn>ibH<iwAJDMwZ&^zhYv8VZdH^5f@#q
zZUe#n9y8|c>S67_1ed4)dN`#u&l(YG5a%73a*NU^jr%YmAnKX0DvDn^c+Cb2_eL3q
zKIlw-SuIM}=E7hm17JzE-n;)h7Sxl1Z0vTw%K$B89_761nY#T^3TMDV7oO>aXxscs
zDmC`d2W~VChLZ)z>Pw@d66lsEAe<mj;OKW{5f|j}uWv1le-WP`RmjVh({I?C7=A16
zPUME4nQU9MJ6@==q371;oHhTt`lYc|m-sJOxq+QqyHjH(cx_6rYbc_hp#_R-9T`)a
zY*O>=h89HN5w*=7BXRKC2R?q84pMu5iw44bJ9@EQ=P8Eml8#Qg6kYVR!t6ouK0n=!
zK<=`8kXYr0o;1|7Dpe3=K!@9K4;Y@ZKVl<ZV~6@se}8j~L$Le!lnm4I`Ipc9^$iV%
zKPpnHZwqw(2*<NNe@vkH#zJ(TN6k9~$O$2v6vkn1=U6bzxC;B=E2A8lVr{H)iU{I~
zsj7aa8f^>nR8@Vp@NHOkH2bz@`kQ+=_i%U%Pg^sq9tDl*_x8#s8jv$3CqfZUDlU-z
z+3c5?HbL8!h-8CHmFwcn91BcTaTQ_Q;s+gHC98SJO{#jQNl~A(r)*ZAtNOa0EoCJm
zk%1$RIG}uu7`%0x>+6X+H+A2V`fr|2CkKfiW#<73;XCH<(F;BNFXowJ>Kw8kd{}xb
z)M8-xGA)DjZV*Ge(VfqE?NzTzYjo)bPp@qh*k-yS6`g$|X?Oz~@L>>GZ*(WJdCe)E
z&!>{cYpud<?N)mSPCGqMmCYA7MOB=}7XQkCrg<`ewP$WNQk|7MpJr?6g`#g8%CQCC
zXF$-;-2aI&9E`3M30F-rANJiZ)N%V-+ssmnTvm76keA|c)|Fl{arTW*o2&}9w|iGw
z{;uTSt4^A>q+4VOKP%M{QesgPZ)S?$FIUO~x9ywHtl5kx4JP{P%9iiSBP8&?iCXU_
zak+g~4`iaR+mt*W6Kc7!l;xG#lOi&B>&u~c>02@&R{&D2aGhzq#xY*c)JN`MZIl_c
zfL)tv8ke}bWe#`C)}`;+-`}s)P<@<Rgt>}9BT5J*6jfj?(#7=A4}7z#+xD+~><6nk
zT2DiRsNPpIGoPGvzg`iy&n(FuI^a59MQjG3-Civx=J%tSkE!6-5#~F7!vEIND#e1Y
zQ9dL0*-9aPL6jtwFdEN>{nX%_CEFWueM9bj!mXY8QpcZpta2sY=>zuei7da3-zi0B
zH^6}7tj@aVBe!FMI^K<#-V8dMqbG20le`KsI~hoxm!&_61sBjfo3yd6a+EKA$E8b;
zjrbDx&`>4i?1V%8$jtq4((UI!4ig$$+yiH?)r<BNiTGchWi0|YC>MUvOLM&K)pFB0
zXpVYeK3+ZPbfZacs<`{6O3kD?xk0^g94?TeX@0lGB&fJo>cYPsd9q6Te6-3|+0ycj
zSQ`<oAli0XA?!3tJ?dfI3%YEJ8!ofq*Bbhm8*;H}gFSeoWDN&XY{LclFHylsI<tEt
zk~ftMtcV7iG(N%++!fXPqUM>+Y_wS~zu1$-Q;{L&sS>vR!U<D<5&ye5%4@LS4))ed
zj^~;79JAY*5g6$xSSj<_mJ``4Z{5j7XII1kFq?>{E>2r6#&IsXlX;R=(*)~TfS=mf
zN4$p-F+@McPw?0=F|`K?=q>7^Ss>qmr35Xt7yGLt-LK^$Cp_Qo2H^&@miu3NC=k0~
zT)~5^-JLG%W;pcl=y*1Lc6TwKk0Do??bfWcJTwu8(6!AjX}!^S=E`Rg$4x(f%L7Wf
zkQ14zi1S>_3BBCXMCRhN*kPv>t<T%D6FjrnL*!CW*TZ)Y%7$1Bk5k~>A{g*g`C`*1
zL++L{H<6Y6H}eLQ@5l-5kB#=R2<$H!wHx{3(hAbJVRh3LmJwHwL|~z639LE=CG`a%
zchw+pdO3aE?^wr-1pg|$Cy)kHo-|Z@HsB1g*k*BcdoD`7B8Lo#?yAc}=NPkna}vg<
ziAU+LJw3Q4mFTKV_+C+h=VpmVIbSE=d)MZ3lWbSvgVQHJ@!XHSi8;G91WZc`?q}MY
zR~G9VPh-C-o9uCZbI+iG>H5qD?*wna`Oeot^<?+JJ!T&buCLRD$`CNcf7O~fGV%@K
z>E$IB)Rl0f(reSSmJ@*Bk#oi#pP&hOu4sRFER?b>Z|rcj&TT<yw1Cyw<qE5cOBa+K
zI<s*vzK*|7d@!6j%7COU@&v;gtV!Gr1s{mO7;&}?v=vS`(?C}OuxiXq<>|%`3^L<P
z;xXJN$AEXrAQx?^7S%)NJeEUTAB(9c3z~d)S#BrIR79qJqAXoAADi*XU49&ytmxgq
zCy$Mnih&bGN#+)j_Os2}t7TbuOr(kaiYw>4p(>B#ydrzn?SVENyP^9hCk-ijnTsZR
zT4|zcWI1-Nq6c1G5VltYTD4Y`5456c=;_%e#K;+!SC*3|MM*|S$JwGdLRE(KuBxT>
zGYx%*4;nDAd7>4B1Yp^%ZZ<kaj7HlYN6*K+>#4}4F6Ca{QNAW<d~zNhBT#lPx0UPh
zl3NqES&MYCjmdU|lrRQh^~Ja`t_moJI7hrJ|6tK18Roxsb`kCMURLsaSzT<F-Vc&;
zOfd5UZ7|3oFf<CSf_!7UojzHar%C(e%a_I!JAR-grZas=B82(C{kNnk{*4x@;AAsD
z)hW+;&D3cP9?||6vAuT(ULf?bg+=694)bxp2}$lJRC{`M-P&F3E{LFK#i313TXXQS
zJXTDMel_l~St=!Q{v3DC)o0|MeAkBtFFl#|MZucdqtQK+QPHH9!}_K9n?ZH=l79BC
z3W&-E)i)nhzOxSDV7#veAsIMv9IrBx+)uNAJKBcqe3sp`SnRk@6|^v1vLi(=DXXSs
zKhNPfI92LYKl`+O;aTHG+_gvESE7<O*0e4ZdnNa^MXa~)_XWaI^-akm0x?MYPXS$^
zoxU0-=|7vipa<3+RfZMUjg24)#dqw-NU#@(krindeSru3sbXHGYvZ-*C#R<w8brbL
z{KpzV3USQslw+x*na~W43yJV30(1*nxP4PoQ?DVoLx_{sNzo7X6*n7t0UNa<WoLpO
zaPqZ0DQqhQWA)Wr!B>dVZ$^FJHfvXKS`=U=u}T;;l$!|Dbv#4Y40(#%S+qAaZi`&e
z;~u=&l-PWswe-c4e?sux22L->Su2fc`$+BTr*T`Sqo&A~Gxw~-P&U=LFtx65H<39U
zi1H!Es<wf}=fy7@p}58e$iqfob6FLyh>>9heYR^CFROVExHm2uWp@*sB}a#Aw5E>d
zvO4e@ALXff?1vKJNR9-~s~o2^AE;tHC+PtOtUt80dT1+2aE6^~Eqp=SqYEE@b>$ma
zcv{x++oJKF3EtosK5xzN+o*SgKioGTi=hl;2OO%TssNawy9TcL;)TMbKcv)Ds4ciP
z6H1|dnD0X)NLszau$MLyvr6MFW_*TP1YaKPBv4gi&u`)e9*e{A=eMv@)ygRxQ>2<{
zu>z#7HwtF*2GKpD*=vsvYN$q@xlT$&*pCe4P~Ygu>W%(Fe}lF(N`P+Q!!qk=fjBR-
zM74w|C*FQn$PaA(qnovxu|b1ht`iNr9^DkJntoliBI=i<4P19WtX3J2B2E+=E={b`
zIg(OjTcI0lVt=SZl4I|(PnJMZ@_2gwc;8Wm_8wl};mG)Eu+^9MG7<i(WX7M`X4usy
z@0U1da4^e=_If?T)d7U_EOa<JTDj5%Rej^11q%;I>+3DGT_{RB`pSkD4=l7sDNK*v
zkb1xVi0zD?-!G~7dyNUV-;&tERw}=h<*8}?-V6DK#9nR@pEeJXRj-k5w|B;pZX3a*
zdfcIY(CpVPvZv-hMN0ijK7ZZn%}V|(G@bRZ+Jc;3GQFi#_|S~VwAE8MaxTMXntbul
z)jG&W|IEWD>gr<;mk(!LE!mr&51QA<6fBm1Fa+|_EUoMz%M_<9Gkkd#S`*X3)M2Wf
zKIr}2?%trf7=7+(%5i&fQ|fVRtscZs^oV%gVl0Lz35uAd*oZn&yZb2^3MfIe0DaMo
zq*dPS$bWK)>`&O*%kxjnadNKsdTdeS5-NPnz7>`e_m(hj^r%;>xbo^^CC+>zcTXbq
zlVn$lfe$Pg;h+P>bGJLtvRQFkF;DM_C7N)NiSin{X~k>GTN4?M!%vGxRG(|Pl)+Jc
z@gvoC;avc&+fd;U_sacu`QeeW72m#YY;Zm4_MSd|Hd52Mf8tw}?CG{KteR&18h5l&
zhvBjE&q~N>-nI_*qma65h0{n)2|@B7Z99fS)M<?#z8ib^+%yJu4#_>rMK3b;rJ3q&
z^~<6+=O}hp3D-!qW=#*dcp3epxg$q+>vv5E$~^!ZWQ)&+&+%H*Vf|P};0#UuLBM9B
zjSlqFp6CyiVV3qrLC1t{IzMAVtw>Dl3orjIvxSTZ`qKUW%B8;e+M>j5>6Qi=IvqL}
zufoI+FB;fj*rx>Ei6a{JIgzi;I#0$6cH4;;<DN5`6dIe2eY03$puFj_p@wFW`b{eF
zy5~$ceT3rO<sJ2FNi`~W!giO!-OW-dm&g<%w3hsRa(Z27Hs`EpCYa0N!DYQt2J29_
zJsmJ1>-lL}a{)dtiI4yG+~z|FhTCdMZI^31?a~2+myuRdlK5zL?$rz(KJFEAXpwG7
zT-Mn<8{xX)kV@bpf7Xk^J(K58LURDYRU-Ofprf_rI)i+`M~BOm9W(Smyqlem8B7ti
z#e?tYlL5r<9fsXI;8(pJW*#<6^=#!dE)pqU<DszGo^8#cq-b=BTvCIYEtej*u6_3p
za>K(rS^i-~wb+Me*UuW1^6r*NN}|Qc8clO}>LyW@cO7Q3VydYMcBW9V2^-J4V={zR
zuSLi9t-2Yn*^h^`nmJX+w4!Rr(cPOS+vmP5#vT(Dq93N2r-w7T&bdqD9ebtgtq#cx
z->~l6*E%F!`0NyD@2Qb_6Fu?C?fw3Qlz-{_RUUok5zP{MP6DJJ8G)ljQ}oA=!-_i<
zvdMKUXy>B*7v0x%6|+v(4I_m5QkgeRy<<z4W7sxX>78i@mCefZh_DT*+70MGRXfnI
z)ek*L)na)5fiaT<owXsZiQzl0`bfFqTGni-JuE0|uSf=+`|5r%e(nr9E~Y+FzLAC*
zn_km`>JDO&OEd4d4>lCrmKa5$t4Gr+0+pPme{2bwwA7SYit<loG0n3Vr3RA7N_kva
zQy1jvl_lM~{pwx>7K@zC8LhRvyMy7gROu~r%%2bM`%RPg`G=jvgf2b$;?Hw!bDTc6
zeItqlxmqs;CX+xcjG=u^@)5HA<UEqQp`+yd;$)<S`zYPDjgn9Gi<kM2>DOgVAJ!x>
zyYxxnLXeqIA&B@E0xh~c^+dJ+9tC+t1M~Nft&#rX@ABT*tJkE)A$73#ZFNljCUX*4
z;P~g5V<jG7iMzq5+AiRcsE80;DB4(mu_<2lQChz?AnkpQ=WF3@J&eU6QKR#HHi?_#
zK^d<sSKdU&K6c4UZ+Y-aWkB)P^H9CQof$Qw-3>hehR|gB`2OWX5%usLyM}G6I~eC;
zHBRwOxxD?AlT9fvG3eLuCQ|d6S*Mch#)Kq~TvmP<2e^N>6D>kUTpQ^Kk~q1;afTO3
zILw0G@D}Lex@aPh4tN5Eg?nL7Nj$;Z4a7Dta4>Fku~}%>=zAMlX$iwPH2gv|!gwKV
zFo6I0C9Z2mLj*;o=-i^wyb)U_L%V7gtNS;ZY`H{6Tb>j)+rF&Tf#uUr=^+TcVlwF#
zQk<DU+Dd%ZLt-U0h<S+6umYz+<)<5HtZM1(MjjGhiw&x*P7l_1PN)5-pRW<oPtgHd
zLD**+P?!&IT<AN*t#+EZB(j-TcP>je;n#uB*Dv!it2^1cOFXymaIZM5`AZJ$%3@Hr
zXw0KL!o3facRAY6sz!4?d~)!*(S^eFXxoum%JFT4onOC1?IhDWR(g)x^R?uRE^Hm;
zsurY6`t<vg>5Ey_7-AVW@9`2G4qVvH*&N%a)h6gNuzUS%%7NDL7mTpy-5&0|AzyIA
ze_(&b`!p}D*4MV2{DGd<SvDf`Ii4JPp^uXCo3oRS)`j$IrU?cd-a)Hh+gS=jknQw-
zO3@D=CM2E|Hsz^HC=x3Cd_3*<D5vMxMDXR*%F01A;s$!)#D#ufe_7BK4a_4X`I_E4
zj!yP@E#OJ-Rzz&6;URJV>XS&O+<eU+&zK2cxa&1tk0=~?V<Zx=H!FYd<#3C^l%#DE
zjaa=-lKM;bDr#!u*4U;p{cDGwW*rk8R@Vl@N8f!tS>92)COGCV|IF;kS(SlJ!~22o
zs85I>0=sQd-KM;q<sBnKa-+w=o6jlv-<FhoSs#mW$G%7@Y44FzIU>Qdhg>j>3ZjSg
zPnV`8&Cn1IL%ibwo3qeWo@{mm9h&z$20@}QS<!iWpR`Txo&N+x@L|DIc=MsL2c}+w
zHe4|};8}rhu`&|-denq<68Z5cT5i{Z*!zsttO%(2fy(H$=#D6Ap&Skm?L?&;91~)@
zzKJ^N7{MIG6AeL;Lqze&k!d5f{vlx;)nvrEZK<B^jF=~%>c~usTE{!#UZPI<T$NZO
zR>5w^42gj}+)%Ilt(H5sLyTt^KW6IP97>#s>+&4)x14=oh>w`zO%3wF?o{y87G>4F
z))S#%T*9St8blHy1EI=E<2MibcsSC7gD73VF|Oky+QI~ZB1QzViS})0)`<0$nBo8t
zosXUo+zCYVyse%7>;@J6I--!KptovdvMxRij7qu?;4U$8mZ92mDM%Q5hqmDZLD*3?
zL(D2`b(%9S^wT>62ua^&whBCSD@GOL{A0@k8okfg-xbVXMND}AkE?*F^6E9yXQi);
zH6*dknP?VQHysM%yW=sYO0L*#W@y}`*69zdoHiN{`j9}LdL_I*Fs4=<aAmBQ$=?uq
zWf=PLp~(QoDru8&Ix+uD)R2j5(?f_xo~yhDz(8#^l5KtNGUZY4nCR4B60GcD+^j1^
zbmrookv=q*|14}?BBOLd+ax~sOt}4g`b~)co%X}lGcJbjO_{{c2;BAOrc0J5yy+=@
zROKc_6VZB8CGSm5Rm128X)iWcf4;aW`qgyd?c$_-VccsY>nAbI)zXQ$5<4$a<K=A@
z+?Mp@h~d!eS1hC7JcL{iZX{Gg&Eqy|aAxVDqG9gX+k&l9>06uf*smt(`+^*{W9hq4
zl4`;##^*$X_s0-Lt5TZVEnhxP<i?pvmA&*4lq7Hj`Muy0qwqM3u*~N>7H=yVW&$Pl
zgskfGMc#{YVjdaz#TZXC%jvEwJFVqeY(CI_RcqTA9dN~In94N+3fOe(A7**H3MBj4
zIHV-#;!JRyNVR1I<PS-|%iX?#FaBbzyMMsqAptp-vPXKr=r^k4v&{S+@;<7=_XR@(
z-&$nbms|_zHV%nX8ya5jNTU%CSIHh?_D`Vg?<=XV@W$p%KZN*UdN_OWHGK|^X=rFz
zU4-uz*;^ySV$T{m*qTck&zmNs7`(hb&l{bR4iu8u7WQm?RTW#vTJ^Ph=$IHUTU>$^
z_c2yP-y>A$>9G%0261LVTXx<ZvHH<ZX=s1>RC+s@3Gl;&ZNrJ8XL%`>rT{{W7O=|Y
z24l#G<HP#QtBk6TUMJRMRKv(iiMBNN%t#QO5t(HfU7QgKsiI8cF0=Y7``%-lkAOPv
zD=%B>Vj{OGZ?}gl9|7KC_%5n4&>;K<N7i^``Q<i#VsJ}-e2kQe+M-ndC|3-T+FJL3
zC|UX&3%0yB_v`c+sw{QjK`c+boIMHaYmG%ttoPd&j~9Qq>d<{UG4balg3(}~E*gvY
zLXT<OPILu$j|$ZGTK9jvZn!yqV&!9!b$fN6;$y7hKu*^;7d<`ozFDf+{t>ggZ%mor
z_)aGG<g`scPF!_<Ge*980O7dufNJFGev!aN6i4*L=2Kj^kcXPRFMr&6S#ZsEB?&k0
z=Tcp6?0Z{38N!hSv3H*wXPr`?`LbP*mo$Gk85cP-PoMpGX16AsBIxb39THeGXU%_M
zJ{hvaelyKtw5QulC_`qrC8t38wul4|SdjYSZE+A3@1y~>ps~3~NsVxcrbW(<t2E&(
z5ce<^r**buabOOm4As7$nWG_GW}Intc69Vq!kV`TX)(Z>X;=tdMQydX9%~Qv-snde
zKFkK4RCL5B$34%J^d64Q7S|@n=Q@i@sbrOpd{0Bg+pqMQ<!vt}meS>929>LR*qu$C
zJw)5AbRHPpu2p$b0A*m^-Dg{%Zj`Ac8YpYPGn4^c<JjRW(nU&WD&WeX<WNS<o@t2o
zy5jJ?rrP^dxZ@C7l1ArqH$p{{*USg=FSth&9}*NjI%Gm;z}_<H=e%wS%a1T<+Nfbe
zD`Y$h9EUsf`+gb7en+*=yI-b5`|&BQj$5=LX4wANjKq4Ss|e%O@kd4`w;JRF3X8rq
z=#86Zu$pMMt~p;{DJBq41$Zc)KcLp(aM=%+$(CNNGf8GXs~m~k?QV{JAD|i4qZxk@
z=t%VP+uLXGRw|dtB8&&0WKUQj){EN%%F)CR7rkaGTFO;^F!XJI+8wcb?~_v`U$8{)
zpta?1Wm9*-Ec?w&nr>7Ir5HxIhNSb9xEF3PZQ6;2e9(JZgw2X$t0e!B5dBk!83+D{
ztb1wBvri&Cj%FxuF|Qy=uJx9l?s{GO_q#rFGUhO>)Y&jLj{;*ky;<}LuI!Kdj8VjD
ze%29~4w{Po7MhD^Y?DMV8P9<{P0r$<8TbWs_vdsTp+T!oq%mMEH<F=;Ny>$0x7bwt
zt}!Y^=p<~6sH_T<3DRn1)l`_V+P`0_CiLnlNY+Zb*WAHHYjG^6E|Y6#=S?spl>4p2
zrxDZYsi~N=mvNHd<9PyA&w)tahcqp+b{hCUwO`Q{Jd+vpcrf$j^ar0Jv*oQ|Op%D{
zfU!Eum-beHCQ*C#;sLer$3Nx*BHl%5u<Nt$1fo@w`JFCUk?qkBHJDX%v1VnOvhjcW
zMDJ?$?9)P}p!4WQ)-SsnQIaLOYQ70gH|Z0>7jmFKPpA@kTFV;U-6P*vkpYPNRR<~S
zwUj|&vfj0$-bcjW&iOBh=R<LUbY||ITOa6r42<8lW64N%$r&4m@*#Rj?q0g(dRFs3
zo?Uknx?S**9y<|~giM#|l_6O;FOQNuH09|vyP?sQKK17v)*1Iil)}GrgKG=zTm9Kp
z7ejp6V@zHx*PW@1AK7#>J}K*vZl7=XYH|nT<jH5xSF$ZKjO_U07NS&zNxU0!pGLNC
z+rYd&pL)bgmBrHOXzS>Vbgl$Wt~oEk-%GFVSL2RIWlk|{W=*iCF`2k^HbV@uw|ORR
zF$ncICp@KUuR^Ebyp|(vK!WG<?3r#<*=Prwmk;#VyywFksnzRq6PP7wZIO)!%gtzp
zC5F}aR`F+V<SymgCAW#Zt+?CFcVlq{Z5By2#AIAmZ<bV4^Xi_Z1l9hSxZV|quSaHC
zqwHS<_8Sr)j`W<#@`>^=XRM}V?OUspOqxY*Hj>7QH-Rk#_==un%6j{nlq9N@#sq}C
z$Js>&^F^=I$cRZQR0W><*3M2VvSr-9p7A-tdHahz+ic3^&TKbTM5e&OS(m3z54fQr
z`#E-gc7^IS@k4X9I2n0L&$XkM(0a6PKrJ0Uxz}jL^48MRc9ruep}{vJXLuKJ9&&r=
zW$sN$?^m+6(^%h%B{JM_Dq>gd(L(1In(qvm`_r1q@4e|hvo>*4q1D3pu;HEPZx!!!
zHJ|X~MbLu`wTy3^lcMfOl1bN#xL%3Mdvng;{COrvxvqV2qHQjHiMfICeSWk3^Pcnd
z*N(wm+5D6NX(x?L4U~1mMRzd-IYY}INvDW<Enc@PTuyRcqnx1FHgMpbG29@-p1tTo
zd%5uC3iao881Iw5NW|tdW_V-1E?dfBc+)9n+1tK|n+D+1jE@xPvMw#_HRJP{ej6{q
zN{+E^sj&#R(=}t4;M=!v3o8RHGn;)^b%B&)q4=QE<HNyOaE~;s8C!!SmS=!70$nK?
z-bvArZdAJYv@`F=5Z}98L)91wNUn!b+e_O};Lf)cT*inR?e2Z7mBnGvnl{dp316~B
z&zkW`wntZ3@WP%)?{9Up)^vF86Q~hq-ZSEoppp`NjsbLuEWvd}uJ}1EchY27jL5ws
z9ilzCZ)g)W72lF2Ho8DIyoyJ)`d0Ovr|;pADzfk!jTB>qoxXAV%&GPh=K{RW04&vH
zt{3@LRIrRg)`wOh&Fde-+_gtm8me;)N{dQH4E$RZG95GqLPdh^T%k!RruM*OQ+>%k
zB5-$d08;*Rc?xn)Mac5RBG?3tlSxw0{aN}LRiaLlMac+!Z+0Esx8&aHdyQS=F>Riz
zM6IkO2wjpX(O`qhkGHBR7Um6SgW=XGCU?IoNnAXq5_zW3FCV_wY~14eM!RWQl`o*M
zmeRbm-HW9F;GLyk-IfB2?A@LtCPKL1mfz5M^h@uo6qR*_;aquJQE}_tB7H^46%|Gx
zc=`ZRK0^GGk0D?KAGHA>cpKb&f;gh&!y?VU4W)2t{h~d)Kt`6NTd25S5Wg~sX|2Dj
zA`fNI$b%j|Et#?}V@$cfL&dscm!lm8C)>vo{AuVTKm!kDK>P6Mdad^1Ro++E+5j79
zj5Z_J#gSs@!kp;G>D%>^ES#;^Ta3E<E$Y&wv)<$$?s|>{B%993;PgjaX;B{btQq!n
zsw_ozFGqiUWZ!MfWeJ&jkxytKU;Qf7{fztjI~*mTPQ<V`xWNO;ZY~WcAgMr?zBr?K
zqt*ns6eR^9lZ2XuFO3##nhdy)XRvZA3Oc#C`u6AD6ghykq<V0Ja>iEBT19);aEZ|*
z;rVR&Ase;}@pn}N^Trb+Lp*tL8Y59ow*0a(^>s?PI46%-n+ST~CjmL2S5?~Fx*zr0
zVz4nOf<NNY;`tb})8dOFyPb7>Mee(0-2OSS0mo$pUsblwRoSsj-(iFsp&i1?Hq{V)
z-N-;o-X8~xl}&Z0r;0o6Wo{Vw*58-94j<07ee<oiRmj*29O{15B7<YGz?|pd!$i|-
zR^xx0r4ji3zW}cBoz+TZy;^3tf}cgGSFENR6!xk)KMzlK_b0e*#tDu63Dur?#s<l@
zkwoBe#%2$7a-0^BGSh6?PIx@AB+15a(-TW}Q&*TVaATt0i9l-jd=q?{y#75#O7Lx}
zpyNya_4Zqm#NR9Y&HFMXWX&ykAlL^_(4?os&S(ASExW-DWtZ!Ia7RU^vWx%l{4?HN
zmf#(hezK^}kQ?y}NE5&Lwg+YY-rM(|?iG0Ftfn$*r?zUfd98$9Gv1Au6{p}a(PwoX
z$mzcAP<+fxJAoWa;5KEo&Q*@s39%dejMt`^%x$9I@SZO!nS0%P<wf+(l^;YzNtEL9
zXCB-p?<<A{Opw^h$!5Gx4Z<II(_5pyIT;h>R`DJs37VLa_x+fm;Z8Bzn)rb@%v05C
zbFm9uK3hr(YAE-x&W&6mqE>A>NWO6KS?8HlaNHRYFnRA`eV<argo%}Q(5AC-!|x7q
zX{UQ(MlMowhi#`b2Xtr%aF6&}U3E>361d44F<oihO{~kiw7Iep$10Eqmtn|gwE>@5
zth<Fsmdd^YFhU5bNib)pr3Pax!z_rM_%9yy28%pFEhgtf;1~5_XUFe5F{~FAp$m%U
z_mv|Z{MQAJKN;9|#?S?*P-Pn5*c91Ef4Xiz@@`7Bq~Oi>8CZ?DV!6&`avB89#fCr5
zRim$$DB)jdJe1&c_MJYR*UCD&V|r8D4HtM*<vMrQ>j~v4`T4!opFd+Gd7AZ;xJ_1)
zpvFE6i97wWM4j`U@i|RRCfto{e6|?8yxEw}9CfWh^DpG*$Lz~Ik5T)_OY45%iu}wD
zO<#b2IclW>WSTR^Uk0VOGV+|(0fGNo6~7=s-08G01cXh#sI=@1m394)C43P@B*|#o
zybv`&I;6)S|MBE5OB$d^pc7e4CTB{^uBoX;$y!pQDJ|YX2(fit)zV{$+tlb*+vxd>
z{XUvM6VG3eBJ<vH7pbyxp}hw^{-m&b(M#a05%(hR{psY+NKt7Q_~uQKd*=<np$(53
z_$YleU2YM2wwEWB=-wwGw0|PSi6y*VJ(z9{Tm^`K#7H5%y(ZBgt<mzjFRIk<4Ja=Z
z<YmT9pKo|MX-PXkv9V_93GHUjs?Hv*ac^CgN_JofPGC*sK_J~T8xm0NENX~MdT)~*
zCV`6}opv>|li}KV6HyYk;2Ou#og6-&A9pq-zB$d9{UGS|+SmCWv+v;}BV~1c@>^*`
z0n7Be{3kp2n<N_GqATynWOR1XdpdOPjPDLBe5M@98Q7lxbOZgOaFHBG$A|CU)XF_>
zjOE=|W(GCu593eGe07o8>nBr0fecwgU)Iuel0KVy3f8B`uqLNN5!nb8`d&<gJbgg5
zpC|qBo;(wYZP!IbOn^$@>G*Vmx6p)3D2>nj3$=VKt21JmeyQ`l!O0$}BpilbiwIiQ
zP3?7IPIO`-@Ttme;o6w)6tn*nO0R1$p*v_=1{;baFCKCoZv~x281J@Abq1ZC*|H3T
z{3uy8O7pz3{P=D_iC)Iu#)J5X$l5{{lPaNy>uH23j5yDS{2CTAk->3J>J_?3?~?EH
zB30@4iwa9kHy%<qI2%?BH|DPjI5zmNi%q}Kp+ADtxPBrjEsVXjd*kd)f1D10E;hmm
zEx(R<wAbzi)P)jB>eB_CxsEmmH1cn6Zf<&2oqR_pR)W_ytvl|tOCi60{`@#3FVpwo
z!y5Wy=}~iB;M&tmZZrU>V5sdg^<6v-GIDUUm&OnD`=ZSS!xB+bZ#Odo<D>n!kH_?^
zPkS>ewGQQ;v9TGn4c<`+iMh?z*s{u;n8EGXz}wC2%>}MN@9u=!t<m&Zv+MBYp3Nt7
zCp4{&)H@&-rje=}8r|ROOe6TolX@{Qn?pv{CeC1c7V4qf=S#>r3x0~(j}HcHse~wa
zyrWkb@Cj|cT@<kn3Qc>z5z7iVnspmIY$>A-5L(eUVZ(|~0@}vqy5^FHt}MiSi}u*x
z&6_k!99(d;<NLyv5|Pt7K&CG}eY7Oio!D}g^ONe~i<(Kd^Ua`5uDoH}2tTb5vO4-{
zv*?TOSv_59?VstL-?z6WZuSYq3zJXNj|4f4d}$}$8Eu$2119aAb`oxIe{b_RCP&`$
z2F(e;3!PeAw80{(I(JD~&f>R?zVef?SoT4dkn>cmaP8!yv~>4g5hpF!rw^;hEx};6
zEdPPets`Ua>?ipk4h#yHi;G_vT2Np}nCR}X$+DqyfzQYa2|_hqo*hL<CD>|1vN2cO
zzQwWZ^wzcnIHcYhdV)?jBJtiytxec?bM)|{yX7tV1<942ANkl0{tIOFnp!lu&{e8Q
zmGjAqvpzn%fw%V-K6I3^0S4q*GT2DnG%&d7f4;U{L^|Ve1u<Qui<^dQ+Anb?D_)m6
zo{yj818Agnd-yjfSdkJE5^Cd7)D+H`b^F6c)`MWh`3rRWF2n=-(MfIZEN9xiJa7l2
zh62=^^}{HC=b6m#Q){rKl^_VA4jap^t~QFl7z?H51bn|i&0&cESWjenm`R9*foJjv
z`+J>udit4cX>@&M`zHq0i=#&2z~MSuMl8xDg&n%biFosD9i|5p6hU^0iD(<@r&lW%
zSn_~!DTkE()>)gd<BQt@>fpZ`ac?}C%MFJDVpI2-VeG(+OJFxwZCwnWLg4JHU{%+d
z@&X1<H1m`DM5H(QDKqH)wb7U?_&!BK5|f5jj||QXJ<r%JjGVQ@!V0-w;hF$0#8?p5
zDU06S=r-O3wlv2>w=L5$e2#@7rHfM~rPtPVl-uQ>?N0;u-q6?Ujd7YaPkdRFb%_Wi
zCc<JwzKvINYyUn^RE8Ty3fSeTXKnanUzFn_R-v=ysSMRd?Cnk-3ARMuyCznbp#esR
zgPtXIFqhuWQO<t(Fg^G-dPv{W?f*m7dq=|=b?w75dhdiNL-a0six~vb38J@%AbJa;
z&8SKAF1lz5qDGA}h%Sieb#$WlHpVydywC4_zqKrj<q!AlbIv|{U;DbQTbDK&69b`j
zE(MTLNL_n^kwwvTe`SHEv;$Tsj~6f6408g{jqQL|JLj6dy;>-BFXBl~@RjOJqkF;J
zGUzq0&`IwcMimO=j|ZU>VsB#UYTuH6#DzWdicmr-cCQOJrXBa*H3O|#<habVd@o(~
zUzsGAC|X~!(T>|EdpA^T{t{gQx~<AH_iEg_2A$A1ttF~wVFSbuL+2V?b2B?s7|{2J
zp^tU9K!f9Cx%(it)$G#fDB|^HKHGGW%wmOUgO)(^)+4F)WW9L~XkV`&5*Ir->(4*P
zNDlw7DM@>l@Bbj~196c4J)o62;3NP|=h|*Zgb=Qw4{ZBf2T0_`2m`<ZBDuk^dV5y_
zzWqAyf6(gD%jnZ+em6Hax8QArcdxwLH-Ppsct)$^mH`TTt>_1EF1ZL}G2J3z_bE;Z
z0yVjOw1xEo_TQ;D6ie+rq@M=>rwz5l`+Iq>G5faK`z~mXc60^NQeCYpcL*cx+b+r7
z7e{s#2a|1B;{%d{cR|qaWT%>l$ixn;AbR^uONGFp(t83lJ`8d4MI)p8^*yok9v17t
z+HDY8#fnB#(}lty{k(wDhj{D0wD8{HWTBf#IH@(0f~+{^cS$30Xe-9+p>&pIx9L3~
z)D}=h1z{-ckON98o7}kd4zgSjYomeCk5E94-aqK=zhgSKcy3tY3jo9@vMP?W93T`L
zmyKc>QfySA#p!D#VTW>Kkll;9Q9+);VO<me0*pctTa2+~S`ZhOTMXubhU?=Vw48`m
z5UA%iTaKFxUS%IR{XbXRCoJ?d016WdJIa>v8CXJ{OZXjj;M$)3oj4xX(~kMdx#tai
zVBwn|u%!s{NCoKNj89BRbpw;}g0SJ~1lEuK@#`>Q%UG!8&R!j?r2mP_zv$=#V2S#G
zbO*4-U1ZEn$S|1e9CWifqmdD=nI-w#m<%!+i6)w$xjZW9Pmu?p6#x%L{!`4q$^_)7
z_?~0sng%f0W{RHtuV)V0|3U|SN{FD3PuhJB7LyNyFP9@_)B)+Ju0pWnGp(s`6s(rG
zf}C^%MRuM4s>&8q{3cHHTs4ie3mx5O%pfe}NM%5BukihE|NR;Wg`f|C&}AT6u4+zt
zUnCrN5(+lj;O&ao4SNw_;2j1jLGL8Zr>qyi3}Jx*PQk$T888*;zje~#!sytfr3Qxo
z#ZN^mivGK7MXGsgQ~+_r0=gPwU7VO$4=7)b#D+Uowu%?$Orx)E^+;KS1`M!tmrns-
zUjDBF;y>YA%ZBLC<y;U{K`6M~G0>S&Xb}ZQ6&G_f1c9d7PKyNbEzWTB8Gl@7G9Sdn
z*>F)HttAik_fr)~pXj5RQ069PXrL?j(B>@f9|t}Bkrjcie=&6_6W{+K&p*o(#Y;vP
zPB_i!N0Ff)+J4P~kA70tyy~ae-rMu81pahHeg18)hHqv5(hnYaaw8e>2ynGR3nHq?
z2f)Vw!RhNN|MV%x@_-SLBqcI5NbWEE{})%aGzj`4B@)95Y@D2Y!I^wF6?~gUiIS0)
z&Qbu>UZR;=)PR*)1YIwy6y8lS01lw{C%ojx7ye~eDC`?^zdkiefDtx5oL9WsXl=v)
zi!GZ@5Z3+FHgw*0Fts0_GmAO>ED|js&PFrAM(~kjs3UQJKPwb}_nG7NAL8^|>-v3=
zb%*xV0*(_}x&q-QgV**Q?D}nxuA*_4|D5B0--%T6*w74#;p+Xn0p3cg7Hq(N{hUjZ
zPy5Y+2U;)NG~++CVza?S68g%t>%b7BF$yNQ7GsO~8ry0cVJZh>ll=!6v``3jEFoKH
zhCBb?21Ea#mU<rx$iq%atg|BZG=fDOH?+)maIaxW04-C_$@1IyRD<pjOR%ae`qvDC
zXrD!PSsORH<uiDX>k0&Ok?n@c9>P}h=K99ay>=fbEDswZH~8B4e`2CTgmr0ZMAQnG
zP8PmDa|lw98USyXRQ3>BZrQ$g)`1>puU+p{f((NL_8cvfB-)N*h6w-|?c4xFrWjfa
zu&VISN5%LN+)nquTGIb8zrK)Rpdpkh`Gb*Ql;>6FgEnR~zgkOY3B83iGR1!}-qeNC
zEFrxDqYQB?jB9&Z6{_;{S&9Hq3c!!MOl<fwzrw*Z>-)!y=f^lVTlM5Jefo*?f5Wa%
z14EZA@Kcb;(ex>4CpZ;|)|F50UB*?+wfg%EJYB*W!~;3NqkV%;g8Ub9gL{^8nb4JF
zU+zDk;aC$ok{>{6=l6g1#_Yen(P&t1v`n(+9V{t@fMU)&1zK9>ns&LmhhqF7&fsT|
zE5}3RSyhp)EI*WU+c16ipil5VlW~y&<)R3%a=QOl&H?#A!G*@{iG45j7k1)pdV?DK
zlQ;)s8D-{=jM`@B=FEk;sHz$O7A$z`fb!c&gzF@r7>ib&PUGK(U1cE)Kuw>x$@&TN
zqqm+P1^gsr<UR7-`H(JqY0UWHeIQ;b-=~U>*UQ#X-giQ`|L#P_1K-Ff3>G<>C}Q$O
z>y0>&;?3oW0_}>8AT&0X#0URq=kH%Ee+-0lG9YLvH>dYsfCVvpN&Zb~q2zF*zA$ZB
z(5}tY@|^d{?G(Ba=vIaYYug|-(S<2m1cOd0a7-ZB=}(Ea4;7kU`U+kD9as3Y4srv8
zY}#Fy<T^Cu$}z2m<1WQRK}g-7O-u6lqYDdr=U7l|Xi=mvV6z?!1rx{pqZxs)LNG57
zC%hnUD?0R(bSnW?sWS5pr-pJ!>wA9}_9xBTMkgV-^reVaQOBMxpGNs`1ueKL%a@qz
zyqPxLAL!)MLCdPKF@B7=Ga&h&-ZNVv8~>J3(-h5Kk#TZz@<JuDtIuoP<~;Go@&`;W
z0yyBSEHA<Fl1%%{FvrX4r_z#WOll0?0MdK#uN3$v<mu3bmBL@5pON4xz=nc;&gvM0
z{t@_M{-oy3I$@3X&I<{Pj>7JWdh?2iIPi7j2^h`KAH2O-tW;;jEmZ53E!wIQ(W@Re
za~7PxtZA>b+;7_fac3>HUjC@@>w5jc5!^wo9;in>)YXxGttxL|IMw&LJ8G?uHErPc
zU|j0e$)-%t+mVw7LDKBrM*|u689>7(u#Y9OZ>k;TeKqXU#!C1=AbC*WhsLn%iADnh
zTH?AggG)+qlkk0YnF_G|ZtgDc2via^DD*!(O!OY@V+U#|Py246oedHRNA7B5QAit)
z$tJshiBLV(;`7wwnf%V=*hsmcMdPo3A;x5Mw4?3`IDRz_e@&EeZ8Xz#Hy(Z^yRysI
zh$aPJR+AQE1>&K|&13(X(Hw)wEzyH3dox+`wDZ=z<Mt_3<@^y$W^FevP@(PgE=ZT;
z$*Il*$_pX%62YhO(f0>HQ;Zl9{=kAu#%Dj7x1zC=yzw4YD6bt(M7K{RS3RU`OnvFq
zy`;7r3gDFvS(0tUYUpVyZs*ZIOHEh+WtCm}lhC0NpC?A>3LdhImwvc3H^sYj-P5o(
z2D0EWyxpGixOHex`I=Os`t36EZO*Ir#((8YR?|BunQRl_I>V#3@u$;=?=JR?b5ZF|
zbM>02<KFhZ`>uY<%rl05b1w5oyhJc=uX6fVo=oVS;b*pI>4$ONsP@}E*X*jek0WT1
z$ED>+`JzMdWluC+#S>p4$QKC^Y@3OO>{P;Ko=Ygk|L$h#08KI3X6URYXO7Lsg3Nkt
zn_K@Q$iieP5Vc%!RmN2KR6t-fOsIH!doLk4cq#Ig`O+J|iaokdB7w0_Pc2mfD%n<Y
zXibPdbB>c-eNkx}I9kF8=lWxbvX8y>uCqB&Nz!gxF<Ee{)XsjQBzM-N-QQo5%U2>8
z_+xjW){x)m(N!tIAPagxeqRIagagGaZ+7j#J6a_gpB|yhb)QO%u)Ma{zaCyxHx?XK
z2LNcWgan22(N_V(s(cvfKb(>(1ZoVR`s|c?-~St7hyz1R0@evF6EqDf`+i-_KZ-dc
z9uu$9Q+RU>BG?YYjpPpB<4VmD!_dJxeflH&cHlEB%|NK>ev;m1TlYHH2W2)><Dfn{
z@KX6+(RE)+ei9tIR<w!~1DN^y|H#aabRffe+dj9XLC1$9?lg@Mr}*i3muDqZ8*GYU
z<#!nzc58c>et*>;tHN_sulSN|(X9hj1T^Le3U$#wI1+Rw(iD8LK=CcEZy%=h^*Nyu
zC%gR1fuDXflZrOQg!B))GKWc169mkQt!;jR(_I=*te%8yek!KdMkAT%zgI-xhTCNr
zHv4XOhM+|qNe)Irf?2qKa7IEM@<zw}D|l<PIY5%CL3i`s9zDN7DNnr*m5Dgk&^9)3
zH>?P?{;qDGF}I<yRWT?fr<PYGvMY{tvS&HeCIBJytR7Z#)xlw%3K|A?xo#unR*2GY
zEB+;5NCp11NFUNHtrvNpeAEG}bkW*X`*#I*0rkkkiUako@pm(nGkYAo5qw7@g{9lC
zO1!K)TE@ERw5N?uNQ>$BWsMpTSI@S|9&~O$6G%dib*rM)1yVO<D#d<9QE38vMsfd_
z^dJ;tZpdhO0Erv2e47_=&Y7D!2)-Z`EH)=CzIWt-SN&TWP*;6@y*0h~Ea9{USw%@n
zFE^!Aq^{|O_Q~CE3R|>b2IfR5R8+jKjtxyfSB~qNfZ&@;|KOnRlN!_dL6#D})VJjq
zm7Tm%fzNruSTc3%tO!M(c6bt!UZeSpW*49m8IVAn)g>BZzA8amtMHF?7-za?2~@8A
zBop}2=U_zV$oF;h6Wf7UP)3^n;`M6Ducg7sfwz85H4)r`-kPKV&Tu&r0qj)o#s;aa
z!c@VbTt4sJ%D6jPa^&V)ry!nCh%BM@gOQ585z=Df9M;x*4l3bVWh;v=UHtmNZ$nt{
z@Q*%rLEtl4b{G*}aybS-<lOT1uc4mEt<X#_C&h1Pw^K~uBF^CJ0a6ww(nGJ%*FQTb
zLeT0b8FnbTDJ#O7#u^>#xG=?k1y9%g-|Ee39xEqcOVw|#yF{(U0V0jljJ_M#xI1(`
zeT1pn5JRL)B{C{T(sq97agwN2ug#8tkfWq2at1XYesd!s?W~fhO~S5xaBv^WKx|Qx
z?8E9~Vxe%zaaF0w5`%#O|8HN7&$rj5Ki>q3=(o1fshxZz`H6Ez_#V_}sr@99@b9VS
z+y3L06DvQ9t)2FSisly**^}y+n7SVvn#8=tp6i(w4B*vy#H<h-R%&l5B-*y`(*j|R
zH)ZXEU2RAQem=dWw72cH*DEAnU2Dq2>Sd@1Rd2IQ{04iqQ*J8!bQESw?i-l`*88MF
zxriRnu|2R1sCMMX3f{#YotxuDoAziyNq2r2I@5qKWU%}KkRbum`Z^D-w1I`N=YSi0
z=AmKt=(q`1b0(tuP7M}7hVbM9B^%@5Q{@19n5XB0&yoZOK6}!rHF&97eqPc8P_?~N
zGRI`BQB?@PZH_SUJDd4+yvsi_80Nt5G4`of-Nvzi^2={15A}IL!k6+UyKgOS7g1v~
zi`zXho+O|6dxH@6QiyoE911JRWf|2DUcrj>iT*+DHlC5CHZ>DF&BP?RfUNO`@v;?b
zUm#O0lI;9qZ!4MFWW+FMhARP8C0Z{!keEa>SaZRbQrxep#Vu4$k@v;l2ASd+t<R07
z9UDKI`l0|y5&xgaoDu-aH$naKeZA4`#sGMn@&ts-f!wN7I!N{iCc+MPyD~AmYXeA<
z?DGqmy^Ht{^9v8*hhrDge$~Vk<%g~(sc?bxy<x1@epeNSYlkBvJ_JzIQzI|Axw67c
zlL^H;BAyCFP57rQDp?g-$-yp}lQw>V;Sj&8%B#woRbxq{6)JUcCDYYmw>g{hq{?aN
zVrs`*HNGTc)Ntx=8D*FG@zfxSW5n!2)+4bC?E9Wg!TkgKXP08I99desc|gPb*}~1d
z_uUkz-J>>Oxq76plk&lrL<m3T{4v0isLa2n<zaTm!QZ{a_JBJY<G>S>2S<4Pl~RSB
zKQgLi2C;sItBd~(yK|<$7?5~y3+Lu<!CSn*Y!7%!;y0%tb#oo}Y)~}NG-Yz?Q~M2l
z%okL%5e`jng>hqdWNvvc8JKqDxY})S<X}$hGPQ(pPAtlGGiWLJSM0AT-%I~56TxFy
z<wXBdXY@zNZ(e|gJ*dK<(S-v=HtIYH!nC2BO_;<P*eDq!or;gdzusUKV3I^P^{M|F
zi~qFT@gf*J2W;0AV+AXBa@+A$C_?r`)53z$JU1F5LJQIy+|||j1LV<dFHLXf5NX7!
ztnV+-M*9Z%yxZMIGB~MPVDZ5e{ssrxUnF^tGiIyqw)0LBXQjz<*xh!d<^+S{7~|hD
zyf=R<H&Aunbv4)LX<3Kh)%Ok*4siqh4;Xp<EnLz#gOKHAmvLIxO#yX#7!Dc5FEDum
zWaR0+Lu;kKfJZ4)a<W^Grz>+jI`5Lhzl{l(88<6rQ)oWTq6=1gcJbVQJ751j+gd7U
z9{o>WJ0xO*GI$BKGdaspRWGC`y#|_pNc1fj&hwU-7Y;)7Q{s81j`7F4LA$Zva!`aQ
zAsO-DMqe5<Ijqe*(sk<m!Rx8pqrGY5tGCx4F59GM?0T01CQSFvZs@BznE)VLbrio;
z=a@E+_J`sYL3;5&&Ii?^gl-z10IYxjTPXgXd<S?zDwUkiqQxjyYJ)ayn2PYdBZ!Lu
zJ(iq^`cF&ejNzMe#h9xU^iY-qcFd_mUFlJKmtBf6${42~E9%gIoQtLDOa{*uI36Ya
zs&F_Zwh`l-tUTG#b?qz;Qpk2{367dabq7DYILWD+maWu%`)!7mxc09Xxl#$is_qBF
zGOllaaslhBv37HR7mgED<d_MyayXZR7W7JkAUUWGLXyL%xHh)PR@Z7Gws8VD5A5A`
zEnV@=j>{6WkC|8HX~nM3ktvO6{~|FXMMhy|^`B#}!qS&NV%--eIs`|`Tb18d%(9Ol
z-xQ74j}H{Cny!5VKT+b)%;oZ2d<#WhPwy02ziXX8sf%2XkK;?8yrN`#_<}}<K|dbT
zu>?R?sU3;pc|nFJo`TgQ55HJrP!TZJ`UrNBHL9k$1K*v1YqM_pW&)SdqES69scvr4
zDmy?q9`Xh^IxEBQU*{BzR>6-VQw9>zw+(?3faC57kJ?L8==)&~!;cu~uDtwroR`X4
zg(oO+aUpPQi6-@8;rOkCxv1_-^1$0#m)MI@CGCF4IOjB2;Nz>&(1V00GUtV1!KcO}
z8-=4^ggv!C&v643#8|ec$GGY5t}}KfyX{8OKJ<zW?jH(#oe0DvL4i-66F@aboKj~F
zJ_)#+OOtuXjQRP5=mDP9?HV<Rup@sQ*IzW_y^jluDjiea)3BU!onDgnDNXz)=;uwl
z#T3svV){t<iGXvfOc5$iT54OSx3BAN<c~nRGkv}4FQimPu7KreaLQV=fsrh``a8-{
zwMU)xiSR9asv-<{28_<Pku_Gb^VhCTJvh57^a04MAuhZla&8IY*BORigO<rVI6J4@
zgI{q_ZonZ8U>qB?R@>e(Hj!Y>N(nu~PUfH7WbNI!w_YJb)V@cXo9NR314$ExZx2%5
z-WKu!cwP~R=8N1+d^6z5lISlMboFFxU!IBa82yZ?^oDY*sY&I9W!qx-$kmqDcJ3_e
znd_H?Bv%U#G0h3#QMwdrOAFRzL!8sI5BTO!e^)$WTRhfhm$977ZcfM`DNBpZc>5u8
z^?8vxU#H&CxY?^YPZ?W7*UWLz7ygy&p%ehE2WOGv(l%pr5B1iSW+yxl$Or7R#e+l&
zy4%mbJ34st{IzjbfY@snFV(w5rsW24ZalS(Yda-ZkbB)ywn6&#w4PYzRj290Q-Vc}
zJU?O!wIabOOl_bJf9rJ|8UwL%!un_ew9=ey^>3)ff%<{7EWd!XxUC#+{qfSD!z-==
z@owD6Ak`<}fI?yufE#?TBsJUSly`Aa$eU+!{k~cyQi0#?(hHDup?Bm!8h{TlTcjCo
zXkHS_4v?3x3CP^%|3zd_hL}r#v)+SS-}f`vA^vZ~8^68qdi~3x;B3B|H|HPtXg<B$
zdMcq3TX!|FbRiz9rN2X;oBY!9^Q3cOqhPsvl7O_-qZ@@im)bU-b$W-7YJc#($8MfJ
zeb@Z1h;>n5!h}>d?$$=3Bv10QNwI*EUxrKWxpp?^R<FWiLnf>%U*>GX@{J-}Z||Kp
zEY+#G`2sN_RgG`BUQc<J`^8tk4dP$RWK;Cb=?LX%R1pn~M`A!q*3jFUU@S1%A+E+a
zoLOfa?Mb!!G7$Xwedut7qOS@A-i}_e2Kmsm4JjH@iJdCSl=Z6-m5}&>>*LelQdlrZ
z6i?#596!vob+{MmNE2&=Hrs=MR?g5367kmt(N~;y8wwcf+R%~0;{%)ec(lt51VJ@Z
zRNMK-Ks4Hl5^`(EP0~z~Qovr%B@k0GuC~OAS+lq4zXl~VEwXmWc51S_Vg6|QSQ|1~
z1Wad&{1p6sYVMFUf#O3W!J0J6^K%`+B7QEy{7;#~1O{OH`>0Xf$C;QMY@SJ!&lVVO
zjZ8N5l(P8)X!0cTjbigvUa`7KMUQ^=X#V;Ho4z|VK=(r-{SYVH?e!ZKPxA?LlStq#
z1ifjV)GfSKeMi|ZEp4m7)A)$wdw*=Z0LIt%=QRmzXg4n<w6S>yf0##mC_J_b4PU6M
zt4G}{+aJ=?FK|H79sa3G;DWpV54p)R8<*Md4j6=?tFba#Gy-N^lD*O2TQ$+T-Ani*
zKxZj8Bj1zTBeZQ`iQ3HM);%rA$_s0kPO4e|-d;-QBbKcE<HD8pzPGpgf3g8Qsz5~H
z#utKxBm)2vOt4H|`9Nal-R1R$$;^qTHl*T4BV{+EAlXXvV?H)~`)9D3-L17S=>xr_
z8|NBDyJKrT^29}*>F`xY?cm6^heG8qB{+gavw6rL`L}vumck&-)=i2vkqN+ovgf}S
zS`V~2)4rP(mMKKAHV*4(|NR^LEOWf;B}7qYaIvjJx<1mXnrtEk%ib(pN(m43xagk0
zFC>nkgl3Y}-Zpt|N-r}gNML#3-A-?V6j)y){olP?+XUY==>bm9{2afxU3Lo&j1{S4
zJ6>~YWo=PmK8u41A49)Ny+$>-E(!Q7`jsHjGcO++;LcQK+Q|smGF8xWe+7b2p*!aQ
z>S4eekUbHyN&1VJPYNqbj>JE8RQC6QAAVXh>65f_800Hw8jbc(rEliYvh4czXwqn}
zoaopGHc4p1tS^6Pwno+k#Gw1{z2E)%N<~N3#r&-68b4b|l4JHZI`-~!=*}tb;=?rl
zIv!@54~=NJ@8==0h*0bt%^%}nLV7a;=4_cqV{`_4z>0iXTHNySxaR5aVNMfMS6_Gc
z%t7T5Kla-a32@WIXC#Dfg83`9%b8GKlfkrq>quVL)+(j|8zX8E2M=2&CuEt;-RsPh
zf>13u1<3~qHF({M!t8QI0dsw+36R)-*?*P@_Iom1ku36%R2~FkxZBnaPNa8f>@db~
zn*FX?@nc`wxZcV5O)(P&2h;I}kWr4PL!urILlBxLu=0U(V0Wf=9nIo<I}j!^EUAb(
zPHXQA!6wW~1ghi5<0b>SmNc4>ekO}eM+Uug29zaS<)pIgQ1Ol?<b*YnKXeRx7ruD#
zD4|N9^THyJd6l!vhT@qv^QF&7d**2ttr~`{dY+PLv2sG)t@m?~%a=w&_$NqKdS-l|
zX;)&S3a78jpX#wBmXrpTZ@lyiKPyWOdo`*6@O1nx2;&|{X9h=w16khP4(otmIr(XD
zK*sR#P9j0$s3*(U11Glu%myz+-Iqrf=Xs?jChXn@(kJEH<GyguJ}pb_bPvh#(!7?c
zLA{+X7>?$R77Di}v{>(`O!rb^Yy#=?2VJeKp9->uytuLrq@3uNmKV-*CEl8P0+{UJ
z>G)$bK0L92^{6g!YpS!HNx%R*AitlW{Y~E3LknQwAjd`wM3)x;0fw-KxeifviGphH
zBqL|;x*u5bMLiIt8Cnd!>;k1KMbR{g-98J2)dagm+uTX5SP4QU+OK|T0o~BZ;{e)~
zfURLE=m&aMo$I!4!c-*-MMJ_JKwp=4YQe;Zltr0CKTF?GE40^}o`!-5pBUOX_iG25
zCD>etq~HW4T5o{7&>ieoNBiXT^Sx)U-M3u7i`dJP4aIG;p-sSd589v44!%V<O>Fq0
zUn^H(8Ex;r?l@}U2h)nBha$JZDwjrG@g&2!OGYOOavk4o`avhs`R}MN?~J`!E>6`~
zlo$mU4%YPpwPHjyp7Z0s-V@_WX(y3q=2KZATk{V1;&|hD^RP$_+YxW+GgrYKQ_5wG
z^kSp&iA;goLoL_j%lgK!N~U?{s`D!4uiB!jmpK;r;IV^qnlBb#Y}*d*YAzT79uqxF
zwR`6o2lMpeE{%FbI8MzhWO%Jf@njTuj2QV5i2zkRhwlKE6rIFT1!7SCnzrUvD{biG
z`fB%v%BB59=c}Oh-<b<OJ9UALxqdaSOa5c_q7Pd+9h3{m1Jtc+6y>-B;h!`iU-JlX
zpFRi1f6;F?n2tQmMfya&k_!{ZEunwPnW7%hPJmDRQ68z{SB2Gw#8KX#OH=itt#54u
zF5f**7adgq5Z)aHO;EUC?DY+YvrPV3Qua05Ym^;%|C4YB6C8CsWvyge^U`aW_RYmc
zif>O+!b3Am5-f%-EL`z-XyN((+ai3qgA%Rm(uo4*5r~Qh2iL3t<)NbQpq($@uog{T
z-oW8Trt5&N3S&_lwi6+gn`$x_1EShNio?PKKtLmGOa4sb0Ij8HqW;q0mW9f@IvMh4
zjgc+#@|3ZCvY(KSe~r_t=e1%jxncd}H!Nw%iStgJu%4Y!)I+^@mY`VlvB@OOB0w7s
zJNpGgFj_1zkPZ+^RxL}y4_aFuyeR$(c=poAmtqd9>0|T}<(=4NH*?QbF8=7JM(X94
zLEyGwgvlS_+jVXM<<Wko)Yid<kb);dtmE{&9k;p-KD87}O%G$wdDw85=dM+XC~IDd
ze`u5pd(8mkny~)R8KOW9aGQTnil^R9F6GeV^QrGJzA)AyWp}#@nHApNJ1;Bp{fSl2
z)U!gVl^3g(?qx^$tDh+r8d?f40IIUeLi(Y{G)*3?RRE!I%t;@%3t=ii@ZpP_U;<0M
zA1k7vD0c_24Evr0q#E{;l2csu)rGJs7!Vnk8P0a$r?p~epl<BL#gL&xde}8mKs?5w
zbkJ?$dh!UF)n#3bw?jN7z$b_Y#Kj;9cueAi1}I)cW;fpIN*1cN?Ol~1v`0{+Pfp`^
z(F060ONi}B&&V`9AZ#-iKTX31_kPkScC}f{4UoIp6`_85f{BaJuwt9X!6#3T3E#pa
z&t`o0j$oiLt@up#3<~p}o5pBx`1x|a>OEBVg93OCCQmIP{f0V1fQM+h0&Si<bzPOC
zc{l}k#`q35GVPds>%2^Oh{a%J$-uQA72@L;=q|^_iGW9}LIXF~ZP$h0joHHlrM}vi
zB~DVMY>*MiKU8^cLASeDQMBT;Rwr9zHTgE{x6PDT2PkBofr%_-!#VZYes&16QJa#)
z2R5sRr1?3~RW)C@@a3%&0~he;n;huyRwXf+sk?cksQ~FO4Ya<b>}q=?URHZjEuduV
zO#<@I?J(IQY(8(BGAAGXYO+FUFXt@YiB;K`Uq+6~&BSFVGT-pTGXJcP5sKwqbBC2S
zc1$R6#WeAZIS}id{0e%0w;a$fJHs*4068(mzQd_@HB@WBe5d|}de7p^+x#4ez0rxc
zAbFbLl)8vf&s?kd6x(oIs4p$waD^qC7CC~G2sQ9>g!{9>G)1T*90tWKTZ1cC0uXS!
zU@9g*^oxPq-*)0r1#C~`3f+%`8PNRn&fDADn+ro)f>=>TJ0`81s|KeT;VZNS#QOe^
zgBR=o!!&yO<t*&{ni^qC9P4jRn)3kgF7u3e&*~^qq-hcV-uKzUC=8JlfGiMp7Tr6Q
z6W>y7z<#iG$`NwD{KN@4q0mJIkmABL!abjB@hEC%aLx!D%fnX7_88}c1(NDBKaIbL
z!dkJZDgz5T2$#j#Czp^qo#sMwkq9{i1eYZFU9SuPi}Zd6I#Dp>jb)u=Kc0&r_haBd
z_#0SZ)0cHF`ZlQQA4lnjB;l5GdbPW~FWhYSDj4QQeZJYXqVrIFh>napBG1Bqm6`f-
zo06GBsL2(^eDKN(@P3?W-jYXoT<!Smb^o|LFLV`iFv9Rz_nHgEey9d<e6#yc%k@4c
zid!*_>jcg*OwXYgL#mo&>(nyDolWWEi_l{ofjI2w*TzhE`H0wni63W4r;^F?$(g;@
z#sIW+#6?_kWZ?yM7n>g>s<628oiMho67@!_siAs+Ome@tt1^paPyJ>9#Xy!BW>#qX
z8e>%7Iq&ba_rwbKOUH|Vq$LDN9_q$77`$Sd>D7rnS*4q1@eo5=-d(4m9A0q-HO^{K
zdj8PLlGHum{ytmUOi(3fw&Mw(Krw#TaeHm9cj)DK8ZS4dpafA=3_XqrBF1Zwb2zQ$
z2rlDAO3O7_NKwRcW!EQa%g>)pYxReyasSdk3<Jyo!Zjo$iJc0l<;S`GkNXTgy7+PR
zIpQt3FQcu5f{G|qRr$I$q@0SF4e)tr20l|nj+GFtCw_jrmcK4fBB_9Ir9CiX7<f<o
zOM8+PojN{Bk+r0CGvMc7k~qyWOb2c5DQUrmd>_90V=@$6^)h;Il-{)}Kge7MZ$70!
z2uw@3#)lj1)lzcNjg~cq?`JP$C9Hi(0r&(z<g+H@QSL2z`RW4sQH~M#Tosa^B)K(J
z8DMWVpu*Ldn&zmKv26W4rNMF87g!X-Nl8YsonjjDcJU<c(%?()6Jk;!nM&owzx^&z
zh39AQ^)jUDj?%(=1*x9RWvtyPgnzTOa=Cl2Qs^vQuPu9E3`obY<9|S%hrS88J@eGL
z0MkdGgj{F<qGxsp8t7uH|BgEhJ%BJ+&YlDgDRyXM>%!?sx)fOwQUO#bIvgU}ybJ%`
z>d1YG&4K0);cQ=x`0u={Q`&Cc`4AIeiC@BdQv*Y~hgelE$bv`ERHAt%NErZiwNn*j
z?_CtH!eB#NvsJZ?RmDG1A<Onn01%NamGhNs)Db5rfCXyU!4rDMn!^=#Vt`F>^K}wy
z=yFV`Rq;nb%lQU}YAB};w^c6lA#)o>3HKI^fT>f1VwhczII(o?DS-mmeoX}!%X53!
z#;p0+ezB}fpS+4kI^-0Jxs!;w(|%x_R)_C~%YY|2YD^L)tKRr{wWrUAM8?9!ANiKf
zXKjBh-o8W9)#i;|wX=d7RjP9hP<*ZA0dMIeY&TN5gYI_P$y(&ds<1COQ^vHyQ?OgL
z`}q4eqR112t>Xl_F=#vWn3-9m=A~2?iTbhSnY7_tSQ(u@KLRej4oTAm#1m4zcEE-#
z2X2k#HwWJxc99yoqTXTv3_CTyTzJNI76l(`m`zMfG#fz6x<Nsg`3!DwV9k_;|9T+c
z3mGABJS^D%eDx@;y8eJwS%lr1m@M(}sAndI;h5(%V5215dku7@h>erNT8t<3=cZ0`
z_2XdzN$d;d+ydg>X)C3ra`EyP48Jv|?Q(?p0H1%S7dB!8_F7Bf?}{@`vG=`C?P*EA
z>muw!)3WhWm8<H8iL(mv@A7d+;r1pRqu6fs>?|ozyBQQ@U7lu6AkmvR@$1)AH7*0b
zDi?jT!&|G{ORaCaqL_mZ&;?LAH}3pJH$MB)3Nscu+*Myap=u7XVhpvzZAgYD=gvI}
z(1X<Jc%Ep>d9rqg3+!_9py4W#hyIF)1Fuizmv2N}OO7g)f+~Iq%OEgF8_V@+;#4=n
z-#Ik<B%CtMs=S&sVUvSUyCKwn!VJ_6>G4IJKC8>8hS1=4-cz{Z_6iWFe$L!A?r-R~
zs{lW_4cP@_S;=Mi{xN};t=C`NMT-o_CuvEmV!tLBA)-3mjl0@i9E;|_w#Wo;oo&st
zGZCsA7#n3YdQ_Yq_EJCX$k{*@!o03RC(@37xqVjYefRyN6_bfhc^v%h*f6~)ZH!sJ
zc2Qy}z-kWahMFSl2ts0EU6CaNy=oML^b&MwLO;x_De(SHbqV>*N~9tO^$aE(a35*c
zz?<WQe8>?+6s;zL)J>U@BCRGTp1#~9v8VwZ{lpml)7t{IFZFE06cOI?@6T+WOur78
z%By-Gg0h-}JO+hsLNV`e4|JhGN#ZuY)+lG4iSMyv>5@XJB`eRda4lv$OTRhZ@KW~C
zapy<|Rh{m}MCmuh0dXu8vF?WStNhOvncgeNk1Uvl3kbrpt2*}Mne~Idc>aii8YOix
z{!4sGGB-q&XWk$ez(|a;Q8Vw=JnH5^@O1ue-gBg%P_Tvh{#^(G$fI5j6I)5NUzlwq
z<J-|BOyyXHuNa)aHZ@fdf_5o=lfr-p=O%L^V+9PF<KGxUWDL`1$e))N?M4?^G21_%
zk<ZT&O(PJuM)3Gi@cu2vt7^S0Ixhbv$paJ?DnnOd?+msgp{`zTj(}C}de8M%Y7S&d
z)j$<QNt0vMLbucS#`K+kv-#|k<=nah$t?se$X=I1ib3&x$}PvdskHi9AnzC#vR9sR
zTqZ)CG%c=*UR3RKwdw%S66ZrM%|kUxdcqmw6eoInwK`Q1D&YFGcvTyffbvT>V)Vzi
zTJVJ4ChYtmSRHE?^!~%&;oJ0i=kMhFVRfzm6Zl0$(iPIr5a&n!Set*RPf>Ng?y%G{
z!?x%8`E!}l1_IS|qP2^PO6}SCO9Ht99k&sQ&#A>BrrS~!^slV31c*UDE2MDE=o5Bg
z59nn^u6~Urc+q8v8J5@_|E+cXFfXdk6ujc@hickfN5dmm8R$V7dO_3&U;;&e!v=C0
z9Foz~t;Ggc%Q~Ftz>9_TFiNz4MxYBe;;&rzGaMJjyhHU9KPLLV2{&ofY6^^Z{b#p<
z9jC9fiifxZSKFIn?=zcL;ffDf;vq^1{M^$&yP(gd1Y=y8XLhZ-)3UYCg-mYOjG0U@
zbpRz8&=zLxNdxBAUu1s^9=E*~O^Ga-6ZXB<<``GaWwONT$oige@ECr=G=af)zFH8o
zJsx+)V^G58*7YPeX(OR`y63tO_TU?L3fa+DEUPLnE!o6UGPln5Zr*s(*bx`u)nx3J
zO8nk&T(W0+0U1+d%p{p4Rkwh>h>HrQ620Wm-YaLKzMtp9J9sOk=psU}6G*AXr~UPy
zb1Y<Mb`x+lf_i_e55Jk%tUMZyAs%(N@uyZSA2R+@9rsE|GSDan6dXjaf^;v^d0TY;
z<ObJnaO-iwT1dfg$`H_ayWSgwe^Hw3#$Y3W`!xW;Tvua<LDS{MF}&Wv#s7h?oJ^>~
z16dIQe*vpb{CWjT>-JYVlzB5yD5TY;K<brh1I%N1@m2u+YE-?=)fW;Vb*_{KOdv0m
zJEc;@y~yh0;HoEg<3v=!=Wyrb&VcuG%)Iauo+17dB{Kfd%52eJE289JoXt3iM5Lj*
zU~H|g1+n2#S-&WoM*`PGV)BLEFS4d{MLKrYwS&rbjydgli<|(YYB)jAzmxxj#3=5^
zyC#Vcv#j^-mQvWJIF$Q0r`rXTVm;&$lmvH$F_>g0?%lZ;$XbYXauQbONt}YIg`1-6
zpBG{ugv=a0lpd2oS;TAz0maH6d5CbKW(FKj(8=y(pnyn~cSlhP=Rh4hij(N>eUw_f
zx4Q>`@h;pdL_4V2gE6i^2V?XROg{T=S<No+H8-66y`PcFWE`dN;!P+I&MDE_`-;UR
z!-wDT%2BK|Zz#)ADh70LQA2443=Gcfo8RS2#w1j;i!AQ#PgNy(2*22Kbq#=7qP`KA
z+v^+53N>;7<%wm?gw$w5A7Gvw34RF7kaF_DQ{;Xg@#o?301$(Pi-Di@G}cqHCGu)O
zDjgw#fS}vlLEz4TrqH^tV*6uIfRI7)N+mhLCbL%#=I+H;X4Dp|-M5ROKO=88Ksi3u
z8jH3R$o9e)k`dnZR3^PK^x)y!WqT{V^Gv8^bZ^h|SOa}XF!IRD@9y^ENWy@I-(=i6
zRwv7+6>Ou?2kB=Bt<0KbsyhxE6ix7#$G#JPijeL+x1RYt^@8?H;dn8+K}pUCo5i0v
zzFG|Pm3xhGYC!A-qSXM7+wV9GV|*HM$|y)JY3%SfL_*2J*fV(tvuo<@jA5JS6m`u3
z>PF33^IPVFmlm%(uI>CuD(+K#c?Kq9QK><ft3DZWOUhnPvJjwQ{ld_Yd_?qJ_vRZp
z+<?v*z=-J03E`)(lIPH}m7j_M=e>3)cMo{W4yz9Bc#Rv56VBpZcCGBgG8xZz1>t9_
zpm5(YEk_)J=@(1Sznd@`+3{fPt^ro8o=hntzGDAOdsc{OEHc|>vEX^^hGIHLN~lY5
z2+hlAn=}yv9-Mh(Dh4_|dj0uFZgIW11{q_hXhuVr%^w|m&NQy723<2dPau?%vPVw}
z?hF)&+ZdbQ@9j=hxF&w4kjKe4&hK}*GHFNB<E{>LCU(=pj3qhGJN@fs(#AJ@^$Us;
zKV%Q5t~A2-4ZZeINc)9GiH^NFTy;p9RE#3(`CriHHU6i(h?RnbvtfQK@g3j&tpfTs
zQj+W09L*@B9ML1L!f9pM$l-ly{qam9RflJIY<HH9wv(od8cg4|;%K-0@x*(>&$dyF
zIQ#a6j1%{g>=FG{b!m+0ms$5>nVZ&Os^=IzZk|s5>wAW4bG^Z)`TK1*E_GCEw8rIF
zhhXp>^2B4mDXpL0wS~DCbmu*Tww<%>i*Iw`6VP3Zh#vDJ?ukWP6^lpDX~};JwU-w+
zX;{lA?*9=^NYk%(7i7ZZ|MS}b>hE96zDxdwFvSfVvE_}1j<?G`Pj?iDf1rYTm)6=M
z_YJRyrO&879o{-4UOljzcU>7KnsN?JhR2d}6Iy?AK5E~zOl)8BkHauO3_W=jr+$(A
z`m$vuD-o3@UJSpoTnY-bt(DL0&yx@J5>UO~HLa7{?Rn}6QHR4Se!>L40jyLYz--Lh
z`6f?Wv?a8{pJ1&qu0D|*^l~I7^R?>CyOWVN5VjzX2h)dQQdr|;pR-8m<^cwQQS0e&
zXWz+QgReb^8It9y*6gy5ihif?X?rV1r-`f*`gj*<5jK#~(u%aHoVtyLj1<(b$>e#<
zUl%`V&!XqBvR9(pL)K#KF}K&`>Da=DTVR44TibQAciF3tTyO!OTn--L@{LE%F>%q}
zWC&P#J)~61AbFl=H>wH>@^cQg0n^TQ-GH<2<P)GqosVOJfS(_(a->J^&@zy4B4w0-
zw^(j+b+S$@c7$QUsd{_FpTirzx!HLNS8Vm-Mats0lsRx=ZbdRj`1axk`&SqJuHVz4
zfx})>5KvyLBHI3EbGb-a-E!QFv#Zk#uI0-NMyG18EpIX<?{T<r))~}oX=h<RKPN@b
z-rj}<-l8O*JGs3*>pjZJ*UtbC%X^3M#<I$GeY6*8CaN_5)Vsge{8_R`<Z{_eqgS$6
z#OPCt-N6QEaQfyr7nHUzmvTk>@n}ZmPkFScG8BY5Rq)&S)v#tINxb;C^V_<mpzI?>
zaZus|HpxjhCszlDRCR%?YUFvtRR8TAvUay=)3Q)S+n4U5{NTOMDlux-6^}>6<L{@X
z=Vc$j$fLJS+anhc7PoY?*uRwRal=B;kNJzkTeLz*Vqno<`}d!81(pnQqrsFRnx_@y
zxHTSQ+`WA%V6fqS>j6vC+Dh3vyo)3ilSJAormCWH2&pv#Ix+oEM~}{C0%ZU<-X7~S
zRPciLRR2NH#SgJf93dSb1enf9j2)~8(4n<hq5*^xNG%(DqZ8Wu`V%anTC<%*kL;%;
zI4;aS^^m~|cQe5f3bJM7JUNV$v?qoK=tFhL(H^$HtzKYx?W%O-md!P@!xeveY?0<M
zb_!z83D1}1#U1531Ta5o`73gKG|)(d6T-*9*15>4ovInk_394>wCvnSWh_`!!uA>D
zF(mdAH+Yo~bU-J0n^yz>hP2tidr8z&fn#S#a2HnK386ez*R*k(eiKR&GKXc)u7kgL
z`3>7kI6CCmHUSq;m+P4ubJ%wqQcHEk)}Lji2Hf5939tZN>=Zd{a3&A#uIZ?&jo!C4
zWqrZ(Y$Cx{WMaU{wClhp!z_VK3uL1gZ&?JpZYJL#pJMwf%iE85n-W=fpAE6T;~ddr
z+|BaUQdK;6&$ia>4M1vrHqf1MXy_OAL~(iydbg+LD@F|T{sE^Zm`3Xp%EzW?YR1&u
zFx?D7gH(;1*POR!903H5p%~3=lzVe@&En3q$4xD=k4#;kD7&<66QIlbi@`13g7vG-
z+@yuKbLJ0hoT@i=Ye!N{T>>=~zy8+?ph@+0z;QVd=<&m7n73vH-K1+wrg)Ng$gEQJ
zt=rG{9Ue!dBgy7Ii^^}80!f?DjvQ9o9sxo7jpXr74EW;h#sVzw@$QS}I;l~1wAp-h
zF8W1qqyAt;wDRA;sEF*Rs<5?h9lqz|$m#scKaH00CAjIMBci5Pn{Xvqs-O5Pt0OwR
zw(m~Nfm$uzqPlMS%j8(Xzo>vz2xn73_`3*$i7qPa?}b8<un0Q?zd8Ui-f})wULDHT
zvXaEKe-hWd)i;_+<SE89;*cItBmQvbmP~n2;S9O=6sgY<Cb<~_ar*Pd0~YM1@RKY;
zXjrtDF=mYVTG&X(O(~lt_w_TfUQ=n}!bIrZkO%Y-Wz|T@6~}wG&j!N?BP~*Xep&Jo
zy(x@b*r})<FT$vpSiZotuxNejFi!shwtnO>j>sD4V{Zi5(hhYn2$Eh#`hcT-QiiDp
z-Tvo{^Z@sjK#yG-3GNJ0%e@}+{Y#x09+`Y^EV05f^)i}c!<N2W@CPkFQeWq%HjHkh
zExv4`UA$|NuHqfg<7v~+N*NKwS)CfNVl2E7Yg|DF(f*JyN>1!o#oWOBt}L_nS+B6!
zE~P?4(4^(r_33`WYX3!>PjNIoW%tL^y((E=#d!rrMM)fME<6QJNywmF-G0}LFq?M2
z^wXUwbL^owxeShiJR++`)b&#7;gZf>>G=3LM(zWdb+O(#=twr=I0I%+@8{XO@ODX8
zF5{dw>)F0wrgJ?V-{bRP)9!L(Zu$NDcC;A-x494ljy3LB(WLAr8-(=r?$gJu++nEV
z7P<~s?wR>0x_YGn8{hY<^CGxK7GS`5F<;P}I8gy#z2eqT#Cvi5_+|}E=(n6fo^DAV
z>zx-8I!R>q`?JpQb$O{)s+KP*0i=&b7I)M=!0)}@CZg5cXUYRgG}^Xn6KcSyii!W=
z6az0e|DeQxxubM6|D?u6Ajg5Ibbj=QLWcb4S}q5Qh(;yJ-vs!S#j94!_}P4T7T^@i
zbwlmt4-CVT?VY9d3o1&iL7TNF$;7_JI@)$2jF+*Z!OVPyNCyJ|Dd8LL(fk0`WJC4C
ziZyMV@18pfIF!agRR&*h8^FxKGwyM*v|<p9Er5`X4I3NcM;*)ZG!vWUzA~Lyg&16@
z`Q7c2uKjorY)XP$L_JS4ExwJretZ<%P^RFzbT)uc>nK;99~h|lKD;7vS?A7g@Y?P$
zb-<9Pf=XaZ&2$v(ft0!|#9S|GuuLoq@=7ra9y~inD3T7gUMzBJ#*Dn=Q~ON1-gXw^
z{i$+JFkI^Wi6p!j;Z~?nEZS#yzNm#dyg7Mwy4CeKHJI78?W)+!clqjgW><w7*~L>8
zC?B*~#I@^BAlW=Dndck^8a5Q(BNl#h3h_JtwA7#c<RT%Q@B!lKw;<`enx-XbRyGKO
z8#4lqvk6H{B5^tkMsxo?PJT%Y9xit+f4IV2X8L8(`VKz@V0QG{sKvLM<Z?(+ej0>l
zi4FW9w7c6l_6u_2gF}!%w0S3zZ;0(mU`7AvOZ-+cL*Xwh?RE-y-^&b2Um&h^LMqXd
zcV3Y~Ipgo1$Ja|6=R7y0C+btYR?7>OpJRd)!9Rwi5<lD?FDY#v(8FS5*HQrwfRlU~
z+fyu<^{}CFty<(dT<n8M<g!3Uv2iSd&FG>$kRGfB;Cez}aeEO~HQzEOn#)l42S~8p
zVzY>$TbQEY*YU}U<yR$_RoiPk)XzC$FWn|YN$7TXmhU0nD+X6T40)LsFMJ8)rLclI
z_vvYuFaeJdYB^&K012nUxv{bF2v^{NB(*q^#uPY^AgK8fZk9(m@AE}52N(5YESdyN
z?IjSWFQgjBl7WikWY218skC&8uJO5$BSiyGM*5;LGP`5Kn3gwbiX?l9hs;P0Z1hz!
zxOo9HHW1VsTjTaA%VS2>V+&reHflqXpf}v2jJjBIENV8zQuzHmSLaRNH;LCvF~JP>
zWb0aXM_p6|Hszhmv+lNY21X4<`6tEHswx~pC85hQ8`nM$HV=h<Sr&Js#deJ@!&Y(5
zrdG(-LwI|E(@*qXK-CkZz+wXJ9Y_7gKcpgAWr2T=D+jnsEDB;p4uTQ*O((IQuMRh!
zbZmCBU+z{(n?=n1-D!WA1uE8O_`{!Dbn-WDwG}(G!OkLT6=`cSTe?D&3mOL5old7X
zygjH$S9ajKC29N~yVui5ouaa9-;1|csS&mN*tR9h<2csihS6sbdo$O$FXZ3QCsPvl
z1z)T48Z{b^fRzm*R|o3%rbNe@aB~P?v$H1Vz<Zkk_Vwka*^!Ao)a}h+2QG*YtveXE
zqpt7<yv_bnVODTq+hR<(mf#Gf*LwXCQ^p&$%GMpSa8k;<*=Kii{dHHUTZKCyqN{>O
z_7V8Vt4AA}vFu;AlQooVxMC%H7*Fs%oiq6_Gj^7X!k%W8<c>A9PB-%D+<SP6GhF8j
zdoCo+&Z1K5Zhq)1UW6NC=rW=%oA;EgW`b==y~+#R;HTY@m5MXmkw;%aTx+R2n&pY{
zlsGJSLnHuau&moyIy|7_dhQ&f;?gujf^>8@`UH1D3L5ZT9HEMv6;@Xe<9XNxPonwq
zetDuEUx!6Mx+_kwkyP@~b`#$FM=mv~;<mzzUZ4GJ&zq;pVQM8%5_O=`Zi7Tn{;^sT
z1JSMrZ(uGX8;N2KL&cEiPC_WV9tWJLR~*Qr#NH86xhl{h-kKVJXvOUD3lXmOJwNnY
z`4Pel$!tI?NqvzIn+B8F&tQrUR>4mLEJ`L}u^3XZfP*wPVKU;-Cnt+5d~M?*gZ9p@
z38lbwkDeILj^9fb$KPDF6Bz431XzQkZA0t5YEA<76Rf)`4vYXvqo@>ua!PGDzIzl6
zW=~4XBp^<9E~}*3Ug}W&56ms3mbtj|dF*NvA#H~-lRJG<Yx464k)aAq4u{KdZV@N8
zDDIR7$>9XWj8<pcL&e%s2t{pG<NLJU_20qf9JowgRZdbto=xXdhOE5ptjGINI@P5V
z5_?`3ZF#YaH=XCUKjKHS{XlB&k@F=f9Omq~?$^~dXJMXeYe})a0Zl*JLd&8W^o@Bx
z4z}-ndB1RD9pxZIiylpa<j@f(bIUtn*s37_yt}ot;)KAwqWJ4|qM#k2xMgm^Q|3PS
z*_g+lLhgtq=9#-9hzI?<?b<HTMfR}FfoykI;29bxr5&13-ciLco7n(SV-ZoAY0l)4
z)Bld+<}9yWJ9G&N#ufg(dP5DIFBnM)AUH8wXh1R^C;KvIbv%c`!30Ue+JFXJDx9}q
z{`qDdnn+T>q1=Z*_%9cKL$mm7-5)|V6SuB%H-+X1KBm|f+V@s^SJPUcb;lZGd$)F1
zYaPchcN$my<BU!={*amc!4cI|K|$fmlhNJWV6$5Z*nF;wR3<ah^V(p~n2oF_ZW6Kk
zX8ZfoXTbIxBE&@3Aw6FuN|J}TksXF2G{Vv6e?y$N?g#yj@%!BMq8@(~$P&xU*UJ{O
zM-^7l3tMq5*qN|eE%BY!%2clv?NGooEg7<oyj$h1=o}bBR-vo!;MoUFDkvc=y;#hr
zMFWo7jfSF3DEpx+u!DAfr3&bmUC^1sWy){*g0707hog42xv`Khzdpz1hm$wROJ?a9
z{e4^qf5B6^42*S44&-|=`@5Y|g)M?rPafB~a%<W^W-(<Mjdi)LU&3O7gq=z{KCV07
z#B>>9r8qQe-UP>BX~_9@D&w6wmpdkK=4KG6H>-WB>9t?SJ#x6~|9isZ#;>XBcfI|U
z*3fg>^odsU#0#j(u)HAlwl??^=gEddUm;_pO(sL~u)Sc=;5+QNX=cKWiDfTV7peYE
z(I3hYF<XNevPRJ9A73==)I(k)+z4=1$gZ3wDU7S~<PUI(|FU4>o~;nBY>ms4_<b+!
ztK@o*iLemuwQ4i<ZCXR;a-JB<`h~2-f)y`tTMLb2BRdOa{jw^-qh5yE*3(_$aXP1o
zaRsvNO_9~_P9T?+<$|kjmPaus9pzjgYwGq#wmoB)CvGkBLbE5lK=xyA`1<lxK;J=S
zQa7C<aXUzv_gC0w=_9(U8Pwgy8tyaFehdHD?u!s?AkSz09pxRZO-8U~Man0^E|qo_
z9(C5Xc!AOHaF*BKdeCn(*5C_qCe+^#9Pjf!RdoFS05U<%zEaM+zsMNor^^<v))9FD
z+JFO_JO{d*0>C;89&g7$Q+|eD{Nfkt#ANBxrRosy*kg~C+i}zk&D9yEO`9g$Zo6%M
z|2yO8^yH?SZjv+4JX0M2(gNV&haXmlDBQD7;h!B2CsuaP=Z!5`r${=<A5H){JW$vx
z888T_D2PFv^`fGKd}4=cxJu?L5oztgj@<bPXi<}MDg&r6Ax)g@F%Xvcxhg=<+4TNT
zB>;tP$fjz(PvwE5jiNRFd;<~3E)80({F4`jEdYQm<LV63F?=DuBaF*j_%-g(JU;_^
zD#AFjP?Jf61rCJXy%$LVJ<6q|qIg0Pgwf5=)N=}E!ar^`6z~?ZTN?9mTLA@mDi@fa
zTwt)G+*8M2rqLpy4bZe;;C2B9mX$A0Z#dxNP%HezaHTnHTN6YZyzBAG%KX+D%^ds$
z9QZPGz<ok8NCr#!ptv+*Pjfm1!Fi=$;(BHnzG*5;WAT_Q{B*Ir`QY0Ut0<H051$~l
z{cBX<Bt?3zI_mT3i?iiD2oiOR>a}0)JEV_HIAALoIIh2g&3AM~^+3N$VV{bEX-|DD
zA3pbyG}Sk&(s#4b17yNMTT3sPb*G^Ou<@V>gZBFrToR2*dH;zIW%?^KB+;CZ@`|_&
z-FAp<z5jUW*1H-?0SL)H1#&T-wek$1CkfSTd^4xqA2ot=h$b+zjm+{oP3t+qIP#g}
z5Ny6$T9(RD$K0S~EM5F-2(;axLGct9h-G_(B4zUAldsC*NB$Y6)jPnla0F7Q?BGj<
zlZ!rv^WxE$D~?3-4QM~ofl&yZeF(yTdonF|-1)M6@8rKLjQ!kv<I!^JDZ6W1IC_YW
zbQZ2o_>ZWf;-;IQkxPH{sAbpdgZG~-haSEyG&UStEs6ON>=||CK*4sPGK1my=cd6_
z{5rYt{5@pCcHaP~Q#9wx&I`+g20lfBAH?_RL;PhpVW}ssut>{7kw&~)p8mKzj3|Kz
ziHP^X*{ve*({2f_e9h+y!7bqoKT`->3}?8!G=nj4UOU8Dd5kZ{<;C%$U<O+Z=aoq~
z4OTYZ2>tG&GJnnz+4pO|l0y#}jX5inR+y*EnY{$>$SY6?jFO#p*#d?ER4x(0D)1{G
ztxPvdqJc_zRhgW5y5Ll;S*ieVw5;1-F5G=l1%RI-vjp|W1@{350uFSZ16@u5U{z!1
z!C;+0zkdC6e|kehg9@@-+5XnIzJ)V=e=C&`ZvOF)f5?<6Q*__I<)wf+ZrnJTG-;B&
z`|i8ysP5TkpM|FSn7q#b6<|@8uBv#05C`9lEf`IlfRSc>_Q+hBB0x>RkcWztIF90L
z##zW;#2Uc(z;gLV-f}C3-%o&Unc%qO@r?spITQrBTmni1SOTD2j$X77pfZ4gxCqC8
zym!H_3c(cIxJp_bsTHR{&$X~pt;9T*kGVOaPeE9xKwrS-FRh>qpthU>InDFkX#x&T
zGkREwBcTe99EAUv!WS@j@ZQBwA8Sn^o(C23ga8JAy8oVKSkUs2kF}+;fzPHi@Wa?W
zkrEf1f_$w&o(xPin{cW?D<-1+R&)}JG&&fhLWajU=9?goD7XnY(6u<g{>S>D6;aN9
zUi(jPg|l*8g|uOHxCH_tw;1I=1b#&P*mz~IkFwPB%HT@nRfHbS;&LpF$-o<qhhZ(0
zl4t+^ygc^f|7hwk2nn(N5o~F40y+1pzj*7b@{g15_vLoC_g?s*ob}X6GIsA#IFi*_
z256n~G^4kq5*LE`V?TRJp1kUr<#612<~?%BJ3o*?TMsPYFeuUwzK0?Fw=Qdyzny%q
zynFvtOU+;VjPE69KYpt87*tzO0vIm|m8ZwMx17cwKHGiq)t{#MKu<0LN2%^qoQevX
zwDY(}Zr5T#%Lnblb7AS;BPYiky|vtP@4KigkFDcK;}k<&y=Og_ELtq5o_2>Kx%h|s
zK=5yq*5+1Owk#npy);XX{<;(Fuldb^5WJx7h2vH>ruMNAfUmjsKXUP<Pss7#-d4^!
zb5~sfzW#<6<czcKl`&&#Wv{)*N{%b1MT!!>+qAGqwzkVzXWs(>@g1D?K1IIq^=)O*
zqGq|^!bjz>BmO8;-#bsnZn+sOF50z!U%s}80j`#&c3CjLNgn(6RQdin|5C6iQ>e^n
z#Tc=C`K9sT2wUtmAGt*p#ukoD^sxj*iwgQBbF9@!R71b{Jg>ZGzm*~j<SS!V81}A_
zpBy8#U3^sKaWcVsFBO&w6A#Yt@v&4{RMZf+H6foFNN1i776heJD%B{596U}=J9TF$
zfB4R(;P>hix$H-e$iokP8_xqVKXs0sNr3ZBfoLx%y&nEzS`<XfDaXQDKl%Lgg_dod
zUmb7BU*lTmi(H*NoyQ(P1|0ZuaG=X70IUPB>t~;RCfjVYjZWT7SRXZNl(r&|IGH|u
zy3Cw8Q?}b~I~7owj}twvfHVD-S6)%r_uqeC4m#){UELra!^IAse_bK4Zu}#?q~C_6
z(jqYjKUcSCSyXDHwJN-K_Q=3uepuOzSI__6_5dnm$ZM`7>6i)HD&P|!*V3xT07hVi
zkl}HFxN<c1Pr`{)gLiT5V1tIMol|5u<$(dSwfIK}t)utsPp2tA6%Fw)%~0KV?$TXe
zyXTd7=qJFG6b`pRIC|QU-j3Cgnh=jWbipYccwe~llJvry+_Ue5fBPgYw;$5oTMF~h
zPXOyir2*qD&7Z3{j`_$bzRo<Epbd%*HO<BT&`e8{dv`os<VlW-0GO>7A1}yu$hQsP
zg0Sv6&{g`Nb<c?}UILYq_4V~D&B*?e)=N!ISP@3ZMWGzS>VFp7dAP+$EoKda|HJa%
zYeoYik`>%rw3nV2QkaDkcFV`B_USHzy#tvxSWzuX$@>p{sKWn%?fS|5Hy284xEU0e
z!Fgy}%F1Ih`_;KB{8PxT`vB+N|7?;Z>yz^0Z(f(mf#q`JK7W!6XPqfMhEVwSR`I>E
zNe8!gz5DP~75@8<?=9`i(z3((+sNV%mdbm#euRFjUH<&NJLI&dz9VJbaDooZ-mS|f
z#YDvuSf2gsiz@v09MVIo2UW_rqejW6|CufGpINN99{J_}lY_6_&vn99cUR>CFASl@
z7e8CR;;Rpi{T}VBl38aR7~<-`@V%e{z(0l<67>A+G|?Gi#}xbpxxMi94U44TKqPQq
zHUP9gguwR5Bd^J##clHY-|Z_yhLy?O&t}TtAvXen3&V%i$fq+KWs4DXR@{hu$d95z
z*b4E~6Vp}rKjoxt<l1ZYmdb8bfC<Z$J$9D6?tWJud+aUQYp=c-A4waDvS74Eu-Ng2
z3je>ndJnnqf?ZHq(%VCBxc)1$+a7<D|Nid-C;*6;iVr^yE~rq65tUb8o+FcX`l}(A
zt+(!lMUti1Qc2}Bd9{3A2kfJZj8?v2j6xm5AqxM@3kAS(eC|kxYw+SYS3=>}>g<Or
z#A$m#A>w8TjOU*>|3F{BpmPI`V-((FIw~TTa7+PSj;}CJv~f=P6GaNfL<d(2men?V
z0Hd{q7dTe4EL{{~IiN$Sg5pR6=W8AvA<&h>w=`l@nLPCHkw_*UZs&+%K08OjcbG`i
z{U(W&k*CB#dVO;~){WZ*bWwrj>4*-vVxFb&PA$~=A`&<HV11wwYVBjs!8PDOz=2hB
zz@&{;LvADx+Nq;+?bFBYD>Fg$;)^fViQB+|)P};-FNDoOg9a(p%a$$E>!1GgC%NR3
zOVr_?cF@4{;fEi}0}ni)P6D|n>61@BQL`kjgff)sSW3ky@J9ASIyumo5`zO82cQ)N
z?Nl)?&|^RON8Zw`pJ8?COd+0uW?uXwEyT+$0B!&jsjRA$W|*OK^&f?}EAm7E>)$${
zi10)D^&RjHV5|}MkU~sFsweED9#jgnW8%(J0a7&Y^n!7KLtq*c6Sw+bP!bT#KRkNb
zbofmJXBm_QhQqFerzlQ=nx_abFs&mVmf?ckF`Xv=Z5XKCae^K|J|}Cmd|+JR)PjO9
zf>N-{=SG<*kIn+Qzq1^?j&TA+z`{?Scq&LT=@eGH;5z_{fO4GTz-=S`cfx;Ps=OdB
z;J}9F0Q(KI{^I+p{aq1JjAMVvKL)=0%@ES4)?**T&%^&kx?Y2j_T{-$KaAzD6bI{n
za<pU;DAPj|DP!O1mBxM%Ryq`{NncqNO#a_qEdO`;3-a09^F`*OA01pF3qEqIcTEro
zaQLcZLNE(Xhvb!eUnhYoWFPv#zB2x>(fFP-673t2=Pz`M?|1(5o=iM(YwZtFoa?91
zSy3_A*4Qr3-SR)}Ul)C_M85Un;ktjmwJ9O(v37a?4<E^**Otn(S3i~!`wUgf1Fk}9
zUk7?4*yG+fw@IEj{~0Oo6PIPP>*T1X_LsgR`^d<nhsr%iJtA$>%H-9X-j=OS86*9+
z>?3LQQ&8X>dEsGPj{mHipWlTxVTxm@i}RQZXpR-_*q`nK1yio(uh;^BaHxu!=#Lsz
z!ADuTWHEkuk9Px2N5Of{ta>@|q<>4lzHvF?aLzyKF_tyUA8y%IHXmFgy?a;6ZMRRA
zn{SyaBZkxTzX5o$JpepvX-vr#SN<DuB4>YpJcNI!R+0<VN5H@VBHL`;L*97vGfA{A
zl?uEAPB2w)ulxv<4Gk#&G1NLD-#LB@$b>ldH_;|#6)_n;%qcED{S@y^mX7#PAvTh+
z#i7D)M7mWcmFCf-dcn^@SkC#uvzj_^05jC1?|0vaMy~XS$oXF5FGoI8fL%GCSBkEa
ziPlz4^(lGo`ML7Ss|%#HB`w2;*TC`P<}z+Pwj)5<;o1#v2fnXYUS25A19sm0R_W0_
zE|Vt@kllA1C>7OE<|Car!w}9B&294XD+}c1m*>N>B7wPR1*}L1$Zoq1gu)F%IN%bk
zX;@ColJ3CsmA%|N)M%<(l7J#-mW&utE0cE~pzMF~g?aM%ycRj|z@gZVT8~o`W^g(r
z=l)=#y#B@__=0GL6~J(r_EDWo|F}+``p-1w#J?YZA4-`Tyl<8A?t4q%Xt9?}nAlh8
zB>=aSG%QQX<4??%Zcxtc`_;|0J+(4<Ub0PXeze@nkcSFx0uBTm*t9s{B$X~$Cp!IO
z;Dm^iIa&Z5e)!=UchN-`$<aq2jls6J?7#p1=xiSoZV}))v_~F!q?~ZV393MtJ$ts?
zefQm($0mkU0+<6pP68>!77I6}CXR|^BmL3UbnuDw@x(lgQS9_f2i7lEh816|{Ip?J
zJ_)b=YoZ7+{*lM#Yk;_^2q=q{VPLA3re-)I#2kSzoIFxNkmlY>kZJkz)avAt0~P;V
zJy;*YxhGt4gY|5!ufMKL=O1%YVCMushCOv|I^&;Y0>BqI9dC#5k3ukYbmbHel?kl4
z@fbcT6j(lkchP%4yiHh11NZ%xcS32PNB~b-Xe|JH3E>F={xbac{_<R2_e)2C86;M~
z8YAi{X;?MQtC?`et9N00gs}}E0#nW;oHf?tWQ{VM;!uV*WKboORhZd)_X-gF1RU5%
zIN<L~{P#wljVJp4Ya|o^xn}evY4j1UmoV71a^*J$<r@Y3|6TFAES**-t@D%e)xYd6
zeJAvSAdLPHD~@md?tPi@=xk}7my$yt`zrQ$H_2y@LXh)9>zsr{`odJdB?|*>?9WFp
zk&EJcU6zt*4}PLhJtsp@_)1TyPs7_iocRqsVlyZJ9D<oI&X(cd9HbUn`u%#}Kfmo|
z3+m<b|2XBs*waTy_Z_QcNoomJ`(rZt_+hF5AeLEgeI|YO?jc#9aLBHJ%7}RsIuVkK
zQ?knq6D2+}CW{k`Bt9T66TUxAo;>CSO`r4OT&dbJ4iS-k_qq#I0HmP;b-@$>ZdG_i
zrK)K*YBO+vn>Mv3s5Ic8XEgzw_uTuAX8+S4cb4A$FrKw7ll}uEa`LI85sw;SeEaz?
zxC$;ZK!s`MXSq?#Pd=9yU#gc&FCH&r$5H59hPeom(EmmvX_(Ph$Uh&L2jQ|FLMasw
z#qT2&I?qo>yvVJ8*-`oee-<ZK#5~^vv6!=Xm^-&l+EVp!$cwQ94dmxDhXWcUjNP&V
zf20}hzqkpChdMd=d&8xBErj<BX-30#DiAvd7t%_FOB2dmw+aBha}<1+EKJBT-}sL_
z{mc^SUL&&gHq~<N_1x+q^60~R$^i!t#asj52owWX|Ke@=$<N-`v^{q32Bm?s06O*L
z5wOJA35!cmc;h?#{Ih0k#rUs0{D^y>_u0D^!Z?*0f+O_C$j^SVgDP7V;F~$}=zk+_
zq<m$c9x9O2dH||+nK5I&eCzn9pkUcvCht-UB~QDYcfn&&DkS8$*Kd#Q7EWPz%1Oh~
z^v$ySlm`@lQ~fvL>*{}U-~Dr?2CgT<Sco|Bq-W&FBl^pE=T4C0fb&O}j)ekXGT@!U
zf{LJrADJe{fA>YX<FAvUXzGo3g7aEM>3*~+(dY=BZB>_X!~O>Ij19~Gp!BZKfi9;2
zut^&g0Q{qAKliUwaNK<J&E=zy;GhWRo9rBFYHDP+-F8z204Fk4I1`;7?{B^J)_lt`
zj>0Whs2K(f7@(E}R05b%AP?MyZ^$?DfPCqUBEULVuGmvZH$?#X#58M%FTxV$v3%q?
z|Du?P#^DIC99slvaggRQMR4R7fg>d}3MMDaQz(Vc9Rr1N6Y<@s#wm@(l!fBbhW&~R
z#e-WKg0Rx0I9;kuhn$FCD2b_rk3vv)Fjj(2>r^?wn7Hoy2Q<jcQ|cA$T?+BQNsECp
z2=S!c((TI9^EmjR0m1^V%twcRD+|SV_}r>>2uU}c>2Y4>LFEg|-)PxPP2t;W<5CI!
zv&1S=o4}?8{E>fc$kL9j9u^p9)*sg1mKIzC4s7fkD16!Oo2<vNWyxGzEs6^Lk9}Q*
z@5Mp;pIKAFtvrq^xzUP<l#h?e=hrM!_Dp|qhQuZyH--46ZSvxIZ)tpV1XkqxK#;;Q
zYLo8TN}`pp{=rs&4}UvD>R+HB%QaSRS%6TAkF{=5leB*7zRjLH)JkJHgcUWm!geMI
zbG18ENyBR`GUr*WW;QO8^4_Q?1O$G!?B}8OgA+1G6LD9JDU<rhGTo<-URv7wIA^>}
zoA>SlS&|qiVOlS+Um*_sBb+G!2p1U^l4Y{gSzjSd1{VbHc^@s1KH2W7M981Gz)YRs
zqk|!=pWn;#pY;l3KR;EdE>M6&9`udw>P7o6M5+5fB3Ny8`DV?cQluJvD3ml1rl)<-
zAQxQpwj6dyFWLJmuprDWRzZvHo5f!Q{u(~}tVJGtXdZ;=fjDjr?UiX&AruWNuf8@*
zOWbQuN_X`T8ZkcUkjA#iND3BM3^_HU$2;IDq_sY<<VvS<IC<bxh1qe3IIgsOM4j|i
z<q^gdz!}(Pb@=l}oud8tXf~8hYZ<gZ>ov`_|MuHgqHRH!_kK9M#D_rsXgT`S;m3`o
z<Sm8jWdNnH$wE4Sxrbsr#m|H)73W8V_T@<R&-*`C;s1%pc91Dk`stYT(MJuk<u=dD
zfrmT;1;KvOt8Y0RL4OG0|0DV7l_TZ&<A<PqD=<$?%Z)dEB9~t|9joTu<<KKGm-?ki
z`TDWXVGBj8{O+c4a`aJyaT-KimLmRVKc6PQ{>?P3()W^GcIz**XFCPK-e2hjTEH`Y
zkE9!P&78G>H!^WMyd!9bWy_jjbpTWU5mhSu|MT7nGGRh@>C?L$X-@HW^;Kh}x?8jS
z@ef<dNhfV4U)}E&x&GQM<m<-_R^>!nn`35uLkpBnOHfyg!BG4x_&lM)|KW%A!=hLp
z@ErVCYYZhu>2M7}S{VHCE++U5I1q4P)8s&xQ~*$brEq`EHP^@?ha3X4uHmwH@nUrX
z$YwJ0WKLps+;K;3IS!H(Fe#Yy?AcR=VG6U{6H0tk9?*(l^5n@d+v=V_E|8g-*Zv6G
zm4gXqRv%7i{S)5ex)F}S6anNJPYa;%&a~AP@GKu!`P<u@wLNqt8NwzI!%WS4H8CC)
zCf$xY=4C6`Q030D<x`<9&Rmz)8#;q>88w|SE+_MGdw{?GhSOk}k#XGr%QCtD-*LpK
za=E$pKklvK8)XiT2s~_F1TVzNqX&tP#}CpHz{*CF8<Ptcjp7e$L*bw9{%{zOM~h4D
z_~hdF>*#k!1mesE><&g9jDbc>{)!u9VC_<P*D3smF+pU$DEOYIQD-xRWelt+3Mp7!
zN=YlewJ0nEs6=ylXhnc^H-#_I7Tm2K2kiS<z1&~sT=t@`ga-ui0>ADCOyF@|iGHIN
zzqYSjk*?U8CgJ?X!!q-UInw)^H4?9l$s(BiS{QXMjwI{`K?)1N{l4BE(fI1|ot8g>
zyq*G}F;@?Vg%I-at<|U8N+$E?`evjdLctP!4Zi729NU?;KtKB$^m(7AU>Q&cr6Tt5
z`+60sCL0oN#hN(MJ=-9%)WL!%E0JtSl2vUI8wN$dOgMjSY>_&cmNSp`iXI<XpT-uh
z8oQ9HX$422M8FmWDhCoZPI1B1rq(8@gOK9ylf7(f^}?Qvn*dy}6>U!eP^u)Y3x6Uw
zlFumsmMmerz?uS<QIu)_dfUgE^TG=@!wNmNwZU<s9-)V1cidV8NAkJ0oVXpf!IeQ#
z1LX}ZJd&{7_}`23H2>()?3^LIo1lhvOr_f8Uym-6{r0Vr>MFEp7CduZuN#LkuUQ6b
zkH7qNzU(x)9P=5_m|LpdvyRiCyS3HvdDt+F0dXijP)xo**OI*-(u-T?XMh4Lw>pT7
z8p&S@vrci&r+gr5N(IEbwq%{S`tB(uN|#LFj-mLOsiorlxwKLtS+c~vb3J>)7e)ok
z&dT_$Bl5_DqrvNCm~+(2r_<Zzf**b)KfY{$T=rw^vruacSVv&R|Ex26sRH1I|IUE|
zpjsaNe{)s%zu~%}a@rXXrn!l(y+!)KC&cl`^_1V<_?a}+vwks{>N_ES^TB*q5XZ3|
zLOFT<&O1&y(61jAI?M1*)MM`Hlsm7yw2kaIxd-A|$&^f;x)fKz@zi(@*GczY_}1Fp
zH@(y3IDAm>orRSq6c&5$RVnw}Ge>^@)6Jy1hV!Qod<T5S>~g_*{czGxV~2NA6ZD5=
zaj_)`0S5vOe3>}V<rDyH9Gm<ec;JC@<Bd1US!bQ4ZAO!S3l#KuRN&yjgXLGh`juRG
z;e~23K;f0~6kv&`SFc{``JCGU7!E!3P&IwGGe#-!`~L`&7oNMQFvEKDkM&^POsrek
zq>Hc&x-|gX19;?9636(prEvHha4=ZA=tC!ej24>5W$9TMbkQGx<3CnvARHr7vFSvH
z_Z>zmioL7@MdN}9%wq=W_{Qiqa$GGi%p;xmR1oOZ1F&>H7K(As|0t+47`(e;8VT(_
z$96USSBS!o!{O1TD@aa=r!N7T;d2$=m06%&OF)|D^%DfNH2tUBppO0mTzP&Kf?*>L
z!gJ-HjshvDv$Z<lwhDRiT)b<>b_VjUl2df!KhljH!w(?D0-q(|o{E)3a}yK|Xc^yR
z5mQ~PN&+9Y6VNH7SqUhD;HOg@D1M(il_>yH4!FL?eZwnaiS<W?bSeNE@ZEG&6f#}E
zAzXd0zQ*~V4Q{1zKoo*3n%g`lJ&voCx;tB??vZ9$h?V!6+DiHSMJF&2S9CH(FbLpS
zg~bxO5<!dV1U<=np%G^3?Yhd#HCJc$&7@>BDGebgyg@O)*Bk`bbcG4Q&T_yM9h#0j
z6y}>%aC698qZHoj^c!cNn~tKNsByJxgP#>DOZ;1;*gf#MHCLdc8T-;X@t{hT%7NBc
zf%arBsrVg6SEl`v-;B2_<Nf#c%&R|tF^q%5QK+<a*FZs$_uy&KYPd`H|H68z+9?1&
z{~Sj{CSj&u9+uZ$ZkAvDW}%#aZg=blN9h@?wDMKU6T%xD0r<%hMK+289cs$HlKo&4
z{46~9P?PMuQ_NWg;Dj7UH+yvo_l`#sx1$do&<j$Tu0i`?!nhUw$&=zzRY@g*#~&|!
z!2%~Zju?SlVJIKq5N<^ZS*4Z*fGzL5;}igcRhXp$1BeTy<GvF?2M7w`JZhIp{yg=a
z$o$1Xbe;g7?fsRQ{OEF#9VWjex7^%czPe8>{2)Z-phM$w&>;}^LkT!mbb|Vb;bHjz
zf_YOjd;($n0EaxTs*f8Rmb&^D?4w^S4?Z|o3Hin`+<t*?klS;h)Xuf%;D8$E8#Io`
zxCUi@`%-M@a6EHDzV~jyN~5JIEC27YMY7M{WzwrB6*4KAGlxn8fmK022>;-2+hV*I
zw7v+-j8B~cVE8cNpz<y&uf66JMg9A;y%&QHo~jhW;#FM!^K`2;Hq}Wrd=Je2Gyz4$
zEIH@<D|#ncDqm5)V=J5eIk@0A;6T8EO^X9vRsq0Ho&)D;r=6xp`Q3BRJ@V93PeJRu
zM31qvi82L!diCet^DC~nVx_J3x4-=jn%2<@%lw9eR}*qAZl#F2NFpb@y6O%Ap7o+4
zU{%9_)jt}GN_7ldFUo0}2!#q10X#mCfq1`Ya9O;3c;HqI#^vC2j>-U9Aeg|Yu%K4~
zKrx3fu7~r=V0B=9AZ9x}NOGwTS|^`6LvypVLLNoo;c@p&<I#USDWHJE;4q1XkZWm7
z_t)OwU7Y*n1f2W+EstU1)eon6eUdfPQZP5Ap8*EL&3l)RcP_ZrEC~M<;18_^Y>lg!
zP9kGbR4}xlKC}`r<%GYS0)BT#O30fu+rtZGu-@oiUM3arY)svdy$|FgSC42#(hTKM
zR8NL*iU1Y73_)-WIIs>lz`l;wUn>jj-}rv!`+ES-mjzUV@$Fq%)-_ARcM`@VUJk$)
zdZ$A*XX<?Ewne$je}E?H5XQe6lDZLf(vX25zz+}L><aKnVRy9?N(r|>7OBF5_i)|G
zi-!7Sqs)bNkN>o9MR(oY<OEChAM-;C(MNdo^g0v@@6DltfW8z0FZa%8(OK}DO}E3J
z$U+K)C@Ykfc_^J(l~cUIAN%1t^#D&Okwq|3=CO*Zh(H=ww=FaQ?sMQ+r@TgC>>s=5
zeHBnBr#}-=?bTc9DQa#VcTm+@7+y@-BP>rm*^GB(zK%=R-{6F}lfDPc(FG9VFhAjt
z!~i^ck9K<d9oLqd52jTG#yBS8w+#w)hDkf(IM*teeQUpotjgLDwl+H9e%ozf*%2wi
zuQbDoAnD$LF=LYOBo7z}rc_KT-6-Sjcbo!X>}U$&D35(M-y^H1)t%4$1529fa`M1~
zjk48NA?e!(e8TaGAvzBvtmVV)a?f5A;~iR7ggl~R!^@AS4mkMir-9Ea3M(mJ7uxYk
zP2MRa&p%TkKfWRfL70O60=eXem2&b)<uYVAl=_Jf1a)WKa{LLOuc##1b(fUX)y<a&
z9!kkY7sRAbzr_&5(F|-~&_Onkjg|a<F{7?ql950CrCCln8RK9rwollgi-uT+6Exm_
zCnHz=Gy*FTx3yy0N6u1VuRYPWc>5VJgd$%E$`?mp|Nd0GG{PTKR-S#X5!(ks@Nos@
z06PK>+^F=Zk?uQPx^%t_92}Q_+~wZ2(@*o>Nxl#M_GUo{?j7VJihI&a@Dp$#;J_x&
zfi9^4V5@NQ!O0r`_Sj<&?3tRNmH=kbPhpg4T<zzvPRAX0ob0sIPV(xjufn71TvZfM
zsO-_Bhm0IKQjZ7h+qbVC5y-qY0rZ!%slE*+SZkfVL48#dF!Gjx8gQPNP*INavf(f=
zmBf@26KJNBcdHvLFL5<AG^nD2tHx|gXR*NYIdpLvStyGox|JnD@yWs2OaqV_$Ca0e
zuD*K})_5dousD{0sS;+`q=zdpT9yaJG<Pf@)eoN8E8+^dU4DXF9P`k7KdlLfk@1YP
zU~u;A>fm5l76UB}IGyt82J-k7fNA(6Oe<z86#iqNU-K9MuKuz(FW|`l*g>eP{-xl3
zS@o7>BvF?%CWI=GcmSl!jxo~-Eaxal;}oMEt4^vEfFh&438mp&W1cgf1AP(tn?M`$
z1c)F699Y{N;5SSqz^a1!e(^pIe(!U$n4t61;~zhibrJY+0)J>i0r|4mld^0GCiSnl
zxa=W0nbQrEdd~An2lJ3lUVUL+)~)_(n%h;NsV#HU($WS&f*&LEb5Z_XO_JOgh#n!-
zlX58k{P@cq41eoz>|k96f(m)Taw)sGMN~<5&&p?5rPTaPvrdSzbv6FHuy|RkET%;O
zagcr|J8Nodby{ZUKqJ$be_aHY3H%Y3fsoBQA<HvlbCE^A`a0l;Is*)OSac8wVt5WM
zg;}`BKkgQ}?ivVTqj6#cR%A&#x;PCSDq-{l=cyu(JSsANykPYgWg?x{R@_0Lf*GJ2
zo6;CZmk9LhuAc-RviskUJ6zjr%|>g*)+(3oVv!#_R-q9QEzQV~g^&tbNdjN_M)3GA
zw?d`|-Vs~i{m3-sap1E+Jq(k(k{8gu!#rKE3M~+PA>dXngHpjYSrK^0%-$30O<e(L
z<$X3w#RD8_0(YrEUg-M(<P_p9XtbBdXk{Ehh?jp1o?cwz!`^$p+mtXI{)KRaVOait
zcMc91TlH`L94K;X1<w9Nw%b<Vd=ComIL1g17jfd0V$5Z7P#VI9j_)Kw-#%o(5^Y=3
zqV0$G0j_`Wpdd2eGuYXFBKG~qmT3EtpKPO#KXx$V#z9#VS}d*jeqQ)5cJ!dEe*N4#
zLH<x-)QC_0?t4WJIY{92&wV6|p@ZRjcj?8XZz(K+K#o`L(4h`@GT9(=XNg>LnaH)j
z3CYM&?wwS6`9k;ttIN9L0BEfXc^ZU(0|5uV92~%K(6s|6brkY><rV-6qulGyI0~Vh
z@bSvOEw|hfgYS4<;csqk))i~!Glze6Mzjh4CKwZj_q^I)*XCMj>RCtfiS>8FsW%#y
z2G7Sb4@X@J=v1mufuh?i)^K|O3n0H4I4P%90Na*v5gl<kOJyLnCQLh}Kq$W--$D3)
zIjQGAGyiuO9E7Veu`%$8tL8LS<;s{V!^OK_DjVoWz>UF1g=W?t<Dd<!G{@&3{RLQ>
zU75k)41+(7rx4I#peZrTiZY+a4-5np{^<>TRl+>;^B6)*EA><X`WE0kf$@eiUxpXY
z`tmdZdN8kqBS)6eAuuCwDh|w&5@^2+OqOFHx(u;l)C2#u04fXkFAXalwlDVJ;Fznb
zKoQV^p~1tt=79ENd?neRS-@>s3RWs9^feTW?KLMz@x4FJmp>0@aiy-z%gKCSxTgCq
z#;(8O+j$=S$zm$*T<;Qv`FErZ9}NXeN=VGZE)e-rnWTP0L|xVfdfObmxmqZ}$3bH-
z6$!7RkFJ9PwVNX}yC^GdA3<0|2<;Nm{u|5q`b`tJvLS)-0KNm@vem(T5SDmzToruu
zik_Lv0}@?Ycs%x&!|5vN;o0MggAx*w(}UAs9}*BE)6riffg^=}700Tz&xG}uG8bvX
zqY_I)Qc5D9UkcQmML(_@g~;M(rmP^22h4=9|6Xk*Qs}?YzL+wsx=7%|Feh6KXI*mg
z_S;dp`FHFsb8^_hIJpM=YlBx*6-HS$0$G3qZ*a_87AyH_Irkj!x-2S*7B`+yuUiIZ
zkCP|0%f0sr_Hf6rats!Lo|+mQ<M>KeZoD}yXPps}&2R!iq7maCW^PgNn5N<|rqX&=
zR<J&4dFNehxo83pp^2puqPkm1{_p7wJo#tjx7UTG7W>0nA&cW67adE}=$Ad?J(8<|
zG*i(r<5SixBV)(lA&0V2R)=QcH{jLN<;1Tqj>Cde0MOAg-d+6Bm!Voj6y?Lz0rM=>
z35ByQ3=eTIjpIHAa&0@r@%_Zmqo*A3n}s2w2A22i<D^?;%I@%8177X8gUGfMM0VOS
zB;Wc@2K<P~;fF?~cP|_UiFa+{ws68(3GSg;S-)@@lm>5Q&}L}sEuuK?kHn^B$x>Lo
zw8dcch!G3yE-#05OMOlrdL)Ck5;%awQIK;S&qfT#QJg6p@7R)qfFF`3$nbx?&Am4R
z`-AXoL>4a0$s_-2m$T3G-icP$ALXO8d3ayu%t_1Xr*i%YA0(*X>{+gj$B)B_AL%IG
z5stAOPX$L8y0o|74$D)z10gF%9L9GNjzg($0E`A+eZ1#(Np8hS`(ZrL;1X~k;J~KK
zfiA58;DEr6pMq;SMl%ZX6kfS%>=zap&tvE8N<p<-w{9w^a%%u#4G*t&PrS@SB?A9U
z3BdGCHIS#K2(Uqd!dYj6@rAtRU#0>RM<@ZP3|N!x0W6zz@sEM!V4Vb}=kE9=P)rE?
zb96d7Y_!uX`5ztoFyQg(^0_2`9Ti5SIr+Bt!846Tyc=?<@aKTb!MaeE6L~c{PY<6+
z8KJm}Pjg~ExwwwJ^*<R_mk(v3{<Iu$`7G7Oa>RO3<VHf5pRhL&QnsVAKm(HVfmzf?
z0DkFLfOT=Exp@%1F}euPZ30~RFT<=Oj+vYa@V;+?u=<FbHY{hPuy3&pf<I~Tno#S&
z36u+LJ52JB&V`#y8zyD#^%8>;fZufx0uHPX4%m3&FN@Cd$`bH?p1^nKR{;2dyf3mt
zRHx&7xghw2ASmP@w6y)TRdVyt_q^i1ywIK)<N9M69l{?zRebA+rv{K8J7kJB%-(fx
zH6CNha)~6MV5D$>Rn7E1P`*tC(0j=81O(Vafu|J;zx%j+??QB&xWuE?()Jp*bNwHb
zaG)bxgEEh-!cr-U*azDVo<h%XJ3iW@AS~@#E?EdDZMQiyV`3>ARVndoxg`ISkoLDA
zt)QEW;OzPG1K~*oN`y461G<6yOR!~XPmB>b>Mk=KPGx_K@*q6XnjpS86o0LtokA_^
zR+5j5UsWLA*sJ)17l+O%0_8;r=G0UGB%uIECL;Jlky@rdPse)-+~j+$`aNiu>wlY-
zd;gh}KivY;@ZM!`0=GO43e#+^nKLN-iHsS|6NbuA9_KDtz(5?!ow#iVN5N&~%{M}_
z*Pdm99aQqk^o(5b6PNGX-;6`(gHVa~pFb-jGiPVuk01nm^vMI>mE~mT$r-u*&YYZe
zdRVsFGO9=GzVSv{4nN8%Y4+b2r|q<cv0XrLzI;0tL$We-NCZb4^4ML_>9I_!iE^e+
zb)EF!&9D^@?^I`aq?Po3h>xcUWU*A;24OhSN<7Q+h;Z+}PXRj%p*#$8cJj!<aWDSV
zY1nv@%;G4-DEJJe5oo0~!~7*#nf^&ySMSG+iK-bsl@zC)(Jpi5=H#8%V~VTAQ+V{~
zPCjJda{=!+9A56Sb6S3LT@L&5L-JMZ%V%I)y#HESChz8WHuK|hsl+feY$%Qk{AEs#
zJ|YZ-h~sTjV@~e;TT0G3KP$ibIp&{e*M$q%qI8OhwrYpc4s~n5R*FC0nv}oam6QJc
z@kw>V$x5vene&-z+p%MjHyy{j2!7-J;`=gdCOe$83?GWJpmb;l+Ue6BO?`SnA&`M0
z0`Cw54^OJ9WLu@>4}Z!**@N<aACulaOTUwv$@`%KfF^t$lmvc&;6C6$z=2JY16^7H
zKtYd!Ife9v3m3|VAAYDN{xfFGkeM@Q!rba(T~TaoY*e^f*nABcGDMvL^0>b-W5(z+
zw*gRTz&{g!iPw|{T-9b76pT#?V8ZC8_*SrPHW^l7+Kn-oig`DysI(KnIgrA$HSFlh
zE6SC(wmm>S!+T|{0@X^BIpNjG6=sT<V&E6M+&PoL6E)f^qL#3r4u2HF9h4J6S)9c%
z6)Rkv_3Ls@0hUlqr6WOS`tM@wmlQA*lmYIJj{kUPLVQOUM~!Cme*E-Pao|?}U7|nD
zl~?$sr2uv@OE;gDf#EIA$7ebStN<)m{$0Ae+LPsF3E12LYXQRJyTe39P5rfKS3Y4w
z_%1ntNn)uc1y9&?K1gR%#O?62uD*asea4j>Qu`Aq@*1)ABMIeEIle#UW83nbq7y-G
zJ?VhMhi+58wQp-vuH!~kH_EZF0Ei@^=<=NIt(ZQ(k@kigRA=J=k8X(yhl<fyC51gs
z2&?0=4KTg~1=@a97>_C?*9;(bT~-X2{;(<<(j`?`<ltX41qDEoLNwwb$XD)*)yErP
zJ3JJt(<j1G;BEAA5M0u?Q;GsE$RL$F)=D%9Ap<MEnX4#xpos0EG~c&eLQn)$d?PEZ
zPt{9kI0V*%U@LS!`rePRRqkQ-r66e+z>Mi8p=L;}@1!L2Q->pb3UEw;a=tr?`3cmv
zKW>&#|Bxh3fCb(maY?@b#l`zT02-pF#HD;Q9IFS~+y}3yy`NHi^rx@rzC=Et&q4tZ
zM&HEHhPF+j?kVt#!k@9W7$Y&Mc{X_5uMg|pF8AD*m2I{T$)3Acz@GwEQ6cQ=5ai3O
z!Zc1yc;{UwybT)2vI^yK#g{9|2Yf9jH~+p>4m`9?Zn+7HC$!Clm!`1#EOP4~%VpS*
zawr&})CKI{{?R5^{jyySJt!i#+=%UWcuyJsz3*n_#g~(E_IW8e?Ibv`1TW7x+m-v+
zLzS>BfZ_qW2tJ>ekv+cR;van=hWb!2=X>M`=WB(v5qbUvNb3kadz9fB?<JK=9*l!r
z`7e2)x@f%5DOy>e-bwJ8)&<6A!ch5e_PGgp2?~&_e_AFZpg3v;J=|A6V@6u`+{e-S
z^b^>&**ym93A9yJNFIMYA!q)eU3%7r<c(KhM-N`caQxlnmzBx)PEE<t$EKhR$;yEK
zVR+`x$fcJ%fqUY%6`&;|U)#3=3V;?l^6PDK=?}9qVe2SPJ;=y~mpHh`9<G#bRTzIj
z?8O&k<m59_I1wNvKfaW!`Xc{&EG>84lYuos7_0xVK813ndoACqcDV>R7A&M-9+Dew
zZo@H;uErB5;9IFE!@?7NJGgTAPP9Q0r2;))G`wT)zUR{V_ocE3&J&S+DUJkX`1@UH
zYz4^5!3V`vLC}JBAy1DwJSF!%ki|(5Ay_}ScajPipj%;ZV+xc)XzCcXDqS$Rd0!VK
zJRmvXzy{<%*ZkVSFm_t}=(*y5|NZyNMHgKppMLu3N?FO3{(1A}$xAQ2)B*0|i!YY_
z_S;X77NpZaQz}sKr?r5sXj2KmGQTXHjn$RB)<J^f2uEuS-EJsz?a+alMGtOpp$Q-M
zcjJ%3e;ZbKc~qQP1r%lZ0*{>TGC&moL7fi&lrRuipwQ9lM@k`6PZ#h-T73+o!%DnZ
zvDfVe{t=Ye-9MVLGjGRKhqw^u?nq&zgivm9c%$<anefdR3iK?aa0FrL@+@-_yx_in
zipYg}*_}bTD}{fG{&Wz?DQ$rQ^04rvbO3_>3n<W2S)lMlYkwYU@~{<45|vn?r~)ir
znmipINdDPM;1&d&C!x;8P*F@~LQ<m}IU&@vVP*nA7DE{f=Xc;4iU3%dl$Aj^gR(9N
z0SDFv2XddFuV}y*QVk)1CgYThRu=e@GOPm30Tul+FXsFatlCA6Kwo*ko9q*+VthB4
z|APju5RwKfhr$>X06ASPWHji7@K2?M(%TNpn~}hEEmr)`bsojrZ{+g27f@c!UHzr3
z7o?dc2*ue#S}vTH2v#s@bx?_;$ud|3<K9{T06+jqL_t*LO#Oyd18|i1YbO{QnwlRE
zz@BlyLZ}Hr*v$u!8%a3<s@p-mq~Sdn``?E$7GNCsko(zP2=5Y=n(y>OdFW3m_jE?c
zBoBN=d8iz3isSvTxF?O_M)J1;4&G>%4&e(z6cqq@-V%rLnaJ@>VVxkAm1PhXc^oeG
zV_#SWA&&xGQGVt@;E<UDySSfz&}KM!2*Pxd!Zh;ga0(c>&ylUhRmg3B3ds*IYn78v
z=PI(u?oh1Ud|f5B2gIcbTlWc%^$ZoxD`A{*;Qri>0c8Scrxn1I-K*r9UxehmA0}|r
zox^biOx;gDu}ZcaAA>&~)EJ6_McDo^W;Co3MulawfpKYV!Kym)6F;krsSX_0Wu*>g
z>)$v!0zsTYH<aF}KR{gIjh{b^^~EuXLTLgk_p@eK0~Z_>!qS4u3ga_{T6E($#u+RB
zz2RG7tbniOs81Aag7Ff73l?Tzr690wh(J*hhmQl$0fhlq_3L19!EnhBF;9bHm_jW1
zI%U@?x&GH-`O9rdIrAJuc;WbOMddrkRiVyNSqh!ln2`~A^nr-{;V&(6)i0>Da*C^O
z937S8j;)k!wu-@8z|p(+Ue$8rwGjyO2{{qU1q+v75{Ci+evsg`zYeYf#*V6x^Uul1
zZ?11cJG!#ZJT)d4om(y!T-+qP?MkbFsN$VBABvkeeG51R3*Q4OSjeOK^K-KOb|EM{
zkcRdl&vu+xi8gMM+wP>2AtMKVtqQPEV4?lXQ9dmsI6|ItCf-R^G8Da&zV<QtdCg|R
z*j^y=mHh_#qc`e%n_F(wL<YnK9N36C&?OZB{O~D=a>f3ttFDqOue?%OJZ#u76)L%p
zn1Vb_&lwD!c__r&UUlBrp~t@Z>Z|4Hr=ONz{_>YN<F~I0sV1-z*5D~<m<50${*wHd
zB7i(iU|AprL7u$eWWmz(0sOG>g=zYP0iKgm^{c?q9)VhBt_ZW8ObI|dYZ8hD_jXKV
z(>M#8Wn-#G3i9aH<c)$UVvB>tkQzD)B#aaCErqqB@awh_*i6->x?ih_<=`_{|C!TS
zCiq3`j#L!#+8yWj5Yj;}%Vm8S3^(r$lGhX!7KkasEW!`tFOgUXOJSaOgf;G19>Zz)
zX;DBrsxWb3n!z)@I3xiV#sr%t|5#5{_+l8tPZ}urbI))Lv&9%@ITZf$L2vQn{_B-I
z;7VIE)hf+U>ct><#PLqjAA#~1*DzK@`K_+#n5#VgE`GD7-%S^<{yHb0{YG{M#*N-E
zd51t^-4wqQeKl7?K`9t4@T+x<KU)VlK41m2_UM7qHUZw;VZzUEBi;wA>y3~AX!7I*
z%|{|23v~O=K*=2GwnW8ZRTAb(JXih@SZ2-MeWm=a8cDnihhU2+W#D_migLxy-6T2`
z0y<WTLnt@i7q<96#W#-oP$j-aSQCUO!{D3haqK`zj_oeV*Ko#t1FYrv&BE-zVizbU
z`oiL%!QrSF-9w^RVM8^_jrPM>(OQm^3S3&R^M^=s_ZCUL4IC}#8*qePd`oQgnOrU5
zY6$<N1J(3*URqC9#1}dn=gXqE<OMq~9^IGyl)YF&-uo~rTaSkV0H)?_UxGN!X%_wQ
z$8isPf7JKRKSTINY8m#6*L#Af<?zGnJpfNWp@*DuBFYBeD8!cvyX}ng=I^h9pbp^|
zP1v(%SgNaW6eF!75J(?~(G!mAA>TdD!v&#UQ}ILI9dba8>;ir^Lm@#cg5Eego;#_y
zJ%RaYN<L^nh1`25+7{0-SVK^`p!o4aT%?)%>u<WYw+fzFc%(;HtAS}+o_kzj9EUti
zpRkXeAaz*Lj>uQ{s=_PmavL7{Fu<WPa@FO%wcH5#16r}Bt%{LR!z<*G`{26*8Q7mw
z@Mm7Cst!G{Ru0)8iU!PNo1wr`%=n?OeDMBdP@r@Jukj6o7FtO30zawT(5)Ik!m`I<
z3&qt}LTLX!wy8k==YIVjJ@8(lU1@Q_a*3F{-GAR2*?Cg6)T4bk+;r=P760xi7x>wx
zgr(Bsr0?`V`Luw84+dB&^uo3Vh6nGifT9d1Yk=Qm!{G<l$`J>H*Nj7c(yztg=7ewe
zkQ0x0?b8b06P}8T8?T9@Ecg)uZ>y`qa4v~<2CbiCI|P*uhaMD_t;XUVQXXot9e%v(
zxH#bCc9>=;dmedQ<Y&Jc+yORt2sjXMVAJJ5msSA$^Pm4z;eWgBw!`_lpQzbCC&aya
z^^z*=AFi&hMu*Jqj-4mO2K;dan!+dre;zMKA%Uj=yz<H`a?35ZC_eKiz?FYf1W;Mv
zgkDUHJe-^EYf-vp<VOm#k`^cdA`!Tk<46adIu0WbZt}eG_^pCJ`Ol#Z|2Z-v3H#mL
zQCs9|RW-HPDJTRm;q|qb-Iu0j<*_U;i<NK+`*ilFBeYUMB1ki-=C4v#0vUyT2(muG
zn>m=9LGh|$!5{0e`Y~E+8n|dl;PQ7Yl`s|zKc5-zwhiD+V9>$os?n^s-jC&>IL{Lc
zD5N`Bhr<ucd)A(?RF72njyA+&KG?0&fCO40&_@7+r4`?6B7S&;peZ2yuvSmQNk0N?
znsU4YbRx*6C%kSe;FW;*31dG2-x(e?*p6?PCXIv%Bdv;U2#XT9&UWy~0?|b8d9pwV
zv)C})Sx52i@?G216#}S!5Y{3G_zI@}*DBTHdr1hsEc7K^i}*{Tf>2U13@4t9M5^}z
z<sh8Gih6~idgp?#44zAl<2(w%!%;C3I7ifYTN(Imuy!bd!X<A}Zu!76Dc>AQ0Or9T
z{Rn8_1u#_;%B5<{9(wd3pQ$LIQX)rJ0F-ec@Klb5G&hb25x}w>{0(RTe!^7mTp?9E
z^wNBkq7(<M7?ch#pUbgse$kJFv6p_)e?OP8vYq_<sZZpqd*E2M3XB<0rg%fpD$CaK
z3FIbFzs^ui1tsSozEcmED<gq6j)SND`ymNzqoT7OtMC+P{lO_a!ETyF`2zb%hN{Xa
z`~%<y&)h@Lm2p1~ts{O&Pm&fFr2;BNA(yM|v@ZCffkHQr4Sel2Y5;bS$DUd!M<3oQ
z1Nz0WcmtmKnTC5llYZ{~*Z0pW&`)bI?<}nyb>wSrfq3{AMgQLiuNoVOLOR=uIyBbH
z0(nklOYfc--#j>);wSJ8`FTe4e3fIs*}pFyaL+n6LGi_4^<lZh)3XQ18wb<Uj7a>a
za)Y$;b0!HoHNl<j<tH8sng%$3`&c{H!m%Uk!8I-_aJYTt?)&Q0`r+H(=z+4}=+P`v
z3}J~Y>944W%X{xl<A*6Dh7VP!HJN*rC?<#sI1q4PBjiArQvh(lqR_r<*)loy*khr6
z?T#Z}-qnF@=+L3qBehhI`0EU>`@<Uxl>pPHPnQuRM#w$)+#^RFb(HM7>#n*oO@YDw
zzU;z3`N=_n&J(F1p|H;L-*u&xiU0%(`&6*xaCNKa9B5&Pj`nh^vG81r*+edzhVlRk
z6}){Fz?FtapEO1@nsdkC`G~j)Ph1vOZ$RP@%Xy~5!)*d>unfRd6XG~#HK3o$0Zc&^
z4&!M)5QcS#su{XV>6lK%0?q#mvBct@96l%JbCSjKSqft;7!30iVwvhv92^w~Zo5JO
zd&lXfdm`=>>K8+ODCFuS1StHN4KJ_s;2+B?H&_-RJpjFU8R;O9Rt36`zX%_5S@4&`
zxZ-DvBW?=*?Kn@X9J4Mu5@f-oS84WWAUxkH@}>>%2Av6V6_I`i;(*r;4hCD|>dHrM
zo>R{Ei&jB+ry^K3;ZcM9o`Vo@V3iyg1@qd!ES2n(ffB_^WG;bkneQxLFnjM-iDWeZ
zC@lMe3KuIY4+5Tr6~YoHaA-P#DWD-x(8vcG&G|mw4rz>MIer|TQlbN#j~3$XkVYKH
zlc$l-{PW|)V~60ScZgfv2h=$PQ|SmC@-_akK^}VM*K*nAH{&S32V|eUwt%3Fu?Iq$
z29~>uupDX3TAa^|>i}B{&MS-N-`0PVPXx_}PU50qNE`&uw|5@NN^U&-D}iuHrQj?M
zR|?zFSO&hCddbCC%#r{7?>c$x-_Oc@_gyAuoVpd}UCZ3KW_eaops|$T{;(>Zayvkt
zm&n-Ry)#5WO4EA^)C??RMR07}m9~!|035e{7=6|T_DnE_4$qzB1@lpGr>}##^V($k
z3>?i_myv64Y?VvTuaO~xD%3)tm{-i_4_bBz<71|$oO{Ylx#NyAq_PS=IKZ&gn{WBC
z2lpEb2iTq#f_61d1XpsPODX{P64SvSL!Ul<V18GxLg}novo!9=Bag(Hs{PagfX4z-
zh^MJJP0k6+bLFWt_~3&N6ut)Mx6nTT!|SiVE|VrrQUO#Wd_OEV_<%U@I4}R?DHSMf
zP)k$D=g>+1gt?;2=RCilt%fk)4%<nlbFXL`BQ6EoByHqiu1!Ha3&lVxmC?4O^T2lc
z3cv`?tsYb^n4nBycXb2Add-@_MpK+%uTHlp$YV;V^f=tqt|JYQ&Sbx1Y3xqj!0qbn
zQjIz{fnXd(bK>CMe~PS5RCk@R)xiJc;tF_JV>%j)LkUp;qCj20h;^k|ek)Ba1<=u#
z@wgy@&<h_g{BgH>;WJI{xjG&t&ke>w655sJ6_CP`SUKQWQ^z?gQ9<)R1$r38Cn`JK
z)nb^RJ_m@44hosdiK5Z!BKXYr2y|jbmco03If@=<NO~D>!K+rGeu&T#@x!Z@@4<6J
zL=LzTIR3K*_LOnYcK}z?sBGf<7lu;6-6N9?nxw@F46a`~4tSrDwBEW<`kXUbQgM9C
z>I^V=E4tjvfNwejy<gu%wY+)klXAsnSIDFtC(F6tua_f_d_W%jdoA{ur=<mg8@=;u
zU?;;{y>@tT=}e%hlD;VRPLzr>9KI_t7)suEe9#z;TMoa0cF0`FUKFi}G;W0nhOiT5
zdLVY`fYLp%>kO-4*<Wt@-J9}_W4|Xm@4Sm1(>!|gWwP^5AsM|zxwIsy+$QgeiZAAa
zqP2qTN&;}-S>71E{;Q$Vt39j`;QzCC9$=Oo)t#@-X@WG$qcj=?ERX?7fDi(a)_@2O
z1e0Wg5nzK^SmTue`};7)uwD$<yGACMC_aKQHn0W+3l=O`1Y-oqk_ZwAkcGl1P3Y+y
z_WwKQo_FirzTN#gX}U+RW?om_s&h`AI=8BBol~huSSZgNw;Ha{Z^|=IYmL6$yff38
zestYvdexum-~qW;zVy)a*z>ohVV#lCd^m4~J_6TELNOc|*qlD|`76_%X?uFqBhM4=
zuuZ(ggcpAN_%?1-M_HLrV$6zf6IF!_D3gs_RX)m?Px@_y@>a{%n26KhN=3By9OVf8
zg>v%i(&Qb7DpTfo=K%}dfRDJge{e})!x;cV{9yo~vJdDuR+RfoFTFIKciwqAphx=;
z<xm`>u~&T*{+n*PNmkDfrpqq7%!~!#eCIpgF#`eH2XN6)>_LC3jU?jlZ9ej(Go_PY
zHa}JZph%gr8s8kHPs(IIBSjL$pY#cBytD5<+Xyt!nz2q<3O9xTVGrom09<dM_IB%p
z9L^mW-#=;ZVoHiRGy0(rFI7DQ9^AkqJkw+hK-txDdlc2i;eQmy9b*;t|KpsN1sn8u
zDtQCepV&$ekU2~dDSYs7g#52vbEs!Ha-J>8{*)Yf+=S%9Ede+ez0<MWJ!q7f<zP8~
zZ?^QmN-Jc;VS+5@M^(>Z@^J9Y)qr)5Sm^P_Mhkiv6#T<viNUb>)C=~Aj;Ovc%b^?1
zZF>N;p;e!Y%ZuR&>60oX{LFOfNd&25_F<Rbt7r1?H{;t0CUm&lq?UJ+ABRryG2|u#
za{xPn8M(qpfKOl0-csOVI#~bC=&HCwPuQ03{_?K0XVb3qfagCU-Q6{wIwn~GWEDw8
z4<9K|Z+H%$xNvoGkyhu|!AD&9IbK~{p5970XoR2R)WzlLt%U1n)Wrp@h0+2h_v_#l
z$A8_baP-7Ly7KQno6f)ABhqhQ^xHOWIRE@dq(AzjKTf~#-2ah2^`Udpmd$r5UY!9=
zKPPSBc(;)d5ab(fzPKC)*eb2MxcO)So6~EB*4olHZuF<CODnayk4&HX^taPLeKw_=
zfAKmpPN$uApY+j>{(XA(v!9hd{C5vc+mGI@0|J?%k3QMJia)KCXXD7m3so)C%J^p`
z!s(}OPJjO%U7e|I0EcYVRgMxTH#L;`5sGJz<<r)wZ)0!oVEWoOC(@t2DW!k;mrK*;
zEn9UK#6J60GOokX$I;C(zT<lr+hX}f@=Xo5UX?|30L}tqA}PkJdD()0{5;;q3o0Y$
zf3e~<FKdo-pu&v5DN~e-XZX*{uo!PSEblpgzifS8Z)IMrJni(QOJKtp0AkP;GxjLz
zDF5$&|NGO07hY%`7-=IYjcWLG05p7?K`t5yG^pUGpMH9J`O9CPzW2TF+3f&`kLv?j
zAwWk*qw)^W6$oh1D1wKji+kf^AQL;h582p9LFXiJU6q`7D1~yZs42-F<-c2duzUOZ
zwU<!V*O^H_L{Ob8s{*E!j!~eeZ$L}6C$uF%3%n&`WR1h0)W*LaDXhpHWmxM1G;|V-
zlysDFSFssR#Rs)HY=jp06L`>>m6FQ#0O+$4l(?YU_>8I^MO=`LG>`Yc#JLjh+YEwF
za3W8~&r?YAPc}CYbhmJB0JHz#Fhd@Egx{PGv;W$D(X{m6IdG0W%wMkh(>Tty6!@E{
zFEe-?`iD^=cV+&Pfw)5X=Vk&Fa3CA`1)zK-iH<A(G7af0gQ8yLglodkVmk^~6r%KV
zI9YeM4sk;97g6Zqs6S)}EL%>dn8}rI<zxkj>?eSBs9qWp4}x`}ingL>w9!<a)eu%u
znDI+>xl2F#jHNhu!4>TJ!y<p<qrC`NJ9(8P(60-?Z@lhCUAy&>^v@spRQlM{{vkd1
zJx@;iw`w&!8>2aof;u8cJu8C#QWf14SMXGgv-cmkJb;H+g#DqQ1r4$bIQdJ;Gw|x@
z*Tq3!@$=?Mn%tU|$;p@WGyai*l|75AlNqP7(e}G;n@m@}_Ot2qU8kkLz54BGs}vqq
zuyKg!%U}MIbeGNr`t=Lnk>2s<o#}+*bdG`gG)}#b_gk<+Y0F?E)Jj|{Fc4fW+;Z_+
z&2xVGynp&y`p`YYz3D?A{dW34Urf51`TOaZ?Z?_!3I*d?&w8e9-+b<iUz*<Z+9T5a
zen|)aX|({K`x*7c&2IkumJYX?wCdz_An4QXx^zvU4&apNhWEMr=8jKG-Y|x<V{=ru
zUVQEg*QEdTcPVj}*4byDZEYcxzMKZM8TT=c=2~8;akhdTzAFVeR~F~CmF72<KLNWK
ze5Auq&QngO8U_x<7##qgF=XI}U&Y}$r%%4%qC=ohFsaBdhpD5n)^YG-t8R;O!Do~y
z{8o9WmWB6=zQp*Rw#s{Db#xW3Rr+nX^)G=9X8;J1(jn#UzW2SaRa_4DqY_6W$(4WL
zqeH=`gP?*x`q7V0AO7%%?K}at5zqj@rx8S>qGRM2ifMF|IS&VW7`cqA<LQz@-^a1N
z_9>YA(Vo`*@67U(+$Y6es*?->e!XI^o{=eA05}hTRRPSVat;6o<Z#14-l?%CvqRhU
z`DhW(etL`mJ;kzkW{WWd@DD#+vq~MYt@xobbKo2wJCsOfdYK1DA@vmmUUoi(&E;=?
zB2@~e9iG>ml0QX`&K(%O1pyd8XTVcDPyZX`g98r!Yo7fN_>w!|P<)Y4pUM;X0U7)_
zJwL;NL;oV4Tq7JIq+wV0DUHJfa~H6#{Ob$>DcBtJNB$u-{BVRv^`X|u5`y(Z0fR;k
z6JdOCD3fhz5Hl$K{ThMB@?FC(h~Q1A&zR6mKlizFmH@_xE*Tl*HJpLRGulLi1=Ot{
zutXuhDe*fl1J;O6k)m9K{R4&7TvQ-rxT-Z6BCIdb$`V--FofAn6yhC+A&qoCxb!(~
zw|*qR>N4CZJ5Nq;e*0U}wxhPCcf9bODP5S-eIEF@)VF28ZlI{Pr?TSsJ1(E2Y>f({
zh=3t2D%?`z0uLI28*%Zx8uV9#R;zrhoc~#Ui)Qv|1=>&drJFx^ZF==ZuSzff!&m6q
zwIg(e+-@7x^G)Bpc}sfJU;KGG`>Y3~m%QW+>Gz&Dpp(=Gbp@Md0d>N9a02K4j&eEF
z#euOHOdZ~Qal|j?);iBR`py%F6%Oy8NjLstI(__8*QayNf2sEWzgD*@9c2J{zxL9X
zz9ik}KBuMMyzt_5!Fl`BgU{Tg1Nd}PfzD=7SDCrG{FWQHTs+vR!_C;VU>(eA#?{lJ
z--*Ky{X13%=e%Of8qpahx9plumw)vR8RegpuDIgW>C7|FGDWvv%6!wuuv*0InX#Bn
z25Ah<*sf2r<b1!DqAYTAk3NJp;ggYW3dT4)lvDDJxEwIX>9pm&x{d)w8Ap5_e2zO`
zIB1e5D<jYe&=;0!=%0`NQsOC37&O2O-tbq;1x@JjZZUjNcJhrl3$*_nG!keYwQrze
zMI)qw;;y;onsmSW-On0327s{Mg~AR@RB$>3!W?LKt1jog{PN35w(|kDZ{Kc8KKOjJ
z;um{lz+G;KVwr5fKgf{1Vd|+<-+-*3MH!GiKROEz{=>OqKdldflp)D)Qi?vqCsqK&
z$;EsyW~B&W41k!?(f<E|p+O55<c;o>mI$(3oxzlU+H^gV6!DH?#u;^~OX>XM(7wqT
zt%1|KrC*#oC=bf5`_P!u7J&}UU}FHl7=RH1#T*y1Ae;~Ph!2AV<<HZA&0TYv4>mDq
zV00jdyc{kAupJKNpPaigr9P*Z^QR3llAZJI(u9uZ;34s>0JHxCMfsqW(*Q1TS$m;3
zshRe;-GEe=JMxDXhYb!&!R;wzkkbl2i5nIiv^HzS0~<l0ox?g^{yIP4jx$52y|=wm
z{5f-i!6WguKN7g29-#D(NfF>I0S*wfD-{dkbRR_*QWi8aW?!%VQx>LUS#82i1pF{O
z;F$Fq)XaYud8rQTY{P<%p5aGe;}g?qM5C`>wFj;M<KRQ%4GW4K=S{HsWkg1^E}cz)
z(n)&T9e4@E_XFeSAzKegulpZ=raQo2m_G3K_ohq!`#YRLb}UgHyh?anyuPRp@l0yO
z5hgxx2?yL#;-G^I+@K%NOQ8j9l@B9+57A$YS9pQH9Ih@78L%Kn`}uQs+ul3U-@NS-
zDXYV#BzPa;R|?badbu|*-IU&W=}ir^?Fwx<nx*Z^HsqtYV50%J)VPcmG>l#rw-M;W
z?v!l(*XyQ&+?{>iaC-N9-)9Fh_o{!4VohtDz?kZgty|N!L-wQ(|I-cnIp!hqbS`tf
zoP$7-NmW)vuOzO);9Aj#ZdL|(<=IxO5SCjm|3*vrbLwW~C!fVi*WGT}H2ysLu{+bJ
zKYLkv-v=(W8GYxVk-T6a|2{GPqo2e8!0lUXqa*8u96WP{FJtwbR*pkGIq`%O(tS=l
zO$MX;sBWlo$e|3^jlogUaTp8g(k*eBf1n3lCK$J>?y@!Do^Z&Pa^(h%dm>-n31#NJ
z@{Vw!YeoJ%&-d;ErtPn932Zn6KvX)e`ol3W!(DXIMW!&GdFGjoN=b)=qa&d*$1e;7
zH{5W8odJLmfI|asyY04g+;PXLGwgPyRuvpre$|x(M)+RvhjQCp>yl-6H}cesyE+9r
zCT22GPi;R~kM2=c$ISBmp}`?bWBGqik4{|Iaxw2b7-*sV>ti7ULA=W;9rni{f#uXT
zGpbzZSjNY+eL(lgi==YlpDV+rZ0RYS(NP*76%H2c>F_(@dpmswAMBMlrwkP>gOj3a
zA6(T9RyLSX0D}ZG$(BMY`MJW#c>+suVB59^DYxBHtle3T3g)H&Pr*>YY5q9m<B(-}
zBV;Qj1j8)>p&uAhfkznJ2^l+pLB=+quyj)01t<6@_ohrM9Cted#k(V4mi_mM7HcP}
zc>;%n&VJEh`98`&Ix(=MIPcAd0N~l*kMiFmMS4hWn^ME8tspHJ#2CO}bH5aSZV%|!
zdte0u4!ZmbP@>#<hK)qi{{=K5;=FhGf<I)_N1r0UAnEwUgV9xZLiuxh0Ry6~Y9HV^
zLi2lMbxXI5SRC~@J~@{5sf}#Xj3oV4+Z|X5<O3YS987x09e1R!-*8Rp+O|3U@kK99
zCmer*4WM(_1Iu+g_l5*$jC2P0YTsiTFPMUG<Pp|SHQ-1tI=uJ4>s@MlATSfAHaX!3
zhgn4X&m0L*?=hV8$Ph~xhvOz6uJ%1t<Eg4c&Ws^m^NNeD-H@(F$(eB$2JN<6Z3*yN
zm^AC{WmT(FpOC!AHLJZtW8alI5!8R)YfJ>SLXWXx!AdPSb%fi#-tgMjrYo<$I=$=_
zuSgd??|JE@ojYx;NqRWOp3GQdfLN>VruXl&wndoR$3njd9#-3D#R1AcW9_vn(_%bR
z=J>8v{l#$G>FZwt8_oa_BK@Ub`XviSCxDXw;upWzl>G}XxF8*W{PB%FJEZXohoaBb
ze_#FTS1k&QURb$UMZhv2p6SqNd<+=y$;&!9Iy(KLK?L1{&8N)6!#XitGb8Nz;^Q0&
zJW37w_4%j(harZo0lhMw@KNC-)34P6d>KrsR|I?hIq(m9u7D{`S{v$Nf4^XnY4J%g
zd28=KOS(~)_)xgQjS}X{VgB(TjFRSRxR#0OU$<t^F$jokljGgtmj3>NJFvx#6kHr8
zfexASF#@3Qm&O3`Q7GpI*wP<KL*;N9RZDuFKly5~q_S{8PZY5zndRhC^0BWrTo`Y`
zLcqr}^0R&XqQ{C0X5bOJ$v6WhXt097{84TvFi0cEJK$V^%~ENZ`R6lDYLE#?d~OAZ
znSY)GR>8tWDV)Z*%E1i$fa)Jh@?{6mEQ%-xWAb^gV^X|FRNs2_UItVT^8ABx@DtBD
zUl=sT^~2aeJjR1=<!LIpB9vr*8Z$WXqB!&h_#0E+;Pq=zY<w!s>K&2cB21dfAQEYy
zSB3($vwd2|IHVOy@!?;7osG=e{z@dk{?A))xg|aES<gz>>!8^G`_Yf4a~}NQwDnNk
zxow7KDn#yhxe*sHnsnkKE#f1N^l(+&>N9XliCZkspatEWuXrXsXha-7t}ZQ)tD_fq
z_(3=Ph{MMPEr0UA#NmQA;egA1;^iU=cpBP5j)rUvTtJI}E=1;DmxhePA>+23LmKPL
zkN4EdJ6e?UM#EYZa&dqfS{ie|`eiRmY|Xt?+jP%7>nxkJd(xAhG-oM({;gd4*luy|
z9D?t>8v(X$+t#F4v`V2BI9A+Z(4Yf~a<ziDmM|ex3=?g4a7bXo833XZo^r}5=~sT`
zSJD^1_(i*3=FU6sOebi$(2Y0Vm_GBF&$RS*SVcf%#>%);Rz>^=Yfy(3k$ptuh0@P2
z3;<ySXeomY41`?hg!-kdvy`7kj{@H(g};Y5DMM}`(6up=4>S6loIa-g(Cp)9wSdp&
zquBT;ilzTOS~|ruia)a~%<{AM40^~GNBV@W2kh3PbZU*=P{L4*QS6y>#}p9GX^W!8
zN_{du;KjEI#MjR0aHw9lZXcM^a&4%974(B*>wY;pwA@+B&GB%i75dtM8LbJ2_gr-^
zIhvajJaIiC^TBm4aLL&Z35?nQ5<0j-YB;t=ATL%5z-PFC<C%1BSYR)|LwKr%QLyDK
zMnRrz2HwsH$SE3_PVm<fJjoy907i;DA0WUdZcKcsR;5jPCp>#DrC-Hk#R2bmljxex
zAA~ZWsy3ptB{)xDlj=e*2B3_#f(tro#Dw_b>;jpOWIQmFj^UWGflx3OOq-9fM{<$j
zfrAWtRiAq`wNKu0ww0q1<Id`YA_Z>e3D_A802`84FKCZ)ET^PB4(h<u{aU(=;~B>)
z1YEQ+duabzH3`K2$E&ZpDqZx)f1F<Rl&7TEN%`;B43PGjC4DFw{nn~w+9uSNKwAQB
z3A80(-?eUiM^Dk%{?FC_K3V5=J@lzhO@H;*f8F>D-_v5^TN`6vCJ$HJaR@mRYU@Su
zkMhNs1Ko)8ySP5E?KZXqHryMe@u4VkHOK2-_c}8G9H9e!nBhnH$47xDJ)iXlj~|to
z{ry<iFdE=c{@D(2n)Vt!>|qZx`ZT_%@c85z%74Uf>{q`q_sGYTb!j!DgtdfulV&85
zA&w4;0|C2b5E#@<|CBbFVI=4;_WmQIkT<eK`A6Yry8x&C62@?VLI>?>oe5xSGVfQK
z)(o@%mY1us<cg{pi=v$iIB`XY5Wz0AF!I(z31g|kWj59oX6lB$S1F(<(#*QMDhs_T
zrsFU6H&^mu1~rmH-=N1zgmQHNW(;>3_Z9~)xaPzE95()fYbw3u)MbYuddhq>Ck3sN
z8&F6E*ihZ!d$L&i4`)@LLLR{LPPuZB6$%`n7c`s$|BKSyZ^i+8C5m*;f-+B-UpP8%
zkY)dZNAV8+6*L!o5YLJNa?8&qXaW*2)n!=nW+lTG<u5aVa){gwy3E5L?Jx8(fMAfI
z7GRDbpQvl3HFyIf7{gZr#t6<L7_<7UGXXf%Pw{paGw@cAOEhQ^H7WQ>84S3Qpi`N^
zFL{%1rwlRXRF?t9IMA(+Zm*1RxL9hrzc`?W)0y2EAbbs&sNZ26FogD>Wl3OEecI_K
zos=$m(TmdGy!zGYzy8keNcdVArd4G0YqW=`C(Fv9jntMvTLNtfv?Z{h1ZHOTSzmk3
z10R^K|J>)&saoZW+pco~Zq^pw7?&<cWEB(X`x)>0xgqtFHOt8k<$66T|CA;49%Q|D
z?>@UaJ<eiVPFdSH2VMdj&H#YOLODlS|JcVqmY(^{XPP8g_D?0HVaDDWEOnubqI^<$
zIl$vkE!{l)@WXAXKgvJuo$q{SVp-2_&Ab5zUi?TW9PXa(a3bG(!sq(FDCw9K43@t}
zLuYFQ9TfYw2DI0o<>!-=<F@R7z^+Nba8jyFru++sTLJn7kCSLkzSD~D>r>}RL?LVB
z%2tC;DMqFQqyHF|zYDIq3q_I?_$1vGQCA`fTOLu0f<Cwm)-f=cu>o8udVYYO$8+Fc
z9Ny<Nq3;|Be3?$h04dGP>~rc5DudrFfXY`I10W6z%DR_nzU(lP$O3D|3|GQS88}XG
zjAG5(pzP&aL0&j7namXS&Ny=b7+l~-J@7c?D@>o^4%mP+H2agkp)!^{19sN-{d03c
zd37Q0vdB$f0ZEjdH6TL$g3tMZcEI89NBI{7X9@6}mls%Ejvu(JW&jVV4=NAp2yi)U
zgaZd!IFx_3FpNu??^8Xq6$gs5t|EYWP}uqm;FTXM1z?aowVuY#2WWspSa9w@RG-Hm
z{n%b$uJAi#c$*pBub<9BDOMb?F~v+}YMWg$(6PeiVD7J6AZzn?n~cd<|L8~Qm0J4$
zvS0f(PKwn^D78Jwwsi5b;ti6r(zw;61wU1K`Ewn=RsQ3-j#eHQaBD?BcwG(p!E4U{
zLiF=I>u@8k4z3zkeXjCQ$44vl0|tCt<P-7pJp)^X$>RvmhZ}fxFvQ`&T?o#{TLxPE
z;j`V07x@QN(2MwZ4m|vb3z((G)#0rM{W`wtc&me3D6Yy|9sdi(1??&wo^gR&2S+;b
z0Ta*o3&kx&%W=)fs&C%3X2(xC=9u)&_r51R^r9Eq0lYvQD8~x1)jA7+6}Ql1%)Am8
zdP?{?Eye+>F&1Dl6denFsqHqd1U94rAjC}tf5tPOk&aP^@Yh-r^vO?tGLmY2i~%?d
z1T3=&_mY>qBt8H6&$n{}h=*=8o@g*tpY+veNWsH;@|oGEfp=)X{#Kobpn{q_Q2eJP
zLzeq<CIIrB7$3D26=n>Ol8L$*vYM8XW9I=VmTd&lv5{`{70+F=_RS~+fMH>Zl?D1H
z_yE8Y_(Y%}nj+Nr#)L}gGo;Wp1z)hJlYDaG=O~^|xRI$pSPZKJFkUdTje<Un(ynLz
zk@w0B0p$m<ahPCX46xaB&Hus*^@;=Gob!x1<Iw*gWBBYWu0kZ%A%jC#rOD9`Eks%2
z$>SAhaxDF4djQx05jmG!JIXjS@doR8MtZ;lML2$rRsIEjRJ_AapJwR^;hauTD`}70
zb_kSz>egHbKJT2_dtLTbDF2kh9e(*#L|PnYD9BhSJaUbt{`2u2m_e84$d}a&L(~~^
z$_Yeq<P&7ZpH%|Da2o-KEfOCnK|9b$AdIbGR7z*J+9QVw=59bn%}%YL>7SC%vV#KI
zcM`}TqJy6H>o88*>}m~E^863>@VI1-`-5Nm)zl$5&S=XLD=h4#EmU~kL%h(1;8rtj
zt@CWtU-)g+$)_fcKGymPrFjo9mu$eq7$f@S`QYbLSe+QEa1;T*&MgKL>2<iov9-^}
z3@ASIVIHaWqc5*IGD{04JauJ%SCdv9Cu>c=F3;7BtK+{eZmsjIq0dNWMk`X!Ir)_I
zri(60uX^u$4JyX#H7IKqMZIJ-F=vD^xwsOCPQt3&7$Yx-R>*+WfAC|g0IfYSF43q_
zV-I-cM|dT9feX**1gwH+yNxM<mDSn<SY{d@m72=TN&uGc|Nig)e){frzngye!yl&W
zuDi|})a|$5ZvH0ipJl56TLU=p|KyWTwyQ<JW90x9nkzn_$1FF>t$%pjVn#YY;tpnq
zOljDxl0as-Xy}~Mj}pOI0Ha!R%%Fs&{p?Nd(xBLtddbH+Mjh8CIrb0ejx3D;CKN_N
zF&HU6To=g6|Hu<1n?Zu@cjlw7<^R>?<uQmr>9R0?!f6_oe<*sq9s8Mb9RQ^tFl9_h
z$j=Orf+e0X2EYRj{+K17*539o1`r?WHsPhY5));f6$iFDKtxFKLjWm@{|nkK17?AB
zEsOEyv;UD!xxF-m2%D)u<%rozkGDjF#BhR9%&!r2)sj3*nM4Ro+oP`f(WlwZh!5Xs
zW`B#U@^qsiOqrK-)<E^@zzkPGB+qq(oaMk-0`Qh|AJD+DB4NMYke?-xbMH`ID?IG)
zUuRE<HhgePL9cRy&s?>x%gZU0f4RK?H&n=X4v!)V9R|3Xqqo_6ZX@U|`jA{UMyU8h
zJmrGkXtAoHQ;}>f*rbm;&TFRLoM<Zp+iqa%TF6j8|L%LAHDQMe?$LIg-i8q%`Z9d>
z@)ax@?e?Ei0@wZIC+RIZdHOir$}n@+-PVVdsqIi(0!xzs&9y^q7(=)9)@qyPXJjzm
zVK6rseS5GLIJ|%~J~0}tbWj=1<puREARl-x{3@?>Hj&ooLj>P&!ef<`xu9Xb`m7=z
z1146^5sf?cv64v{Zj!-rNQVq}>R@3nvt$5X+qES?1JQW$sXDJK3;+jeyBp(Ki~uV!
z0HA9yo4#CUV*nvDW=9!kwJzWF`5Zb<jOl$mzPyIT*qs#%=u`*0UNoO9H+uYrGyp_}
zNBC4ctWZ?````cmrr5KOh6Y7NkNY!e6f_PRD!(`*fCd0OO1~+idX5_afb#*e-y(oT
zE!@Fc;pvP}@<aLOnSJcYuR~hJ^t2RtDNQWhN4}kE{N4IUhhopin}YyRK!%0}HIV7H
ztCyJN_Q8TwFcf}${kwH_5Xv=<K>{;t6EX~RVVx|LK1<UdSMZ_0sKGm|V*KC(3<gQ6
z3!YAx)PR6WU<HjlCQlPqnT6p|Ue$m!Mfs)l!5g#YRt~9Y4!*oj)VU~eDd*JexR{_U
z46c}2)?iS+mrhE(c<9zuhd7l~|2&kJmN<Cr09XH@+w2^VLko3eV^b0|!?`^DiP`ur
z&Dy&Jon8qU7^SZwxM1;%?AgnYafMP<dCF<AB%iv$lKkL2d~yg_;y6oylm01b9Src{
zDBB3{P7#BK(_k$?%+Ki%5&7Y>a=^DGaMnTd%7h$`8qacnlz%Qb+@$<`*k3{s3fc;q
z<2hC|utmTQJv5G0z7o}7?a?A_(Z4}W>FTm6<%{8gB+kVc((M9p-Z42U7#W%Lg!~yx
z%~HqIPHD%B4IV7hd)c3d@7STkB{V?O!KBu)-OI|~F7E0`zz(rhJG=hoo70bUhQua)
zL(e_s6gybgZo^T-=eyXcamSr|_NFVYzb^eu6Bv^+5*#8U`-4;uA9%v?_MHp()#0p}
z3Osa(&pY?-NpI63%e{m(JNet^JuE$7=gu^PF+bDBKm7G?q-$=vDGg~1Mj7XG;Ed|~
zzC&9tFM8x7MMJ%z`lf6C^FPxkzWwd=uh(3guG4lKXq+s$JV=u>PtmFG=bv_}#vb|(
zXk3tGJ6|^K_=8*mHndYkI8g?o=bU?P`p7rFVK?;T#SR@I{CvEghjX0egrS82fNiqN
zbu9g7oV}3JJ|AuCFQn{m*7;oMG_5%F8pij)v*MX?{8D9NeT2#$#)S4NfL0{G{$QF%
z{_BswCXT{dl~-1jauil7B0pfL;50~{spNSlKo|v|MjP=oJbuJu42Zi#V<`>v!x#{-
zO^h8x50sP6Bpfmr)ZTp#>8m=dh<4SVWXi{#PyeVaf*k6HL52uq%r81O6xm5FrDY2N
z?=gP|(4U%=k_jOVhV<WD=|{*18S&%_u0TE73<7owK!Klo-~=8DP#N}ko(nQLn&Kjs
z{n}FGOfjWwK7)_44NSm=THZvY<p<{qTI}_Yn*~amWxB^jDas7MWnBS=g5ar4^|HEw
zfH7FJ5}Q*)LOipT0A;aT12L3GkA*Vt-B(ED^j)%~IW@g%(SRqG^XE4Wgj}2DKB?6f
zDF5?0u%L`0&PolI(>q^^EJ&7=9Tro~sN{+HAq)#{ej=CPl<-^^`C*vAh{1UToHUT<
zQN?0~0Otc>oCw$kj~Q^#raaUlu13VMvH$}B&i4L;T*)xrKTBmN)J9pQfvmZDut)C-
z<)3FK<FpErkhL@h+!*#I#wKK}Q+<#jpsx?Zo+Kr?-rF4gQX#37jy%!^ni?tDmZ&B<
zHUtxIFe0kY#II)DGHDswJh)iv8ig*((F9sN)WtOwy9uC<P(W8i(gJ<MY=wR+Fc512
z&Oqwm%3^q^4#wkXUxaJ|LF1FxfB3`cL*M(Jq3wRlTT<U9osEN`T`?&CSKs)b>Hcqg
zqm!-tee<vXdisO^^4Mav9BqBUmsViU&s&AOJ@QTN5FaBtB>B%iQEsceVCP9{4@bBm
zjC}Q@Y+wHOZ>9Hs`^q{}wQ*0s@9F6UXP&7}syqFo6#r+u=e={_Zu;?$(^vF+>t&av
z*FND1=}(?`fvp&HBLHP?rA)2Bko9um7QkytYI-QjT8-mbZqat=V9kH4w2YAcELJy)
zJe%MOT1_OI9*V46jcev~`LZs{#MqA9dsKhUJ^nZu0Q`IBV@>~}GmfRbSzoStN*cNW
ziZ(yo+_q!UOa6nNVQpqkTU?wJdI;m_7#}Z=Q9_U>WjsVT(oo)|IB>xMm)p-mw^|B~
zfQA3I0U)HYvHYdgngdj}Xk5`qP}Hfg{BSgaE!wM2g^mV}Ps79!4-J0AkrvPR&|ww9
z6<1tg{&S!ET*G5F4CNmm8sq~HtJQH>ChPo9L(avw1bLwp@D5m($gDka44LD$fPN_t
zHnXo@nm*Ce6|k@r6|N8&(AEIrao~ocF{Af`(&H(ma8TY*Me<Kt3Bw1$d1$2bAqAiW
zGODhU64`)kWa4T5n5PD`$9Y~r!M7hGD2`_|J6L=GR&T3-=MfB&vpWvr8<U~KB&Ted
zPp4kGgot(Jo>c>LXWD}vYCH4h<l^!R>H$HDi;(5`KKq};m;@}ZI5@Gy%th~#v;F*1
zYJ;Z3dKzJuKg;vAD#6M`OgP?e=?J5YYcqt+<U3p;Atg4!Dv>#Vlz(4>-)!)3s`KYX
zI`o*$cZHtyAU=zp=M!)!@xDEP*?UxfU(O$}UXteWfE%;^TKH-!3y7nK121qxAVt%W
zVNP#RGlV1h^{I~<P<v!64bEhuKL%?ATs~A&Yl}*o5I(mMOl#GEAt*eh13RZj*z2xR
ziXOi%(e9REkL?2a?4M<H5dEQVw?3~B@O?B>(kFwZtpKorW8+O6M5S&QrBw;grpkU;
z3VYcyjfAfUb86l@3P$Y*H=*-5-v6y{neu;{wj&;?Ns3M#;As?9w`gy7Xr)O*`IjO7
zSgl&TzYZ+^oMy()(pg6rf9g}|7_A(5?l})pr^fhZZhfrs7<|A(HLc1&FxC^&&TTn<
zM>>1^(do*YZ%IA+=Id@?6@)ElbRzmsI}vQvog|()^MvbAZ_w7t+)Xl;(iXz2q~N3c
z|FVn<SMRz#Jw#hEFTDRRrxE4zK3%(c-EF(l!*%`J>p%bbblTP}D)TvMmT?Dpx81#3
z0yd`9xO_|01=T~w>YKGyi*Y*R^}2dO-;NHzetVSfI+&#hHoh0=6y&*77uU=#6%Tmw
z4!tMF*san57aU~8gkOFpTB|gI2Xp~sx}5SaC9gK@>PukhHFouRSdd~~v9Hoc;j3T$
zYWkKwqIcYJhYi%IbUSwJNDq0)L()0=Ky2T>-RRNKnT4iea~{Bt^|4`gpJ#qFJS<oI
z=m@?ii#!$i)w=4*X0Jts)dT#(2oMH<1sOhw5`7>n6(sxKqNpPWWaamOYIvdaF%1?t
z2cV(+BZt7l*Eqpu|EI@oRuUS#TLXhYz)AtB>y!Zv5JS?Rc*ciP{>&DDcn)~{#?F97
zdI?3Sd@8Xb4nH6K1q5;Yvy}lF5+WC08Gwq-%sCe4;4u8aUcOJBc6LC>W|rX`@1yA4
zZKl0m4l<t!5@Sv|qYr1!XR{n^_FpO81w8}PALIcYaQdX^*10IHFG-ixzF0v3Y{)h6
z;1uPV!=HK@s{|s|hNbpE2)dl!&q0DX&!?owGqJ?@ti6m*f@Nl0RjkRCSP@<31r3Jp
zDCZav@>>Fc&Pf4BUc)jpaHt}y1PrDC!YlLgQh<X5F&I!PmiuE|$mtS}=V&vEGROG`
zn&eMI45|yopVa_l)X0nWRS*D{S-bHm88fDoqcZQ5A&GM$;Dz*#F5s0Wqrj~8=FW;Y
zOdn$asEv2BB8u%h>SJd$@S(o3ubDGF!bt1fZM?t8m)VR>I{hEVA&dHOxU!}4mQFG<
zp@vUN9uCNe%YD*#A&R3z!dMy4`1V+d1EoPf(kgKcTErLh8-B#eUl#qqgHGfxe@>o}
z95BGkEt+S*G=Q@RkTciFGb>{g{S3Cj>q2oszo6GdzrYiSs)iZ8o4!xf2@;BYT-h(^
z(T0@%rJw&iU8nOSz9=RBlRvp3ouI98*J)}0;I>24td{y~0AlS(GY#o;SANGbJWK}i
z2OqLEy<3M*9-{&J$F9C6J@+%8O{XdD!jJt!dc4Lthi~5G?a%UdK9yrFkI`>nv|ot-
zhPe1X?-OsLH>@kaaI+}?x&=ea^z=k$K&fZbYtKF_UHpJwHq>6>{YWbZp70O<n05{h
zq#H&?)2E*L8|i^McWGRPe?-+ULt@&qJAL*$URIR<=bU;<dfQW;oVH1Uqepzv8TU(n
z__@!g5B%VVmd{%+zdZf=i6_`L16u`PvHY<YpZP7sHQq0<b?>~OY2I?_SNLekv&grJ
zK5^k%$rBh{m4A=*zh%8_$Z63$bNt{#aSgmk7wtwI`4p}xF2irUrvSvy(i_1D$ZyCj
zD~BZ)FzTB-G=9hR=$piBHske$9N#C#^ZeK*j2_U`9u`8LCylnnw{WSBF*IA0my<tv
zvdWoq;Fd!paL{*{<b<DyTS{3dJ33U`0I(FPtq<6BZ2+K>Qz2<2obvyg*Suz4slEN}
zZ@07$edt5!30g8ng}(m!>(lFB|N8Vr?PFWa9eeDt=@-BFg*B*H&O*Zo0|1qKqYrKu
zlR=(tof_If;ZQ8|)ekg!_T@1fIIg|191O_5qS(_Pc=+C_xH2{^OJNTO`{4M72tVX%
zpAp`<lKA1`(~`$|O7maR8Iri_BrGS^3{*TB?Sk+u9~n8PPbuAnUw{?y5nBKi9<suL
z%>c~87)tnQj@@Oc6)92-p@7odfGa2)(lY*(9D@v1eT+<o92O`Gw+;-%@WM&}{^_Ne
zkAVX2yyU?RG@N1{Gbz5iOu={Qh7>3%HzlZL7+tV&#K+Gf^haxU%-8^ZXhXv#6%ft|
zGU8x9T%<>SIV8*QDOZ>3Pr!vAaFiOu!<cB=83BSv@<MS}Amn(F6g1!}&I}kbV*^GP
z=e30KXN&}+O2rsr*8v(pkzbZq<bkA-3rqevh;TqkIAC@3gU5K^QHFjS&`VxIGMFGP
zI)THeJK(u~a7>DS$4ne_DTE4+y&sG7+-T#hW0+R?#wWF{VP-^%hqhhF7+`dj(e#8?
zJ&eha(9^e~{gAm#4@5Y=Iq?m!z6(VNrN;(&nXnE7gY7&Ihy<)nNV)y76#0Ms#m%W-
z+hYbbCV1kG9o7!4-l#2Janmo-Po*$VsjfWu=p)k^haH|?^YMR7|IYalI1SkMj=IvK
zWj85Nw{(qem)huro<DW<e;C-Ef_dFT&q>Fzm2PBzdiKs8>9bmb|B)MhYU$tq*-z8?
zJ5JP$c)5Sqc+@xfyE<RsyD~6r)}f!Q@cC8YZtfKwHP)+k?MmNK8V18j847>n<dbxj
znzo6lZAaf?J%`FF4axHIdas~nO_R<AsIELXp-<oQes1$oM<BYhwsJs5NodHOI@q61
zWSawRhz<j|-FK%u?!L>?`ST#H0@#N2@$NfKncAjuzgR{93;>Ulv15;vlTj^I9)b>X
z%R8+Gm3H9XBLS~#9qd_?%U7jEAHJ9@nE7Vrez{6`PJcND045(><u%WXFyE#4Mpe_6
z`V1{}o#n2G03YK)+ig4vtZM^+4ZbAPx4!kQ=}-RTPtqA@oM9F_X7E{ZLgT^F5LgO>
zHSfX;FSP3bAO7%%r&qk<73n*&GVk2E)0XxF3m!ijK8-ehq~S0eK#zE=YccB&FY$B8
zgZppZp)u<pN_w@_3_2#XM0QXzi}z850pIsQ3R-gQ(%>mzW9fetC!QH@^W#n9x8efF
zeXk>dSE`F1Q|SMVhcXYxE1y08{5fbY#vS#B8CDK%>elJ^7)cm#<*Ng{eD&1Jd|C^Y
z135UuAmCeJEM6I53?K!i-d6(T7+xBn;D*_Mc<Yq%3oV@UDt*Y>pRatVGyDWB6quCe
zdPAoWc{IOM6iiOLx7#2rC(kT!h%%l;g%ZW>0L0^}(qrE|%74Gg$pFFWxB(&%8aPEJ
zd0xP<Z2&_;oEZ?gIGhyeB45rT;9d-FH)!4-P~<1TsB7Tz2DH##TRHro!#E>A(Y4M@
zA}SC0;E<;|d>(ig_C6w>3_Yx(Ypa0H7O*}~iaQ%WG}yMfQGgeq1xm>?`9dB!3Qe>8
zn&~gj?{L&GE<iy>09^~Zcdv{%8c@*3hNJ)JR^QrPC<PI}UVX3I;trYa*UYD8FZEGS
zL`Z7Aa^B{vbqVO*w)j46pssp9ErtCBmw%~|#ZRB{8)?Uutum;|_@_E@q4v!G9I|r%
z@vBc_8DV<l$ve})op+@}RQK=Fp#M8}YZe_x``9lfTLu6W<Gc2cq)+_(Kh-`JrE0cQ
z`6VgIT)oTon<s8RrZfQPAi?twJ2Z7z8;d%rjMdH#m!f^q<zKce`14n1pPByPtOurD
zn!$hIM?c<(f6qf6lm;iZr&%dcP9dkGys7uNIR8h7`<hWe<0n((Jyrb!?ZW#B+V{AW
zdwT{>Zd~KF6o&@W8OgETVRI2aMQN}6+BedX;{E(%j!s8u^+WGSS2}m|rK6@2002M$
zNkl<ZP#XQM=U5-fH*`qnlxX>8i*L-bY5!Rj3AEl$mY3af=nIFfC)%#&4jM~$oc9$6
zg)bf3G3Xoe@p3D4z*(-s4Q{Vi;H~D2J9-aoY`HG<v6awRZr*LY<x61Q8USce3>vSz
z@=8<wAMk(&B(?zLj>b!cV>`fYvU(q>1DkN~d*AzPc~2<+H{5VTj%HzK=RX<%4nLHB
z(!<f{_}v>EvPU^U1w;nXs42g7bm}MQD|n{!?9o64nQ>5Hz&7M0kwJr*|7p!WlFqZA
zVyqmn`WMbZC?=vihfcvyKv&;H#0Ra?FH<6fdgIPx8czx|$3zOy%}R1Xz&w|g!=MD!
zIjRnDI5T?KQtx7QfNc|yDsIX)P_9@8H+A%u5?AHikK*$c0<dJO17xIeA87vvx6H_6
zC?F>IkGxqF&v^}XjuLncl64rRRrJZpX*dplgC=1vS!DL#OYgFRyg?U_<i%cmZW8d6
zG9f}i7p0Xg0{JQd@F`0;$I;)&$I=<h`eA&OJPZvbR$zM!D+I8A4|Fn*FWiC#v>k%K
zDycksR>FSaP<B=oAbH1eZUn3pcfj*wy934;!!Odz0}$jnnJPj5X-DHy62_Fyv4wF3
zp@T!sbK-CLMA)Uo*$-14dM~|QI%9yoKp2vZ{lKvZy*u?8TsMfW(4mvQr$;AD7Eq#`
z<TpxNmjR(iN>QJF<hNd3$(tmj<;rPHGn`mLA|V781>hM+dZdMK3B{k~#;rAd*sJoE
zKSwzH9DcF5qUg2sNt;h*K{x!MgWpOVFt}Bqk6{uzr>VaG{*DvU2XDSL?bEW?t8ct9
z?Ku8e<L9Tl_n7j3q>NvWJA7L@oi0i<+HW{@XPQ3cq|~n!Gd~&LpHBPY|5Jj<p}bSK
z7<;H~+<mtcWjXqiryYJ++BzZyTn06}o>t1v5h%cg+k=wL47%E#Iq^m@>9>y8jQ-cp
ze^`3hSHGSft}O$vyz;xIOkbfr_2!h{e>?7&bdi2WgO3x);V3I(A7=b<`fi)suhj~>
zm8TgU6jR_dMoHkYDu^31a0Q+{Yn4E!@aO_)Mj9}rCmymTy<WjdjSWsx{DuGeHL%h%
zv~uEnZ5eo=(ofec?P07gkYhVi<Y^HWsXtZTi6@SHa-aBckrvPRt;7L?n=emKZH*SN
zt>&5MSH%k&;Rg>@xQMU9@r=u5mBU0hd|)FSK5^lyaXjOeLf<jUeBv2D=&26r)M-zN
zxE!v9FiJE(6xg|A&K3w1Abby(;+QdCZl2`DjXgNRE9D#f(0P_x4tM|`y?`Hd+HT`W
zVBH!3qEcU`Q($qNR2hza{>(0+^oL^!|1K?W!+q&XUrL|;^ruakNBL)I`k^|Mh6>8E
z8<bX73(x?={apL>a2yVTgMRRU!paZ)Xe<VFkp8hwMZI;GmJ`N@j<OTaKmOAJ#r~;5
z?P+8dAmo*c1-a3|PHL$lMu5D7Ag$`Seh9^qZY1wgT>&kj<9i4U;dm|~>O;+No`c8b
ze_efTrXW~Aa;6Lb1qatm*`gNwQ()2gN-^uw^sxPt95DnSPyXRd=JIpJ)e@Hdr<qsO
zvxahM`;jpP2uA<mfwu%qp1*U?{_}EHKW8VzL<v{{kgp(!+(T|W8;sy=rG%c#yo%C0
zJ2o3Mi_FYWK#oBzLJmKsTLjpL4;(y{P|dH<<NYs~<Qv-tdWCOG`HR9tnetpw<h7b!
zs|<QAk9b$W;J~To!Kwn{2F<Wi^5ePZxj@0sA7E?2;o>LG6=<{^-k1FZ7zHgeO~aDI
zl+K3WOa<}`>SdS`du)bgG00GhHqs^z|C7ua<M1mAWP|xB4a&z+{H2?8D~$sTqgneq
z1fg^@6EYNx52t<F8{DgYqhHF>x^}R?S4x^@T)gn>n%g#WYbXJfYi6#0WmA9pTPgpz
zFUtV%q)n>z`c{5h%l~n^G`@KJ=E2lGyw|qI_0b?`I8u%WRPV!eXvILsUMceWKGK+`
z_Z2hl0_a!U>)NM!r*`KD?ddCF2L?L!US{Wa-x*CYNP1tbyw2_GN^d^txODMPZ%U`C
z{hs^(u5cL9)5kbne5@u*_T4T1*qTLeP;ug?W2Bf})wjqTiv1ob;}`(yaIB2_a&uMy
zE>;c<%do*nv%rhK>zv-s^iTIaB|Yu?KQ?eJb4aJ^JNWTiciGP)Q+nGeJJJh|J6c;V
zSUK3}ej>T;-y0<mb*<QLvRn}`X7%yu^7g+kH(v|@D^cEK!m@76y%e4TKMVlNHA<i#
zpfly;`=#*FhCMJ6pj%#dE*b_3=H-`PZv2H}ev~Z3H*5JD?h%i8gem!7``XuR|2}an
z+XpWiHT!%x?1Q^DtM0JF4ogSqG+wq3uw-?|jveV--7AWbfXYl`fDZiNXe|6tT%+Ms
zX>RoAC~Guio@w0Sd{D3NIZA;BL(JeKi@?j_LQeQ7MpIgv*r(-wrf3zi4EXRlTx?36
zdQYjLM3N~bjfWx-Ll+cQ+uvOUsCf<?lKjnjDB{DPgIWStk{FfDi&cTGdo1dg%D}Ax
z9L$G9rtIU7A&(gbOv|%mpgph(f17EsMnLbJV(H)1td^)s$%HS?4X}d)H7G>pm<p;&
zZ_W;MT(K=pI(6{eTEJ|3xDa*D7kHe)&tZg7BTEc_m%vX*!Df{O27t&b=s~}V6M0H?
zwbcsTLcmpp-DW&6A(S`;A-oZtuP`GRwiw`ubABUN&&%UU*Qx?(%Fwm_{z@PX7d#;=
zV)@ID^8qO9X7NKELz=k2bHv7zC4k3ufcr5b2@mC;1pbkR1EUOwl${QW&V-C`eQJaQ
z47vrWs5x#_=K)Mk>cB=B7+AT%!JB{uXr5mn(^p``nAJH1W4qNa4^C)b?<U~}Hvzd`
ze3fRu6tM}((1fsF`CKpZI+*!TT~Iwg3rm;W5&Hf0Ew`svA9H9rQnTuxDaIwFox`N{
zu$24a+sUkVCrZ9n#x$HFXZK4vX4Xt;8n`r)v_4q)ZUC@vtBeO}v>e0CYGr_>ml%zZ
zwL7(^7az7Mee&j>^!4${bgc5=rt<4GuDSd^C#3B<jCW?wh_anqpB-QQdYoGj-+%HS
z79aLJ7tdNg#*Q#@M5i$#!$G%tF`L16JeOcfPu)6@e)@n@(!bn!cly7(htod}BOlR_
zLFEiJxjo|dzyA1V>1SH;@TQ%|x*<{!b-6bL&<@-SBw!6n{c>ypSbmWi<KNS6C41)i
zR<eD7exW+<UP(DtN-NhBR>DUc_nwo$Jzw*eP&Q8O|H@asVi+j($LJcITW+}}z3Nr3
zO3!-Mv+UGQl=R&?nU>}Lzx%ttYYl^g`)FV&_Ru)}^wZNTU-`;(+G(em!5~-&1vQji
z@CbuL8euGLGz^}@7_icY68W!3pU#D{hT}Qp6LI0&SqV}ys`5bjs?uP5Gp<f+P$vVU
zA<Q@6?~!3)OiBkQnPXgF3?aROA%T>d$a$_0{Ya0&LHKi_%a|%mJcnOGmWoXtSB4j0
zt^w2vOas`I*bXUIDBR49`>FsbgeZ2%-PA$UvpQ}|I?D+)({%crCBW(oc*2>&tmkrn
zeVG#_<;TAMj)npn1Gk)ChMPEMqWnezo&q8y#xwin$u;LK(gVkDEbv<i+(_V*RFeQP
zSBA=bfI{(Sy8`?8-JnFe;|G_Fm#LE||2q2KwirOqp`wm}<+<?J>aL#0r2PA;0?MiP
z29krB7c`ujUnNM~X61t%7jlq^ypYqdo;tN9fei+hmmx<E)R{)sjWArZ`ax?3G}|Tv
ziuwT``xm?lhjwe{2}t?x&_p1H655{U?^GifvMh>cdGL(0IMLx;g$Z3ZxL2!#hIGvr
z`-kaE=Ia|A`yT!av%^|hCV9+Xn1ZJ$I5;kf(g!5c3C}B-dEmea{J@R4c#d@9^Ekr6
zPvGF=0*-Lt&leXo!q0IC2VT%wEH1~-d92dU({h~Eq7NP1Li{V)dOh)WoZw!zxhq|=
zPYposr+3|wW_!ES$M?B1^6Y`mv|~!jzgCXK)&ag@5a<|p979xF>loH5MwENe?HnnW
z_>bsZovD4dDoF`+IBJWNp;!xf>$Hpo`)}1&y5hBEGV^cYY}z86zd5EaJ?LkX>2LvF
zrEluRTe{L?dUS~Ao?)>gB=B%q+2`;|{<u-C!rZ5P=@hK<Qe1{-VTv+ZtgM7N+{m4Z
zlo0?cNWrJ0gFKsdXqnLq5A907r9J;|p6E%}jg6-->l~5)xsUXY^k8ipdg~o~(o=_~
z)5A9F`e5a6{c`Y59>E9Uh_A-QbEM~Zt;Q`xKj=ZrSugo&m3|%ELV2!5nGO{HOOaX8
zCd@F4d{*G{vFZxQw2aC(E?;5XGGYP9_mOMM(TP^mA&2FDdnr@f0I-^G<DQ|lE)4)N
z2xKN6$4osl`zZe}c)<(O#TQ>}N-2szl@3Mpk&k?2diT5EonG{!7c~@r6nVA=yyG43
zNT-}~iVZG-$2dR(#K(X@7)OI5Ohe!o3O@=kaQBu9-byFHJK|pzwyOLiS75msuUoSK
zz{mR~t?C$j^vOstq7@rMQV;^3tID`nI0g`N@RSfr8fp1=v<f@lGdMY3d<O$QPm4J7
z<HOYy+5BK~5}e7bDVJur{0Xvf#DRgcHp9wx0hVJs6!91WrlgEU*~1UT)gf2wuV);2
zpeS}oVOHi^F;EU{oo^reFa%^Ko^s?$ad1Q|+YInoP2gDZ*P-G)P)fgwFk;GdLgWCU
zKwiI#^4rV0^@?+q*CT@up1^?`=LInH%|8B|dX&Za$DqO40FzRByQR#t{lO^*9Jn}Q
z$%kil`;VLQ&uo0GN+4C~S!TftJ~RI;+V9tUM}|RP!Fe5|I3EG!zpInQ_{i4Fm(zC6
zoHvM(hUAeQ$1849e`g07(%gyy1^%R#^^WKY!Jb(eN2O^<9F_-k9Mq-je~EP$`0<Pn
zZ@ualx<qe8`=<xB=eJwW>&xjaO-h-goce`4))$X$Ztf`wPzSIDJzj^=Us7y!|JI&;
z>Go_V%ab>&eN5k#Pk389LC<HaOgO%SGt?~_g4`AwiQHEGJ~=*<?jFA@9j)d-p5We|
zO?D1)Qo!V$W&kJ}p5YcGyiuz`UR5j_pbx@*e0Vy&Z1|3Jg80oQ<Si}!(5CsuXct10
zo1PM}$zj8T8b8{6?rYdo;*mi56gM5nS2_7gK>O#K=>KO$4=Aj~K<PP$s{Hy)?C9=D
zJ2rQu$8AdK>C$f=e$#B)r7cF}bdAOY59?R&COT}pYP)-{1gN8Yv}R@wTd@#UqWCT+
zbM%On>Jp46ZA`fw2G$6N{;cgbmIT(@Xsbzj(MV9hx$_eD)TchxX64!cj{+Zi`l)=U
zo_cCJ@4WL8TLMlv;e>Rf_UAqKxzA09AAWec_10TWsfPx1QS_rBMn0s4i&<|v2hyP*
z6@0xlyx{pj`*q4cJRvu>4Dcfi+<Y=b31ij8%-~SkFN4e=#u$wlx@@1bI!<-^_U)&y
zDSmjqz#NsTa5jw*52e4*xB=X1debux0y5GHH{hFq%Dm==K!QNa2pK=%kYnk%29Lw=
zsGqD5z{M&7tFM9&iJ<hYw##Wo+i)IqBL0jHftz8b+YJ;b_x8~;K5|TyNb#?DFP-xl
zPr<VtBxovaY&j@tP)436q?ohkAH_G9RJG)x`g%Mk>-(Pke$D*j0yoDa%q%>x9E#}M
z5IkSc-%t&=#A8NX*X9X_s{y<9-pls^ygyrYC^E$(4?ld6vNpTwbEJCtXVQLQbW8c?
zxrB|9mN8{bS9=r@4*S#Ge%j2rA9B3UvK&B5zN%-V(i-~A2vuyk0jMC07dVdHOe4|*
zg{I)EI%Fi05n%6KyL}~qmSmD2OQsLBqXZLbTigY~$?V9gC~j8Pyxbm+vW8DN@^F-^
zF0Pse3@(>O9o~F#Ra_&M{R#RJ74N5t7jO&lF&__Ann5eiW1+Y_&)_ris`{h{tsF1l
zB0YG@{h(d-0~cMLI&j7SAvbz{WS>r`x1)nR*E0t&@^xw(jl;?_9UmLPq<uVGvxb6h
z&z5fNZFO_kY<gVJRQf_;B)Dm+D;?dV19Ty)-`7UK^E^)JgNv@j9AJFvXfDJ8Kd8Vr
zMrP7QcTDTx!j!I6X40|K&*cB<u8wrcu^1zrFUpUDGGX}YQvic2=F4#QjZy#Lr6V>l
z!O^xMA<}zrwJEZ3PI)HQ<)MHn{kznUy!<X#?8*6oLtW{iL!Ihhyoc-+>9dDA(hCQt
z(k1($#I_`ip;|R$)It&^7m*)%1ZTum!x0xg@OhZ$ItNVdpc{DMlb*v>^A7wRK97rV
zjz?TP6P^z@=cf)X$BS_Iz=tCa7kO5nNejI2iK}x9;Q}A{0Y_Y(Z-j{t2P{91k=1ma
zN7n%c!Xo~BW6?#>mYp2>#66wwvKej>F&_iAh|&f-z!F&327tVQ#8n;a=||~jMxHqK
z!l2CaW5)je_rJdx0OF7g_V@!29Ll^YMjCnMe!PP`Kf?UNIv9Sy-rN0ZWA_1j(HSoy
zoLtUzpeV7N6@UUTqWh4$^=^AH1n7NCYqZlNCC~DYFM)`3$Uwl4frxQ|!C;Q_&rF`;
zF(n{r@rzhshzsA;GU||G8M?8|)AJ?Hp=z@?g3h1uZ;aTV$jY$eAyS-X#5ViR1#ujV
z$Nqfs_iZa|5io;*lsgo0T+o8^HFJ7T<j1N2l=~?S*(^U;^N{|A5r}uG{r{S^ha&?q
z-}&P&vYnK?yQH88|B7zFLL23rG{4#~sFd#w_}m5E2~Ei%H=mgYzQm0X^f5rNN}yXS
z1Q-I7TkuPI`5v4v>L5560Q!qn1-t<-mBV<rz|{i^G0H!4_Z&VLdE|W8hjr3F{HeWk
zcT|=CW;yXhxpLmw`p_+WR@^AllF0%{uT$F>FzT@6-%o0AutHj@bAUp)lo=5gTjZtM
zr~)z*X>Upbvhzdm4NT_<C~Z>vg{NrWU@4(P3I_+Tap-8bwgxTMcaZC9yNTHzUGdmu
zb<j)XC2N+W=Njeb3D_Ja;_zF6tHaIXf|s1$d~tbxIUiNroPG`$_)Dc9ctNX5KaVFI
zE@a2^LU~r<^85lfj|*DWxcs>eFOSo)7ipVpg)iGQmM$5dN!Mx$yI2g6p4s1#j_U18
z!y-r<;YE|DhcQy3^tw__o)hY;#|1H|hkhBlpRjp0eZdstl-_m6OgeUZudWa5O#iZP
zGQC5J@F^npW5J%Jlkq21C*OD1So*Sf(8PH<S4#8?4^#i7@J-_BMK}ABf$IeShnimh
zHyH%}L-8LNnN8>Ko=wl$)~9w|d@r5VW?t2Q!)qK{c(uq$M^`^c@9mDVq3Una_j#ud
z9;7ei{19TT%nD)T7`LDI6BsCt?VU|$b?M4b<$t@L|LB&P^w#a&=_JwMOE9AND^zBb
z|6f*SSBuz5eHcrSm*@xwNB#uEuZtrMSD;up;KL^}!r@1pA?Q!wNBVqz;4Q{iz~Kk&
zh^xaT4Hs$tRN_|oA$_5^zy~H=l@H=0t`08f2R?qpg`dX-T+j;Ibuf8cPK$V#fsC@2
zTR`G3-QCk;`_MfO#J6ne(rIHH%o14F27pj9X(%ZCIKn9Nq5Q`ZeqfokXFEW^;S(Rm
zf-nF?!^4lpPdI;u7Dfbq7#4UA*x<`DYX30_Ae&Yk1B8(OeDJ^^<B<Kh4kH@V0fL-3
zj+Uew$+QempM=I&!3P99GU%`w;20t3Q{gHPOATH5$nymUSN#xqtp5!dfKYh~wI}nP
z0%}X-*2un~ZRLhx@sQJN&N<JOx}FuWIVpRB8o$WdldL|Ys%n{fY!mP>!!<Vyl-xq0
z!Bs|kWx=2szEg`_r3My4Cw;=?VrBuoKQ|8W9^q_K3M%{UNrm@1$94o1bKre&;85g-
z%S%Uo96AVH4#?wBzJe9`0U059lL<oxhVIUO<1J`<4*mwANqk^~gQ6SCf4t{r-kdLR
zf%R((wfA1RcqyZ%1$N|E`n+chE&EmB`Z|~sDRD|D4|(3sVemSsRTDib8_Ivkpb=06
zb#PQO|IE5^rD6j{&rT28McE-;0N~LhP%dWqG2CHa=$10WspuH<_(5OjO)m1F58&L1
z>8T0z`J-uE@2OLUfL<wB^vO72*%KT%#32JSF7U8S7xYk}#%1(i6#z4$&T14id@_k}
z_;qol;h-LHxj$bT@i|;@SB>Ktw^sC_Jzt)r;p*}xzKYjs++t;#PZq01A3DutqP7jF
z;+`*M{gUC)bdn5jDBa(cX8T{Z=-dq%{6<uFnUVK$LqRlzGod=H8kLS#d+6s`t(}=|
zRt8XSAG1~IckN3@3F<vk)Nj0TJl#jr;cwH@{rigG_oW!WLDq*Od;7K3C#9Pw$J3|A
zT?X6KBqoyb7v1;XHJq*$KUztj?knrS#Yb;WUmG4zPrG?Eog-#naQjrc?_htr?|^t!
z`zgQP-j<D5Vmrny?PLXCey0oq{A%3u2X*VfaX$8PrEFZQ5F`NcFr|J&mj$aGVQg^v
zL*nTVj+jlqb?cZ;{!i&&Wtez~%K8+oY&cO%6Mir;n=aRqf}NsqwaR>+;Lp(3z+o95
ztS>Ph5ODr(h-@Ve7+j8<<IR^wd=BSwZ!IqJga)oIZ{k-<zm9IuTub`UuFJdCJVQQp
zH0GuO#Y)nNVy1=Xjp7bo{b3`$g^f~M)|St8Z2-uN9!etvKYl2OETsv>6MtxEs9^wz
zCHx%hhfx3{fGI`#IFiOMXoYeQ4QK)z>6|^l4_MNJM$X&4F>LRnXzvRx=|?s>>{4VE
z9c6#N7EjLhY44$~an$uk48Y=mK>uFq1EK$%6M%Zl-eeoK@ZI27@W~1C?BS-;SGy{}
zs;(Mm&q8FDy~OvyA9O?Y3O``L<A-{R0_*9ddJYi^UkUCQL<%Nm?<2bEGjK$krr41u
zFoZ+Vv;6hJ^sNHK>Yo%d-!dQtP2my)Y`Am&{Ao4+I^CQ)Gv(pDJiJ0P1=#!U(h31D
z3t0ThlA_G><cA2ll2)dADavOQQWmMokdz(vSLR)Yz+r^|rpKPfvU;ZkRp-ayiS;-P
zO}>V=SBfJp$B5^=>~KG>4Yz$#GMWA2P2}m|cuX1VG&#6%+Ggl_7E%74hV$Z7Fs$fS
z4!w77B*@JwkqiE)X8u{f(N}DbfI{R=x|bX3E)N(-nV>z4Q@_+!x;1zopubh$Ykfh1
z2eQEC7PepjSa4YJ16>Xu9Ge_VyR|ilvjR9YP#tzbq~J>Mz^a3=Uso7$fvq_D7y1-)
zLeIAx1fM@t{63v`uvJP7{YP1w$fU^AG9<iET%P7xmhgF6gu@3m!r|A&k%r6p2>9?x
zk8t>{#sQBz5cEA~{~LUVPi%z4Z#6E5cj~RsG6|@joi+&mX!;M;%W!854M@>traI~h
zDc)wNQ@T&Zo^KV(tx}GG#VEka7<!HEn&tlZu_-;{7rv(83sQo=fb~rd<^MT@-RYT!
zZ8193MNR5A++NX3YNwa!bpO}g?R^kNf;Vp0*&6CUAF{bS{qE+e^e)Y;;~snCaQgR?
zx1~e7idpqSj#0jG6VGh=8Ng)`d79%ep-!kQ=wo9A@OR)xZd6}B(pbes^F+p!_pw_y
zrAu_6?8|N|4>S8T%Zyw|0HzyM=JT};;w{H-(TybCS|R2Adn@nB2+XM)#(<Knl=Jvt
zTH!Ol)wlymA0ERkmw)i9xbYmc>tI$Am&+{jh&;n@rtdAPGu@Td|G-?TAAS8&@s<nE
zcZc6So$qq_ZQ~uh64($102)i2c=`Fye?A>~<dJr@U+m+jA)&CN=wEy7wf45|zFUXu
z$X$8mm4*vGaQsl@L-{8h%08<KxGCW5v(NT@)uI`*&=>*2P|$9;CR+Q$AOsn<>K21V
zw!H7$#WMr`Zq5FU>k6bn4eU``rC<2>N?x}{9}^lda7aA{0@JuNLVz;xK*`F`G6+cN
zpXKiZxSSKQRt#WV$?-IlbR17HII##(au<1_%rh@sj;5SKz=dC+$%7krg?d#c<sp-q
z=!%?|%yS4_BVz3NVSAu@8Y=``G145X%0@|~fJ&*vFo3bbKePegpqS^rD&exEB{>$6
zq8yVpGs8kz{S%M)W*R8?)k1q)=@4%vc!m-jyOi-Y8zrR|{N4`k=_=O~M9F}496z{^
z!xtU4q$7~Rm2V~T3HpBUq2rXa$=SJyd^mNVtpZ$)*Jba~Ne9n71wP@ZVUa!|oGz6G
z)gov{8t}N_&7b@)eD*0{yN)nVP&nv}iMMgl=lp__=G-zw8YwtdGVt#DG~3T1e>6oL
z%_`cm$Y!qTp%G6k?`%RVe<pQC00scg0vY1%E3Q)nqffU!SqRXDAMkATfUZEBkR~&x
ztpq*lJLrEf@XqKCcDA0_`)Fh@1EQ3c&0Dq#rZ7m!KyZUBKu2lG^_aq~_jHY7+(QAE
zR&!=`am^6x`)U31k50Z>XWG1H`_^=)>I(H@Q1$(=KF!RFZEq7L|2$8ta`x&3!8aYb
z$v#aOw`Qe$kEu?&0ht+mT_L!oCta><iNCyeG+nQ216A$QR^gqyc_5v)sb7Z64qfrd
zR=AGz&_gz*?E{=pp*pIY2zHC|-7;9cS$Uv;Z&%!@GD_Snc<^3u)S>Cb{t+$Z@6Z){
zGwH^uj<iYNQeS~3B67hi-`l?|cqNX~go|g|-MARsu4Q@SGBVJ+4oPAEpGRzx(a@Lj
zZ|UhvBNza*S1zYPfAOo^wx%;S4W)n64GLH5Mvy&{CFKS8I2l78v}r(R0rcr?k`5W-
zXz#(nM)J#gu#vc4ue?(C_*T*ezR7+ZxpMlz9+&*5Zrr(KA}u1sH?T$UHdtE%YbJpW
zV*uE{f4?dCuYdjP7ZnDEfL*(G*};LAUV7=G@HxO6-}uJ#s7F1@28m%D2m?V3HgouU
zYuIF=4><l}E?{%TY%!c_I)eq2(q5enFrvdBCp0tJqX7#0ip>Zh1eO<%X(p9f2r~e{
zTgD$Js<V8MPlhQgd`T+KOQQt+&rqA7Fc9Qv;J6_omN+(nD=!@T)0rLiG>`Le-Cw|5
zIZ;R>B9xs1)xaBJ5rP(}RpqilSHPB^<i~1_25u2T7O2%wuv7L6qW~W&RB$r}2)A5`
zQ1W7OY-F^$0hf{g^%AmT!9Vr>{>n6RW+}Xx2gE<=q*5kI#wr2I!W=tB4=;hkfEy(u
zhSdmc58$MKzjXkJW*0IH3dm+!N;TUMO8W6`3i*pf@B?qQG+uf2Yv2sum|NuW-(8Uj
zUgT$5w4Nj19#j5#r$M>E&Ah;Mx|DBXUgaM&;MnpoDw-HSn(@mr081M1{Cw7*Z52|E
zD3g5Zkp4RaK!t0j8Ba=7!=f!=_?eK>KPe@J>jpV_z&2pe@Sp>2qvb>`oRMKRze|c0
z?PgqOh)mddG2^LE3K6Hc_vlZT`is2(0)1Nj3dWR)aXZybnM|iEbT|0}wrrLHW3@|A
zK$36x3N~D;aSeo;K+p(32Wd4f$Ek+vXar1MT3uYg*ZB*<*QK=@SC?1B1&#0{9>3MN
z9H$x%8sU5TqYqWhv?{1xMs-aq*JX~B^AAE35mt~4$!PG5BebH8`YTxAZI8WIW5H{c
zixN*9=uXemI0nU>9O=<G_m6}2nAN9kF^_-F*3IeM0vE*@dKVnFwW!zL_Oz40^24}r
zh?MGQ9i^-E6vs+7&K?-%A^)HW4qgYv>(h_KQ0lx!ISskNFR6T+*}`OyX{+-1P0K@l
zl8~7Bw{!fOZ~&%fo=wN~cc<gEQu8T-!)U?xS&N2>)jwY5eS*u|Dmj(!)oFQL{B1QZ
z;OqRL5q=KSYFv&}4F`?zNsn;&IZj<%p5970XoR2Rv>KP=RKr0d{5-wYxEyD0nC~QG
zxu58|$j^;iYt#2)<G8u?c;oOMoL0+FeGa&`zrH1~Aq)UiE|hWZzC8Nqqisn(vpBgW
zEnt}W$5_BKv;JGRZndoeEbR|RTKtG3e8?e(q-(CZ#;y=#wx2lij9)wle9*c#`^ZM$
z@Rl6%<J)Hb0vM!on4b@O>H+(8BgCk-0(3|-u)D)G^5N6sdx|xSr-1|m2(rWx&j6*j
z81S<SpjUB<a)%#b;Ca;GD3mM*;%~$VSUg72@%f=Ba|-=j=a3BI$Q0VB61XheCNxj=
z94QA9Auiw}Jt8PmNUf39pcuS5jYf1401vL2jfS^yybD*Dix~0FvT?Q!FcXiD<X!rK
zwU&OABl0MDWww_m1_IO{B*rQM3?62<P-3@cvMG}rGMrXP!KKE`IQ6GX`*^`G(<9H)
z4>@C$U=@N?OUn<OpzdLRZvjs#X9OTOZXO`s^KpoVJoQ-Oc)nINgAdLey9(#f)xRkJ
zKJ(9tgR(~~^MMYAi4oO<9vvu%gCEbu9*eN&NZrA)6#+R6N#1@)XHljQ0C0_P$*p5M
zU6dNz<|CzlN}52o5(o4SnC%H?@ciLNH1*Yd{RuGn7!StP=kqR6_BRh|8<#9_PRaq5
zRQ3S{uDv%Ieg>qJ;7(Vc@xSjLNsl{Xn+`ea(Uu4|<dJ>uK+od}a*eon1}ETJjRR*f
z`T>K#RQkb3;MLKpiwnFw&xPPtgMM9}5w}$O3-OwlDd^Y5+4lP^<7)RGxEY9+u|vrn
z@Bu>%Nj#&-6QE7tP;*eQ13usytL2H1<C9#C3mnoh8kj+V2RYgUzo184L5iUBTJX@6
zKw=IknBWydLl_-^i9A5TRnTnJ1CcSDAUnznuNV#@zKW;hCR#j$yBJ)xIPnaA;4Tyw
zFu>#L^2}lCXaydAzy@4A*TK}q1zsJkJgyEm;+C4{LU?(e!CNcz>tL$13`T!A@b=TY
z**fCe?10-S&c?X@AzC)ex$d)UB8wop@m^nlK9rfOi}#xiGN5*FLr7pl7yzhTEceH8
zonI?1D(#*<dlJ9J9E}nOUW5ZDukfbyM#8<^ugYmP#1WliyuYB?P>K}6%-w*_dl=n6
zl6s{`_3Cu+n43e%XV#D<gf=3P7u^@HnDlWOk5~@b82tkfKLz790TC^c7348K_pac1
zvM5Qpl%h%9F_`Kfajyi@jASU#daj2Le3V#+2}LX5%bZ+!FEJvN`)+V>Mb4!GorYW#
zW+Q-K`;_A~hf(@FwZCFkg6xrk?C*r7)~qb3*<)Sg;Q0pU%`{i<Dc(p>)NGQ5k<2K0
z&M4hdc^l8bl{m-(xDJ(rviVafWkt+!l#5w^T(`}{y9uV0E%aSV5r@yI`^0mo9xmR4
zJ?Kx#RiufAG1r_H@U8fuqx|<MZ<POPo>6{g-t8(ul?UhXWx2{YOIEs;*NbkKWV>1A
z@%rs)1#%R^MQTZ+8W|R)<#B|WdbQnd)v-bG$ch=_`Q?tXn9CAE&TIif@rM!mg&`^b
z-e*gO{`&Qf3&bEq#}HA44=gU;#k=>8r$5@hS=SZn09wUT&bDhyV67z(RXnQdTIY8l
z=|@?EhkHYrqpWSeH3=}r8tCatSBy=kciy=#oun(if7%-Ax`A5hxS6pr*P{1nn^1L}
zyqblCHhIJq?5u>wF{#RgDTlG=Wr_6F<e^P#Z6&a-4FFNOjymcnt8{VQ9|i%pIF+A_
zP#mk`q7v6Nk}5pc3*w+VsU_z87&ua?qhf;-w1T&4e(mRa2~_1>59P7QeO8(q|8f`V
z6z_oLy#t#zrEy*HIH``PN7@2=Dw*XQ)xI!rnfVZC!!a9(0bo?q3n)5WG6GmSBMkxt
zEQ5Qt3aEF}uZ)L~DG$1V03Yxeq|lJ!@FSFwGR4UnImNOH0PZZy0t)DQS1O>9PYG9I
zMH(Do2q{w>nsin{*qI3hfxzK0(zP*KPtCj+;N}^92^B@sOHZ_vAt`Ijw1>kS)2~DG
z`lLiob!etr8Q3<0j5F{<xeC11_UF=f$;|y5rAD!1$*P|>K-uh{%9hizKE-Mf@}}&(
z{g68HFW;M&GIC^zFe?Q(*seTLKYtg<ASe;`H2!+XuMs1qa8=}p&wP02opmek0p%O@
zF9We4@x#)5JN53!FUsNkL`Hep{G0@!p$lB0Hy7M0A}<W#AcL=G+R=piT-#qS#eYb2
z%r;j?OL4d$2?=YSiqKAJJ7t`$KmFQ|+@p3*^97b$0^BKrxPk!q1RGm=gfOW+I$fQU
zX{=aUI;=g(I}h8IK6UHu=}`SHdc=cM$G*Kb%j&fQ0#3dCw=IFT1lkg4OJJ2HpibJl
zY<-&sv{mFP_07NcgX?S+XB;27k;dbUZ&$*vjen(=uu}P+aGZmN3!X6wPzDZIZ@Y~x
zfpu*Fh*|$Q*l#UGee=yX8~NS4ciYwh3;-zpaabUYAe7i>2y4mD!A5(jGDG%e=!vPg
zia>1Ou7US}t_GT#mZGWmHC3z<(Tmfyf!fQ9CLtFCeVav99LfQ+gzU#OgH8}DJ~Sxl
z>|2y}r!SANos83(VOe;2n4U%Ik1g+)&+>A@rGi|dqcC8kC=CUUoskc6%|85zA_|SW
zQXMtc6=|#*U!@`*(D<mZwp&i+3OWsP1-{XcyiwqTF1VIG0U<QzJ_TptoCq+5gGR3@
zbK+GQvb6v@Q&K|NkI!lXtob3Q@Ifz2R}fnhubJ_9ime2BmcFH+<jZ;G@V!ua**6{(
z2=V@b56N-Jmv0m3k#yN6l9xB2n({0j@-&v&bFw}zQ)vsxdJkT5<=^R*oLRjpP)DGx
zZ4%TK;Jh4x5%s`hF`!NAhJ*n@^;vnE^UwJX$rwbDfa1<go+C0kaV|!`WNC+@HA%*4
zg3?4IduCO~1jJN%2h^VJ1`wsweEBsYnzcZ2g)`#}gayZz0ahPiB-^S()B3cJ88@V>
z(thyspQnHR<lm?N{lSl>7k%>oq&GkMytH*<JWc86eH0nB-SQ=nzumShmoLY~Fxzro
zOhT)Zp351E?K-_&x$?E?)T9pM!P)-7^p#)yB3=CB8`Hbr{qA(-x4)g<`L1^@m-GR{
z3j+Y(j-`%^gXt+<i;ZLax?CDTYd#<TY%<P1q$QM%ne`ayWlB4=(Il`g4FFN0k2vCp
zblGK>Sp{dg3BNJT_;MBiC-%oV0KkW$PK6Ce1qCKn4n$)CCY1YVj66es$BrFo@7}#u
zxrsyZkEJ%`lm8;0w!bzKuy-Q`oc9);PBkauSq;!_)<|GybXb@M^y8{4lf#+~)Qo4*
zfmyxMx4B<S$o7rNV4(PJ83c?r-)N-)+9?BptO-)GG{dWRj`L)Fj0A5J<rZ810g9Pj
zqgmjTsSy&dg6R;C^=Aw?Ty?nM<ircIFp%;uX?!Hf--_w%MurVPqES3KNqtTpf`oq*
zAU`OuglOO@im)k&g3C{>_nQ+M*(pFys8~)X@a!^prE;?TOa~HnNZt{~lklMge(s!)
z;3iL5&9KX|j$$)E+$g{Wd2$$u%sDQG5vyy8BgXI~FJ}FTM|mecut4>2nL}Q3<ju^#
z?Ps^y`G5y=eg{og{<&pfz7+?a^L`97ri26Mx%1b#^qAn6bs|$z{%ya%AaY*oxXII@
z!4E?Qw+wV^^$2uu4j1&OJEaR6(Yu@CFN`h?4hOW<AL9X(XE_NC%p5t$6iGY+PP-r1
zYN1I6I-=93gV)?<$f_?VFgP%1*gJNfn*RQsf16%&%n|9yZ+}m^Sg~h4^eh<*`qgfn
zAQ)5y^NAw9aMm`Je;6ej@e1T{#0Q(XPkas+X~c(HjkutJkE`Zc7q=J;I5}P5?O88j
zR)*V|F&%@)cU$kSgY$QoaWa8{c@R0(bJ{<xsdbqN9$BcZEZb4pRmV-vMYy9!XPofO
z%;Y@ZI}cth-FOMeWpX4QqJIoZjXEKcNXMiko>$~3D>Ap*23@bu;pepHk3;_ABa>5(
z*Bn-Uf}7DTMGbh>>(2fGW!&7~=jG06c+F7iO3MyWlQTW0=a%P5IAm_1{3%=xm&XC0
zyP!dw)lp02-Ih=b(eip75G76?;#)JSvDi(!ZcQJ&?yB_fdj7;GK9L^vs7Ix5{@cIh
zpc^Jk-AA`TKUt0ge`12Om{ePGVK0Z+0yvA&UMzh9((R;mB7t>n0AR1l1s7akqC$yB
z`5zu0wkrU`2tYg)kp>k%5NI4Uuu%T-qrsq9VlV(c3;^K+$C&{E6U%Jk864}l*2xPz
z*xBISMn_{EroI=UpyXw@cUwe|-apWv_U`FQ`(-S`fP=vZ$NqKbVFciG@a}F6HtC0p
zuOUm4`BbZlNO|HaGv2o+lQRYYKX8wyX2-Qmqr$1i=TLl(*+~WMUfYYELpu}XAC8be
z0Y{4a{#Q{75QkxbS=kaZD7a5NLm`&pqjZ(rml!BfaZO<vTctx@ey|>j?tBjXpb@^w
z&k%S+ET4}Q`4$vk;$cF|)op!&25;~S9{=jL5tRAoQY&NEGBh_wxTHF1tp$P10Xr>&
z0r8aEaIM%LruY#r5tuj(M)8=UP?)z!`7dQ|0#mB{WEU|CS{UVDW)_`?A-QJ!WI=m_
zqf-8-R4005l<^Wk!JWf8C;k?6?!nB2DeV}H@*zx~f8bYr=#9vj!D<u^K(v~eF;vpX
zYr0b*4FlU4xvJ_7$WYf!LzOeVU)&ph(@cL!5jdX6Zk$5`)&9G5W!b=BkKG_bdepZm
ztp;%C%+0FIhab5;z3YFyCH>ZKK0W=-`#+T4eCdY_<Z=2-IlQJiR`oCG{5T*Dior)S
zcV(JD=5>Le1JuRk>GOqK#cLIAzI^K98QgExZ`;lj)AZ;_>Xfl%{|!G+dlff-&r(Ne
zW5h9MM;&S9ork>fk;O`mIwMa8dWWBQY?{@CNT;qU9F?4JQyg`2J{LShI?wR2(su(L
z+CfzgiZU1Zu5^Jj<woXtK0(`a^1pR)kxm-2TS!hhEO3X(NZ6tAWrzCRsXJ~-x9|7<
zF5v3?-~oT7?>p$%l|Rz($qTm}`Q-dUgK|TMJo)7`_1JJZ-ePqLI=AbG(w}yml-~H4
zf0;h;#3!a>k2}tEfoav{jp!JEqJLEP(6?F^@X=GiXKZ_*T<B8=D*txAE0@5!Gyp`g
zs9-34{HW}q^rOsS45+RGKuO2ZKtf3m8u$@MI=@i*2?rj27zW6fG*$tG0U>A@Li^7>
zDgoXX?_|+;psx(?Z9oU5baeHmnJHKPdCg2V@)6=>@X^UBZ57bIXe}M)j&Z97#cXbm
z@?vjtpE~OJRD#E9gGm9#hb$KW3K2C4C7OlQz|=VuZEkIcN;6D6g<oP*<~Vl%e)112
zxl;4PFi~Q8D5#-eqD)44np1rR05eVV-BLiF{FwP?HX0XvgdcH~E#UEU9zvbOk9hEK
z#K0$p8kX2|Rh8%BkjR0VcT`8Dhq=Xk+IQn$U^G+rd@Y+b{j*p;7;0>o)Xbih)8wdl
zXb_GYERZJ3sTmiH`vTbz9NL1GhN4_3|2Fe)1d9}x4J-i9wt@-CI#>RQFQ_+g2*ATs
zru<i7^5>ivaCxTYvC@Ep76;4-<#BA}H+T^U8i7v=b({A*DqivXrTF*KkmY>FpO7&0
zKk$jcMGcESo~8a{8a#EX{SOW4W&rurDQ{oQtjH*!)eRGqsHdV=5M;n+>V)z=|B;VL
zk2vq#bmO1CI$bYC>Y5+kVBe#@KAFZOOXIyPfYBMBn9|{-9ci=9EfI+IWAFrho)>aa
zrW`Ed0&m{50&t-`00Dn7Kk^E{4jv*+dFeS8$XFglI{i4t^&j7GL;9<~_=}W|I5H*4
z^4TxAD4l=C{gypA4&K(Izexwz`UFBLqmW_FZ^T8NWEJCn9eC>%D~DV>42>Su-Tk@|
z=?$-at?uXClG480(yu-H+39JId5r40&N`wVW~8ch$=@5s?@qg637lw88Cq*W@zW)K
zkOeN<7j-5N&**zRtebw|e>o1kUafK%)D}S_VTEwHHz+F5R9B0Ps_Be1$28`w%Bjj1
z@&WeGFS#V8|GdSLPdoQv>35#~G(SiU!ntrOkMIdU+=Q}U6I~5Hsu{KL9OWMx8m#SW
zYFKH3s)GbBc~B4djca_4psC+^9gi{;;unl)=z(YIBwKCgt4m!npd5YVk?AjvJ2ve&
z;e>RU4*a9vKo3CH{5GnKef2BhA2}RI1HejnZ{w~H39M@a038F3oQ{T0C1&mMLn%j$
zp{Ns%&ICX2pa_S{VIrL4LJx-zUjDO$_MZbL0p8bq*94*fGW^Cjr>_hH{9-JxJ-)MP
zL<9U8DFCw?$oFVz-h_+*-JCqG`h|ie@_OHnH?G5GY)L%pf(w$i>|Ng-4k^s*P6&kS
z1vx*UmoMBrj<eG3+BBsv0M__Wq7cJC9jvp(tUP?H<fbr3#*Ptq@NU;j&66*1&_NEq
zPraVM`0TPY(hvVDgcI2|eBwPVc);i9c^KD4Oh7UN!d42kK`To$ZSw1!^%EETAiW}8
zM0xK#@y;eq(RAaD$wl!cgog@Mt-vBZVhFFDb6NP``EsEo^g@)y>-4mis*jlh4i56e
zv8rHlR`K$?OfEWaK&Bw(@;QScq@U*oZR+l%6zVb2=q|4NGlKflEOCz|jy$xORWo9&
z0I9E!4&6+H`hszanSYErDDRO+$im*79-{h^4j%rP@K_VV#f(E56aqsVwTjdz7!iew
zb@=fte?o1Zg9gPw8XW4;_k-^WbdZJk!!V$}f#?3g?ljo%bFO05oYyQeQ)pUJQ^K*w
z?MU0V??{h1|52$^^ePNFV&kt?PN=V$o>BP^;H*u9oploU{<YVd0pOu09-qE>`>yoN
zr#v}5{_&5ub9g${C;N*Qv%I9L;|12mSK(IcxhcP*0umPvUgA093(gr!Y}vBKl-~ef
zihuWAcd5#$jy3Th3XSJ_emDRVC4uXaF#tS3%G6aq*qfdz8UOb4p0^Yh40eysNTQ82
z$vvL&bLY*a5ksGY90sNQx1zYz=GCC4K;##)&Ymf^os_-`2bFQiFe^`EEZSfp%2&L1
z#;E%QcloD3oqo9Mwse=o@%XdOOt1L8-?Pbx23`w+ecFb~nMO9o2>AwH;~9B3nDEp{
zlMlaJw2F4E9ZLMDR`8JZkS1Na*}~I;8_{*$OyV`_bq$WCDIOyju++U!{H-2lICbN(
zEO}i8(O;q*%VCVNA`grJ0|OYj{F}ZUTFb?O2Mk`k8;rTJT6($k+IaW81lF|yAQuOf
zjUSyXjfYCd$Am@{iaPMXgo_S>xClpD#O3gjhEG26BM*M_!RC1F@Y+g%cfh-tuG@%T
zlQkcuc-LK;5$GM*WUD#+ooYbRt2@s%(=gaEt(g+`Wiiy(M@IRuN`MstL;YGszzPA;
zxBN8&Ii<RXvJd@m1ey7tFcl1?ysV1>gO94<^NAXq=_w<TgK2={k5F-SuQ{2g$N{C9
zu<@>tqc&3}Ut&<++^C?3isM##j1w`#T1mD?@}X?ZN4qju@{z*>7eC^I8^`4-V%!H7
zXS1k$(4^!B&z{0x$yLgi?QOTzG6e}3Z;e@RZS&DgGcs{Z`SxEiqRoMXNTVBg<;Oo{
z(}1-QWpK_&k8qK+rk>{-Qc=#TZ&k-T;NU_G0kb+qKi-7qRixni83iU!J@d}Jo<K)4
zDSFSHcI6>rq1;hA(p?S;$YGGtazn|8Z7bA8Aae-d=W^%VuwQ>v={;KVAI1ZxTILct
z``H-66LIdE;L1em%O>TEPkU?ROCT~0mhIUgph-JL@t>9A->;?qeWs|Z^eO~)J=*oi
zxQv1#+~2Q*2yO4b8=c{?;f$nbHaa$CD+TBu`gG%f9cU@#9tVHs1ZvQFXYTV&Vd>_m
zwwUeL>VqvZPI`Y+V9a^HF{q1gSN{GZEpX@abKHe+0uDNnPYxg9@aysm8i5Z?4xgv<
z&F1@RGlzm3FScCp%xo(^((_kbmuJKU?RZ`bKQC9%uku%Y4mip?qpgM8wrw++5D&fJ
zyOy>p6W=KY`pCuL!3(1D>+;LvY-}XBkh2-V^vo<ij+Kq%F`vud-(507uo812_$r;8
z7t-Jd13-jTC~q{;x2epO6Qz<mP{lXI>`yg4p2-L05o4RlxX34$b6&Ox2R>O4M_Hpj
z)|ETpfwlU~yOK;%{&ABS9u?OoB~1h^&fa5DPK(f=M*c;fykwLs@{BwJb|F89MFx`^
zzZ|MMN1cg0z$YB8P9{~@fC;=P1LtL-gz{`Mm%l~h^9V;?b@<4Ix*c*2j+*LsCNpRR
zo#1_=`Z0;Q+-(4q8(CnO>d^{TwzB5$Y%S#y?_l@tyVW1aG_QI#q&D3)0Ia3d*M|0n
zFaSiur-P;8P|>J#bQ~B0sQA$_t(KU`i(go_$d~+rm(|LrO=sy6;2kg%9J8QR3ZYEQ
ziPx8fCH(d=)MwS|kOt)gLz~j*$bM6#`gArxk|KpdKzKrj1x~1ru@!)2?<~W|P%y58
zX?kPa6kjf7h~lDStfaW8Q#9qX%7w@)3I*FwU3Y$RsEnLN1K~^ebExJpWr7{}Mp3Fd
zXrl0-46={9PkuEYo_oZXuTGfXNC0iNJ4~vKWHmRpGA>VxFg!4`jf*&Y&>!PdK4pm&
z2El3YOZhl=pZ5=~+_@U6!yT2*m3zKI!6B?(2;6-X%5Kf7Ye1`9dkaMv0|0#qzAM)r
zMnN`Xg3|aGE)Nq2ZBK=hX5Ip4HGR*6eB$TStsE8<Hzm6klk+vB@|RpHMe;1o1U%Cg
zG;^<CU$LSfs=enF<fGigdWOJJM?(4My}9wgF@cJ_gGK5(G99JH3wJ<oCsqu2jVW=A
zN+1R?`BVwE^ssVZrdx{tkiHpev&8GOVLokPTr>U?Is~v+OZQRaVP-~(sJu!hs*fOu
zr#*W$nAgFgTQ+eOl6X~pFz})ts(X?1c#@{M&eV*GidF;%jP~_tdGqi-%?NL`ZweT7
zj(33zKZmJ{%hMyA!{y;f55F!gkBe~lftUMrX?a{-7zGp;Y506+8{gVIg9XBTtJl)a
zH^%TcROVcLjuiM~timr}{u|}~|Lna9yk$pK?_YN~=iI5glkN<iq)B&^kdctbKQiSB
z2uNfw4?fSQh$xB?@Z$*b7x|+Q5&57DqEEpI(FYMEDEdKB9wZ{>L6ir`95PABJg2+w
zc+Q>vzwfHO&Z)ESKKGtG_C4LZ?%k*Mu3EKf)vDUHYpq&U<#4I*arn(E1<-v_erZ^f
zkGZy#$DKpld~`SjJ!oGopHo`kA>%2Z{f9Pl8Exr(lkO%Z#WyK_ApF^JJKrpInh&ta
zv)_AqgU^1Nv?TBzpTc`yjtdwMv+q=rK810()E|;{;?z_WtkXPzS<a=f-sUF8>1%ct
zmN$>f>2ja=qI=$3+5`f8+9sUu?srO0I55szgX1UX(!6s~ZI9i;wIw>r54;EPZ#}d#
zhJECbL*axIPH5{_Hlk>}uPJThg&S9Uq7R#yshd1TSPI8;>3V|$+g<@c!}5!chK5JO
zq~kzKOrz}dab9Z`r1>HE^P-Y3`KKM$TJe|Z*3SW}2bua>{U;JmULb4BNdt1?9fo>V
zQ&OGEELdxEr>AGa?2KkQHA^_CfjaSH!<8^Gtuxg1jPd{hyNYFi(#+{=8&46)a>?+U
z6@WgFbJ7Ob(Pj!am-q-n41Zet1rW*Sd#T_U;S57_fD@lw)QV5wM7Xb{qks(1f|Lb<
zG0KD#q?L0Nyy+C?By%LcsQ>^#07*naR6Gr3v%Q{I>c`~-aME#k;bNJH@jTr3^w7!t
z6EIQW^O(p1;A1!z0Ep))g$Sq!_)`9<BsJZ&awdIz!b+fz8Ge-`;>hyI24NAW6dn@%
z+0lMRGu%Uc)i}#6nAkCD22#WTJ0lp`AE_P0{wJpASAR4j`3S81Q9eqL#ahPP=N%>4
zOc$}Ql!sFm>7yvzHPhMxZt5w73GFKY&D0I@u=y4Od@M~fo!}edMO^_^@s)5F{$mTz
z@>4jDcrM%BU-d?cF)17fi;%j>oIewnI+SlH>2x?>SkOyQ)lq&Z@u+gj#rOr81LeT<
zwDuy9@^5TRHZKHv!Bd2~$3g%%KG6tuDFa8<A5^6PFrl8fjEJmRX~vCNH{~zEpSbuf
zi9UGdr8va(>jaGP@x%JAsLg5ihVM&WnPq^-_|KHq0psF3wEDu*|BtEfW(I1lI9AG)
zI%J^E=D^&q)j=P4sOznEPPg;O{gvo|zYO?&-StZF%f*u?=E~hTr?(r}A{f%g@gWut
z>c^G$YH<RO(u0}!)uwfty5+OOyH6WIS+brPVsJq>?-=!n5`b~j`W$^{+>9HX>&Le~
zYI-^Kkd~)VHz-rq+P+9fJ#c(E{b0B6S2uifn%wugrZ1pf^NhdNHr@>lCCuh>VB0GI
zC_W94#)be+r^r1WB%L#j-y7&gu!_d)_{fLL&2`A%<2E9%636;DKwVHL)EVu-or^U7
z+^x@sL9?^cY+`PywuO)*xnEabI5asEc8*FBM1V&2Rm~W(M?l3*uM{dWERG=}ru}u%
zG}zB8rie_C0>UMlsw@p=G~>wW0nr(P7C;tCj>Isli_n!if5J!EV6*bN_i$iStnA>=
zdTJNOh<8}`-8zAE9tK?M2!|GgUKAdw<H$M`2vHdK+*=SXL}CTNta_0fG)n}`s$G%L
z@`1OF6otBoCyo!g*b87#0%)^M@WB#gX}PM}{eD)sW;7el&h*5kWv84YQWQ)pepW&s
zN`n>#-6?_NXSUpC%mv}g4~Vl5r4be(;agP1xPrs^<d|Y9BArf=!*~fd(vLZTv318&
z%oDM-xp|=lw<zN-)@e&AKsqf-5brsMAl4l)ExxwWJNIT(S6F>uIYTV~o3>N3O`UTC
zOep3|@YjrgRi^xT!Jj%(S8lWZ9Q`*mq;H8#CwXZR<|8#i<VZ8$g>saBHI@RgPe7&=
zfEJVvByKdM>`)x{EDfmYNJ09I=BsTvWWZ#ie`w}B=Q;H^jTyC<!J3_3;(3DqSap0?
zaR_O+wEwn%E`Rt2prFU!%x^P!@U2<zU>yYj%8JdTwTN{^mKMNuqJ#RF(eaFIKFGb-
zR}t=R!{8r6Pd5&wJbA8%-_U*J$hggpb}DBlTIjD4bTF|_$Aq2WHzS;Of&yT@4nETE
zSi-@+2*Wxd3Cph4ICu#T*80z8%bixs)79j6Jit;f2<#}>*27EEqNv6q17#I;jGVL{
zobaDI$MGKE{29FK#cc@7pQFx!o=^b5B^sQ6gt+Hpf)aqvd9xh(dA{8HRW|<3;`rL|
zdV8?cHnz@-cuVm{VWhq7(3UEiF|1UybFKt)1|RImi*@)&O{WGl>e`rRHVkP7aJW_p
zhqb#P8~#-^lSnf(A;M5%Qa+#$rGy{}G&Ly=qRh|~GYmeix91#kX6>WEvy{?^7a<e@
zjM?ROs$&Ymh$Dx*P~6HD0WIQ-#}FcXwmY7gcO?z^L1QX}rSN7=K>5=Ql&&TL4od{*
ziAT56x{1ChH3_Pn2A*PBqJjZsKuau+*!VRo014b~nx4l(IySmP)JE~)`8x;w8EFh0
zh$7RP=^vKT27VJCbBmC}QVz^$7Q8WE57hxbey2ql`S+{rQdO$_oYN}>k<DTYmk>o<
zKq*H(utWj-i2(`8&|rTs&1%q~nqet5#57%olvF7tu?Cw^>%M8x-nw(7PH~*uj)Ml`
zprIkl3K3@a9!5CIHT?L;Qh_+@KP-OXz=`wR@IA~TvN&e^u{4;M;9twl_!}z)M_#;t
zld|NYuNc!NfM&j*4RFZCdFN?75BKR8aKsCR(E?sf{HJ6YKp;v5g#RW!0k`lqb1*!V
z2SFce0*%#-z`FXEsR=DH7#g*2n*kofKL`}-`F_X#I$BR`Hk)WSC;=w5aoJkG|D<Em
z0-+9ETj`)Xb*^}U7REIU?%^ljyxCbPI@z!?o0(i|dDHyBzhlRa<`^!GE4oKOb%je&
zd^cgxO&enaMDk`LXC()nq+w>3x&p^Wlz*jsi{gE`gzp7V1k-I8WuQJ05-A()kMT2?
zml5CJM-;KZ&&gtmHo}z(fZgU>!Y$7M6aWa={;n+#-8oiOC&wu^v94(Av>)o1`vHwX
zms9#s@6>OsbDdbDKA>K2SXyx6y#BfOcEWw>dY1z$_lVn|Y~BI8K+cCDZH${qV%j<S
z{buG@;$9~Q)Da?7;F^B&VRP(09QSAU<A6PyH?dwfb!@g$*Se?i>4ug8Xh0|{fJqJh
zcMV2uD>HiD5hJV&Yj8iQO;T7_--oo&lwfp&AR(9`2^KTjgbd^Jyla9h0)coQVHuJ<
zBIkn-IIIAMOlZzyjL!(hrT{38wovA{5uPg&Xd^cxaO+-X@+vHO!OK>-$}K7=4Wf6y
zSw7^`MmkByhs0+*DGqpIu~0rlI#EKjTvl@mLTNH1$!<Y>L1522Lf|VF3DBB%9ulc%
zQ^#1=>4iDX_`4b;rgGYbC9G@TTPXo%Lam=cd`r0Z>VOoi4(3r7=t8;Rc{vR{qbPwk
z;D9$F-vHa&0xU#{QSB3F1&5OeZGKJ9T=RW#unKo*hmlK7iZY&B5{n}nkM(<hUn11%
zevNEP(z;7AWVM#5Hk7kxo^gg$3^Py!P?tP&`8{of68kgBnekuLaT^sW<HiuYsbjT=
z_znv|jv!3(r)90f`^r&$#B+*AmbIXo#F(-`hoy%pEfK)^K*xOx)DN#S`v**EL%?Aa
z57~wwdL2mRU~N9-@n(oZg26S*5qysT`_2ggyPpp+Q>WQdzIDf<o1c%ndi%G1EoG!m
zwo;HLFNCM{IA}(o+e*44y|GO)z{gPz1Y?BVv<{%p$2p9*Ho}1uA%vO9)i~1R>03>D
zU?~d%471+|L|nX6UPfSC@IfiU<vdFH0^HGXn031Vw%+``%#_a+S%mqxntSTXFZhzS
zhwZ?R_3~i5rHA(@r!e8)2<LT#@`|?1GZ*>z<zalMupFR{scXM@cIR!wpG*JP;y_O*
z0ART{T5p^*%udc>^6}tUt6NXnwdPr-TN?+cf9lKIh`P8!M2H!k;w-!%*^tcV78YuO
zqk$GUiJ)I=BqapwFq7Z7M}TD}8kl9QNog>pf&Q3;lvcY`I}~ovBiuGBnstycQOgPK
zX=_D<oI&70^1vBw8G(scm9#h|>xC>R!Y03jgKJu779?8~O~3<F(ei|b$_J)m!4RPv
zK`2@#q;Df>P<o&oka4b{(vs*g3u!7VB&3t4L%9!~>;w-!7x0^Kx&bcc6Zb11E_FN;
zkFtX$3BH4U3d4P?707ZUQ35Qr1c)h_rJj}&puSL-wSWY2@w`cwK#UGCmf3%a<+hW(
zD*^H}MkRnY2h&VB=JNUYNMH6VUULLyD@=+Ml@BEiNB%VxDH#LPwoTi^dZAx=z{|*0
zXeCGe+DD(K76s|OWt#o8+5@m&TPZ~6`*!Nv;W#QVI`>=g-cD&}v>U8b7KBV9vIJ?V
zM|5Fw&rbXH?!zm^BcwNY|8xQX3cb{P-?K|gF*zlL4a);;CZGJ5QtWt9D(sLo0r?vH
zTI4RdBMmUnV|xT>;6<33I_t(>Ydv%JHJgmiYq`nv6g$5UYFWU@F{cP%b_qdbJ>OOO
z_pKD9eKyT!hL==w7Xi?WK*wO)zfWBx+W?T*jvWzv_Zh*o4$^yvU9V5yf*`wE+#8{A
zfp*UqWkRR*{Ltud?ytAp8<8F*2)twFexuq8<x9)x3XgVrBTNd{9$!9f6bESMSOTDw
z+sryn>p6b!<2TaF;qAifJi>Tv=^u+6=otloGv6DhKf6z3^-g@Hm&hBo!*{~zxJ$n`
zIp7`Il0knm;#U_aIbf;4L5YjvXfp^}wIPldk^nNiXy%d=_31D)s99vz70VIF#mpdU
z-KS(yIVvT9Zz>k$ikLH&0^?d*P%)vPeV}H@^n-wa@VC&PECa}dL4(PPfN<2W{Fqr}
zhP=pppE<<=rDcuw5JC|Mvh>_=i;!qD{F*5p5}sx>u!%!~fuQdKI#CF6gp-E*Y;HSA
z6>kyF*{Qt~Za5Lm_*)hYdG2`rwmd>~rY_>eyk93SNST4?3m@C_i)r|Ec=kZxxyTX#
z{J^0Ez!HFc15g6A(q|&0A%hQWR>(}hW}uZO<_4CQvv9@Fnk7K762PG`&BS?|<tRgh
zd29rzHJs<+zJ-Z5X1yTzzP=$r(oS2PpeX_GOBdJ|fjoeSehZfN%#&JL7Awy}@NrIE
ze2VW;40q~M+9H(4_*1dZ{H3=TlmZChP8s>o1k74M6^)J<<p8_(BY5}e9)X)b;=JDn
zeojg=j`!ofQmbmlGUH`NDDSd4`I!9!yJJ-Q(I{TBoaLKAw7e`0G?D*IBf~ENzfyyS
z40$t!o;`?@Nc0Xj)NdR<{D_2rU7Eez`px5-q;2rcdd-^Yhg~4wVA49GqrEVL>@#Z}
z0au7%AdWD)ksEfckY$HxZ`2*4Hy{{A2Q&ZOuKiE5^!i<o!X?G$<AF5H@4YYZ=k4Uf
zKX|Z_0%BUe?OgVh&SUu=D**2oR+3-V!iRhv=bzVtvrN<b9OyX(K%V6c1WYK?h%Rl^
zd|+MUMLe2RpDl1W_ld{(b3Tvqxwkn$y;8^c-nnw`;q%PouhMy&AsGX6&h(zq?zjyJ
z230MJ=hOfn;E!nMOnn7glwsHH3=A=JNp~X+O2+^a(xJ43l2SuR$j~Ly-JL2WEjbJ+
zUD5(WN(e(Y9DKj?e&_s!=h@e~_g;IiwV*Q$?jDRb19<!EVhk<mXGxGRF+-)LTL?oD
z8nYL%RsoCr7V&k%2^V-^r!<<Y>+M*UvAKA4_aq}3oa87UB^~^P55^&NOkjyr>StR-
zam?x(hh)KZ?ew`~A#Q{T<Wo){A1?xGQPS*R`}Gm^3h}9w`Uth;_c(3@VR3*FM@eSu
z(Ae*qd^<m}^sb4)4fF)b+c*^YK^j|u_Ff70#qQo~U0{mRdRmKV5jWOnE!Ytdy2t2x
zCW{w0==D9zuPjL_aj4%i+b$4t#Z3LVIvU24DcyFRLXbyq?{xeMqo?g}8+;;a8cno%
zDy9{pMF|_%x2ZKvpV&&Cvnlpava2APV<jmG<_5l1-=k<H8bl-T()S#i`w^%WDDcI3
zwRE|Iho|)O_teKL#;DUK#H0k)fR7E>TmR~vhR-K6d_jAEzPB8?&##G_YQR7-!^Du9
zLz*+De1kJH{Pfj0ajPgy0dzIh+n4R@>32=whrg?=_7a-J1<OjweNS+ulEN&15ssbc
z$`4=H0;JdTtJyPcO8eNnXVlXR)!X+49&E{B(r5yA)d6Eoi4-(~+!}WU03)rdrrKeL
zkthjy%V207IaVH#|E%vd!uWXE*<Qp1vgEw^hF7|MnM3}e>P@R77r?J5PS0Q{f}~>u
z{$4De0l%94uTI2=g4nc(=VmL{GffE5j-wdpc8*s#&7+CjlGlnK`=z=2$aCcHLw~Q!
zjJzu<{Ce_k^M^C@#VF5ZpY1T^$8>9CwD4$6tz)~<vW_j%RWUGtb#gRCVAwe-8GtRI
zqcW(pPS?Eo7ivYO;kWdxtSY0`Uqgp^sR+A#ki<fMtM`+Bw*m>d27CY|oSyPFFy`d3
z=GdUBFXM-Bank?h&hTsnTUejvy!@CU5U+ux&OUaqOSRV&P8nXK&>0i-H*RO_%Fw_G
zQ}<DJ4UK+>^F`qFUIm&0?a6kfCmh2z*8z{y50RddxX`dQPD}(Vj#ov6zh#qqcGs^9
zNVj~lpjXOFG>9jH3TfrUqg9gI@>W9SBr^jQfi@S@A-HK|(!JYX#C`@nC($E8DYLDv
z8#fnu<7#9Z#ra6%1W~R8zh5IUeM9ww4Wdr>PTJ+q<Ux{tYBMckgmPT&sC~8Fo$R+?
z;;-Q;oU#0GT^_7|01S6)P0Q0s7*ivkZG?~cgYX~SH7HNBm|p}%c0Uan!ToNy`l<6W
z7ygZ0+l^b#5A;4`CX2b({c}xmgYK^KHy4czOY5fdx#$n&Hkg8A<q(C{i?%74#)1LP
z^3k*GTknTCh`?7&=HcjM8_r#&ZLIw_Y{JV-OJu2-AIs)XLJZPI?gz-#g8vwAy1C`!
zA{mnIEzjwR7-!JL608P6B2-SC=BXIk*dk=s=0vI7lp|C~Z@q;8D`N*Q{npgX+s35z
zTf2^iJ=asDvI4M%xNfpuxdJ==m-X8<Lk}3KkwcvJ`pWNyWKuTpAW3N9*{YG+axwBv
zsjU>XPg0%a@pgq*GSgl|u50#Vz`PhFZ|lP_$VNi*w^?%PG%YvnpZV%I+&8cn)g9Nn
zs7D{B$ympq2GN}_I&k^)f&UC%yH{>UR-VZ{nhg%3j?+4q$bcmz`9D+Fx5DGNRROy)
zq{<6}xdv#@!U$<5n;`Z{!zg?L0%f2Ag0}7>-Z9mSS5}`*4SZ8xI0@f>8Y{)tzK<4G
zYKVgqcWI8P%>C+Tlzq`irN#?$#@?<81x+!<OGj#G*Gzo=UEAudK$BtrV8ECv#z+h;
zWA(NWv>=I8uvWvxQ@T=r?-Ojq`)PFg2!yAGuWqQxQs+B-INu6z2yLsYFKn#B1__#r
z5FtNd1enUhXG}O%K9f-^l^tiK5=GbM=cp>YlVu_C=ScrS4nkDUeh`FJkj|v9vwsK0
z2bzO$&3M>6ltM>PQ=jvhQ{jnw5hY}`Bs%w{Afn~-OY8^|3msJ)0-fl7>^@X_wQdjb
z7i5%RCfiKKoq9USgRv@poXM_o6o?MOAyJ=E0=hJeG9sNM72^FI)&jaEK63x^&Zswk
zp&^v=7p*Uy7=Ic<X()s-J=~iz1;ATw<MbsklcA{*!i6aursfEQD?1;>B8zpkeTihi
zGa+r<Mq)=x$Ld)*Q@y_H$k^(3`pCFyfClXx8N-#OBGfzac~2dQV|{0D0#!GzFJ`i=
z@L6LUWGB)~4XBBS9MBfB_!+$Uje!jJgA>u9F5T*PPWXGyEv?vzqwL=pJdsP8`A-gx
z+Si4f-^4)_?*!^#&q8hgRM|%kd`ttPDuW1<gN`dA7#1tHxCjvsksP^p_aArOooC_W
zBIoswBX7$Y`r`L056_MRPm}4wa84a(+yZ0r>w3O>5@<JZ0>!A~r+|&M?bRu}X8Ep_
z){-+*XT@l6*>t<GM+@%R2(ONloEe=w--92eT<qC#+&Sl8%5tflTXsrIMPfAl{+&x!
zQ<%fP8-d$)G+b~@|5>ZTp90u`3<6`@hAtrMtF``=(KLysA&l6n(68iJDW-e`e<-EM
zG*C6KEZ%-~M!)t~kFAq>`NO?}nqa8BLj??YZ{t%Y{v0B&xC9#(VpaRW$qPXrBBFK|
zBAnF;Rg@PVHw5AhxCJQTgc0j;axx_<h9}a1GQNgZTt8z!SK}ppTjkmbIQT6Gwp%Ok
zCW&Rs_L9g5MA?JeLr6%XXuZ`F7-@MDpi2iy>^Nt&cJY6rg$j*AK}-mC;q#<Hhlpe5
z_SO>Ar-JWz*ax&bq9wR&5PEX|EVjTk4X_2Q5MRvm;(6=0Q%>NVC~z;LEir<1H8T-4
zQutZ!xRI7cdSvkDC&&oo$8}f}A22HhH;YfpPMFy_w~0~07_F^|-fbMPY}fr>uHS6I
zA5ht2#&e92cq><Pl-@f^HHkUZPGmf{aJWjSPhD4<4Po108+98=AC!yXR3V=>DB`vV
zz*mL0X0?Ewij~FG9JR5Z@%wJ4C&VFS&>pf=@fkx;%s#l~8<6PjQ$+{$ZSp(Y<~y?z
zEP=52Gk!Bn5Bt9&QbCriEBvJRmZy_?qFowIkMeDm6Nl?!CV$!h4@*fhoYzDt5BL85
zGHZ;tduca(FWKI(5bvpDzG4r+%gp%Mo4IaC4H52;7Y`wN^piVFjXUHF=6?hp|Mtr^
z`m~cNH^xtNyttuKG0A@0qdAQay*)jlF|Uy)o=_7V{>6gqERAl@s&&|WL5dgK!|##q
zl(EGm^u?lWLl&2+mffeM_xwLLNN(nqU?(H&m+wmZN56P1!K_>jai9|kH_HG*nM;f2
zi)G*LtL;1&0oltCSvv+QiB}fwmT57IbMC_r;~6>^oB>390s&jKP#CE)GY#cj*_h8(
z`gk}XAE<V}#v0T$_$e76MAvlIh3HkL?NWHQzo3JAqA)Dc-!QeKhNI%tv7(;Rpk=78
zkpGBg)xHVu9kPi(?h191gTrDi)Nl3{vZGlrjVLPj>rRQW`T)<lu*gfa;mLVCPwF>R
zg&FB7?!-=Fd^%i~$={iDx_$w)Zq{X32s-zC;5&bm<aNa_6MkF8p7AMIa4*yx!0n<@
z3!E0uWzO>$K31Sn1;A))zPtkif?0>2*3i^YnG62djOzdVXuRTIQzzHa7VGk&`I-&Z
z-9R4woD)lMWmiobyC<qJA&F){t32()izMZ|OYv&%uj+PFntJtQfs6ZsME0MKh<#p3
z<<n;TazjIW_TIK6B7I!*EEkufP;G?t6^wHQ`AlsSnT4;%2nc0f$)#X49R2Kt{`oY@
zH+xKT8C18nw=A+tdQ?Z!qLYdLGUGY3TGn^sN{tzU`&LgC!-<<l-|cv#)p&o$e(gCn
zMOuO|fb*-m!$(7V*Km~CFW;cEppkpuzF<XYQxbSX>%Dm#i>|zskQpH%12Xfw7sWS5
z5qhh6VEuPmVCndbHc^e~z&ZYev^CNL{hWi6l4$fNSY`KR#FgwFli#i}o!{xiE5M~t
z;8`>-r|dgCcCJQ*c;z1Q#?9ke)Y-#h+UEWZ=kM}c(=PxS{vo&1isz$4U6;hTn1kOl
zt}0VBQ<e6Y+ZWFhpqaCu9atvi(API7ooKPzVs%KIBP2A{whoy-j7q=TnmnV&O57=2
zX3V7s!n}Z^6NYkEH6v_JIxl<q!;`dR=0h)94?9{b8Sk0a6!vg{=h*PyA7<YmPp7n8
zMsFWgt>%RPjBmSf%}{81Wa*6M;Trz25jT@`H?#tlb3MuWMt3azjO{d7w5q{UQr=G+
zUGqaJxQf}?KY*52vn#pJjSx8`>I4olSMg+^cgDH!76;nAxzC`ptCksxi?MJz?5E6F
z*}QI4tS`MM_TO5+5FRC6xYd+@J+YlZ<*&zS7jvQsRxDPdL*sVxH<X{6&K~_HIw2Bf
zctt<B&eLgwQdH){^$qV}A*muBCqC7qTo%i95)A+sVb5V7apAqnFBHTDcg1Vz_`D36
zMDKFby^48>J-QAw*p+(FLB4PeY(T3!EgrhS#QwEfGQ6)0k<rm1E4X6gGsa_lboZHd
z7vwYIwhQ;u(OXKMX)dfSi@jyRf3JrK8&LllbuO<mbtMgpSjHGR?zbkUCq0@W8}$eF
zY_1n93}FuwDKl5C<`XBBRk;Z+n(s54EwIz@6wWcextFf3f7-^Y94{a(ScNYZant>Y
z%)Hn-m2NBg>l^pBmEz?(Vmd7Bx^=H&X|GtE4UBTzEKCXiTc*E@T{{2{ygzeeFDIOF
z068coJ^y8@JsKhN+|7}yhu0%!g=F$va5shnDvr7x##E_sX5BMCOQI($CQy9)mjE0o
z5sC&E%?c|PdsQ`JF(pF1Q!}^Zq1i?^^Nq<v?h7v3F+4G1%((MFQjEuKZ*E_q(33D9
ziAy;jk;SVHVjq9`{*Sbm&9F&p;U~hYN}Ss&Qhn|+>?VYFxgxw+Y6O!KLCXFmw<q<N
z^m*H55oI+rAI2mDtwF)eYG~<8Zb3X+{Ysnju@N0Sv4k~~tHoG$MwKBmny|m*vopzF
zT+g$NIyaQ)-W?%7s0Vy+_|R5AJpJSugyzF&?~QrO@;ao9c&?Eb921uoJ8}=Td%pwH
z!Co~afudIBOh`}#gnpc`<D|TLsD!e5=_RyngN+{?=ex9y;E*|rM3wOS{T%*9Kqp}Z
zoqgl=#(PUR&;H^W%C3)YcIU{nWjzhOUUC6|?sHSbyBl}&OX6nLe*bxoYcQ^{-q)^;
z=owJ|yJa{x&|lkR_U}0L#}UVK2e|n!52@1m7X)ft0xWg6;7HgzU9@zJpg;DB%#?rR
zp?R-trCA(83LM?#psgXtOe1dU!^06=Tue%^5P2-!+)vrq%qhgkjCd5c)KH2TL%(pa
zIQOC+a^4;;T430zM^Ys?cDPaK1C!DmA;WlSvs7qj!Qof&IBT#@IB^!Oe$!YHvIatP
zETox^cz~1?_f*mz#*+Z&LAi`{Ugw55!|K%{4kl@G{EE6b)ki8K_9-KQu<yv-ZmsGF
zfVlx)Od)xZ1+RkrWZ+zjqIDgYqvxc))|ddaAFT1na*)+H7EIA&8v<*x^CwLC#u2OO
zx(u86zA}NN-y$^$!q9P^EQ-pZUT=n|4fROhHf-|f(v5u0VaQ0yub%f4S*i1S4JrDV
zn<#{@2rmcueYbrXc5+P=0Uizwg_$~7sA>xGgHG(Zz+ay<yayjNv!QEWR&$a?D%8>%
zCI_QMpjp6z-{h{>g2=E9(FEdc%mE_A7_${*AV&g~O-oDoGP9$UO2(WpJTBx}vGj4s
z^ITkKJjNf!w=rQTDC{!6??k;BH=~Cac|(4LM!f{`l{OOM>Z-U>!l_d{y#z>amYsZT
zSf_@H9a1qAm_o4UKDXr44#VooNad@Wk{UL0j?w6~2|&F4o7NsOU9-<La>t6%MZ#WA
zZ6QT>sjM+54#^J<iweT*c9paJ`Nxztur&MCvgqimjDIIRygvaF-gdcm8aJgr%Q+sH
zHQ{K6iCOm*db8O7-0l+oOD~R9!lDY`Ytr@XXf;pvue3}a8rr(_QP%E3inOj6bN{w(
zIS?E7IsNtKx(M^bqEnO6avSA-^mQRcJ7?QjrHfP5;WozA?Y8VnF(C$k#sM`cb@fw=
z;L&)%-uuz5oLc7mdtBIT$9V&CSa|H&9Dl&oP^mfuSAD(o-8#mqLO(7fy%SqwV{^o{
zH>mVOV22SlLp`CVCBIt_e;F%dWoC-{=U<~%Pb_jOkumZZt}yED@OrMSVcQa}n%_4!
zDX~VQE$Yz>ll}C1w(5x*yNqG?Z^~(3FE!7+8dG<m>sa8wTmrXCyC1_7URF+~LUpG0
z*O}3w#c`J|+TA2peGR!j`dMW9p%ElWGKbhh5lI|~n^4elAr)+mcup`($=jw;x@77^
zKrv`-4(0MHL}aKRxaqF8z#<gJA>yL3>W%tN5=hT?VBogOE?a@AjRrNZUjZO_lmq*S
zNq_4V7$>-`28%RBL+l|E2tA503vltmr-a62uX@6oq||9nFlK{DfRfF5tZ-gmp0w<r
z@fw3*Pt!vNSMgU%3c<Zpd^OuUflm!S)?fuYS(Vp#O2zVDW1sNQrjs+gj6&DS47c6Q
z@+M;wqHmh_H*n<qil4jvbx@{SM8d}qr;d2|Zhbg3Gv(l$r4kMFt=X7k=U0_OCrJX(
zQPAg9Y!%DEbvg(4;A*?`&Vmc5lJMp5bXJKR8t8Z9w1Vrt93(&|X)<tF`&D+0!$5_<
ziVL~a=h-M1JiCF70OKsLL<fyKAVT)iPZrQ&4v&uB`lEWhGTMY~1e2wL3dg^I_FO>{
zZSyM6YhXU6K<Km1?r6z$7!=5^^{#2`{4Wu|L`s8+6nEFWmm-93zsLiUkGl0UD(-%Q
z3|TRa4&&?`yLI{?9na9l5kSTneP)Vn5=qX_07Weg$z=_eo!RyUE;~nE%2RqHaXrN1
zz#NrLuDPO9I^<Qoy@GX^5GMF$@LS_^=N*+PIAOK#U~faNC+^tGL)bwodqhZT40J>5
z?xT@GRFVhEkDJzdE7)u|<yx`v<=))Tck+&{sgM52BS$|RH)>3D4us-Hknp}Xxhw?}
zCViJsy8u@i%FCU+`<;J?PrB^GbSVJ+vCbk#ZANxrKlf~dq5~C%%zL=X8=($NOJ7I-
zj+sxoU6|mTd%3rR%1)h>RT9e=6qB!QAbi<fpV9_>@e+()#mU!)o?QIAO)#8FVe+~^
zr=k1A?qai!+g}4sK97|Olo-x~jfsWvEkoX1HNSYvbH5^-i<c_Bk0d{&<|n4FavxhN
zmxe}bnu6Yt;)|kM5z4$-;^&!__48w7tmsPcxY9$MfnyFFZPB9bF3~P`qBY`kUE!Oy
zL?C788k18XoE}{CF|G(wPAS<AU^28>m6!O^W$0fg%jO~h{Xqf<qVMt--}XpcA(#;7
zD<A_Vyu&`(Whk0R1`MN4Hom+gxbI2C;`A(uh$!<&FN8p8ThsEcoVxlw(b9tQUgsK`
z#EWkBG+3<HJ&?p5Tg#!SRm=T&-jD}r%d)5+QTBSWC9X5^4+dErssiGMZZ;xGAd6i_
z)RU#b(kQNW&N#zm_#`kCCPuwdMut<NW688wIiB7_olmdS&#E$&rWQ|My9qpb4E6g$
z<0|r7{6*D-PhRIn#{Q{UO~vY`nX?mueDA13`_viIpSIP&WWXu@#^02nU!%jr+2?%Y
zKB(Fj<TG^I8?wOas`-bOM{t+3-~d}4!FlX(1G~B^si27~O5z}YzU%-4;teP)&K0{9
zoBY)4N<tve>2$r`g(Xp+wby6x25uOhA+?Lvm4X|l<S&x^41S%Cy>e8Mj$}u>q>TNz
zy4a7IGz6Bnr?N9IKD3eQr=04~;C_MyTTTs9)IJgE)Ln@AT;{Bs+3u{jvX|b{|6@#g
z=kC~3KBHNr_5eBZ(X{D9tuFmERV{>HeE0FR8a1(EvOBi|BrI~iQys!4$e#TGlckhY
znvbwOMtxkP+IGTNaW#B#HRVog=-<;C6Q!`;_e0BeRbJLu@W6+7$yJLI_3S-0KRNK(
zf#1zJ6(s{nGALaKsAd~+qBM%TnifF?xpH4}5A;OlR9wkSj){fT1QSt)rIzeJ3dDn1
z#9SXA{PMn7v0g+j+R2IQo2SaDKLtiu%jbG+(PAZTTSQK}rJyRUk#*IOb9{mK897Ve
zIlInlwv4?PYZ$FKol>)JiM*BSWxJAX43*i!cT5W0xS12W=Scl@ui{!>r1b>7^AM~`
z!m0-6f@}z0rDqm_{#f-9;<XOWk{5%<eWls0!;Vt1*S~|fb``F)R0M06644U#K^9y9
zUm^hRyiYHBx?TiecMyH%NLfxM%z_Z`#MBkLR|j5lzesoW>I;aApSFsQxt75i?7;+B
zZ<B^EoYtz`0mh=Q+{*aHcy<bKnP_C@UgETjodh<V8-nr55mQNQQqq^&C~bmcXD*WC
z5=<e9KgDV6`1+)%=XurLZ=D45=?K0%uWkS*B^YSguiG4WzEfhm<DZ>G)SLM~tNK!w
zpZ$KK`s|zs%L0=jsFgA<K2U{Ec1Vj-{x)>@DoBu4SAa}B8Nef(o<1e{E*0zR%Oj#N
zz|N<4ERc#P`M44CfiajmAa(ly0>Nn!){UEAvIErK#tMfLmm{Lj#=HVbv+wWz{?>Jt
z9n9(ca`=wAPqF=vo$`J}!a=0mRa>--zI%Z1po-aQ+3$}X8%fJ9N*%vfH>96_Ow(PM
z^xaOn`MvS|wZQm}N69mn*Y}Ih83H17Cds&zn5(@xjM<<vEi0cRy||B>^jf5Hk9}_3
z@@<ughe=k)y^;5iu=sOk<B0e~Q_Kn8##q&L>Z@MYahy^edeL#wZaJ1K-5ANZHw2G-
z0!&5YL`Uf`5)m9srqFV(0qB^WhGd!(qqEAeRpg;^%XfvRRUppKYTb6TiWCU(kbGo<
zPNgLM)SVq=#V$%FM-2W2-SjcP5>J6+9}hn?(SOEL?Ois$G2BRp%G3Vb!?^V;!^A%8
z)-*eai?&}Ciw7^<>yNq{c$mF{%RCD<_G#&-dQfPctEaDWenHwxzMs}YE3<gKh-@Mf
zjPujCBJ@RGvQ&%;zfUh?<+xP?!A^~RJ9gMwgEQ(?auUU7la4c(IYZ)5rsmoLI@Lh&
zBgJ2KIH4kiB&@}9e*=Gk5Zsd23IV&(N?}4YG9_+(*D*u{QG~Pz9vpNia?-ogAWBHj
zZw*NmE20d$XO4vx;L=MFASA{AKy-rG;1yNrSewk4k{F>MjmXPqxbTl+XHT$1+pHpS
zf?J%Jzid<{5iJ~2C1^WW09T32#JuO>DH7#@+pA?vqXTH5?Pr(mvglegR1+_Ob;|WL
zou0`4WcvQhk05W*zWqo~f0w#34!Q%*y)rv%P&aAAhwOnyU-e5{)_fX*wQR1~rzi6v
zkHc4=wWTl%MvmkHk4HW>gemAsb_TSSoVqEt(X|zZ&vhW*smV<lQ@0hnZg@J>wYfF3
z`+d}Wa9f`E!o+B~a@aw-vga!Junlp6I$K??sBcFsjy!!ZKI)Tj(y;K<8~buwKLZ=`
zSj<9~wgp0piUki>I#<M^praXeF8(K3-O?9Jq<pRWLc$K+IDr};ms}sl6$s}usV3`^
z_C-6dMo_6uZM_h0CMboOcR_|D6AC>-0E>^Wi55!DBX_0emLG`zz1#Y9<-ks|G+(IT
zt8^@f0op3Xk0<M-NT#QZ3r9pF`+ryesH8K@2%(L{&;Dv;qY@n9lH+ymc+LrItBM)e
z`Vb6xt&jdXhcj@z=i_4@XfPNtJ{@YK!**sNy;@bEuEaJze3H8(y}-5yqODC+0Lt`<
zAAinEWbEG;cGcv)kP(hc%(v^7wjf4bKT_~SeZ)?$+pEu!iAuqjOcTI0aIYHOTN74q
z`p?c1i1Z-(>5)(}zwSqfpXQ+C%b$EP-+touN}sebBR?64Vj_H>3RojX_`L^1sD3A4
zI$(oLVyXA*k!EIM?4qQ#N7A<O*27lhxgXB&5Dvmyxkw=ySkoqca2GvdA|cfHGfvE?
z8hc<_HfP#^<cw3&qi2WdL7;NYp(rjom+_;2z5<8x1U&9-h#y#+KAv9cAiL?D{)^_E
zdQCw)w;_puR4LuJy7MTgQ{9Qslr5%Aqf5ys5sH32y|>>gK(p@h-Ma;p`VTJO8>Rhe
z!QdoS*(yCu$8CR`?O$TLAMLp7wUTW)@nTiFOjFnh>uxuUdZ{57JsR)P<uySNF1REX
zZ~g{N!|T1soVXHmxBLyr&!E4fz{9d8$(;5V=0B&*zE(C&EV$zU__xHjv)?sg?^evO
zw0c#KYzSxNc|F^>Xg~Dx++1HW?b9gcYhFb&iTLA-7bu%^=d~C72vk2dAfmMSypuC_
z$_~H9YO-K~g2b#T^0lGltdXH-dkVFbhSSGXMT(X(H`qDdEl?gR$V>Ql8<C%p0)?EQ
zG$0pd>_F&`T%$EBqjW_;=~aYB3!JHPZ0U=y$TJp~P$sXU1!zphk}DT;IGdxJzSOAP
zQZX%%rhxFX6rV1|6Y3&eH1(ZVp;t^fFvjfgkmEl#Dr4gkY{uaYe2o0XG&TNkwflGJ
z>)(bSFT<l%h%J0RmL4Q=cE@eP%Z1*K0h56~x5WI0g@u7`fzK5;H$STakck$O%oyM$
z0WrX7e5uZ-;7{=^%rWW*^Y#pK8DaRpIe~T*h9c45q*z*9wi2v^<U@+CwC(bFRBB0H
z3^85S#RJ#^qi3>wnpS^w2Q%ReCI7<k-Sss@bD_zrElfn`G9rOHV@$o5J^3o^y$u7E
zZZhA0U4X9!^H5sh3rH4gus-K@Q8P||lg0+<cV&)O6Sa7iAmfXnPQ*Z66{ZlU?m+R-
z;?$C{<A7)5QO{1RYqRr)5~7_}b7*s2^#b7?eQSsbKX@=?fGz+mJBDOAF!8?Nk3Fs8
zgC#9AyF+GPL_J-x2+Nsy?b*=k2A%o(`?%^~O(deTVW|=%(;CuYt=aj0u#bIOKQ_%E
z<t=c#TYdk&S)&ZdSij<X*p5ur)BJvRyYC$JqqEfm9*XJ>XZYu|FZQ>7%F%{_8*OEL
z`-_&}S10)%KvYzH`hDwFCpQ45z3r3i|1;<pG|+PxE<+9F*N7abO>LGc)fA&01^I(;
zFvgd$V)!yXGuc~J6=tZM4^qz5qNS2qgiCb}OoWkWV?`j+Q=gpLs=2Ai>t?-7v8Yok
zqj>c^%Eu5f{7fJ7^NZE4Q!0jLV$V0T{^(~xidir7rl!A6ByGl#05mNJ$7%z~t%>11
zDo91jlwz7b>$mu^{u)_{5msf|MR>+oGL`O2G>JWbE@|U#EYK;?+WyiAG?ix<BX!I9
z`5Bpl87Pd2{ya9hHlE7K{mJJtP&S;)r67tf9~HK)X+JZOBNW%6dd(BJSdAB8#&*m_
zY{s2_T$7JKF4bJuiC=u`$lvp@1Zx{ek0n;GyUF%e`(B0-Nj}}gLijpH2^#DJFBLA?
zwFVtFIR_}EIBCT!-&XM(i^P-DV&4fy-mJzEI1rKvq9U!C8>5R~7U@QAqtH9_`Z*I;
ziE+T12>_Rb5L?!g96a@J&JD9+bPZ*wuVk;@N${c<_$H82g!X6q&Y$p&oKMLRe9wmb
z?Oyl+n74?hf>i+LKDn#TpgG=S$($3e{;oaeW3Z&(1lZhVE5X$tg2~XPbm?hjo;j&K
zu?fqPKR+}0n?plQmGn#F7ukn<{Li4&&i^SIPI2x3L6%>x`D|>}e7|+VJcI5j{E-yH
zp$vNWCu6d*OaF-HE-Z%nt}JexZ0$+L+x0ryKzu-uCB;&bro>Or2V1HxMT$3%;{o$2
z`dA7<i#Ok!pFwACfCBhpag#8pc=`t*k8nGq8RngtdgHvRn|{8;B9bZTzEjE=uRWmd
zxy&Tcl9dD(uB18zE;E1^)2CRTX{e;<PO8h=TuG^6jc*yUNEgAjhyY>lAUGj*)UnUe
z<X!VXx|O5`Pt|**mCL9Ykgm@9dt=r=^s4Q50!!VoQi!d~IY$Wost=UDPg<~~i$W)(
zD;`RC>rvpH{)7(OJ*3tHUK{xKdN1$iTJRIhI|F14t9mMn1$ea?-zc<plVW42HX`$y
za<O8ZSY8D)Vs(i_j`$neWd!O|aZZqx_Qsd>n`_qk&-}x+qFUwx>Xi(G{n1i&n^C&@
zJl{cpz$m<0A-C!E8bs-9+nvNv>^^@0?FUZb2N|0^_f!Djr=rJ1p@ou@rRojZE7l)L
zvS$%tO3MkD){%}%i0B1)MKYd3;k*d_E7l|Xn1m;TX+}nl>JGx~a!%M2^VE!`wm$v&
zq5C`C#>>wO*Qu3XHN6ku0Yl1dHDpJ>_0iXE6Z2wGCR@nL7&T1^3EYS(LNJFD0))PP
zU%$3#hz=)}fEvQJ<0ga{xmBzl*RRE@I^XLJAc~hIaFG(Z^F;3lKyJ#ikA<qi{}ji6
zA?8m{Q0^;$fPg%sZQsLImJ0zb(ED%0tT9!_Z(ETS%gJEUEdpe&A7G9maL>Sh(*U7n
zc1(hQ`K)a)?z;BHP_Ov%B)@o#F~K-rrBkLlQ7;YD+xN^f&0HuR=U`}a9^Z6UfJ8N@
zSI!`*k0%;Bs&mLNIq@tdvjXIyS-E=6))Tu+1*Yz$IdoAt%$G!+sxjK2%Q5{*1qpT8
z&I1ui$zZ?Ww4gw6_y=%KgomJ-v(4(LEK`UONYN3KS|~4f(s=Jab5%$Y@OC@hQ>WTM
zU^dl4HVquLOKqGT_v&bv9$lB|69KQ@_;AhNQ9cO`XNPmr@8$_r@Cv$Mn?(*bh^H=E
zJhh$|4>LJyeXUVJK`leK;}~|=9Z70gFUJmpdV(cY6yLU_YN+LinQY;RDi@rjONPAH
zzpH|mNkhEI?+8%?G8<HBd}`wnsb#7WEb61Fy83|)fIO(6{rZh-1XX8R_>%-co96sd
zn3YZL^`@X=;4WDhf$$wc>e|@`%jZ06Pg5U(y4XaFO&t>%s{7BO4#_H<dF<Bm)k*F6
z0rdRMV01z?y4|D&n*4%xU_C29jbPWsP#LtA+%B#Mw@RKo$oN}bu3K8~%FqwIj=k?2
zh!(5B85U3)OTS$t&i(2xLPkruI_%7Ap-tQGeZG^k>Jgl}nYk=P{8DQ4Nzl3WV>b2w
zV#dF+nCbdg653{=*rAtoV=|I3R0soJ-t7iQxB1;K^RT#p+x180lvm4tL)o9z)c<M|
z$))A<8Nczi90DTq!fQN9>rZ)nUhvlgSqln-{OkTQ!EDijZph1CNwr#-y&!a5T~?ty
z_Dq}9;6!LRscem(=;ULK792%|3R!Ss9q}kqPIJ*kDeP;c=V<VPY1mX0BkRy{*l69}
zM$G7_)yT^QYTF8B!9b&#s1Z&3y5^Qxhbf!zQtWs}DqDLtydjdnc67{=C=1?BD;0N5
zhIWA5aIQhhL$rl0hN(hxQjH32a3{9tJfU~!bO-UsvRan_a}Y&X=(<k5xb9m^0T#=Y
z5`65jVIms7?)RK*xvEC_AM@gwOG;}$-aYr*g|tzBd+pem-Hr>>Q#$ObW%ijV1wje~
znKCoPm79M#wdyfX5}T4bk&W`uywG_+50PriAa>HL1?AI<Ax^GHG>tU_)2DRtY%X-r
z6niz7vVxxF@}tC(1)gj!jyqnT-kMSpt!NO(zfL`pr;><MX3ZYM!BmS2=aF;dM?(gd
zGK;d_zkX~^SR4ZF>G<mQK(6DiwvmR5)j2{jVtIed?&4y1{%9PLL;*#>RzL7=unn(6
zzYNO%O;?-YktiwBPx*+jd#|Io=*4D!|K{vE+<$G-tGZm>+VKCi9sj8YQml{qKuFLd
z;cL1wnj_hbYknzDx)!jL=Fhd{+D}&svJeOC-RO`(9UnC<-=l<PQK*`~K)4LR5U+*@
zj%h(%@_k)a9xH^0@3`v~%}Td~U_IU=QW()1e)*e00+A2B!dN4ae_>X`S=d06Ug%LN
z5D86m$fl<Ny_xPZ=Zj;{$pD0ni^cEnAg{z?F>-9+lB1EBbtHk}6M!h7XFmsr)sL<#
z8E^<L5~cpe;p=?N8?+{?*Qr=|(Td1gCZIC}ik*$Uypc5->t^{%(4B;Qk4JFT1N3(z
zR$wp^S7pNL=j#deXIbqUs!-a*@mYHtdZdT`spk9eR!qJMT(~7(kAW=5Q!#SlHl6~w
zYg`@Gd*Vo0cKTmfY^)CFt%;l9JF4=o8^S9@95`d6e~L7}lajovrF8zF!#_p&h8xep
z2VKey1N~A1%m_;&Nt~Yo=1RtBu-jyykE!3K^Udtnadbyd*2Z?2dlbp9QogKM@yo#2
zv`}JD)KIvkPE&l;SHQ!LU$8!>Q{ygAv;RdpB(2h43)m$}I}Y^)dG4mZx!e=_8;91p
zTBy|bM{zu_J_Zd-W8AjPUtl8F^UvDAaLXja<WWXFRx(iR5<ZG`w=n&^@WU++5arbk
z!11rRe{$foB&QOg_GFqqLW{vNtlL2!f|Jn2D(55CU2s_lB}DH#luMDh@tZ0GvYvX2
z?a(SOUmR9Pl=;LjPf1jjR!3)hVJ6>-sgu-ih=d*8OgDk_^Ehu)k#hQ5WVyatA#o?i
zMp~pHJi|yzcfdOIGIwU`rmmYvGd<$Ov?UR}UkGck(Vu75*{E^kQ9r;9@ZPzCFxS-S
z$!0ycO29k(Zt4pr>%&SI)Q7o!&ZAD3+&=?iZ87QT38jKN&8q-VL$z0r;5Elin}7E)
z%QMk#=*x+>!#X=x@ptNY8%v)qmM}D%67SWZosE{RgslXAEbknB$pdY)uXIx{n?prx
zbms%$tNS@=08S<sY<jsgSTd$(W6Ro&6=InK*v5x}s94KrI81_w<~RF~z*)wPC77(t
z(PqlV9IAnf(*BUTIqbtipe0!^(6K@VvLvXDzrKLyY=&4*{BS(}6<65XrpuPKT;!SX
zXesnHQt;sUH?3g7x*<E>jRC~13S|!!pUs|*jD?W^n<C_OeQSnvIW3(G+EKpubKY;^
zN{TmZ179tPU~n*iGPilo1P~SBUm2kMMUY<+EWFJna}N5Xiopf0-v~YqDI4$+2)?M{
zK?}E<5#%?vd2RcOW(Z`{`|w`Tld5lwC+t`NxiI*<?2b9uDCqP{8z_?X#C}_Bu&%sC
z4h+Zq^qM&I4BJ;<EV_xs&7y7q$fb;#j!JW<^xR<}<7F|X7T|EdKZ>ME(P(=jb=5bh
zYesVV?H5zVag_5fbUegcfN;Pda)n$W_jbH7JC?PXH`?>>=RagNKmB+<CY`e#{Q&U4
z<7*c1!^v7s67f6ty*N2aM&ItIzGiQ`-&bRrJoTZaZ|aFlvAjHyCCDPw%G0Cl^jcZ%
zF+apzKs?C^80|jEMigIQX7%`HYnb8<JymoXxbCX(r(5<bdg+R*8!yOS7{LA5qW-t7
z;rvfM5zSDkM90R4Kc<W|`!JQW;5EMuv|S3g-wp^jacO_P<US^S&Sc#gh>k@NS~n^&
zq=^a71Yk)~JeuVO4y6F;Z38#8eg-)W02##OjXxe1e@w?64BZYR%#{SQ5gdlB!i>jk
z**X`c^bsycd^%6{tUBfJQ_s+7z*la~LO~zqNILQRx+zWc+@L~%X5+nhcg!L7V2fQb
z^>Sg(V^)T%56M6hJS;Xi;i;N-()e~($KM5=U$Lk<OZmF)iVWp?jxUl5MbSoianML{
zzc+d_70Sx_qG}+VFh;6YAuVcKqy{|tC_Vx%&J2WU%0E{gv3%0i=iOKa@IH-WF*m`g
zrn+kx-Ycu`2lh)agIL6}R&(SKq$IEEVQ<Ss2D9SX;8vy6fvnI1XG?R;WcI12d#2$-
zM*zKzx6Oa_eCEp&-f@)KT0a*Qc`Lb+)Hg-F^Ax>fmit4$<_(OH-0Eczb5Ns(PS7sJ
z@*89GF^L-=UZ(P?v7yAb5ESP}ZF$P_{O>B`1W!DV(Z6&>Wo0I4vzd)fKN<4^a%1rd
zb_tctd*-Vd++WHn<da<P5NUehT^Md7bQJ-EJg8$jge9`iYd_V*8BDrfYZ@Xsn*Ygp
z@c|*M`MmkaM3lPn;h6v7?S0<;QC@hp|K>NF9~5cEjyHvlPlKi<*C~0(+E)&enFf>4
zu?Ry$un5D2FY>r>i*<O_<aB<$iz(6r4x#>AD{}$_rxj>{anuMghUPfG{dbM`509^1
zFn;Xv&GJQfne5$;4G@6GF#a#b6!*}(UlNDP>!_CkOOvb_g}}|SC%W{T2l#&laK6yR
zOr`xJNFV@D#eRnf0TUOlU`6d%Bnh;->0;U&7wY*UBTe|03+OOA2P(<(N?&4dcc<dR
zB-i*TDU%3@@l5YBGiIV(jED}}CNyXosEcT%?1^T!N(9msTp8t3e_wS)jEfcFKg4o6
z8x9a9Bfn2%JV664fZWJ{#x`)gOX9z%xEk^N`8{Ifakey_@WBa*O=Low)9Bi12$8vE
zpYiF!wNKZ%T7HVZ{15lu1%)qx&jEGoF-oTLj5&d4)!4VCr(~7MQ(*c8h@X|E{^yW+
zfx_DFz&!AEuw1X;*Lm0B(>-0gIfDCIOt=IB%4zPNfu;L3`0N@##aE~FxPh21opUqd
zqz$Z!h<+HwT_ak<D(9cKArtQpA$s$R?`C?8mgbeNGN%_KBzA$i+#b_htp_?yQ&p<L
z%bhvD4R|Segt$WD9SMPBwynXq{`rz_%c{$mGIk%={_6!W@l=mTFw0V&U#z<G{u<Tl
z^3V=FTk#h&y{<0{<&eI5d9Bpj4qAvmg`@ukY!2p5orgBH?>X62DoAD}ZZ6YZ{C0NY
z`<6)0IkFY6f}8((QmbZ(O~xw7Y95q75(c%~)xI29@n?md?#6|?Yf1B)UR8-Mh<#!)
z)rn2{|Hv6Jtk247^sO3xm<lkmveHt7gV{+YN;%+ES!t(;{*3cvs^K2gj0)(ZvYmr`
z-b53_q{Tje%)B)~JTWjO)~1#EXSfu{CUz?igu{uW0$&LTvHk-av+Y34M80^k1{cEh
zc6Vf--<p&YF%6NOmDW2QzNHN$wim6U0KGX`+L|%g`G?fP5sJ+I*o_3?y_lUc&#-XU
zOdB-6pza!f6iv1Bo)_n~E;A^1+6?proHrq5o@_+-!W3@{NqL2@0{>=b6DQ-~37qnO
zfd<wB{A9W;1X0c|oDw^M282L$Qh`cuAc8~E<w-<a)>~uu0KLq={V(XOLwJ)0pq7?_
zlOb*5iOxD`H*I9-w0ocI@PrPM)vL_67HhdEV}}4X>95mj7Hn%&x%0n*;^fY940ZE4
z%N@>h>Ki@GMDv3>CnM8WfA>>gA<G>b+Oqj-P5P)b#uqW91a6sn2*1XePj`{^sl^Wv
zyQG?Dth&7Dqr7<%CDehVmfFW0Eqqj!<%x-ZK$~kz*spA-aJgNdxpH|X`gno7M~4i!
zuU^45xbLDtEVq}v2ZwtO?7L!7yqdJ(T2&m3v*~g5N6*`D*n?xmxr8cR{`Gp$zr5`X
zkhvYWcu?_PdzVLcKWqM=IM?8wR&v_WhMp<Z{9jHkmXzT1@!)xH%kR)P5B!j3>K2)C
z!7{u~G()^Bc=XUG+CjYhs0#_dySa#vJZzi7EW$(0@dJ_q)b})Ht~OBrt^&<(d(G?h
zK;D=X>>pNv3}Ygsr9tnmh|j1w@75#H+4q%qTwZ?n5zVY(TQnp>L=*16f!iZ&MCl2#
zSIPwFXSkLvgWQ3Lsbbfq>QI)j!_Xm1-IWt1ffwaR^?jmAAB!x;_K(|!^Y$b%EHpVN
z8G*vW)gV?p+(aRY=j)<|Gz3M#-In@h3FBrH`_BkY+)uuBOLRC#jASNhDafA}s-N5p
zJ4)$;9Dcb*k!)dMMRaQ#VbsX{eoOpmJ%%yf8Nc5C{;=(R7g6;%UKN#j<y>@C#y4*I
zTSL%`Amh?K`s&)Zr7K@)xHyXI1-u;;#z}WZ-Bc}DoD@4peb<beqZr>&3gpH-VdIY5
z{@pXd+)Hw-l0EB0%J*}yn>L)2Pz|2hM32>WXAM)h47f~)=$_*H_;K#aTnS-t@DNvX
zxFKAx92Q$+nvFwxvW`d~UhYZl3|dREP|*X;IvL806>gucK2^;cE5a`2<jJdA+-5fY
z9lm+;N90Wtl=qes)UQbmUb(m(LX0GdhOhYT9fqHbNy@@*8D!}-W&e869M<O#wLUhc
zm{@~?SKoEwthpLf(WT1(7J+?3{)g=s;s0(P2#0qAj-t$;S>{avpgpbQ_ZefbK190Q
zJN7}_vw2~_HbNFB_z<=&iF7c(G4?)i&vS6azT?DgCW69EJfHPt9+z!EXs}G7%<*15
zHi$>{&XRCJUl7<Ut(1w!uk%yg5QtQ3f~3RL?tO3lffRuy&h{8VmwTC5gzL&w73Q)f
zo${`5v8@pRMw!5DVcBex<#}c7u2NNA{rx^XR26{FYZg?n`BbCC_LX*R88Da^<$O+a
zm5CCK^5Xf*_hW#Y(0y4i^_-G1pF>_gOCg=AV+O_j>4AMjQ}PP$eE_ggoAu3*B8*@b
zrzsmRKoW*C(c(q<=jcY?al4h-n_sW&Rct3`Wtl5wt^vaK1M8!&_H;nI4x#Mr9Y4YL
zLsNff)9u*GG<)<f=);m<<prz0sk-)kDs3Qon{O?xU=)kf+*PLNgYKN~))(Z}n6JOs
z-mP*(*v@G?w~_vT$*F$sf8!?{Q$=j1iD^GBE-s5p)>4Y4-W_jsapm4KSlu#^OST`)
zP5R+#jPT;Om$}6X09um`h(KGd9pbB_dhmb@0`Qg7S4<%Pwq*alx3}yPbKnJ0(}GtY
z@{Z2&<m{<P+LOmLOpMB8B0?|ZP+ri{%_gW>vsucCI&YcOJlU4M@0vvJZ7lu#^zOU(
z8ozRaDt4K)Heo9bPR#q4w7*kalx9<1Fwr|~7RVTXxNLo?*<5XJy99&5r8B(Gjw4J6
zY`J?EcE2jNx(oKs`4dVL913a{$$A}6)en`tT-UxI?`V(NcJ-C+co<t@kU2Zk3J>Vq
zs#}nKD?ytf?YQ!Mwer<S-kkHRPn4G1D!WX$jjG?9Vd=SDmaefWSU-M+`{XhfA59Pq
zk3oZ`sQV?3Y=4^IX+wmEaqBRzbBHxe!2}3M%!%)X^c!jevaMVDZvJAMob@(0*`H<D
z20H2MV}BroqJpB9e>acQ9!X)>SvsWF@~JKIdt87cb`$W`<B0Y@l(JZ^`1s>es+z|D
zAn@sJQYVM()lXzoz)jO%YzW0^=i`+e)nyPm7Q(6Nw@n#_#rari5QQl;Xw)OO{zkM7
ziT`gYj;ThS4CWyQ@aqFi4GH7Z@E54&lK=CdR*8+j9N%I8UiP7rGX|W3of-+vK>R>$
z%IC_WuV3_B`DKa(913uERb!4qGoTx~O1@RAZm<@6cl(THQB$A%MzSLy>^CCuE!$<v
z8m@}n+G(>5l{DkFFHF><tS0|xn|5%ks6V82-~$epNZw4Io>cBK@6XBR)8$TnuN8MM
z?_RA=X4A7XS;DC96C|=vLFaPpS3stI=!>)q@N3Ghfk=(*ivv*>kGh2#vgN}~_r=t*
zZKS|`bY7SHVg*LT&<)_nN%Q_Z{n=E{1aLGsseVbK(n*XYo!xx0#u+8qc2hhd9j8<l
zvF+EN(^VGdX%0HHlyA$wlQUFxyBd>PAp__|ti9+bk+S~Z-4Ct7Kf!7sE*kcsn9ZSU
z=ea{CdG2|A*}P8R)WS<jru&w?s=CL7M8?P9j^*>lrZ5iaotNZV3%0U1^T^$A)r}be
zfiBHROcM@e+7Ll=wACR1%w~!xP4?dprTsuK&f(n&myB{>iB#ZpXTr;qMbPraZ2Plq
z3&fU@wyl4-WEP7v0UKn_OqEkQjdr(oVeml3v}VJ3E^0{H`n^JibjoTp)pW8We&iua
z#iW+~%D&L}$M?CGT%I6vpe6QGB0KfoG-un)dFR+m4SCHX**EWO!`mrxN$4|t=VCp1
zf@Sp)h4*TQbceM#n};PwJhOe0DLx9&Irh}}gmwy}fVavdo`c?!5e~h-ruVHV#jQEp
zuG?i9me2G$J9ED9+H?PR&B40{8RG&R!;U^wapZazf)64H8ARe+4_dg}wxtgR^{hN~
z&T}5b>Eqb|hG<ZxadVFe#ZrL9OkN2f6urAb_UI}KPgN1p!9KX1h_0N6E(7%n5dWMh
zpSwXov8?MIN<{JE^IFguw10Dqi~c|o9K%IxZ-D4#_x<92`7HV|??arnV}0j^tbkbm
z;uoph4n0_p?(Lp^BwKsdAcb7n*`mHy20XRY)i5<CKB8;Le6*w<khV=Y7AxATV5sAb
zGqpqCa#^L_|9}b#z)S1g3bTBw9-a}FQ4TQ7-O#ja@@q~p$x<SC|4uEouJ{(c(Lg1y
zqibP$Qe?o?3>Od!{L9}(oUG<Lyy#EKJri|_OR(!{siUm$m9KpSI?X=T{%2K#WjORs
zYk8LWfznB>5-ruMpA<_U))dEKlWff^KF;<JYU9mKZbw}Fg-u~cy&~`8R`2J>{AUbn
zybjHTH*M1%xILy<UUKAE$;)irc~Bc-!5&Xvg$$Fi%5pq2@riUO^Gz)veI$VMCxB`b
zG>@MvBo+U6w;i)bb-MjVqTGV$cP07^Qe$;ERO5I6H`OPb{_ynDoxX~zlaH+xylZdJ
zQ$pqtcIGjnUPpsy<#Lgs8!HaE`2Ex<NMr9Sc3DIa%`%f!>4%M@gBzQa*jan3`1ry0
z2+3QeYgmNL{f<_s=<U%r1QM!(FzNP|r+?Md^rF*CHb$!(yT8P8sns1O<?AiO<L4<x
z=-zfvc4SY96eAQiN8CX^2n?$ahh|l`K3_VDX+>m*{(W?cta(`TLr!SP*vX5R?hmYl
z`8<suVe4ne#1p;CGeP(@Em7=FNszm5tB9d4g}aOLn$7!l-cy+eciVp=+c6L$x<72+
zxra`D5RFi{U}%(Bu5<AcJKTu_`_ea<codM?O&r>%t*Q=UNB6gOno_!o@pD|*OXRxR
zr?0f;^_ismUsK#DoYi+hkMtNQI^2F6u%LCnx_5kn^~Xh|Ze{MPTk_RE(jMvv&EF;i
zEJx;k-2I}D-r=({WPX1PUwC+=?H4sMynpYR*-GB8JklJE`~Wx)F(lA765wsfjyj49
zkg7R&c+{Q{KB|_Rx~?+=EQqe}K)@yu#x{@tV1z8K;Rw7E{LPt}pK;1-?w3f9`Jl4a
zHlilx5+n7{S3UntW*cvhD{*>+*7~RI`QuYO(k}>0Jz74_ZC+A1#%JJPr5UG;E{D2%
zi9ts_I<$m5rG#%R{3dk-?x94>Tzpt9yULfK1D1$5yX6OM?4l@3=IFigPVsL^BB8M0
z7R#yk$d)h{7WNAOfjd=gvgVCvA7D_@kPbWIK!&#J<K{0U%>%TE!|{6MW=M;0EMVQb
z;49r<3Xf2$+zUf2#-$a$t~;;Xvs~zgW~`E<m)6~UStv!vm5=3RXn{I7o`{viewLG{
z<2+6@^g`-kY=P8Ps}puNrbguo>G%A~cl_7ALCS;|#-wOuLCi<!p6B(kKz4Y>rhDMa
z5#>bH!l>I-s_VBcNXOqQYPpQZ2IC+1L^BYSs|WC&Cq8xE3B2qNxb2r-fPuVh91L&b
z9_N7*NBxJD`@bt_{piad_bQR@c{kZ~Ok%>q?*z89-D4kvOIG9DF#@@P-k4>CGkE2<
zT;eqvVu6XD8&z*MntyB^xfPCKG0KEQ9?ps|J<KsHxP{{;n+a5-??$w^6)dd(=Af&Y
z*4oVsb|C+AG^~#9a>iGYLo49P1pLErsY%c*!lC`=4GABk4P~S|ESGQxUq)^3h|6r9
zcw^&4El6Z<d2amawoU<)fyg#7qBDAe?cM=>q451voFQaw|1ZP`T=QfDVZ2<MPZFzp
zH1UxSr}CGm>f0Rf1IPaSllQ(~Egvp&iJk9<7Udsu@1Y}$vZP;qvAU=HcXXZXC^~=U
zVrVo4X!o<p=n@8?3NJEIveZi5RZ*Uyq+^RuI*t-(x|gFg!L#i**8(2KY*Kp<zW)am
zLF&GmxTz&H2|el}!(eSN-2bfyO!(h%U^GnJHWU7zmtPnf6SLu)AG$@{pABz+%I}BQ
z-}$Pr^Nbx~zQKmTPDSP?ICC+@kE?|*#u7t|aCunf^N!6f%Bpd&eF@QWXv?^b;{fAE
zf3Lg2T7H+i;nMnGs1G0KcZ-SdgIgbWo2G;-Ij~(h&~pj^AE2Fe)>+|M&w5t4_S$R1
z?%lfs>-@0_V0IsK{f8cU$ONG?&pb2Se*5j=^{;=ung3(@f8&ieh7Ww;17_OK?*G8<
z+qcg)5WMih3vFXT-(-+Zf`PhUJg=rB->wy3(sk@`fHsW+3!e`fZ53D4PW}BMo_qhG
zop8blON32eO1C*2aK3vTxle9hNA532fhz!j_4^c8K5ZUn{y7id_M8)zi{d)s%hGm?
zZ$ox`KcGm#p#WI4`Tqh7fbGsA7m$&ZvyJtP<Sd+-`^tc3?!SCj_}W!Bgt15IINvk+
z!w-D$x#7eECxnZC_JZ*KXMH4$o<1D@@io_m{VzBp>^|#+FjsHQz|+nv{grUzzug)h
z{PH8Ay1N?oK66ia-tRsujGZzXE_%he;jf<kv2emUJHn@a?O(&WFMV{_`6vYVxSYW0
zL3#D>AN_(oj^8#Jp8bbU4c~Re#hUG(4`YuR4%h!iTq5`%pZrR=<YgC`Al*~#Sj`Cq
z0G1^4`YYYma{y~o_LW+x-4M_Bdw6&_?A*C?>j~|l9GCmfbyEx`N*;OSk#0Z@hWxM&
zM&4Md9=k?b0+t*&iX7-k1ppl+yY#>IwXZb=06Y96<g@V~gJ51%F4q4)_~3)a-se8|
zxz@4r(hm(qGdR}!V;#WefBr&Wdg-P1k~<y}gNr;J?@_F;p2!*@lnY+NH@}>h`0(2=
zc<mS3)pDPO?y8y1Dp6G7(>9%--j>~84%>R#wdc7U{xWWP4tO28zdUrYQYW9LTU_~c
z<@5I9z@$_FC;;YdL%QunTM;#JHhm!6^ZEP3SO4gSP#LR)Jr|xBF1q4eneS_@f2}_p
z{?GC7#dmzoz6odi*S#jtgKOfBsqo$Jd_ovHSP6$_9tk@x7!FT;`xC=8KNk1$`OepG
z54E!fH5aeFd-P{cUcXG+Z~Of1_Sks15gz~Q3r&$QK06*x`JUb3oS!@xZhGIhEgnVx
zz@sDxYbM;@5d>pdAvBK6hMPWdtHBKH?hglk;EXUiI1&0Qec_y!9&9QAZu!@5heyA7
zU+9z7fhjdIGA!XX|LI#S6#z%GihS(2Qs3-w_@!IQfsGz>Y&5>56qg|-2evN<dQJfV
zD-jlP9O3t_cfBjT`qi(t=aWx9xv2m^D7yFFdoBF^?|;8-?uW2M2aM2zL(7WQz<u}K
z7ua~|_kaKQ!+`?_OsFD{ym?UCDX-L#TL#C;4}9^H6A=2j2<wJlMKJIlC4g_fh|g8>
zyw#v+%M%k5764z?%A573b&A%Szo#$#wQ->2``Y-{3#pE13&6(Wl;&*py-MW)1kd!D
z!gL#!FL*cUieU120wbc-bBEbe>)~5}{-4d9PJY3zFm!TFaed*|FWeEn{)abN+@9~-
zX>-yJID29}Jg7f50jvyZXmWaMw))<0-xp3=+_l7nzfY_gpNQ-J^_2*V`{%<0^AFg`
z0So#D&B!9q-DGt_J1g`nPgwvEC?59f^noJ}OoaQdd)UAp^@6=&YR7~foyRs2bGzrl
ziI?sSk9_V(xZ|3;!~KWu55uR{Orha;%`f6nw_$CF^iY(p2!^nHJLmuxEdZGRZ}Bt_
zT0U<c2Uh!?E&KK2y6D80PT|E^TA^!A*TPWVl^p0@4)mk~0Cpod^78)d&;G0l?eBi~
zyTditT+>z)&w0*s0{a4RIsn2Ff+>O}=2*C!Zi)jD%>G~Vn%9J9JmVQn;WeEZB_F>$
z1JB=|k4GPVVtUSnvc!4fyux3}6~Va007?a%D+E~D!A6f<t^`^M|FIZP`$Yk;nLMB_
z-Le24dOdj^6Xy5$w1v`bJ_q1+>5dN$90^Clw4^~(0Hj4OY69JcrFgjSCS4IsJ}oeG
z_v*6y_w|Rfe)WuS>s#)&4DPt`&Tz`!Jz;KoE`0kl%+^N<clgPb@W6FZiK)PF`~ST&
zjC^k;Ebh>^UC-aX4%p}pJ#;ucyzo$1%x#9i<C(8LC7kh#C)wtF(<e-X`l1y5vNpK;
zZyyM^e<)4@obb%iFuQLiJTx~OaX_ywj`=%0-J+py?_xMKAhX~sezCe3YL6KR;d3F(
z+}Q{Z&psSR!cbI1IC1#E=Uum9-K1L!3~4eNPyj^nKTdw+(Us4e%K`dr|6XoxPQ8U4
zo}}Z9JoSt_{F~?Zi~||R=bevH^5M%r^Mb5APF)^H8C!CoH#yL=3IJYq1V#MIFTXrI
z=}Aut-}%mWY$ty@l(DffTdTt?zYF{bsR&I^eBu+s@BGg17!1n<4jecTSOd)(EiQx^
zR{((DFVb><ygPV<0Lp#~UI)&jjo^***nMzPC#-QNPwHW4s1`;?$2L_6-iWenG!9O^
z*lgh+n)&Er731~mAK`p?s3YQdZ%ViI97x}ht<Sy8aWgqEzBn%NRLjqLXx5fx00UL^
z&rj0;{Vh@Yyz{g7hU(M%!}NXiaMyd{lDs`H8w=BWr?fL~oRRK-d|$Zv^>>D_cOmS&
zWHcQ5_la=puip~}4#*PkHhpjElXfJc?~l;ryRzt$*}fg>AXGDhg3!i-_g{55-25^v
z2|TEA!nYU0nQuNhOzxZr^D`PVL<2%YfdXJWh>pxPYV~lW@32`ASdd0Yb7L*#=8;8N
zWk@ZvgbqirZGG{<R7s@*VB1#FaYz_r2lnq`Z0=);PHZ5a@d!(HSpwW?OwuWR8D4Ur
z<Ul(IdR75IF%Sgl5D*Gk*MIQfL0k8aki@JsLJ7h@a5y>)IuUmIzv!ZinzPBo0Z$yT
zzL^^Le)+m|e+Kq=bnpqDx-tcRY=wj0&U5N~a&pR+aBNlnTT#Z9@_^@9vTRkE(|nxw
zMKq>$Qxso@Z5#)D(BuBbVJ<OkHx4``L3BRIx=KdtJ>&FQWWD+9MJ-eFyWjV4sJ*%`
zOy1H`683-pLb#{z-mrMyVi<d8B}}|#R-(9+06&S<Ky*AWRHDE-**6vL3HKEW-ive6
z0-$Tq);^23gmC|xbd2Ivvs#QG<-xZX!k$kKhv}zCaaz|*zkjayd_$}Lw0&xpV+e;E
z<KgZ_Sq)_Iuzq5?r69P!@4=w?$3i-qNVe$>Cm?87hHXk+N!Ibo0mctL)>vtralG=V
zEO*I)&EP;!D*${DJUTjRGsFm{%>KKuj;RnG3j(7H|HOH``@kUdvu6M}*c=c?c)AXq
zXRhTssm-XQ?Sd2DF#DW#*hhml@{e`EDDC)hD7I+Jw85=%{@$#VpTCPM!Ikmr<3OIz
z$7^4-J}&k~>W3Gm!XpchgxLiNsJ+zHNzU&(N!PDQApcG6mv`%8xb>Tw`Tuf@?+;x(
z6&{?IV6Acu{(`=#=SbLppY{;=TlMXyDDYKEcTnH$7soV{r_6?1!vmU*Z{cVP=>%1k
z*C*wFUyMh2F#kW)SN?im7{8z%9-7f&3V4X3fD4Cip`t4p1x?&F8zvi~6$@j!S#2S(
z7*`4!t+)4SuK?0<^-`UPT&y$BUfiv_(v=+89vtxRS2yDfVDjI;?NN%7ijo7p$${k4
z*INbf4g&%Gw%cwCU;XM=!womwU`P5P%yXrt{9Za2>QhAkxY!8rgCG2$Z7BG%m%Yru
z(>3ShLz?5&9XfQ#tR%Kl_&i>DT~uxae=J)3gINSq6y_hze7gAlkfO&%u|<U}!%7Yu
zLmXgM8rR<#2-W&f=#wA%U25%tf+8FbYuEYj=GeI?vG;#Kiy3aja9&n;KiwAwPpXE#
zDJ>tGRLGQ$*Lu8qqTkc=+f+_{kNXb}gt?FCSX2Gs`X8e${^m4XQFPy6<j<l`7SMu!
z3IECq*dLY|@yWvRfb#gm{!o39;766@NC?^zz|w-NPfHYx#X_^#Q2sj>LgVq;yx>0+
zsjG6N7W&3?FSajA-f#S$Xt~h$-}^#k7`heLO9}w72xZ26UA%<u(v=)I#yF54-*jKR
z)r@~u1KT|XC1lBgqs4)qRRH)4|B;V;B>d11{m_Q-kM%_e{@`b`xmvAezHdBoJPN?9
z1;_ONcr5#dHLP_aLYd|3<hn(Lknim`Jw<_VaJiz4=hF2C2l930{a|lUUsBl(2N05R
z12dISnLz=dY3khOcirGQYA}#LFCqVcmTH}JID`kakHPOr^4uFKs(klwsLjh>U-Ibe
zR~upG`{E{igKw^ckzdr==MwPeZ=DN`H%7smR6~y*4gHe?p>f@Gn0r78^*?yFHidoS
zP-t9Vm+(Im!i5spzo9<wy(6Lef+15ZXdgu#^`~&r)Td+p78kVX*uQEG|CFo?B=c9k
zs}=^&s)YGVwGR0|q^$U=;6BqIYR?;yazO?F|GTw8;J_u7Q0tRMK}w6B)0;|mnX9V~
zN(De{gynC^0rj&?taSSg<=eZsh$gXgB?pcT4)mk~z|Ekqz4lrY{`c?SZ$djWqzE>|
z$Cot@r2O7rbbN$ad=F!@z*}#<)xz0N0D;Rb01%$s0w7IuY&3!8OW~XStylQZ3odD{
zUI%GddEd?fgmrk>Ew6yxxpSxOlhBT-^+cQZcVoTv+rnDjl^iHJupSQd`!01eItq1K
zf^tLBuFqhvGzk?ydF=u!Vfl3VFi!{J4(nn5OkAh1Jj{#$NBctKW%V%ocA4LwFAIQa
z5-*0Kv&X`~w1yrk*1+l2P~Sfp7QdsDMBXqL>XmvJd~7w$yno8p^OI%mZDXOfd(>v~
zr>~w0b03uCE;sO23Ga^`3R8a>h4j9Lm~^V}d`i}TAJwu6j1MsJ*R}Y~g)sWZCx*(I
z)iC+uBcei?%T+%x8mecFgoS5Iu7CH#q3>+b{NkCg_!i+3y|cfmyv|hNZeI)||8-Xw
zlu~99tAqZmz!WK8b`W<Hmco!GkE<xG6AZ8^KHzYKaj)X^&8W<c6bOLQl^i%eIWRCV
z7*0I##8nmkcpLw(ia8~4&vBsV6aWY;2rCGtZ+zn$jo}FXoB)78gV2Mp^zg&+Twkw|
z-Me?25bpvHdj+ujD1tuj%rnn4A2WZq0C1t-g(K1)PY&L!b;o(<GaV-UgRk+P0f=T|
z#7i!eHL1d;>|l#qn77m7*!EEPiV}<W0mn0ZEpjEli@36V!>CJ~`<?1_`<9@jtP=;k
zF2{C^h12zSmn^T&IPoM2oDxD&0Q8d6Oncw3P6N0^-(z;ozadUN558Cybth_eeNu%{
zP~TWz*!iwg!{Ps~jrSy})?cS%{E~83erhC)J#SCwn^gZr)7P<l?)qzkq3_<oF!$#%
z#p2B|kNFR`HuZB@{Jz85|7W%u7SE9&d{d0kE<d6FNF@xPzcb9gX(7y9dB`FfzY2kw
zyIs1BKiCs$`^LiJxbiRVN*#Lp`LK-Di<2t%!x{ftY}|hImK2p7*a8kPF2zE!bR`Fl
zR}S=~0)T<i%{Sj1KKHrL*^d4<-E>np_0&^s9X}@m;Lz;(F=jmH6#|6eIQ|bsz(Wr`
zWX}j%J`l42{V>=@NOiZIK;<yUf{*Y|xm^L$ZJ9`e@&qB2Wfa`Q(>!0n7lr=?DQ)IV
z8G~YGPG>bQFo5ikrdv9WCAdZH;8euFqB7Dx(+^v>>56cbVI>Dj4s0z4cAc;*JoB<=
zgsZ;wmtp9%{b6oe3e%`JZ4rV1w~>PAX5gFc3&Z;)p#Q%TJf*-`oR|;8m+lCIvog=u
z+Iv%K$Z~)99L?l^bT~|Y;!v2qg^dBF<Ug?*hM&4C41f1n=vz?v&Fo(I9=kitzDfeW
z($`Mjp=A=aF#Ia*Y|lsreozimmiU972bBKEe5lk$Wl^DJ20wIiSk!TVECZ-&1L1**
zTHqvsT`xFQ{N53!K7A<6-=jQ)VsQU(82R24LhWK%OCkJkH&;||`7jhMH7%>SQ<e>%
z-G*h@ZagjN={XLRW1OC=vXbC!z=57q065RS{q1ktEdo2jKAZTRd+xd6InQ~H3G-K7
zbyZVvMG$@IOJ8a;`!2jA-2TO1{6%1MJKW<Q_qgziSG*!T_OXw(V+9EV)*V8yufaYZ
zHUp%rSXQi7_=jg>V`G7n8M^6|BYrFdT1^oP4)SK-0qDSWgUjpcSo7iO{CrCRwNm-u
zskc#Y?<=M8_|?LDx?|B_FE7@czKEybOr5_M?x%6b)BR@fI_01DgPX}`aGUb9e=t1j
z2fjC4_1AwHMxHntCK_{+VK-9RPfNDR_v+SnzgRQ=nPVsVa71l5Esk{dL;Gu?_ES5x
zOhElT(b}l5Z%BeWiUKD1Gx(iPKc#66vB;-EisIcrw$HHhW~68dOvCKBKq(wfc;V^#
zo>&qI{_+v*Gr-aB8VVy9ov3^vR7z{nV0#Dj;>>?6Vzji-+U3T7XhVb$XFT)$h=Z2?
z+Bo3-g8OU3a{Q$7{(2+Z;YQ->y_!gSx{aaU>!=g9mEt?4E5o-B2U=3s_MvH6O1y)8
z-~k;8B!_VS$Rm%0SHAL<;mRwo3?m~Wb`;=cmtAH;|6?BW7_%05#xtG~p74Yxm{180
z26R9Aqdyvc>$iR@TyxDe;ri>Z4?pn}KM{89&<uc%TXP|b0T~W~itBjkWDvk9yAOPg
z2`l^nzeDD$qoZu0ymrSD3@(%iC;_H*4l_yt8<6?PZSCk+Oi4LVJaBQ(mDanrA9&;K
z#0BmZk*@*3+x%*hIz6jR>+tTcCeIYs+s%6Mq&T<we!aA>H+?td^*m^!IB&b&Uh(~&
zc;Nk_jd1Ti@xAJt59_7h@wo52qYpya%(ubg$jkeHv>!<0*GkX#T=qR7yi%LwU7_>r
zAEjOCSySI@%K#`m<5G6bN8r}Ib>Dd@ohS+BwyeHi3-*a;cYY5`;T2{$<u!4EpXcbg
zEWaeo@B<W$1Y<nUNy0_Nsauc4814Fj?q1}*ih;rf1;)a?^I`H&?+JZpK3e-3D9o5g
zS+`fgc;C`*ufKoL3C;9XSQH*DNB>Gc0F6$Y^O7+Oaof#7Cl|E)<zdj8F9+pG`!(nN
zMwZKYwwCtiY2Ak|r`hi}lGd%lMLnc#pSnux2|8lEP(M)~X??rB6WcgyoxkooW`ABw
z-Q~;ZZO_}7FT3`<N`G@XaP)f8b(YIJT1?DwFM837!YQYm67IkMetU@!_MiRiXNOOH
z>Qff~v5$Q$oPGA$cJGbuw9`%tKlgJ#X9|FmPCChy2!Hlxe-<ve<Pw{K1~;(0WaLK&
z?`aLuG5iw+?(Pc+UtDPKKGpJ&bTq7EN6CXCU}9pzK49JfEuVV%Sm;ghP`@ZW;u3^8
z%LfcA)i*fkyl5k|7r&Ozy>l#`K6IoG8djnsh3B57Fw1q&;G@30O~c>R`Nt>aQ5wJ8
zJs&YFY{-NAJPyL4je5oLoX>wb{KSEiWe$1VE2Sg8(WvWvUP@O!Ep$<zYZ-8QJ6a8W
z@S_vFhf^;&_gTI)K0dz0Y6;qxbB+(++po6={N>uta(MG`yjSqT^UKHQpMhJcUMV|x
zeXx|`fQM_TFUJ8+%1-;m@r<MIfzPzlqOuUiMcQgryVF-SqrHaqNqXw;z<~qdci-`@
z@Twnvb$G%jzAxOZ?d%7%vwoWrfGW<9`_>xf%_YURR$MSFpVsjc=XrQo{uvlt8t(Um
zd%8Rf&+dRv;Rs(T%=1_-ox_07;kpS+VLa_hVV&@=ln(qjrPr4uRCIh|{qOG!;Z6yG
z7sM#uN#3LMJF(jSj`aC&Rm9%;mv^G5Z(+Q_y9HgmbI_9ZVS2UX;ydQwTE+(JdDlBr
z*&eg7FfZEbR#y5Q%AL~Y(9ktCHEEL-d^gg5uc*)PbQ|e=pXmLg)9W-l-R^hF+v)W_
z4L);GF1`;Q-zj}jIC<v3^MrAAiw`*Xic80+loRDF?TfMk2VUBmk28vBqW!|NZt@48
ze<O=<ttAXvDGwLrDQf#gc%hez@=-68o4TP5Zj^(k<l+2=Rvdi>aquqxE_WKkfWzPK
zd|L#k^B>>a8SnQ-mWO;w*Uo{SRRHiZ;=EDD&UeZ>0skmndg-O60NA&0U-;06J``U3
z;ui-5eO@#g8V#A{1D9WZdHDOk|9iuC-F4T63of{z*~tUvov7#Oz9l$Df4c1yz4-8i
z7q>NP^O*Jf)B&9Vom?vHv_@d7%L7`$iKDIX;h;^>mOMP~FP8)ONKYq6I`{y+T#jeC
z^l2P4Ak^jC7#;0ua3Qedad<x9As?(=_@HqQU%mXEF5kI(`jvcm0Y2wx3QykP_m7sB
z34zN$IG%r+E`LwDJ$v?KZ7v_%`5D|tj*PFEm-7gVB8~=KjUx}rPkVre%ateP$8rM|
zcmqE0;&?xCggKwnHsX9WpcQ_=#l^coI{H!u6SQC2$66d^1{WWFXzrE|<js3t<e(3H
zloxvQeC3(+u^%eJ&^Zj8d=I$D-@hTAN1vvEoxk{<9CS@h%?Zzp(E<-?L#wF|$NiJ9
zxFUS`4?Y~O|KtB1p765o5BJSag#LMb_cCF~;Yz>cK%N7%+XXe#oz<am_ou!S9{Ho2
z!pP}kVQwOBkVrevAMZ>5e}eX(==S}gt%IW*NBf5+`t0=m;k~2p=Y1m{xb!N*O<(Bm
zD}5$Q4pW>(Y1R@3KcJ01hq9)0ai4e4pd#3J6nLEXSKg20(`?i;{PPJC==S`a&Q5+e
z`BN4y$^stxSolug#(lRAnxN5n=`^mU?#LfHXuq@pcib~>qVM)`3_jm4!o2(r?>_W&
z`<(_KZEdaJM9&i+T#P%tZNUp@Os^Ea(|uYu@!QFFdt^gs^mhyzanOw8d(L|g-<)3P
zryldXrd{$5fvejx0t;^V!?zQjmu_=7(6b5v?|8fu!G!<93oo<=NQ31gaq!?l<C+hw
zzwm`Ggy%i)dDdu2#~{}`PG|28H{4(ioQB8CMWg2e-t%(UW7S_vS?LJ8gV-#-(7_;#
zc_)t<)LI<0(mq^B0|#NN`4Hvv^^TBmaPu+ZBSq&0y{mC4uGOSVVVA=}9L|02)3T@G
z#I4qO-YL#Jjx-K<-cddjgs=3T0Z&`wL(%PE)$=C}@3rT@Tv_R3s7vTs4$g7AAN!5@
z=HO_#v|g5>q0WO8@Pd<%qQ7I#Bg(;*=HW0-&q}_hb)PcBCqBRo@_c~pd9H-d;~ih8
zXAjT&&`(;w=+9{zlpp7K-Os0o&TeRhZ<N&s`JN`v&pdvA?v#(y<^2GBMA=3g@3wBJ
zZ_@nLzg`{o>x7#Bd*eTZ^MCoWP#=?2H>dBBeUrosCnobzi+2;2OIG;UEv|0i@|mnP
z9e9e;=J6km=OVg_!q!S#5w5l{DqrtTZLkt{)vMw2AN{)!t_tB#{`616m2bSV?Hx+{
z4%%#N|M}L_nNre#qg&_i1@OEF2w!|7am1zZ7TDn@h2`C%Utlxm)qV>)ptoT99L5L!
ztyrm?X<q<+q{GpVvd<LpE8(yNYy6?Ffe(DMQvR$FU0X7*7xyU}bqDWRrpeW<1Bdg$
z@pYTl;YgQH>v$bEu-vE5o<8-{bg})Xv8{X0&;3@+>hIti-yHY|KEGCvDZV$P0|)d^
zO-)OwP`B?k^|Dg=SIU$0`7-nDy!AK_b9}T%+6eL$j(CT4m`;8Q3l82P#{KIpOQ-yf
z=kT6W0MN*3Ap7_4w|b+arlG&?b+5CX{x7=dB5N$CpMJWX48Y*^mRoKyP10}t#&4J~
z#zub#Wt<G~+0TA9eEQR$Hp_qqAAB&}e*5kAaq^C|s8i^+A@_2_Dk}GK<$))&vvD?Z
zBQ&JT<>d;U<zSYJW6;6J-P_V~uxp9)4vbEak3Y&J2J_p+QSMm33>~9eZGC&XmHcjb
zj53aoVmEXE!^MXI0d+NwK~lFgftNZYAL#4Wk;YH4SSgK{w^CUizqhF(e9jMi`Yqm%
zb$=|81JpbisCyr~mVR$|WY~Dv4L#7$Af7U~V*tTL_)7f>>AgL4OKUol^#8MW9sqU~
z)x$sAOEx{5P4A6_Py>V}U4+oYf)tS^2#N*uPg9DB6h*~`qEZC~L=Z#)K|YGoTS6zj
z_hhrX*}nUo-`scJ-o1I{-nYBSZt^C%JNM0;IdkUB%$Yf7$|a5Q((+H_!xPFwoAA?`
z2v$+Lwm=!6KOMZ`Fn*01Ino&uZ@l&fx#^l;$b^&jklc~ICAU=Di{5U(Be+IA$X=)0
zu(j9g35Xmi)q4W+bVmli-M=<5mYyB4cHIszY*@QQ`XiPuS1Z|21bu%JizBQ>+iF_p
zOW@CgbiSzgJ7KxHNY`A~ByTQUD01CfvXe}fyI%W~^e*cyD^{!!?nGL-l20yb_f{Hs
ztlhi7h<_}7m}CZv3}yw<l<P2QlflqWz{5RIeCj!D|4N3BaOMV#MexP?VJi4kais4E
ze^cT1$8`p+etfCk$%_XEuS`L+uvBS@vv!aUE^0h@ahc$^w8`=$-h&CzZ<8Ql+}O0K
z(kbY)i;lLfMA;Zl+Am`cigUVgGZ7vOOU9RAxc|4!uWg((T$%WkhjLi|4%@~u$!kYU
z)8h;PR!QT>k9V&$G8#L=|Hd0{bYbV5bB=uFD_?O|;S*0hQSQ3yE@vd5Azgm?<qn2(
z{;$9Ox_f8RXkP<h^3G(Fhek~U3^qD{V|NI)vp<wKSmrQAME)|c_vzColEM@QcSm6S
z^@a77)%i@z7=;ewA?=e%3ab=ZmzV>l9GO)-F;rV9yk+7+-5Q_UViUgs%j7dGJXkDE
z6azpMy1>t*HS8b_yx&n4!tjw}48HT`&67oo7Ri#uOX3!If0`)o;BC^jTU1o&ZN+P!
zeM(fMg&v+9ZeUB37G*9^clBT_1HPu(+kTs;ve+p+fwBiPhY!8VdP$L<zYp@M9jqc_
z+<?9@W5&psv14R#`C#`OT9Y}$37@IsrAwD6pBKwQRkn~T$;cxg(vl|=G8<cx<zwNR
zO!H}SY5G?Tl-l`KGUvKyz3AcUP0@!DT;UvV@l!eYAA|`TmI|-Mg~b&X4!pqj>Mvva
zPLR^PLRsHXD<7|X!}~G-8>_Gt1s9>i;0Ffh=SQ+IKMZMt_}PgZ3^QE7TY3xQx1FpB
zrUO1v7<bFD12>2Zc)~~n9na~baC?v1Q@(NcJ+j{c`$>6uxw{BiV<O2u;5*aN5B#fw
zrmS={5Af2rn0s)fli!&-a3BLZi#Gbb$&E~D3Y(66I#Twq`S{`B69!`PhWA;Qm;<&L
zgx^_hD{)R<D0!G+%y!MDg71tt+5r8>=2)FoPVg|^GH<6WS=V_S=y3)BYgFULjgv2a
z@r!cz-FFM`^XJcZ*6oi!{@5w|G)8s??7#p1&H%uqjSf*!QQ<xri1N=$8Iw)EC;%*-
zlTQf}#-uzbP`9>l?YwG^j>-5OB_;eZp~DUfo-nIqQS#^rtZlu@q--6@m;4wcF*0S1
z0EszC+o7#cM`8MzwKdus3RM_K|K<sU-|zv;fEL9uScT048AG`<ZIeuVNnclACr>`{
zr2OQXpUBH|UX~+g9jWqgLX0=D39-$KO%bs|nF3+I@qJ;;r`gc}uj2}cA2!*$mMvH1
zXr8uzeQoc2_+13QaSGV9Li16dPlLi23<GhcD2RtNh6_5^c*nN10*KktL5Rk&g`Rr)
z(e*!)#S0h91?OELr=NMc8$-wwzT&7K9KUI2j0-Qn{IcA9^DXkve?BY+>_1cX*mHMR
z2d>Tm_h)VN#=_RFS>}r3kcRj}vIeD-@$1@aukz9=&Q?7J&``^f5O1q-2vpqyB*>mb
zL>Y{$Dm4Vn|9FA?`Su4K=wK<8>wa*p6zbSgU8U!D>l@TSrG2^`(-UFssxXXBWuf~!
zRM3_-*Tg<u5P~e)U~x&YYh%_P6D6aKjJ{xuj2%B#CQY6sW%@Oqb?er-vB%^~s`QC)
zc6JzxFkxk5l)Oz&Gk!3a%fzvo-I>aNCN%WKG_)=1730pfKCiv4+jpY+W87r!hj0Bb
z5nN}7(I?=C8OFjcGGs!B<z>o$COA^1fp7FpbhfBRYE$9e(c{9+oVyv9Y%<2Se+&So
z{M)1ra%nL9-hKDo-Q581zWc6l8Q{{TOI;j|2&Ie%H%iZ0a{m9&Ll1S9OoW*YRCFT$
z;}UG=e-ar$!W7wf#()5C!IPiQ<J~xKlW2nrgR`?>s6!J}orN<j9@-=PV3N@tjspbs
zqiw|(KmSl<Q?0=IVR@&2qr`<Z05CX_CdwcTU(9e2CLacQp0Mp3ILaN?(T4qw<0Z?M
zFOze>c%D4>%CmCE-)@&X_q#(^w9BP1H#}ZH&gAc?qjB|2-(y;B+OXsp6UX@RCWc5I
zYUvX}wb74Z;RkhByJKGuJ@~N9oH<i&xc&w?_q=oClMLh+uDH0wtw4P5dsoWsxBo$I
zzwKx8yWd_dL-b2B`T5@0EZXyfRDOQ(+w$f;sv|8=&?O2B!u0Il4Gnd2!>Y^W`4?W4
zQ%^ZxYE|L?);GWHc6zK?yGHvnbrgjURxd%mBnuD1*>5J;E$)a{sb0Jl#jRVvE+n{T
ztjc67ugR?_@+Blu8H0tDi<x8qZpIH}V$^&Xo7t%sWo!u2NS;yi4dUpjzu_Ck7ZkKG
z<78Kqvpe#i@frm@%ABAxc>_;88aBFJ(wW|y6_%#1Z2#b<e`gH<VQV8jT#qyWAZ(b(
zb6Y>FF`xR>r{Y`OC^Etv7zRL&2K?}cKa@{@`qNJNAE{?5X-ITP9PbD&lz;FYcieHV
z!w^o#v4{LfW4~SE?f6eet%dN<c-YX;s1{;x6_tA7VUXY<AAFl=cQ=+&?^YJ0&DsFv
zh~j{!tuZ0n)<O(D(yvQenJDYlaO4+sv;}zNou3cJCjN~9fR(Q>E>r6?Z6K_n0XS<j
z>1cunlsA*U#$>fXjcRYtep{8IQ{}u%zbt=v`gbz0Y=G_r)=wg})<|^=Ukvcqr|~=(
zW{Qu61D7t$a8XKsI)3B)VaafLklx>5o`&C_)*ohRgXsuQ24`uEHr+v9oGW7{jggBk
z{g!;{#81jWQx27l8!BbY_|XoSGn=>-E0)P+m;FGBi&n|%Rc}i9VD{iMhUoU!mhh{&
z;ObOoMM+a+y0rsI1!uS*FbKzQ;>{1hSX9Dvz#4$%kqAF<ID_F`;R*|LW#q^TIpyRN
z<*-BclG9H=OD{&ePhNQ8VKvrkdk=Z6$HpU*Jto&p_PMNm;}*ZexJ{LMq)h)IhYWYJ
zbmYmrq**^hnhq8mz#~scgPcg0#^OnbY{B1Aobi^$2Ncn;j(Hu1`Hu36dg8G<u>8Rr
z470ec;gh%J4=whPw}tzCe|!}BC_4(;)>z;$dj0ef77P#m_QP+DcNP+vchDE3I4g_4
zE)s=>!3hpNd(795dh!lb$^kE#V`VaD3d5@%4W>sL0H`ESQD~99_ugCHdFLIS47}jZ
z^e<VmM8=F6;{*W>27$EOZoA1Nk36E=HgA@vpME-F9bb6ig>vetr^Z+R>1+rzaQKC~
z2^4(dwpVA$SZ9<EKKXgYfXjoShH&Z<0|1IK4|)6HJA;O(IIMnIO+Z<<$&|GV1QGOG
z8;OFSL4k56D`TQ?Yj;udNrcDJTY2~m91mfBmr0(M-f)_4;pPYPBAhlr-7|q}uLW4D
z_CB~746Lr&$F~2)1R7Y<M0KR0zQY(A!qQ_jP~MD;U#b|5oH)WM|3CQMRdU+7rz*-;
zS>3ow&(C`k|L7$(s&*W|Rdsk)adBfOkCE5by)0)Qf0oR-;awRvdZ_L$TOd2_G)@i3
zC(0!kpQXm+8zoOy{F|Fr$NCMt_VFu`V(X9hfp+R^qC6}tMpF*Hh50kLFn_#-`Qdo?
zhx^}&3YOi{2H;$<g(b=}5Z0>4Pw3-36+`;#(Tl&xMHgKuM||>RdH%VF-0lp<lXQLC
z<OKZ~`AfgEG^96~&U+&HWW`D3W013PB2m0Q%<?qf9~b65RXTqh<?ZgyXfz*sDTBWp
zQOiI*Mlk@`9X(O&9J*}$xA_a>Oi-TN{IMft3c~~A8@#lKF#kde@08O|3$V~gySH(Y
zaSZ2&OGg8+@E&~0(h(lyGw@LyIP9@>h8Nua{DXNJ{MPW{1q(h=X<$6!QefLnVd)9y
zP8jA#;HJ!B9XM=PZj`<e7Jo80t6TFKKp;B`?S9;}Q`#o;rmX8Y2YRdlfTGig=m>mU
zcGj#}?!3R9<MInI1pF?$>>|JZ^{?G=fmN$kxi0`94B1*YRJU<*Jb+F@dITYl<w4`6
z;q6Ec-Y`kB-4vZ!cI*7+!(Zylgc<`VlPLt%w&>{4V{HRJk%K;r1GE<etCb}YtUnAm
z%4%B`{c*fgcG@!zI)KOL3>kxSn0y#0dg=L3&O-Xztv@X|ZD7G?r;I;O(sA=Da8VuY
z27K^`e&o;BpGPp9IQVLYp>+9@-uh~?dNLe*p~CoSVNrbQ44xRzlBEq>N0y%QhH=nN
z{#Ku51IpyXcRrMJuRKSNJ9m~;wr+5|;LJUS0Ox{L$9#dXpzlF@e{D|TPn!td!YpmF
zbi@a7S(xDn`oxC`OP6ON9N@-T9Pik@l*X!tO;S3bRDSa38|BE6vt;?A6*6LEx$X{|
zFDIRJm|S_~S*rZktMb3eT~<g^=ltbM6qYF7;I@`;G?<?(-&FCb;{5o6aQ@%^cS~bo
z<`eFFr>eB8yE<!bs@6Iv)C+&VCC@##pWg3tuUv4!dGYa@q=_8;CzVVmj=qS@v^hk&
zzHa#-hv@gnbnpB*#6xiBIg^#<cOK?#g9$lCSs3r^;Wzb!OoyKa6NN%>kT$FXHj_Dy
zjV07K^AyTJd!Zfq$0CeP%rR|V*;Vyt;{)X;59Upb!?bDWiJC8SF%~Kq_rj(HF4cGp
zf4C?RT8&QX*v`j?$p?6L7}&y$L!^HwCvy&bV9bFt3|@opOdsVxs)ILW`o#`Uj%=A4
z!vJNc&2lN8wZknT6Ni|gva5MweV2Yg`=jp3lW^<bQE8_{;Gj)rUFUEhv3AorxVH)x
z8W^2{!54?%qmdC#1EcXF6liqBO`A5&J!TEFfd*k`4p<zG7CiQj-_;$*W!6ppAZXyz
z)^PCEcnkj#R0vS&3}HweZVhK`hQY+>NtQ2dgDq7IU{Q?#v{xnv!94tYNS1H9aK={?
zxYmBtr2#(Zpv44vFfP?^(pkRdr-Jv#QQwJZ@x%Dvp^pK<Kk4$v+q)e>vENaA%0rtZ
zpH%G-7~~1?VH|LUh2bpO@PxeK53XjNt~mBCkmJ5OOZ2P4($K^<LzPvr$yLJqO{og{
zeqf7B6y}ffzXKcm9VX1u1bu&6i%S&dk0T!E53_gkJqYiwKg`~hebo)s(tku>`RU^~
z$VH#JSW5fr+3qDG*IfN2y@*XW{Wq?QwQWn}N1A<a<3QUHI@)>2F42}e$y=UY3fSCO
zB}G~p_uY4wOrCPO9DVeW?z6zi;6$<mnT{Mn`A8IRSpi49-83E65J`H<Xhz+z{onH4
zk$iXze;E7Bz@Mm2Yz_cVqwo`0(sDUwnDfryXADV1L$Z3Y_T;~pfiN7tz4IHq$Zhh8
zGB%Jlilcp#k172&PDH`shXoJ)g}IF_%=qJzy;FAhpKLr1@;OS~TAtt_oj)yM@PM$W
za}LAXnLcxcD04#chIeM%NJk5Ohq7|NKv)MnZ4kOh-xbbuFLVd%-~M{CJfQ=lSd_Na
zmexByl?boFWc_d)=+OoM8UPK>1Rug`?b@~O;aj&hfCDpZ*f8D7xs&Sv>({T3Pv#8=
z9hP?!;3lXLCia-%3CG%=55*wBK%L1prjC@Jdf>rPFVrivaKmhrfsJ}6eN@M146Q8~
z9jS02w8_Um@TY<YCjt=RN83&3!s2a@XWJ?$Ml*gG9vbaT9H`?c0|UILohEZkNPvk#
zM-Ug~NLOFfDQzxHKH#HGbJKko2Va1<%f^<jSSsJW^P5syUMw3MHYy%&%g1?t={>;~
zpuK8~Fb~S0J--bO3~gZ!yV9-ywT%2?(&9mgDrW6-^Z?pI4Oa}_rH$bNkpjXu4RJrb
zHxGx=7!NZVV(CcYQUR_ww#<`Qzw=6{EmH&A;#_F1?nY{<mk9@qm;H~OA^&~!HM#1l
zlV#%MfzsN%UioY^`SE4ngB)<}LV2YdkTpstY|Zow-7-yt{->_{azmB?06+jqL_t*f
zor%*SS@G5CP50&UwXe>U$Depc&i~3;DN!NQ8NXA>BY(d|rqkcU_Gi)}XS#B7ow9&E
zAQIj)-eJ&BH;yysqRwzp=O5(5Ju+I|DIIm2iIRq_MLCAXMD5Anj*I}{y3(O+b*55h
z<zmjod^xQ1c;B`HpDtY{d`XmsFbl^|R0rv3>CAX^k0^8iOW#0o4&(grEMA(v5+*IQ
zb!J=f=L!AvZ~8_m$9#r9#4gh)b3Jgf!!-(TQ_-=b$Az1Hc2h1Pz!^wT5dZU^|H!}p
z{cm~l$tT@5{~*bn@!xgVU7aHE%U}M|eHxH6|5K(+ap6OT42dgobS4@wjnpRI{N_Qh
z*b~fSd;HBr$duJ6LZ-8LVS*eXfv{je3M(W@gK$J3v7;cJqdlQW+T_IYPL&QpM7tne
z6hTb7hKBl327pxgZ;x>(x?v|~)R7rqlGPXSVJGs*_z7;>Q>uX{9UXq$;GvvRou?ps
zsYdNRLN-aIH0J1ez}7Ug-KZHQfOl=ZK)1T;Kb>Mb2tCoM@A~OJJ)5X3QWs9EBaM@@
z?gn>N5%n;B3rb>|^rUlYrP4uOx}i}2>WYy5Yt~gihXZ3o2j<%?`iZ^5UWKyfiF-H$
zz~P5a(!6T4?tSMj!Jnw8maoO7f&(U5yhf#rBR-7t(~~MMaQR{Fcd#6(aKzF(5LJ>Y
zH`K^`?=9Ca><pCQBL_GmfOkZNw%Vk>nW&SII>Q^o5$A32w+F2kFKXJnBE6g86LQk2
z|By4j^aYi}`L2J)K%7ULwFLqKlF5i*8rmk~469UO(vY6KkP%%qx%Si8Q{NfCnNz{5
zFnk4`u>kn64%jg8$ZL!?Vd(JZ-Me=mH|B>egFkIgc{iRg7oxtH16o+RGKAs1;RuV<
z;FI~Cg(n&QDB+YJIS`d5=BZ(w;YLQ;E*1+*g##FC_sm;6%TZ=zCi((-&|TxQJwYbc
zccL1YJlx^>cY<uQK>-f*SOWkPdKw(J_n&ggDe~4^Z^es-<(NU3c(!SM_~D1n=Qj^&
zarfMFPdv>v*IXk<9C1Wk$v4HH$pb==hYmyfFdZ$9xQD+`R@>%|P^0|Y!Wqvw_eA|6
zIMO*2!eIv_@`yTlGrC9@<;)l9_&S0K!gOWXk>XK|!?rW{$Rv)3KAXtV4$|=%JgM4=
z<-<hC3`D`a7+8S|<0xMy1^`ox_Wb1TQZO{nJNvI{a5}{~3{9zE;7xu(zHC~(Nk0DX
zJXy1Nog3h}i(vfTV`a#s!Fo0xxynR6H4jkU@>GGZT3aRaUR<DxT&|4UdyMoR)XU*W
z#zSbxMY-4ii{Dr#3*THUn=5Oiu((i$OstRz`;L>MGCl6q7=2RjFFVE!y^d7+P3h-?
z$Btol30p1oY_VStaqpDXALx>_4@wa2pe)>c$G7+o4^iM}412&!L<3>C7y`r78iWo0
zCW$YtrE{oaurAEfnGb;HJmtJl{@?$5RZckZck<Yy=c@r=Pi-$vGW)HiYM@^y2Om69
z`VHvi?F_JTZ;@9VW2_jKm-_C;LEQx~p`WZ>^&edXsFcBj2fN9wzx~i=GL`9!{b3Bp
zMkV=%ku?UtBl;#|{dJUz56DU6ZCHb_;j(<}cOoAHJaA!Y0hTtwgA1E3QQqA#jPm&(
z=2`rX>M}_aHIMEL&m1AD!GxoL$>tTQ%1ZyBJu>$U+a9S`=<7@a05p<6b&sEJ8f3IG
zXX{D>Q!3tN<HYUH>v4Rb0n_m3&!6u;-A4gf$zQi_ox2!=K^v<W6LNneCyhO%88vE@
zQzn7?{`bG{-cLB;1n1Kk=~zr2@R_Xdhz0=o1kc#6!)k~L8tcHsZ%qd+thAGVGK;Cv
zX383V7zgf5gfO^GkcCwOp%JB(w(M`CVd&i6VWRR99>RCh1s!o_2nxpWoB0h&C6@Gb
zlYPULsEtsUUOPicN$nUU!I6mG)G3MeCS;{UN~EDsFQjYHl~hym(kI>$0(5@8DxO2^
zg*a8%^9%E3?wd>HM|=EC1GaSMKKLcs{lw|2e8;wbCSpTuE}5eX4+S}e^721lmAlWl
z-y!?noNr4(`EY4yO=3jRwDcL2%V&S{UwPo0f8T<LT~C}Qr~Kw~(x;+Knj4gkn61)^
z=Mq?Xw@BR<06+CgQfVpk%2Hg+F(Q>Y?z4Ywa9#OEyX1-24X;|BAX@>^9g%Gju{7>P
zh6ejx94CP>rZ7?CG3UV~p2R8Z-2{*R5=-vt0|el3bT~v1Q7@}jdEdI<X-a?nt(WVn
z9RA5of0w)eG)I;#zCsNEx`U(HTUkt4Hbujcf!r8=qY>XDIakL3uZ}ni%Pu~ffEp~a
zHBo=H_*6dqleDSihd({-6B&`p80m-4zK7!g^<c+2!=(rZ#f|DVR|uCvQXVx6i(^~D
zS^K1o+WZ5benT7&j^8{ucoc<CQD9vL+u0xH0YN#Gs))dHxnHIZ-2{CntRugsrquTt
zg~erXnbtY!kkMi1=$4<gP5YhoGvmOPGv>_jY}HgKY6z`suf5jgJ89A+`QU>O+)e%!
z6%|fF3|@{wgE8S}jR(aZBLes^23&dNmF}~G6DLk|u%`Gk3GgfbnKt&V%A`)tj54#c
z0%3!qWQy*#;Ds3hpe5Pl&gz@VgAHn_SOPq_z@4chudtIv@*q#zan=CPp5wGBEaFjk
zNqbCm4*-)qc$~bQa)hJ6rLC*uqNe1q;DDw?hNos#WN2r}^Jyz1^-kLj1KXC$d())O
zHRtJfeRWk@4<<PSK>QPI!31G`D^BqG^gw4)a7vzT)6Of>od!!bsq%lb!=|?p$jAeS
zNZGJnGUvXJr0;}Ya_eXAl=ELWL&ohtS{mzBi4SO?ke$o<dHvs1*DMR3UF?+qp}SYe
ziZ@qDZQf=rjehB(RVU@~73enNt$)7r=m$>uFP}P4s@~fyJD)d6mcO`4Hm|IexBvF8
zl#VQs<9>XkQ~rZxieroMF#bF6;_{LL-Sl7OVp>{Q{ntsdJ8s~(5=fEgXBfCdFsei<
z;ko(Vv4(b-Rm1kS&66&s9HWdE1Z9>^-gP%dTl-?{Q<fB<xF?6D+&L~^U^Fj>!)4{#
z2Q+zBl~|n1n{A|uT&)9bba)Nw-1BylGtay%Cg1dHDGi%d`F~%}>+deZMp6cCzlBtW
zzQ@a^Kh?Rq)BHGa(w-Kt><Xdb8kbWCxb|_%>t5r3C=W8ZBl4B>QC6SH6L~|rtm_;O
zbYx6UMuE)*lf?(asaNPoHs1)scbDIkld+L;3!k>>&4*C%Ju2JeMEl>t@a|Hk?oLNk
zWfnenq+KCvqSO_z%yYVnLq5B)Cn&(X3xV4)9X)Q8LU<vF=gpfZx7~J|j2}N<KKke*
zDK9UVrAwE#t1240C+u_zq3KKrS_l33<BuIYlW_}s_0?D1t^!lcXq-Ic8Ksl8BV;@J
zVLKwQ$g>*&zFFtp+WcWB06P;BIqKWminW16a27@xIx<lNPt-{tdD70ZZc7dn78YrL
z3-=iv+8vV{YlnVp>9%>224jOw?ozD^kq_<NWJCLW66f!Sv3Kwwb24$PPUCcwp=SWl
zv;UOAv>$XJAj}8WTriAPR|g1yCSnEGVB&EafRW*~f4*sGWY>!(%R!g#>(0qfJZX&l
z?Zkh%xTk*kjGVZ~ELAk2$%k5h<Q3-0`nelr&b{x;iuYE@y!#eQZb`1JUGA+CSG8^u
z{W`lV7b%Snhgj3+>M?<aO^x#SO;1a{ZXsCn-a0w?spDnbp`&HP!b-XCq`ynA{1SQb
z=GSEE853maZWYp0uRDKytJU!W=!+k}y_*j+bbp4f`FjR{9OX0|*U`j}qD$W48;bUZ
zb+z)w>#JqyvMQA;xiWD=f7xyKay{;#=ciRMcW}z*#=0gw{<cOw{D_NfTcx6+RQB9s
zuv82yi!1Od3bju1q`I<BX3t(L^X6}K=_>{+?4A`eNYk|F&JF5q^@<ujGPgk{P3jlN
zK|wJLEM8D4ixyYO&eH};|3M{ESJNnOYTgxtOJv-*zViAjtK|(f=Ipvlx!$WYSl?G`
zT&av4S*CXZY><UoPw=rIzfs<J^+W01r%3OP;4@(Lvh(zT`n%8>I4r;AOR8k<yh<4}
zx{r(++b3Qg;yp(LZm=I)`1FgcOy7bnJuU#*+}VyfL89>@RX&XGT|rB#JTr}BuFI-0
zzQ3%DJv>gv;%z6+D^vF<4E&Bl53n7PQ>LFVFA1A(cba#GrMY|5?)F7Rk23%m``>%-
zJ@-oEVP$&Fnl*Cu)mO_QhaBS0tTR!+>86|F=loF+P*`dBTnKpDX{YI=<UP6Uvdf&H
z<eWQh&YU?8j@5q#2>(NTwy}CVV6_!v0DQ$5z(50UZBXrMK7pS+c@im8rt|{`O<`O|
z2lq_U8=Yb3+mT?fh%>N-8Pup_;CTE-80ww&k*X~cXP@H3=ulhhttckrHT6ZC4-VLb
zrOL<fK@&7)Z1ImZWi72+q4qB1V>%b!(H(O0bL6837RajC*QoN>Dico}Bg1u7pVj&N
z;yhXU+zOfdw}nnA9DVq3S^2@Lcm_M2H9=&6=C9vmA8|~DOgejveDueK^6`C(WW_Zr
zWx&L~s(kBYB(@8HZTl$HD;BJf7p{CYj;EzomCpVi<$TJp+8F>eU7$3MXL`ZgnkDOG
z)w63|`klW%Q3f9}KsGg1O7YkNnR)r{^4JN_xVVLHFP7fBl{#ZW5LZ0&6fYQApck4v
z$0uS@7{X7mQlL*7<!&xlMg85`>tyF$AKC)$tTV>RPjA{!`u4{-CbDYzX1V0Dm*tK-
z=WhY~%8SR!UNbB7D1`1XQsc|pZ>*Jb&i#+P_BzIl_U_HskC)x{7^HzY^3>BG$f;j^
zL0)+7C^Z0#P@|9<KAirQCwJZbntcDtIr9EHpH>6FU|GC)jqG>8-{i+P?51h+<hvKY
z?hrry?;~Z&(q@f&Q0}~aUpe^TkurT(@2JP<Q3djgU%lg=yYARuzu2=`F8a=!O5gFa
z%kG0!S<$np+BO^OTI8D-Jt+_Tb-B!W>v)I1mE9o}+&MY|grz>-m5EID@OyvT^7DtL
ze$UGE)clDWOC7|kJ!;}4@YE4<C2akg+)je7+XOS-u|pFdnrZ(Y|E%A18&bDhLZbHn
zj@A$9sb}UtVI6HFO8XCsHxsz9eJ~T;*)*v+(BljM)>u&Zah%=dVz`@czFE#c|9mI-
zuzd2M#GAt)fTBt#;ik%g0|(0V>C<KBop+X_jylSv1NNPF-f`d7<U8<m5GMLe*zvnl
zr?GNvOP{(x`Q}0B!D9v<lp)@2kcCEIt?oLDX6l3OnTZSlR##E->L`7glo2|!Zc7fp
zOX}6`oY)egeF&e1;anSi6`qow-?YPI^$MKVzY82PlyU}A+HI;dv~mB%V!($Te94o1
zlHqS(s<vN7S5>vQD&3$r(r=UvsshDU$7n{(@e(zsKsYqy=jztxKAYvuAA5$>>gFmb
z-M2vam_SZbj=c5PcVyl#y&Y8*pBW&Vb^Ert+Old{t6Q#{RmsmU&6CneZE|+iidB+3
zQR^bUU0zAj^9k%CXc^HYJO6Nk6!gw_7xgWCV3}-s*~43<tL$th$FSj)c3(MA$n~lq
zS+QuPk>C{kjkz1tVA13*C(Iq&mSEYtD`Z%sDzvbsEjXSwDW8B)UU~WHC53L~pFmcw
z>-CB400@KA&vV{!iP8~Ho*IWyW^+}O0O>#$zkKP;CkT}n|9gN;)|L3Wx<<L@-bJcl
zf1pRy%H+KBCrQ<Ydil~B&&w14-YB>HdS^NElS6ekRFS;;+B*5<r(Tr3_kC2>tv*Hu
z=w~9|owHGP+w&=h^Ur_UU5(@wIyUCXv(K&4OZxOPhgUx<_y6T!-Cd9?@4n~pc*1yy
z*3W<CV93$k7q!j0+P_+N7xdLn>Y{Y7mqm+KIGn%x{l_wQZjC(j*F9x$MUm{jTai5T
zjMsLiO)Zuo74^D1;1lwf`<BR$Z(1OaJiM14*DH}JTDJc@<4syCH?b2$+n*W$lo9gc
ziz}V-f9r2|Q)7sRH?D2_(xmaz80V-+{3mKZ3t}+^Dj1&XH~p)#U02}jY#O@?pI3+R
zO7E0x;3rR%_7MfPQ;3X+gdLG~j}5eTcX}fhug8E#>8rqIB4dKgh+5Z~wEtk9o%P#m
ztDS`{izf;PdYl2k3dbbe@AlbeAE$V75g-bvZGSQtCg`NWXTr`q$|L9f&p!KX`Qsn|
z=yndQUcK7I5l_cV^h6yvjE3#mhfih<pq%g+<;(vV?~Q*^g;tP%qz8W@M;=jKN9l>0
zUlu+!2WU_9<1miu=Bo<D#oXBLIr^}*H4F3m#E}PW7l$zb<s7+?%+W@Icxi*Q?J(^J
z7{6gMSw6vVTh$>ST%-Qm(24=TH!)7u<OAXS%xzIR_RN=FQ*;;4COwn?o8>b0|AtAg
z5yeuotWFl)i*lDEL%%psa;LSnGXN}`zd|ZTtAVta?y%U{B=a6yEYe%S)i$wy(|RdZ
zRlbSUay!cpi7KvhCgsTZ%ZKX^bxH(B0?Yuw`G38d$TI*~IuFv-p_*W2eP!GCs2lp%
ztNCNSG^>KjIq{mZwsumvu2MF%s6rXrfe=H}<^}lC7NKt%X9j>u-IL(C4eIHtI|hJc
zX@lYZ-~RU)#&({@(|&VwslBqYR$hNYmHX2N$;_E*n98MGIdbM1gH&PfqsH!y`g@)H
z<FTbq`G4raDXPR*Xc)$c&2q$%WpeMICdnzMeIyGOEL8(Qf4SnyS2RxK-;Yn1!;c)O
zZ{FB>{HOcK*De?$zxvHe-G;wP`u8i4+i#yQM;}$D?^^a2HO@eo_Kywg>*Q|_t&;D4
zdx-QdV;4cSd_31P7WC`aC`%U3lo6xt%PiGehGk@_NAosIVM&hcu~)v_@>`FehaFlX
zrM)=<Q=>-~yuP+z!74fMAl-LS&?>dndcV(g-fn^ujxSZXwXRO$EggRHxVG>0U4A8U
zVftjEbR7xHWbElke%pK6uBgLI>d3~4?#OQz!7!G0XBxXB-#VKn+EpfPtF!6oN%*|}
z9hdGsiS!;%YmYSm80T$pKyk-0L1qHaW0PeI_fOPKVMS;zS+c~X<=wt}Z(DkSLox6_
zSt0A#mGY1A7X`~4^<f49_{&2Wb!hcyuwi}DV{8c4NhbKRf;%kNw+@^s=hSby`Xrte
zf9lX+>+8d8|M%Lbr6bQ&H%^0_Hb>jFw#~bxPsJHv%*c=mE*OU_V}i%A8!H<t<tWX$
zD9b2AQN~Y_=*9NAgL0(*DZOOr6|BCBtk7-#gGcm})$i+NeCs?zL$8AiWOMIo-5sEO
z`hx;Z7J2=m_hstOMoYm!U6udqI;ncDRtl!)N#mSmscNcHstS}ktuu$U?T^|7G+(VB
z)!Ddjpsu;?xJ8v(51au&Bb3GM9K}P)-`wikg;3~S8c06ypuSKGL{+M8tEOG0p>m7-
z+aXQy1D#h-`$|<TzgD*sKv$vlUx2g}SfWL_GAn<|%Uf01?<cq4u~y&TkTXsnqDJaM
z88|pk9{$@nZ9h3uqpRgN|8k+8rO(kF0$OiNSL%4@?M^7sdlmYtLXNAh-Xsg=)~n)P
zBmei^0dn{eI@~wukq<z%AlOHKaP=U$^x^?Bcu1WrUbs<KtZb2s4lb3#QmqfIE6?R>
zxVQ6U*Io3&se&rqqTj4X=sbhWuYWmOm4B7zb*ps;PLB4UR(bCEHM(0MUj`1qfYBhU
zmetE2Zd)T?J-@FSz$*2Ki0<mpT?pmno&jLxO5J7Aq6P%r2J+l<8|2A<*UG~Wj+Szz
ztEHhv<$E&Dd;K>?=oTJ*ZfiU1qgy-Q?K!_JPm|YfweAY*i1KfJ#C&oxelxG~hbN~Z
z8)JMk-eoxwjssbKh2v9KK=n8S0K$j{V`ui6tmCe~{(2WSbm&m03^LL7D}}7OaeFrk
zC~>&;>(|Spk3K3-KKY~!A3j``En6mI#*A_Cz~O*pg3oUh5%M=096<I@Xb!+j9$NuL
zkwUp)bu)~T7tDxuVD*tGPNO3^aBXdu6@JM%PXA4}B5$eTBRAX9rZ@&*hNfivrK%0T
z;lMYegFh_zPCH>2fZqU+ET3RnJ7y3JPxhOBf%0$ot&Or)zEX6%y=v2Jv5)Lr`E^bE
zAWvB&{Zid_-FSGNta^!6X3y2{Q!C3gr{-gtBzLCjXfLt*pjqBNWWIq&ZmIHK6++ww
zRlW6=1Zm0f6w)}5y|7?Qztm@QPTQ*e8eQeBQo}(@qOvF~I~_LU*qMA?18-cf`vp`v
zbV|9N8Ao2nHid0g0|30q*lB*M=1NVD$D17CxLKZtq~J4U3PvXi3lbHBK~|xd=NIP6
zwb$@fid_9<UZs1!bb67TdrlwOZ$BNb)c~-3d854i3bf_O)af4tF~)z_H>}soa>+pC
z=uc7MtMpTR7@@o{?q=veKn(_L3eccMi#!9%&O4)&uhQaZ8V8yq^A~ul_v6O{vr2a=
zG|8`Tsnp#9xw6|X>=vjNy{Azx3(V2o1WkIEK)rnLG97cvygM7#to15qk3G1PK#dR$
zFe^t51TD^x@zTrd)hLvwM<80|taDb$L7&KxPkvJAXkDoWqX1)}DHfFDww~zkB+mLv
zlIXO-nWVSAnihE$V4HCulRC<zEp&AO8HZ|WqObf@79Pexo0pkSn1#cqjT_Y<tnxJz
zo^^Hk4S#p0&1g*KTU{iJ@2c>g%(JfI$&QA%#~A>uf+kFu;9luGD3t&E-~Z$jpZJ8F
zamE?$%K!*4KJjPn{rBIOr=Nb>DVzwi<;$1L9e3Q}e)sL$H@?+)+O%nI7XV5>9mEs~
zd|PcM&#db>2N-a;!-4bEe72FnEUHjSCOkbn-b9!8Fm)CNCRM4;Koq46QD9T$y}icK
zw^Oai`^!!J(N8e|(3YqV<UnG_S^Ppb`61rwfwVl<{}ZJJ7W_E!AkT2lJ8}>X)`MbY
z2f1VPnc~x|E9DDX*NW4#P1p9Cdt5m}c|)IeJL(Zx7H<S7**UtRFH`k-Pfxl(S1*-w
zRdIga1IRf^WZ7ulny)t2+;V*$(fbkZ))o3&G~HZ9ruU}i+@L(zq?5_-dTCbcZh<wr
zJzVc=Lu-#AQaA;7Qq$;An*CyQNy`S0R?0#;;9LUr2`h>{>fu(cua?!VD4yPLcT7L_
zT36B}^IO-rT?TO+vA8XGVDwmC@Jw-%o!&#|TuY1cMB`D=y$kUSnfe;;lIkDIX!v<$
zmxGltn9hZhPyt!o2G;vbVyg@tkt;X<G)K<+a<2UIUm}-YUN3jvwMK6Hy~vs8h^+B+
zYTb_CDhD1wTjUZbFE3~)E7Ls-x=VkzT`J|7XB~BVKLE!V^wFQ>rMkafwx>bxn!3{W
z4?j|0-I!5q@vn5{bqntr|JrLVO3(j$tNyEE_LWZ^scpJ+g<dx3<qtah7|$-#Re{f2
z?h?+M@1>tO0V7Ve$4j+g=%yAq>r9c~{hs4uEA&nPk>x8y9=I<@O3GI1P5~v6vU$n9
zzm!26b)FWYg-a_^xQ@zn((}aoUy8geDhjNnN#}R89O>}yXz|oh)OteJcQ<Ee{-e-E
zTfz{{ybB{X^RQIBNEH_)->!!3E_6nr1K5uCZPG_=n^9=&>UzuK-*y~e3ecmRHQY&)
zCOO5QPXHpwP~w@mqtyGISv4Pj{Bhw4x{8VlS*5d?F=NKK9RYjnv4`6!fI@1Wlg?$z
zKksxn9-}3Qv#0;2jP><(Ixy%LzkOTyyP{n15hacKV@F0iWv2rff|L58EMe*i81n9j
zBd;iqJd-P^Q7~=4uu)dbX-lSzv$G^sy#t%9Z4;i#7zJLxK`?Ba&CShAnrEUKgvMYw
zRPuPBdWJv0UcZ#kqB{U+cB=SAb}aPj+5M(dbjALA+E3;wnmZNWT-Md~{Ybq4wLpgm
zH2}1(_wp?`S;J4%-!=NXm%dl1QQ$I+Azpm`P`ya8PL(pZ91IeD^iyxnAYe4&E6t6n
zHClP{8#P_M<_%4n+$qeu8txIIVY*`6JcN%QqOB^(0^J=_r=N|}t?xPdef#EBdb}tW
zmori0^dE+cO!$HUK);A5jSXC8s9W0`^wPq5RkT%M)v9mj_zjE52Rl%UiV(uI>QsKl
zlx%%()N*+o@{;RN<rG^)hTicf`3k#kU8{WXVXJ;NPh`Zf9GNy%SNL}lnWd}j-?_M1
z&iZnz%sM(>iu9a3*Cp;XBUg?+LBEutTkcVk_3Mbzq8B)R@L`L7I#2XMzFeuULZ-E-
zfm<V+a@AK@rLVX+M;0w;)l2_cWYWYO88aqVm3(;Hsypd)*V|@2R-rsEE7Pw<eAFt}
z-O!|~{c2n&Rl=KfN5Fg<U9*0kP?0sN!3|!kV{^erA9;C>9HAHIHt44cwS2SR_HYj_
z*W0SKo*T8vG%9S7?%<y=!HawKl|1>sOIqZtGeq{-El=vzzJsEls1D(8fik;M>m`}n
z7BU@Lx<aNS3$m{BI6&J-H9iD$>WsD&#M#l`7^zbksuSU-9hH@pxjAm4_+VJJ-32+4
z{x>=Yd<)yYfMpIrx=bADqt;V8qfaJuWYhFK4ls4;QI1Z9qQ&>$@4x?kIsW+L^_#_$
z^xMTBy2)~RdAYN0(jmAIkcm8<i}SOjv5rC*TWeANhYT4a3l}bQd^q5M0~`#4xOFV@
z<FT~n_bA3iAQt6j<Hkxik>S_`14dUl>Jxs#ZwxuyWE)m+LKCow;K9eaQR<C%>N}kS
z23iu~OP7}TFnI*=WGeK7c(&Ky81*m$q*BPO?9`hn=AI!SxpF|80B<6P0U%u)pj|Qf
zqP>J^Gr)j1N_|^dpoRRLGd)0+u%fzB$!(4q0AdB9#0C-zO6&osT_Q&>Xv>{ZuR4B>
zOV|2C&1bNeq-biX<kxuGZQWmLr19Hm=c=?l-b;!PDR$`_UaXhapL^lCC+qQ^fhsH3
z=n;wk)u~}ZDN!Y|U@yHEutFzA=y^Eu)@+(p&Ty9jF2Al=@@rArwf||gw5->QT3=DE
zk~xv4D>}GD@|7-?OuB5W@z=CS-lq#Cf07;>Sf_PyKdaWBD;QrQh4uOw*Ug$g>3s}I
z#GhaoyCygSP*AT&ztjLwSDUYo-h>}80BE&nyKI%!t1%FZ3>uW{6lUI;%T?)i_H{}d
z&8$L|@jR7Bkb(lfbWMwH-EGm`X1WExf3B1$JKuk=Sq?h9UVd<8o_yz9MWP>CaCVf*
z6Ge94wN}r?E55b)(yuS&Y?cTA)++nW%$EV0UQfR`Bf>xb)gYfexmnIXH&1sF=-mMW
zFwV5d3onRFpQ;yLlE40e=1VWDmp|X%A}>ByB;^D1RH<)Lg<b(#wI0;4l&^5hmbS?C
zH+c2C+b(Jl$}7}62t?j}*9)sCFOb^JdAdtSt5xAq_TPHTt5Yr&tW#r9Wo4^8|3Z@t
z)?Fk6`f0gT^RL%>rg^~Y(IYia<@3*e-r@`(ciyITr^f;KA}6%Mv!K)Nq<C^2{$QN{
zcSmKqCrA7kQ@_(!qxA9A*xF*_{l6_J`_=&tApfJfj<%(!`K5zr{IU5>I#}X?<&G=n
zbYWe(aWE{Nu7G1qHP@Z!jN1PxM<#PeD?9bd6P5?$mr47#{IdS`!+{=W0D$$@(2qU#
zSh@DvYvuCGFL#2CbNncfDE188G<55XC=gr}NW<qru|OF5mH)>cdrT*46|!N2Zb$V`
zx?}b27dYEb6G&VVcmxmNC%nT5kZi>?F^2G=R-aLYk_ob4I>N!p4h9BE+5mnk2RuTU
zhqe*bktcarS<<Bk9=fc3ri0&+<7s!nmGETzXl~|npS39mM0k(#pRArO4jGcFKB38T
zsF0~0c}DF&Cc_fapn6??ZHeUSs;;L=rOrQLEb}KdB;<`y{!Xuz*7vpFOi_jF18tk1
z)-9rgRGC+0FQ-Tq*U5U$o=@Rb=t}r;wUT$2YPGuZ-tc`r$KOxOzp+(HPU<U#xh2xP
zMn4Do1wNhUP0)(|*+&Wn=xV*LK06H*V)V66Z>>j>#TC@60iaHmc~+=Z`EFdMt6N_L
zhv!OO(j8vo3Z(Js25Gob)AiBI=Dw{r%%4;uO|$j5#~(cdNsg|HmrUp_Ih&L(&6-L2
zs<ABEd=ziCn6r~XZzibMofc*QKzXNB)Mv5sW$wpKvfshV19dO_r<bnS=gVd-LodA-
z;qQ;s$ydKoFNYkID|g*irftq6rb#c?`}TLM<&no)<QF#;%4w$*$tEr8&>{J%fY-|v
zS2rtcgY3JH?uyVP&pzKMH~geUKL43q>D{YP3JP=NYv(u0uWo7974!x<>2rm8Gk=b}
zqAU2{xkTlhl6~$uC9=6DPd~M%28IERZU;egQ-d6^e}SxB+bXx;RWA=e(jwPhT_6+2
z6>IrKh7YTge?Q$SfB0jQ9C}EBtX$P1U%sGD)_ZqE%GlBRiOrTm{ThQB4PNw?{Ck%b
zNlmrZmzIeO0IPLp$Uh%%m4gn{E&Rp$8BdL?u4<8&UTu{sZA%Y4*en%;b7bZ|e0@WW
zx5_uqpwTFQeW+EgxU4|NkI^GxTtnfp3)aS8;XT31erYaH!$YkHl%u!^^E;F2^rK|P
zK0kb-_b4)*^ftFhge%i9%0U^juJbrRJu&vClkt|L)j>zvlHuwsKWdwxyex!uCx;x3
z>M}_aHII(KGp|TEW+y=kY@=?8%Cv5fQBe#*<d>;DOj3kwa1Z4`bWNul6qE*x5WxTL
zcfTv6M~{}%PCHFkT)dl#jYKBgSUXM7bDkDu)*Q<1nl)==#*7(q)m2x?^y$-`!V7LX
zlsWRThcMoE6vse`fWat&fa1)4GQ}xVo>*N*9ni>+x=mIe2svm6CXA!bQR*@&AMGma
zWWs16pP=!=;<A1l2k6IP_(VHs)@9Spn`@J{39!=MXdB7e4dK>ylEFZa$&%zZl(&@u
z_^1W|+N1Ri!^Cgr^f-6kW>pYNv~4>@*QrGsWwHr4f0+IDl6!wOOm+I4Ql;&fUQ$0t
zZ+`#4iz)g<nf8NXRmgQ^K}BZqltO8`rdjH~&*%E|vw&Y{yC{$pr8f?cl4*UM!GNvi
zo|^38%5Bn*_^~3-P4z?}KlQbBZJUhEt@B`V*wU{{$$9Y`=sg^HdPE>^bD@;Y8YCN^
zTP`h6>!qyEsIljn_A<ZE6%|rYRIEo7$SWByz-j#O`-DTA8bGKoRa|kksz}$DVMJui
zaX~shfIdg&&G!t8oW&nFP*=xmbhn1uG#H9L_`ox69CnD7Eti#Yj6gYRh;Eig9`|sM
zA6Fy|^`6n7tXGa21bWL4udk6yzX#qnqvcs&%9jhzFLS(6Jzl<|mjdSGRLd`a(<pb{
z;~5~J><gdEQ{zCH3>loSN2*$-Z=Za5;7@(ziXT+V#h16odHprT^4Swh^;iJA2Xf?u
zV|&RRcUQ^xuWob?_%8pyLMhY>5w5(ZK}HPMHqe+SYxILV7%$E~LyxrR`3D_V9Y5gR
zs+CRho*I%a`Ht3?mbtoG%dCp}H!djDay2-E$kBSVWbZvo^;3~r3u=HW9|%)128kRy
ztC#X4Pj_3i@!CZM{?H9tTNHnlcR68iHBi%Eg8h~Lf=th3!W&hln_NjJtDuo5-j@Sq
z3;qO_v4!%b!%bT7S|0X0h;v8(4S#H27?v0CmHTLDOUC1{X}bb0QF~985A<#?^9{;^
zGe23Gw^g|DISPGzu_$c+4wftI9Z8mswx7uy*V1SG?S}(B(f|PaX~ZS~KmYm9%Rc+;
zquU%`kk?;--91b7CL%uXXOncRvH=4I2oEd&JMX-+?6uckvdb>JxZ?qw`v)g!SP5pZ
zwSkm(`)#;(6dxYoFrXl8*s6~)Ad^W|BA$Vt2@VsrFcTcZfq=Cy3RsxmCyoarKo|!d
zln*0^l{rj0V8VW{-ta+tRE5ye?r1)Pl}*;d)JwX77aZw$PrFH1r|I&sdIFBV5_Qn^
z<BylyoBK%X)2du9Q=FqzvDR(qalPL%4eOIsm9SoW50ut3RmSQ0?^acOOQ-giylOSP
zm?Ex<d*5R#q^N%{+5F@NX<n&XsIF+|k1CeZPxY6gJ@k9++zX&^IZZ86{EY!lkwy_O
z$S;+=8r=clr&B?T_vtT9qZE&>w&&*oqXrFy$<g}_*iT+`uHG`JXVtlkKfhIXJ8aS&
zGpdXZ{J~h+ynm(C|4-$0rCyMzN_D|>J=Z#`pA@J<-Kty8Gv)_;)8wL;%k`eSS-A3U
z!6H@e`{nDFbhb_cpiW^p$3As(FZu7&dOSf_zjHLrX70EnTJ`(WzR*v;@Yz<CC!ED+
zyz<hZ5dZI~K@LaXzPawgKIXIyYK)mYu~dHhi(>sEjeb(G+EZu;4a}8cL)k6FYC6Oz
zTXgrqg<t6}pFXx(SM(XHxKTe>hAJFJhRO}fN2L{<<HqDG&LUZ|RB=+bx;tTTd7gWk
z)p!KWNcib`<l}{>i!^Wj;)CMjy#Dav`KrXX$YBSy=uv|_H3aLIGL-%oo*t+x{JFZ7
zUlm!;mf`r(OUwGgQv+R@Yt<NH#~4mMsh=ErP_vF9tx~Q>CD>8Xs1^X=7cKG(B|p8s
zmkb(E<c<u)`Rq!&<sW#-xrw=R7t7EwhwJ#=*BSqUkn|gq=~2cO@X-J1gYmu>L>~AJ
zY&yAONx*6I7Yj?}GarGTFx$6{UdGfY^ry;ydyGRSM^T<=KhyzpA7ptH-dde>CLhVa
zr@Kt}LSMjTl6GtGi@6Hz13e-PjlduaOiqPqS5&<wb9sc#hq8k^lex&&;9EA2t<QmO
zZvaRo<mfoWqu{Z1|CnQr5zg>)nH;yHauk3#I+t}yIwl=}-wdWq^oi%b0K>;`@FMX2
z>G%zdJzKxJwr!3!fx-~LK*(grf0Jyc)S>uOSMVL)hIP<G{UvkMHOhR@2$T$-ylF4A
zoiO(v&_+lDFA(0wpJe#`;U4X&zhUi%-`ejTY2&H-Y$oM^7Bl4V-Vq0F^l4;3Dn~qZ
z6tztz!bzT~+G(ORge5F%Y|f{9l%#1+lay5S)m3^`g5#^*$*`pe*WKL3y1HBZRd=}D
z(*{|dZNIqg!prt6mR`FLkQV)pJ6dC|DuM2ZfUfkKW5dmWFOIaI-VO!b{vC9Ej~+rH
zy<m1RSbnOs7WUQi>*v~8RfT~blxy{LVOjc}P%15lSLnS0o}!!6OSN5i&{5?dY7`Ck
z2Q)qBY4fkV+#owmC{+cQ{_c@$e~Xls5*0yO#i|TzsQS(+T$$QLfJX^7C7U=D^S*ld
zBCc7D8?5M?!J<|d!t<4ZqesPds3^V`-H|{zd5{*z7Ye}5O8>AS`U0E+a2X%4+H~Wz
z7|wBHxZA=DNAc&_0r?VygY^D=^Q2sraNb)Krbg?8{xU#qF-=M<8|c72pl`m?#qJ1F
zs*B-uaSBVBRgAj)pqr|JR@yXq^W}m9HJYr_%NxIc^(Gmly8!mvr?(n7xUZ#+CJ*_R
zf1QkJDU*LcC35x`57n`}Oby6ePPoYrMHrdRk-u~fyre;%XC~8=k4Kg__<5o@WD#Yc
zE*NuDIm*kJ#N+ss3U~*OL&is~2l&ZC5%)=j9q*anFt3Q3SGuZ+iqGb?VbWPY!0+ld
z6oww-1+cb2M_)+hjQ(WtT^&vzrQXArO+P!U{hN6L<w`}r#o<?1+n^b)M5JNf9-gjn
zc(YJFlLOt}0FbVsT4%v3h=4=s>(i%?8zi||o-mvVKeLL{5fCH@W&}A8VL0;SH@F!j
zc))9L_&c(*^20w{wKqQD!#CqqB0f<UJn)`LmMQ4z>e`QsNpXp;0FhTJ7X>GHpc_Gq
zkMSUt12^U8=!x+p6}-h!c2*I%qoBJw$`+M(R+e;W>1RAqc-EPN7Hu?L-ozIcvO=WV
zXa^nq2)i=q&ngj(Y`@3ll;uj*y(^{nu7e~`HBeU9HJi+xq6Kq16zzU^s9RAkwaevl
zo}C102x!$U<Ux^$D2*qNzXZrrWi_5>A{Zjg`Qx=p!0)<`(V+$imuCk>GZz<ftfKav
zO|tgUYAGC=D>weEMh-rpj|{EIcQ@m=GqxxlMrM%zx?w<_)(c)B(i>~EkGVMhv^h3i
zxIPjK($Ofc__slMZ*_X#Ks^5xaNxv1V2)!J0g_x4m-BgG^nXto_GqO(mD*T65a$1F
zcp-*d5|xWPAi&M>iUo_XdWbyzY?aK>FA?1F+j1$^iRor`J)|&ZftMkjV+jiviTv?y
zy?fz>PiSb{u|V+p9sLNSHGaAkbowge5eDff@(-ELq@Q_0ItSiFeLGz`;!!>sb4*bH
z7j;4Y%x!E=!*BA4Qid@3Z%;5buY+%4`2-yBEEus!Kt1^R9K=Jrqt0A^(X^fE$SW*f
zU~Lykx_J#Wdhku!52{>wgXQY1a)38VUjUxA&GB7)bAI~l9p3On!Eg9F>eDWe1@PSH
zNrh93<;t^h<3{}oOTU!!TEj=XYHSSOcF7-Jq%$C<qB9$}eQ_ZDXtj;YYukO2kwFJX
z5YQ=522J@S96^neNxTUQ6AIuX4G&?~Q7t{4mr1)Rw*2PV7Q!T1*|&AL@eex87+_)W
ziN}5eV|7Jc*t<U-n6Qp5s%2%iLKrqxI5=oRspn#r($Ze8-U;(N+6#j_PcY68m*^eZ
z!wkZS(r(Q#`U3qYs<VkGgP`Z=qh5b(&^^g0)!=3oC9I?Gk;eLI*mQ~Dium?e2v?|D
zMy*~&9<_e`sA=aWJN)5c-mU*6gdMI1%eVA?izoGSoktDQRb-tA02pYe3DYJFjH_+F
z*d$?mn#~;7xO+KUND@C0Tt~t*8&=%SC8Q%P{umN%qpfOCC|aqj*T46^ci&gbwnn4x
zdoV}NIi00`#uFVkd@JlmLZ|w$*vQ9E=6qEVw*(}EB|Hqg!KBJJRUVd4qV$SeyM!85
z*2!ycc^BJVcf}x?IIhfX{m0mm)Wy=~<me|Ko67a80dL5KU;mCwnKIdpKdHuM`Y=iZ
z@(d#YeKOduku9v6Bh%@(!T6+fX#}uQWIFSTXe)$X?&O2f96EV78ll%{CM*>%Qk7#z
zii1xmLyYyt$1vpwmN^Ux7-JH3Nf^HEIyF4h33XxfPYdr1pS+_uXr!#rLR(GLMxfXF
zf$boP!kZ}c7%X&H+qJM%KJ-8v{n_up!NXkC=A%*P8Gd{nd8bS)@<eG{l#96&JD8DC
zw9Q~0S@~F`LY76T8|vL;Uq{N8O}qVYpj#RMOc-#E|H2C|bQZB>0@OM^J}`739^MgT
z_&f$jhv6M(orm8D?-eUn$Y($MS$C9xj)ww6C&b4XfG`Pm$nB>obgU%s()bA`c+Zo}
z0h=i=sZVx!bma;<^r5KonDPm|v=z!_Z7gaTpdBGhd+Y9wa#LP^y@sI~-f(H88Q(~6
z{gCvA)BG?v;WK?O6N8H%KX?iX!WjUlqp0=k&x?1;2;EV6NLtGu-fiLZynSAIzAV1!
zeHm7^tMuKwLTYqnFc(l1IOTcPh2TI;Np0mIyPj?DS6?WzZ+SxGH9cl9qMxi;x=}w<
z*GKNWcexDclPAX=y|ecHO)3Lo@@^Zmnd}qk*_1q0TnNrMkj}v2&&%Ocf-gLGnD*sn
z9ozGTPYK%H27cJ!JG(RT@))Zt<o>_DCQm*m@{3!~)~1eJPQTJdA4KWqNhi~z^jG>P
z3Kji4tm}yUhqfSniNeCtvLnMWzcYhR6h0Wgse9TJavr4<#WX0diR%iN$+!aDD9+GH
z8)QyP7&P)QW;1^C&e%s>S3Br{o+vIz7j=N*OuvSHb5^z>yv28=k4(T=2R&i)2afiG
zAqgd)@>o3(4lbKlhs8-5sZZ)UijlG_d6UK6Jvh*<4FGiNhaY};t8(h7qmFW&gwBQH
zA5{JckJ9nBD)HSYv##P1LJ%RgH3XTJ0inx-5XD&=h^ictp2056{Q}*gDxuYQ5QQG&
zj~Rgy;eZ$Rgux9CGe|^9=f_Ptn=}O{X?{3+r+yhUnb`48`b=CD#lY}GpOu+O1dcGH
zd$S(w9^G%0eEoZ0mv4UKo3i{Iy+H1;Pf4RHNUa>ehE^ljuf^HB`IaHRg_$2V%nxt)
z{9*PU^t%eb(GUhdFuEhBM2$kFy6FG<nUBdAKX;l;y<wVMdhw+)Y}hbav}C#b>Q}#z
zuU+zcS-RwH`Qj=2=tX$!5YpWM@YwhauB;2ifx!cdB}eZ;q^VYIQU)@vCQGRioC+w&
zFH}XLkNp1j7v=s(Mc#P*H5oj(!YN>3WwFVk&XnoMrKmC;nLs*Zq|ubD_}TET;Q;a+
z`OZo$N^#gW<fq2!4xjWq7UqZRig#1sqqZSvWE`<^#ZMcw+v5-K%J)p?8Gf25Pg7H~
zt52&(>UV3^g`XCCCvWZ@VKF3%GyX$Aa}S$$SXs=Ef)gCjLVM4;EC-AO-O>PH#92ok
zKYqLuR%ZFKc=N4;;PW61>>U_?Je|jW6KB5%4jd@+=g)VFB?AI5ru_S@aD->l0m&=t
zI>rI&mAYZ|KNCmY`RhI`4y$kT!>04YS-XMuj^Od*?CN(WsSM6hx0)GUl#_?DGw^_m
zKFx1?H`p*fMjzS$PgDmTq+<{?xe^8k#}wGcXLN^2V=zXm87{)qJ88(vXtewZM;@_a
zg&Q$qxV-)LZ28QIC(3~b94MDvaIw6-_#-Jlc%0;v>-Nqf742wEJwiFvPqpa^e1opy
z;&jbJN^_O|fUI_raVv%Qt0RB;j9;sMv7l*lz07&{U6Efe)C=X#lB=$}T3&wXWrw=F
zyj+$qUoLy^JyYI!=@6N9!a4H5sV~bl7x$6zV<+lu{M1$ER)CaS-aAsbh-r1yjF<v&
zRdzB+MUpyOq-#~fD&L}Xm@s<jnd%%?(qj$R^;`XlLS3`Wo&Szpabv9<aL_FMa=@=;
z)Tq(!GrnQ^6?yudr7_<h7v-Jw+%;tVHB4F?3+T%zo*ktjOrBYoEjeI(XGb23O&EnN
zY)k0WA=IfoK}c{C*VzudjEPb2tAGyDW?I(HE(ddgsPl{<KPd}GD{;him$EU3V$MMw
zMUfH4<Iboj<_>nG!0=}MEC=8~w>AJIsv;Az<|l%&P7@RoiC`_vIwy*XP1r5WVDP((
zVDZz`RqvEF3J<%A4y$WcS)#7A_-R6cqJC{f*B{rF@6Zn~x!i?;t|vJr7+g$~NxL^?
z7QVC1lFxE3S-iw4RPca-F|N-g(<GQT5f}4O#+xEud_!J1ouaw+Q>d%Gu3aa~(*t&8
zZqR!m_||xo@^gvVpn-#A#K;jcapHuy)!q2vhzb0$IFmWcmoHN#XR-2Zsk?BBHp|@w
z|M<saE+xu8?hk*sO~#KOCzJP`CQtnQDOvgCd>1bJsmB!yoj>pN@OS24x<ucdWNN8?
zicnwQuiYrJ<{fWzva|N7>M9dj$cSC1FX^LSD42EN(Q?*<H_3kc?dRGh?G<P8kKfa#
zO_OJz`ingI<kRxC%YG#dYhRZc<3uJ+RZ_JK+Qq}USX%~|Q&OBh2x`(?X#iNea9=u$
za(aa?UtV200Aem>m;ysL7du9!zgd-dBPmRtabTqjnsi<&#U&!WdXLt3J^`zDZft&E
zF9KA0wB9M3HhY=#tjGtt31-CjnR5UA-;v{voh3!8JX1Fq?%DbqbrsZjlc{g*A`_Wz
zvIN;`TgELcQ+k5wps%xW2J_fne#0jW^R%O`aL9Jra_IgQfe02vXhR(_UZl!yYqcX3
zR94EPv{~zeMt|_Pg>P%$7A`W~WzrG)X?wI0H`nS2qHNmjk^|k^06^o#&6_u`%bCxu
zt~e&zI3^TK#t}%thxjOh3izJntZX)^vftaH47351b_AHMenzE(dIS%OC@ZQA^sH)|
zvK19y6nLXQlZj%Ke7Xu2p4%iN3cn~fX*X4Ek|&;cLT<d`$1-QZY&rbM!)2r@#^7o~
zgNVDJn!;~fd({Ht9A|#p!h`8ZlPJs!_l|P-HLmvf+ofgFrgV~LTYky#Yo2bFhwSh!
zi2B?8e*;)<{q3!C;^$7(@3gCe3yeB{pMqELgSh9Pe_np_lV8ZAk3J|f_S{vbPMfNH
zEb-zMZr5F=%3gcz7Q>Sx>(;JNBf&gfh3qGnfA10v*RrvY&S&+km}F_}By*31EyMgU
z2A3`@h}+WP`_m?ZQxM8tySY~W`}j-p+QJt|C5P{GkQ{OBb-Fd&yR?n|-$t|p>F^)g
zP~U!irTp{dGH$|n89#BnGY-}1rH_eZ1NFlyVM$4;eE##Fl_QQgR6hE6u6~Dpfy`g9
zNOy_wJv?J<D)Jalym-pqt5>O$Z`Ll_GtKZMVxHyYXR^Wj{nT)zChwZq#drRc>E26A
z`I3qE$tsU-e_lqj`G(E=O`e4X`Lby7Qn~H6+ci?Z9Vjd1nBz{8Y13nu`e_~Y?$cXN
z_|jOJJZXaLw9^z_@$@c!wLU{X8ZcmhGg59X!!8$^=H+So(Ut#9j`tWRXj3SjQ57Fc
zpUj6h(1lXP%41vGN|quUj$xkq#Mn)}be4nnD1gWm+NWRccSauIgKpXo_1;<dt<5m+
z;-~=hcNXqM<z{XMpD?s`CjS%VwJpL}xT0JvVBorvmsUR713b-i$E@MW`r9uDx}^cY
zItPl!*=L{a1~QaU8Z^GWBcupR=YX@va0k;cky*QTtqdA8$W8Pt5Ac(gboO`?(jbQI
z=Qo2PlPV^>wl&VrgRU;A)fEDhNeoX%1_kips8i~YvLT4=;+bS^q9f(BGN1%Ah;FSm
zV{J6CB9U2%Yyg2@Vd?=To4)(e#~;aOW_(r_%Obh=ANR<fGxn5n?Oz3XwhO|kA2Fi*
zii}@ruy?<oSvlHLS-z?AY=e&a2BmsXL4NkTo8<iuK9HM#`g1w=E9c5H&paasAAGPw
zXZ;EJ0#8@3UZoeFep^>K?~y<M`M2`hTdtOhiVFSI9bZxaBMy3l@{X`X;lTG4*W&u)
zf&~lZ;lDp7S6*?WTyV)Z<<lpeuvH4cWlKDpYrHRdBx~b@BSYv1Wo5l(pS|~Xk7rb}
zI@*$C*UI>#AnZahd4yrf`x1tO*fQZ(4B5acdQ0p)dh()p6e+os0Xdq>)`1SV*|TTM
zU+%qK_S<)&{O`qA<y+tQvK)HoVTutVw&V-_1sUhBBi`X7D{QuNqo>Gp6d&YkXD9~N
zt{5*FbNJ1Zj2CTVg>qVX+SP7r<k68bFjk{XV>H2KLa(K<E$t{^D1R6h!Z^|!jxg}R
zAV*kWAP?&wVbdmp0|)feF7XrH6_6-hRJwyW$dC4le2vP7j^-VtCDCs$kIefCZGpO?
zeKBVEWmuy8G7Y2tm~YaSnTK`6CF5(d@Q&n_O}q6u(5(#sT)=eet+&RNeyorvqzELe
zsXR=`Y~X`^Hs~2E{c+Z4gJJx(ID9*=Lnp$LZbFp~+f|*`=<O~(f}e-Ugz?(=ZTx^%
z<6B4Rwt52}d}lC5cy*@YY_#Gt*pLSkf68TTz+f^hkJq;N^qa>!^5_g_{7HukIO@lv
zBOP?OczD8KLVJK;W=J8m@ymR|I5+*$%P-0C#~m+M-28nx^Sm!fpQ1jZ_Y2Er{g8aC
z(x)i_jXBdeg)=t1002M$Nkl<Z5`_U`;X$Rq(gk5+Xq`t|gEKrt7%sn0xWSumVfeUY
zxV%`SRaqv5{R(8p%su7y`)`x~JoStma>ya_r$7BkPCfNh$2aN;d9rZf0vS7YoP75?
zXX>i=`%>0hZ%0#Jx$oR5zjg%IyLZ0qvda{GCd#a%4wM;t9V<Wj(e-lar5C&6)1Lip
ztTT9GeZ=Gp6HmsMRQ(4Us5ANilQ@2-ql<hjFK<lo?sA|%S$pY>@??qw+M2XH{(hYf
z7irk(lBof}+CDx`zhdbetLr#$!z(}UjQ0*8@P|0tC59oOvt>GT*m&4kGTn-RVnA7$
zcTfjW=NQn2W3Ga->9wo2xsacSmM3BG-s&L{jKL=Jqox5qQx_#|RJ!~$nJmB{W2@fj
z`Zwtf27Z#i)uH)>8L$2M1>X%0KZ>KyG04$|kYUhcG=;%Kemu}i8)Du^dJ7LjPZZc>
zG%?Sh9W&2JCSQ}4D_Caef#<25(VPm#;;e4%cP2h%<Jc1AW4tk$o2*P>^RRMIf7G4H
zl(6ZO!6hoQ<%REe!QcM4RPTl_6-+j+YdFv?4FLY4(x7P|)(~ytWlAYRf(HkzJ^l{G
zJLyS-Go_L+!%I590|sjy@ucV79_aDo_ov(5-YF-m6g)V14IddCd8a-Sb>QUuVW4T_
z5^(Sy-ZF@B&Y91&B~Ra$wj*!Qj4<Y*JZ4m~@_^fDFyHbct>0ODpd5TVzNDns;SHwq
zr-}Lwe{kt>GH82>Wz;;<!852Z`Gr@uGsOB2KCVyizB1>-IZpZi%|pM`OVehlD%&V)
z8dvLfdYhC46>(Bp7`!#*+ro&)S)BjfALbADzgvCz@g_<~8q3qt_`?imqA-6teb+X^
zZhWsU^5heTA0SV>_fI);>e0^lbnLOmx^};2%^Iit|K``<lk+b)LlLWD)wD|M*^VEP
zmpVT=UPxwtjRpSH!7zVO3@!*mxP_T-uzo)oE?|6RqD#Rm+V`F_rpt=uFUZhg2Pm(4
z%U8d8fgfY1y<1<xr(N?P3%q{pebUWf=;PMbt^fPuTyX+&fp{L|THC|tWZRE5omQX@
zAVR(vy<yOp%nJh>2F9965H<=;q=nDy258i~J8Jbf2lbgqrUMIZzq5KJ%*tnNfwsXI
z7);|&-;sB4qZqJ*0mZ=DTC)6%R-=#O7)3>%vDs*c9-FfS#}DQ=@Cx1-kI6Gxeu>Hk
zEI6XLDEJL8X^eggOXX93_>!q(PJl9Pbz$u%8SPdV@U*zt`(!lZqu&|7li@H};;9GV
zqdL;i_8Fg{ojIDnEd=oy-Q?-f?#VzuuPrVW9>Z(2cZB!g!U#iuNHotN-tvJ@=Ae(?
z76y#X?|4t<D0i5$ksi3tkloOOk%jpbW#nNl?Wf)74blz`=IkAQQ)lqZ3|I!!5ud#2
z-&UVS3wiNCuZ5A1!9~r}==bAFha(DXI$S$)e783M(8zhLbK@hB=`gk<fCfZIX5hpE
z$_fDIyczsSi$8eqV3|C5vcpqZS?R)U#el|SR#O@S_)O@7*YY-6@OM;aouBesy}&E)
z!TQ~1R0;CQIxYOQI)lIVY)zgTE#zqf1@&z0%5U5t-0w)sV`VU&_=Tk(zN7Et#TLKr
z;3zW#7f)NgH#;6e-{4W@^6|SL%lB`+Ob$BXKv~zk#<i2&n9@VfaTlEFnC!pktX)`a
zyvC!eIp6&uF@gHv{O|nK-*Nm7pe@Xc(BBHs8cXLq{Syx}lmYw>uZ9_Z!-a2QRu;qQ
zV8EyIQ2N29M*W`rP9x>67jKv2_B~D(ELb38#*C3~e(MtX#@CNk<^MAZty?(Vr;JDx
zD}ed2pB?rR;R}WZf0Jpdutaf2Xrj0TVek!Jkxz5uCK)ocugv@SVLh9Fg6y-;-ZEpx
z3@3+ae_iS5!}K>MXgFjOj)@g*9$7%VU$*g^2ggm+d3pJ9nYJxtn<FH`A87ZEB1A~k
z#h}K|OtZm=%tJjfPvB|RJ4e`AVB>iZH*L$4>E48zU0huy(}Q{Qo4idifL=3RK(D{O
zc{F+p6pUSrKYnMt1CDydxADVZ$;a{{J`)Enj22z(wpKp=a==4dNu?gB51SMC;rw-h
zj9?CG{P)AL<8W&^GiF*Ff^L7Chdv&YO|)^7dx>bYwv#BXtHR)`%`>3gc;BMOl$aCn
z+uAZTK!4kOp8lKX+I>3uwnf>DCVv?zPg@&9PNDa-@Asr54RvSjj&j2Xo<!}=^2)?F
zg97~kXJa8Uh4xInKu1R%`S4`j*5^R`kz?!UA38@9TGq(%859w^tfIa2(o637*T4Ri
z5a$_ZoFP-EPIXGlZ+`O|dF-*r<j5nB)GepG=%reF$rzoCo1paPW%(sUx`PM88yiHn
z2UZ}=%ot$hp^f<`Ulwj{#D4FHzQ69_8*c8qb7lYIX38O_9V8n>&lT&Z-Evj4W6*Br
z{J-@b^(hV$i*sSIM5bW-714N@A@<`;6lU>${E5PXX#+4W+85@jem))9;sCUF9VcrV
zt7WH|ljL((o*?($ey?71cZA$~&uy|{{XZ0NlPdqQizzLQ%P8|duI<K>Lt`egtTS*}
z39KI_r6X2ubnfQHD!rVqLeGa^DyM(x5}7mmag{ast}iA{Zy9yKheq%RX=M_`B!zbF
zk0-0Hq^AQ#$tI1}O?a73U3Ppz+fl|d4h1L0)*itfrM*Rg?I_*bV|w`KuM2-YB&rMI
zgD~5QFQ(XA{zg|%YZEpvvvS~57QfO+AIG3&N~#~WC%l^yZ?t-KMO*UbMcNGGj{4gg
zb(k)Xbn$V5voGD213kh3U=1Fh4vt{MT1JO|>#eus<daX1GZ<lkg$jYdI}^8$KKjUo
z(aBh~G{M2`<UF{`FTY%lKmK@^hR$dCSjXfy__B>Y&gu@oz~}DHPiuP}F6?%UfO_->
zEU%EqU3iS-l(b4!gMRzAv$i|CfiR{aG8!^6s&nnfH#m9}B>wA?#L{WPHXO0<2PaO|
zKGc=dWv%JW0^tVa_Hc=QDVN-Fh~v&UR<7OcYPtLe_sZROeM|cF*R8m^L%^H7#LAcm
zLCCOp5ta8kRfwh1T~zwbdy35y#&I4yHy<1*MI_SIQ{ACp-&+oY!-Me@>KxY=6ql~z
zDDzV$S5d33L1xXGAzwJ<I(hr;IkLwdySsL_Eo6qZZ~UxGNLh8=G?Mn_HT<4ff7_zX
zchid8rer0n2a^jBmkef`65fsJiozG;b8uG-;e;`U8cY<t-3``jLn!*)jj}d+wg*19
zm1f6$>-Gi!Isy;MH_Ete2V(2aoH=vi%KylbBi${ioPFW~7t*k;pRNBmew*U&O|(UZ
z4jt-*1qOv{uf5jgamp#DI3oct<Y%h~yc1^h?3m4^b4v{`v##fJz~3h-23E-6T?Xl9
z_6^dU!$;0LSUykhboU3atq*i4(x|1pH|y3p&e}U2HCbLU94NDSIpFaA>4sl-TYqz-
z(ix^HD*n6zH3Y`ekp$&f4<)GruSBH7LA+j9QaYkoCY`yHeDL!pWdHrn)xb)XD~%4D
z{z>d8TM)lLEcV{2N_&o$6NXe(*6494{eZf<K7C5`d+Vi6`Nlwys_VIUFsRIH(DRAw
z*Vm}rZPkk)V>r}^>RgZ>FSPBi<^x%z&C^f5ZCqca^wi7nVf|cvy2v1oSUI4trKwfQ
z`V`4kR~#Tu|L4EX0MLd!`<CTE6b=L%T9mX|*enOK9Ow=l@Xr}hK+XBXEiCJ2IgsT*
zY7TUJ0|4Zkf`I~#vd(YLTHSKXEv|IKhY#0pVK0$Uqei*2ZYx%-aNGHbG-V$jWgekn
zf`c<dix)3;mvD?3Ge)kt<{CNhzyoE<lqoK~ZJ{C^@8G}?k#$)PWI52D1FBa$x7(>Z
zi}Y`i%BBt8S^F3m)9<$7+6zn<=HgY?%qz^5riNx&^vYsc_Q48itZ$U!vSJy&(=Zve
z>u_OZxkb<R1{LHuevQgk#l3n%jm&##p{!fF&cXK?*jvW#HAc$E43wsHMgS!q92=Hz
zlzFc#l#MG@Y1f?t{fG3Gar=yweieNj4iwj5Ib$qv9twJq%9DY+50RNtpl98YCmU3z
zDUt4S0zY)%JrQCHBVVWd>s=@{^>Y6MugS$1-z%$DV^|Q`YsL_{^pfLsm(y-;1>cnX
zKn|Wx4&$_J&;7rT<ffngOCEXjJqI>@=K=DwpPnv<9Whl}mEUZDNaidG9<g<Q?dlCO
zbLLetxT2Rl`~R-cPeI1E^BbTak%hSlUa{=E?-aS^*4YZtvCF;uS!Ca{9LRDY%YiHh
zvK+{AATthRjV_t-tvjXa5e5JlMq@((M|tOxleu%}%0mx5BxA>pbr))}?H^^{9IN|W
z2*{2BoHbT_(&IQ9fa9_ejuhZte)(mYHf@^A$5#DK@h7c44mkTK%YiHhJPx4wsw*C>
zxA*4j=WTSWxb~JUlyVO^++X^7UO}#G-cT$5xatXc<`*w)k?@$SkCY?6bFdT?7dWL<
zJ7_x?l;Zrtd|CX_YWdaizn3*1tZNs~kFWjf%d+#Q)aa*104FC<Kz(Qo$NMiXlpFW^
z1xdDWm%jEb8NKI7HB{)Q;ZhtaVDCW-A4Du`mC^eS)m=&YWs(-YP7=s8kOQmexJ29U
zi9=V0R}Hm|a@l2%$j^WAU-|s!rpu|P>>(>xRmpi@`MaF>+26^1e?Cn<|AiUcqJ&Tk
z<f1<vqI`vWO}F0v$;IDu_ZL(?w#XT0-7klK^5^pQ8{d{)b{{1zDl-$&<4OV#^nb0c
z_|JJ~rCk2KM`YfDYWdpN4wV8eb8A!L%d*-N1g1v4XslQse&{u4^erhVb+XyjQ+wd-
zuPg_$9LRDY%YiHhvK+{AAj^Re9Ow}S0Kd|WGR}hm0B7g?H*DA-H{N)o9B{w^?wjSD
z_2)O=-Ns=EK*=ZkYhU}CoPPT0^6|$X%TIs$Q<*n!Ui_Ba*|TT6PpEKQ00qSI_D?wd
z?+$tPPnH8aI0sN{agDhRdYxUR+ZOLMKreVp?)bxldZ>%jKN#FpPkrqAr{wuxyd(og
z_m|p5^)l`=BW2!$i=}jIvHau8CnTp|s~q_Cna=3o^0eHv|FZ4BzOq4nch;Rw`7f1T
zQgPrwDJ?INcmFn5N=FvTua5e?Tr}q^GIZw(-CYn<;A8Y51M&;=WaHw>xbm+DgJi-n
zqolc^MHW1{#GUKEZpP2#d&@48KEuj1oFfInLU}}iuR+sSHCIb-?2xUM9;}A@jSf}>
z=PRmQ-F@I322Egn&Wj@~PagZ{Y^VHR{C_j$$}0|)l3u#)U)?7TtdO0i-6AKQ{3ki$
z@L|$_kSfx#I{_Sk{=txtt2>?Ee0`}?{trHAq}+Yyi85kzxyI(ml*zqh=Ki<KqyKnS
z4FJ8hh@NrP(&M{gD9=|etCB0PdRA`z!}}Uq69<_%u|(gi6t2<9)_6q17s|w?d!(<`
zG+XAEFj+P*%YiHhvK+{AV7ul3V`<i9IgsT*<{an|1^|kOqVMnUDEv4s`Kzg^amNA9
zKKtzWcQrX8z}9_pDE@rTg`56a@#hYKop##EeH!ra!w+|>OTc0P;4^`I2bTOWHefvP
z=WRH%ewG7S4z%Y$z0|7#KtE@PvX)o}*3QhG9^M&#K)9UFoHMxPYaA>0x=nof?3MET
zjW0?6$$h1AX{DU`_DNDcWuUBnZ>`+1-viQnWG{L28&Ar}Swm&O_<ruFfa%`!*@D~x
z`S8DUW%++sy0iOZ&KM>~-f*xK^(mC$cT~ue=RfDNe&L>%<nSMULRxd%Xd!|rhTi@m
zum0l=2gje8*X%0$eq)C2IB1pUl(tu{d&|YW{`i|R<E&k!F@<uAp~M*gayCm}E(B0x
zNis*?l%-J(4Ig~KF#%C|)n5wqNQ7f=jK3efzd>bSlkSG<qXqzvmUGUYtjfQBzN&7M
z-er<2Q>K>4_1DdmOD=s$mM&eY27n<d)701zV-|C%+`Jrx$8hRhjQXQ%XR7jFs9`I0
zhef`AMFnh~Ra9I}l!Y57c!ERl;O;>i2@rxi1pf&ZoZ!+8L4!NN-QC?K!J%=t#=UW$
z&RR2X^LAhFty@*6PVN2e9Wgm0UpxO(K3&!znbt_-qoF$`p^X+$gZ{)rRbqop@^G}n
zf?hE85nZ&nu*!?`s}HGQ(pj*>Oi1k?jBJNr6z^4${K&Al?7tcQ8-s8EMmGsb5@+Ef
z5!S@Z_`l^B`hK4q6%Z!D*u;Cs1OqkgWqJ$mQ0`<Tg0KLM6;vNLPTE=()lY60YRq<4
zeoQ3(i#hdWHi4r&o#+sUyLRL|Z<^&R!E;B9A09Jzx^YJRQMDY(v`nWTx6BOAnLSI{
zb_sWeQWuYQ`W|=XLGqbbq^tT2VAFPe;qh7aV}4eF5fSj+WX2Q~pPe5|mJx9M+_d1m
z+cF5^p3GBXUmOQ&yH4tRsfJTu4lg;fP#iepaxd;nebUs+hVv{kmg87|ytZ}sNK97}
zE61kyRH!ev>J4V`sXweh6a>a9V}-yVW4AUdMrKmYa{Xm)Bdh-s^!PRTX8A@!R7NA`
z522iqiG^#|4<d4fnY=XifV;Z`Po5WOY-?E5&(oc=(9oj(?CxX$%vH&tsau3zH&NgH
zhRR%U1KruVP_NT-YJCSdp*a**z&H}K*|B2x<mpv!y4fDd<9UeWyiyYY-OZw)1-IK(
zzUM8I;#``pXD8RZzl}oMM_?f}I9)Y{6lc*9RM4*?;!WToNhsTQj%L=W6JE=}5-%Bs
z*La7ok_KGABWrOLa09#KEhr3WsybW0xXarm^uAl|#S{5&Co!J)0i%qZnn95%2JO`=
z;_ze`Qw#@I<h|S69*otqoIg-|v-wlwsmG)n2M~Qj;I~-(|1Rfhr~t6%=$7S6t@+5e
zhpPkoaB#+&!5A?>_ge6e2r7d1rBaDy8rapfK?DQv{>=B`%E^%g(~nm-0gQ!cfy~ve
z2mH5|EPYhvbgiv%4d4Yp7Yf|C$pOO-MmCu<*A=nzASiQS{;|6Ur@OmECMdvrN`GXh
zfVD&GIK};#_P%x4wz45tZ*J(T`x_HUQ-5fbwMMGWxIS}${)2qDZ>q|rGwYJpSnY9S
zA`VLO8v$IKgoZI2&7paCpPAI{&V(Pp<|v1$U8&2AH2f(4qs*Nc5ZozhC{|_Es7C~>
z?cF2+ZJCsitCkJ+3nyZK*L^=jyAyJo%&!7Rv4D*^${Y;X>HB6vyXif3sU1DI)i)(O
z$N+Oq+JCSB<-vc_HSVs(P><qDG7VJI=|U)k;n=z}o6ch&$jPPEVkyD8`)eD=#WiqA
z$(`La!D`k}t<{Fc*qx~UyQgciRA=QelDPM{GujA|Pb{r3+_{v#yLa;EZ+x;*>X}KD
zkXJUDP3g54V%s#}d#dIO|1gXYJB+xMFa*ph6=5GD(X$$h2!B5#1Nv7lp8}t2AO7Ym
zHS<o-IwYqZWV`H@m>JY=j>^}GHBZ2T*39E;6aVrwJ_P?AA`J~nzQS9zw=&4qx#xZ%
zfAQH&wsS-^yTimaB`BGwbN}l>WO-p$51bT{%n#;M|Gcc!c((R>#=G}&I-a@Gc71xf
zx|*{3V=p~r{mEk2yYLyLfm8NDJxadI1O*up5y9WD+fl~vMd-JmghcipdVOT2_jsPM
z^wP12!WH-El^F*-&}mZ>+=*=RQ>2kp`GS+3-Ie$C{V5t%C(-%8p7UwPt<k0eBGX%o
ziOdsZ-vpFEx&5XpgzQh%)#47}bPEXnn^AtHYgdZiV&*{R*%mUZ=X&uEc<n_yBOJs^
z@j9G(6`B>bTLoG?P7qx}0aul0X;uO$Df)a^jQZk}qALbOYoa1{m`?7qO#w_bl~ASp
z%e|dZmyAGzy-SVoFZJzFoggV`={#F6?sv7UYkIW&1NyF~hDTj27_fVeXJ})}zLINN
zLK$cV7sZc-GaXUFthCY$RhS1wL+d^JC-mt4$4_cfVU|Y(_p2<FM?6oFk>mxUReb7x
zOp)<+?5|`Pne@WsUFt#SK7>#i0hx%C`8-$UQz7F*rErU*qr;E=)snFAOK4*9cj!+{
z<2X*RQ|;-QL#$UuBJdE2PK&u(xzlTtMX%Z_ALBJPcVns`Z6}P1!<|hoAse6?v1&;c
zZ#~1tH`g!>3DFTry}$gWyX|bu=qIX@h^qwa1`3XBh9n*cu=sM8jyh!_h8B_HG`App
z^=HA#73I+5k?Pvd-jm+Pz#K<+8SG7sq`Td%GX4_EMfOXD3qH6K64caqc<AWJ@Uiar
zWHQMNVC#bCOx5T!CUl+mV)h!nY)6TVpB%|ayxw-bX5@Ol-0$shg73p|{>%FTz`Hr|
zljx*22}2%7*)Tw8MDIo-HwW}~WuSCZi~shQ^Q#g)2YFDX-})gk{q~olF2%P+SjgpV
zY{#z<XEx)Zz#l|uO||Ind62;+jOQ++^ilY-R=|oRATS(8K3Ae3RT{+-8_e7gw?Oo!
z6GZ_A-FY=)MyZ44A5!e7UyizYUevK_rexDT4hPQ6%@5Cg`mnEm^6At3<&CR=xU+SI
zRpQ~#?}kC$p0uUZs?7B@KlLvE+A7QxfA<@5wm72`B9Q5GGn_RkEUA|-y&N+B6jOxo
zl_ifeR6-+ulBWbw7z1zHzfDrIT9)wnC{WLly^R9S<oFnp$AZP65~a;sVb~_0{KV=m
zCb&u5^+}J`c^6#jnBJuI#bx)kTqPoD`L$JR{QjyA1|(KW9*PgUCU_ARdva*Wqo>Db
zjM-!NBHr9$8^~>Kl?PoPvDcb_aw2B6aN<k|6AEaICuB?J6`Iu8$a01?wP-)de}O5P
zwVWXz5=H2&yJh}xrxDj?u#)I<%ztwTfyTjeO4SaEf9k_WlPmCT_OqFOQDn#6PyFpV
zlVCx_1k80VZQOWgyHH0CGS-})KzRji0W^HPP&%%C0)Y0=-gpKpujRN)7A#LX+e`xR
z^n3<h=ZGHN`0)$}0XZh04G{rwkPP5h)zMUb1p&LI59#y(V4%WQ?zZHe+$0}8K$I5Y
zPw=()yyH3*x*sr%lmknj_b2H`<Z_WpjZOE8<+@0P)CYgnh0?GF6ycG|aF2JwLhZY7
zJik{bs0-A>!476s$B6jIVLV4@7t?QG_~u+mjQ>@NQ1<%Fm{CTGQz*zgmoF?u?ApfM
z7xH%fFZC!R25qXBA$B!K%~}PP2{Wj39Ohtct8aSlw#LBtyXml8(5XcWk)>R)_^*AT
z?CnIA7Ug&hK*?T7+F8C$-2U%$--Tu*9y0&}HQr{|$vp0n6N{Bg%{TyX7El2>)TL}!
zhcWzQJvW2ATA+|fSRU)}xADq{mg&L@jxo7T<12iSIm`L{A>*Tw0*pxLv0SQUcgaHN
z1c*^Tra{S$^*i@t&(Ej1`5asMeYXJ7l48{y!}a*S1?)!HPQ!ej&uPo21B?aP9Nv4y
z9l7(uty*#&`oyb)B07}rdh2r0Nguqb#)_0)JrClR<x+rboyPbk1AL;AP@?MsCq71m
z&;IT~MwXziL`E<EgzkrlpBmf#PALk-77_6Pk0b#DApA3yPHy;rImv;??U&=N6D~pe
zkZ6es=2uNboU6J;@1)o55Rso^mdNMy2!XF98b!n84(*$bxaXvjR(MP`+;jKmqXR$i
zK28%Bz5Ljwa9;G@0%a?~qbK!ErG!<5uXn<bwQKRRcG_}tdk2IjN%;1AoLS!;rAH(S
zuxm0W7F`aOJX?2kR$d=P2DU%IyyQjaiT;~5YN)MAd}2=8I}m+RJUOqLgeT-)WnPNs
zZQiIiP3H=K6{(ar8k?R)5+IG{b#9DnQdZT!Mpc?<8a{F*|HN`d3NEmV)NVftV4;QO
z5h4q7Qw7No_jqXNw5BaKe%-d7@vwbg3bQ?Oz9jVIRSB}`b$SaPrG8ZIXaCX&VmDR#
z@J*V^yuuJ&ThU}NGV<7N`SZ4R%kC>J>K`!j03c=ZA=~=rz#B%wzb}uah~^!c1leU&
zZfim+ls?5;gn-;Ez>J+D-CA4{Dz?J~{lxdrS~=|uc6(Q&NRc8biXAF{pKn=z@P`x0
zhM?Eh{$zN^?;jLI+1PxP^0U@lK??LJ65DY@Kq{hL!w5XIyoVG;FyxXRc$j~{p!~Ph
z#>jS`9aVIZLr8H_Fww6N5ky`iT6>B8VtjwTLC=@|w?6+3bVWS#UVns!u~x=R_@4gY
zaQHWOe~Q)JqQ9UYPSV!by+<{r>cPr+s|4%+g}(}MN<jO4RMlnl4=|z)-`++>E_gSo
zM1HSGQYWvWNeQLS7jLp3YoGwk<C_%`enP@)#Y_fEgT~p2;a>e^yxipvqfoI=ER@bt
zpp+%F`h6B>IVR68HS2r+-CQk6_goe?210qGjJZ`|t>%(!c*r`om!HurnfB}D?)N)y
zKGBh(S?F0QtM6CL)ivLyC@Q(@F9c0rrj1x8#dG|xu-bnr4ZGJ5&K6Gy_pM$z=Y`|L
zeya7C45Q+VNqe9vi`8W}7*suL+FXQ+152zIOVOrl=naS7wdQtQQ(pJIuax}4f0k;W
zTmi-MhL&8k08)X^qd5W`5J+hjgB=qAWnMI@gqbXbe2Or=ro<i}_;;m#7N<(dJLsX!
zKV$5!4S5ph^)gKB;zKJ-ww8|6&QSa6l~sWJy;tQg3+V}rg;M-;;%Ak>={4^i1)G3I
zyD;W>>!`9_?i^i$BTrOb3%(;sztaB}zHZ>)2RZ~%Cf!w;SHP~}41>GqPzb^2Jj(Fy
zW1!xQh4xi8c#L9&cDmGhF8^=pY(=e?Qn=5PnI}(fvjo}qoc{(87#<?k-v(W-Zm5--
zw=%z}QbQK`H|s&@P<3PA(<H7CB^x^Rkx4Npoh$+FakFE!pMc`DkQE_-z#h5c$AsAY
z*b4ZjE-P_oB>C)|YzjnkoJY7V#q774sqxBv=6eQz1LKFd<HlusX2HC^bpo6Pw@pe#
ziEcT+T7QW(D)as=9u&W<DF5~e8_4sstGPVF$9MlNL*fbUirY$=tTJX<mKl%UJ@K=c
zfaQ(~(#UiW9;@H7h?dTMMd{i#S5gOCxu6^O++q}5X(XOb`&5vB{q}e(L?O;I(3T)?
zYM8?(UgGLQ7uSWc9gk7qQB#SU+GNQ181MajrYU(9;mjB)C~m;{3n+VfPc`SFv%jXU
zq#O_XyzlSvh5)yXNa2Fb5YiQGkK*+yk+AB!j{;^s^f^^7ap{O^()?nG0)XO8EH7``
zlBpj<5UAAYDzEro&f@62b1vhl5Q>DfVJu%60R_Cmkw~MClvpX2XH!S%R->|tEl|LR
z9oMO4uDgD&u`MfXKj8Kx*Wc-u&W!?J!_-&%q7gMNb9v9<nU~ZfMg;eB1zt(r%5?d%
zI$MG>jNi6*wL2k2#<-L1Wx3hZK$^3aE*X$#c;#P@28kp#4gwb%2L~&yAnCwqMqmyS
zM#fTAh0;C-3qhHWE47Mjq~-wP8DUQ5(?08D!cbWiQ)ub0MLT={dOl(iuVip?(9L~>
zv$_3O@vEc>;_n(2viGSvpGZJR|0;6{36tNn8?1pOxF~ts^e0y-p@_KWrZz6{!cGw#
z>kA4XCC860{|ANZj9Trtp?98FQ*y3d2h+k5Anmy-<FnHg`kmhDCNSK2ES#rB^Do(O
z)qUOY29DTI0fIZzDt4+#Z^jlH5w@zs7qw0U-k`e#`>k`k$}W?Gw`$4+eQHSss<@3Y
zjuhfq0m2&*Tt#I7G8MaoLWiT$U!F^*LXs*X6`qMKqeoZu9NZIB`fRQPrNz>u=Q3iK
zInDAI#3j`C`h;s|k$1#~sx0*QtgDB955}|d(-X9&{AXoB>h*1fI~2m<Y^_fQxLCHr
z#<#2UN6Zgqt`4s|WM^2Bw@R}KREEq0DCUq-DW{X<t4sHh+{8CQKrNK5avtU>--~5%
zzVVyMohv2AgH2(beHehynS8<~rhRc(T8A@%(ttil>A_l*Ff3MQnv4J-{DVVD_^~SW
z!E20B%I$-w4SKJTq@e5e0@V6<%a2s(Bk+Uao0c65F|0ByQzM{Ou{^UH!pm`8s!Iwu
z+~7H$;XWJ0o@11J|9a3Ud%u~;?!58h>3lq8Uh6ATmi6hhtxHn*$s=GiC6N*QY7^85
zKCJBMd3&Z%jF@fIdAZ8)Y)iFQ6uRQ_Bk$>WP`d?cBU5W7Su#@`hm6uIl(oj-zOu+N
zZzv`eCDQo$a3-?cwBD*!3x)Fq69vHfE)2yS4FgFoe%R>HBBZ?zQDR=)>Yx2Z>JbyK
zulGuaT$ru<Jwr<VD72Tv?qkxbK@aFR!F9x9y}U9*aExA9xU1+pMG0yo!~k^!6YO&S
z8v-wJOpgWAkRg$^3!GK=RvEO`<yBj8M6oMPbmhK$b(71{T5IKKIh#RGgytT66o6@V
zL)f=lSu-cgZvKyZ0K}9vwf*wiOJ|?=tD~H@uIg~Ve{zo;rX7!Lpx<B1hc7qfnw#y)
z?_QnNtDsbBOmu@s$F0f_b*)_z$yqwj&bgXYRgb5$GhpqaDlrYmPqCVrTt+Zgy|!iJ
z@z%@yA*!6~rq<74t|F56TCGbP?^m;`3NLyaCmt>gu70UAFS{o|XRSD{Ohi)ht@VO&
zds`bxX9v`Ut5j3Fa`zsM3n5jh!4sd#LYh_D3lZ<==?cCje}3byFB@PI(O=bjo}`5$
z9A8;?Cd0(LEagF4GmW;Pqn^sBQB;gqz6?;l`|N+*k*{d^x=M@O^vNiVTj)6fBcr7%
zcBFIqm}A@HCMC#u_kd7cE0(h%^*ZjYXDcnWdRXV{GYb3<``IEcVAX%NQl-f8;6QlO
zHOtiW!rW3XNox2~@lNQb&s@DodC6yZ$(3FCjxp+BTC;h+0xPoAk&Bdq#yGk-1}vV>
zsW$d|s`PKkbOloDH6j@-^w*k~OLW?+A}RAI=iH3}A->%B)J}vc7d{QY3%FveFbkW3
zI_3>R*BLh%tH{ktR^x!(cHc{c2=P|!)1K7VU>mYxd^Z^IcJw9Wmd8LrdLAZLOaK_Y
z(a3(5isVu;wOqvfDH8lsMcOt5VM|5VRs&r^&Ro*d&v8NkfdC<$$|R(z2kGT51(BK(
z=<{=k9l6{`mBC}ZU1W{j9ANg+l6Y8I5X_U#deG$J=M+9}W%iZIA@&LT>nn?vZe%({
z!5h!Ul|3c*=eC}3$3*Q#1-tqU$FrNSP05GDYeO2D!*8I2(}(9f{V(4hsRZROyRN4F
z%CUZ{ekcez^v^mgi);UnkjRB0z2xex#`V3X9e#rQ#cvEldDUFwI-A6>fIsq6*uqGl
zM+R$886DjH2iQ|a!XIy0g~c}h2zz-)Do(4pS%8A9eE4aQie}Sir;^NyYTrPZ!r$U;
zM)}o1jFRU^3u`^n3Ld84CA=4MQAu$~*WV<e<|;9a;dZ<ar$f)xub|N`8|aw>J+y*9
zh{v4K@J)_AgJ_dl<LXpBg^x+W%Hyqb31snMZtnAML3uI+(9;6#{rVZfNa-wltEjP#
z9P<Z!M(9Yyf!DZSXH*5tXF8plf{nj$GP-HVr;*#E>lGv&{seL31Lfy^CLt@Zn1e)<
z9>D<u3KJ!Rip3i+L6RL(0o<6kQMv!E*Qqrq+ly5JXBnbkl>K_f8Igq91#jOZ5dIZ_
z3+4IjW)98_^pe#*51C_qZx;=ZoMz_qTNJ2RnsFGAj}2j!-1UnjBI|+T3tj1ZfTv0D
z<oF^<ARjkJ_0_F;T<COHXt;;3!2=xyh|-P?j!wT?_&8K_67D_1c~E_sY2cmH%w@5C
zs3N`Ct!m%0x9S&}X!FG8yMl|dJ^uzKo$2}N`>P{5C%PiKC=q*|efhTE?!L)Icdf^i
z8tdARPwyq5*N1wocO$G0tUpBgpIPD>3lU0&>>LZ_sn1?q@E;cX7c2&=zzWIS|L_KT
zzk1jvAmEDMW!C|3YNCaNg*~*<O@8!*e6c4i4_SQE^MHr2CRntsA*=hQw`~wxdT%tD
z>LW3&zIWb+-8%E`+A!*c{Yvwcm`3MlhW9X@aSd0~X?ITxVS>$_uCHITZ)2^mfunMB
ztK|Jj2@NOotu*DL6cQ*ONwMb0ChvJqNu~6;w6a`Jm9~PVzs_Y<>8Nzpg5+546eB3&
zx&KOl^Yr((5Tna|`zz}1+7^0sFQdeI`)T)*anDvL1--Ns%1t08meqx3hj*?>gbI@E
zg)IKfX^yShuY?nUFJGG&J@>!+KRNH@^mc#}Im0wkqQy-ya_FR|7E={N3QJ%ngm>%Q
zvhP~aGWm8BOa0Ufjj^Wq3SlW9R0`I2P~1|rwbVZ}HhyVgc`H!TXtIdO(j0AZ?*ohX
zQY#mEVNnsAkaHue`q>c0Z=-QwM^~YPf^2THdqunGDGODevYgArzjp1B8P+WA{4bwF
z*Glcytv${<OQ1p3Vn68(mhrpdx%soqI8W0EUVFuU<v;JguIGBc5<_b88p72wl}cSg
zKZ#`J26$t~7ct7u%}2#Jyh==Xx9?FzEes1b+Aa3xvAPc9gwV4s_q6^H<}vm9j;^5p
z?F8=`{kn@zdToCM-R7DdU(7CJ7Q7|lFQ$tMuBRedBEdQ#_bkG`T^4K{BOpBZ^4_lP
zAimCS|Mgee#~z=n{i)N;E2qV_YB)AaA;m1tpLIF-PImyE!$8|@>q1x9V?Do*D}37g
zD5c&H4WDs^oN_Shj(I)*55s?>oM{418nSE@=M3x*UuRUc!wfnO!fU0lEQ-DJ1H@z8
z)$-8F&rgqi{Rv&C$8&2P0~QM_V=T+?K}O}GaqFGM#KGLI0qzci!(wMhqj|Nz5Q7PA
zg6y$AEv%6ZlRUNj1v0R>zjc5}E*7o$zXcimW%M;9^5jgS+&UclJ;99ul&17g*8$um
zhIc&Q9yJv&98JXelIgMBmh07h%ksT}&(>8P2BlOe*?&*P$b6lz@I)I|>*F$elb$+k
zu3|1eTD~<E(ThOuMPdU-$<kbizn*z8F$G9~ESAQ&6qP9e`yu0&Y&Bc4PqC%iU51n=
zfGWU=3~KADdY<2|=L0fub7*u$zgaO%i;7ep7Z$~I$cPndT2w=uxmkG@fheYvoc;>$
z;UV^PyT5suvvV(wGvBomOElh|<H}6lHU)NOt)|)WEi_-;d$_#0Z^U>n=kl(3vudzc
zSRd?y=}92?W<$?BQWWmYrED%aA7Orpz+74I^ON89SP0lFY$IHu@%Yd3XrF{ShxaHd
z1Y(X60xZKRb%}X_h~W<3hh#B6zVGZxcj<it+wTZZ*h97cUf}zSi|$Jt$+PSm1t!$N
z^$Qz0q>9Qwbws(0dc)SgRBNa6_ZY?qP#pK|S=rbkeMBa~=8dYbccFZNK~p)6teCOj
ze#QqS)L!YxsQ7fJgHZcx!L39umkH5^3y0aNcL_;}!}u!C3agd}bCvW_D~G=mMTY5b
zXD|<`?OcQdfF~WZKvYKxR>0C;-<Hy!Hr^&h>&SW2ZRuwi+K(0Y{ObJIEgnz`7uQRR
z33+Ba8rB)TeKz;4c7@1BcMuG<;IjbM)31=)?WVE~`6Uvng-71ytpY{vOlkv53<}I?
zE%Hosyc>>R<Ypd@4)zJe`|_Lz`>c{kFX+uC=H`(uziGtsagV#PX(ClPE%otou>9IO
zMEZJcAxM-=kH50G4U9>aExxy(7%uV(Sbyj+3Hgsh-wX#B_0r178IduBtNZBjXq_zz
z17#z<x|k0Xot=tZM}1@pu{idPmtA?TZ#eu_|7O;2Z|eTG7mx9tvGVFZ8qRM_9f>Fy
z%6#l)n3&UkYb^IHW86>WfuoG<{1rh$vM^Vz8hjo=^*4yv==a;5tS2br_*r3^eH^@n
z{9HNhdB2mq6Q{rt+jiC|V)pU!x3Ftz`PYWwpt|90R)Ez?-D-^9O3x_;V!~Upoxwr&
z5=jJew1BMDW!|$`e=MYUTU=!Wc>TAfY{}D7lo#1%j*&Jb_C`8gsVOTG*l682Hg?FY
zcxkbpW7oAtP47JxS16`X(4d^0Pt)?pyz{iMyEiSpyROAGF?s4%5O-^~=1W=S*J2N8
zw7hj9p@W*}Qq{KP^bg_Cn=WxyDq&}T9I{fvvNde=Rty=AY3@o^j_*m=M}s3Ndz}nT
zYY)C!3y~|5=O!i-)bS6afKUPIRqFJ1+5}bQoB<22KS8-%8P?y!EZiaY*Zq+b+*8qd
zU(;Nv;L_t%whCxaeH<rhM+z($=)+xanF5=Mce!;Xv5{t@gh@UOp@E=T?%{Uz0vcI%
zrWh~U;ywt|5Q~d=N~{S3teZEM`e>1zf{hmp>jvk0uvPhxf}q+SvEh>%vp*JWtYS*|
zy&S%U1$}EF%uAk8kiIWbR<6kAbCCII5B79Z3E!gEUu3VJyQ9qhv;JVeM(44Sq=ZCd
zf@lm0&Kb?sjF{K3Vq;%fzT-(dIIuB-z74{#i%;ZV@pw%##vhf(w4bzJsvpXjNK|?{
z@qP4U;8>Eh5%dA>SG3=quC_2bK(lW5_p*HSyu+!IQ<#jr5B1YJgPMQE^Ia!G${c>Y
zZN3#mJdguEXM|y0=%KVe!A5q<jGs%{bgR4hU#vDs+V%Pr@)Y(I<b2@C$HP=F=V<@r
zSwSjD;+LbmwU^@}j3SZyyrh8zwYq2n9T&B->6Uy4n)Y26wS4BEogFEukv)uWaKf)u
z>tHa9d32b#uNmJ$LUMDL%5tLjFw$3hTT~R6Pb9<GWmphWEAOvSzn{1MqwWVFi$me=
z-mUtl`-`t=J8kCMnO>5sd6^5@h0Q{}kF%Vj%$JqIpHnTgKbuu>L_?!NAL$#~(0nb<
zzun#y!LznU$838SI~G$`ww&&+cIRW$&i2;zb?as)o{v<V{1ulqX>hY#+I${s9Y)r?
z&rU)!J$Gf{p&GvwCkvj#i8T+LeUq?xw(UiOqp{<@Caf~zHVG=nbAk>`g?47@p!<2z
z&eZ)!SUXF@KsXUQJF)NMcdQsLZJ^a<N!dlKsZ;;K_EYPlfo`Y-`2bZxgHRr#Uo*RL
zzcf(h>vV;#AMrEk6||)3M9=*)k=+ZQcK?r^cd)5M=b;Ogf?WluLHbg@O?vrH+s)&y
zZT`S;$VIM?E;;c4%G$#l^~fyu{|+RX=*1TMsn*W(eS<hJwg+W|^W4|-S!=F%i{$C?
z%!BI9553upS8EPz6z>?{U;KQ7L9&)s5OVuTcweW2>R4ISFvrdtIO<$GmOV3Tsvw<5
z>4->~kJ8>9aHU#UYrcUt$bb&B*Ny$}Y{)?)SAZofh3_Yw%OXe9;;=r0IMb>}QIe(Y
zA&V!Cu|>9jk~09?4*v_u;O9ji?Hgav%}b3ZRe$8>b5kNI@YC&Stk6Hdh7q&IOWOxZ
zn=)p)6|>s6V9Sz%sILaTQygwY;B%^UbZ9wZH_LLoiugg`t4ugi%f#b7mj*(~xh<M5
z{KiA^H&>6RG5Gnqa!T?pi{B=x{pH~Z#O1DnG%6$QZx<;LiFQlWwcdQv{ox}N3z4t3
zT~PSHX%OW84i&uCfc^WR9DP2`-IfC9qI+2|p}>}$wP*pf<SEc)`zIxeDga0h*mCeR
zuJej~@BZWjtCU`+-%I}yHQMR|Bo%XLx3!tN{J4)73v=W8*oaL_d$!g*K(~)wRT-!x
zhi}fTGV&=iGc~y@*N9Sl&rRs)st(G#2Ogx4k%Z*Rgu^pnUJA>Sq7tgo8J#yeFB?P;
zzY_(8sUQ{pVa@F7c^xH*^IZ$_lI;z~mT`tKQYPJFt}_Fl)*Y<L4fjzsX86HeGAVTr
z5hB+qZp(s!rqscz*w`<FA(CVP^y?DRS>0_tx;_?v?jKD>S{XAuz0d=&Kg;7@|G9gY
z<T53o*OtIh;p7FeK6wwC<G6F7D6q+X`b%!j-xJYpHafVzM6f1jUXb~kvkbticS4gx
z?Lg1%7-MyMmlZ8&e?@=Z#3!RmV*(ZN4_<VGNO+-#tA^4xHXYDVR&S2Tg3@q|+j8rR
zjnsgb{LbI}GX?WP(il*1SdUJo?Pyvp@w4o%X+KOb5qA#=_78Y(<tqD!SLB`_czLTl
zp&PcRxjfsHP%fobl@)skPR4O0AZm|$kps^bwX+>n$UbuRRx>Db@Xk05bJYErJddia
zh^cOV7%ud!@si8*`~xKwvG)+Xi#66jR3&1H7vKmF85-nu#S21C?!er(+3C(~v$^cF
ziXW=#xOCAc4^4jfp4@SHIyi6W<+w`=f{~p~w~la5;!+_yYa^H>-Z_9D)4a*q=y`ZO
zVc!Jz^}0YELPH768vU7P@Vj%G_mP+X?q!5A$>>=)6H^95Q6q!LP*of{?+dqsM1sRU
znJEcd8I;HG2^se7AqHh3Ncy>(BQe+@k1<HPO=Jh*gbhO07|#}{zFmJnN)i682+vvQ
z>m^aKU0<lXe*`VIhX4bZQB68)?wrc1%988Gg%wnyve^E-{}J(5(#vC24NYN3S1eue
z=$ro>W86ecmcgCC=5)(ul>8pC`!?zJB|q89$=b1tea8J;hH)^OpqMFVjnb`USFQZq
zt7FR3ackBPsbwZY3a@~l*jDImne!#-{X|{o2hOgW^!HxfpTwqs#>qWplcCB(9X9{*
zZWmRG*a!CYdk(Bzy+=fY;JAQ3_V!Ot$-KP1bUU!p-n93&D{H^8h&OOO!Gx<R*JC+-
zFGQIYS*CazTCn=@+CS#`c`0{9ksk^M&_4B~3#%B%{K`D9$NycMpWP=xIi1${vmVl=
z+rD7XdB9WwPoH2sNge6hT}7_@Xbg-pXl}aw#ycBag>5vw8R2NR=>bM3IN&;vf3cco
zB0eu-uXAzj59dbdrMB+D6VN}X@p-tg^eSTdI~Ym6XOWy^swiz#%-eB-OTyWMYjlpx
z$Z7^!+PZC*JN#P6_vb*wI~dn<Gs9gV4GY^TO?4*sgzJonqA+8C{1y$Dl`;R9^UsW5
z!1@_Aj=;}WHFX6sp+!}knM1q_`l}Lu$2A+v+a&`4wiD<33MhabY{iOnleCMov5GQ*
z1I80^<Fyvkw|jQ?CoHeFlQa{mFP|}YGFjo$4IR9{@+f{<w5SU30M+Obv;fgj_|=d(
zJiF`kB}N*@DJVl40d6@xS+V+tE{7z8CL!Hl%PM@>Y&rmV>?@uOOcVN1c--~+qAV%V
zH%5(|c4bm*VxalrF%W%;Gw~b_I7@T??`$}Fb;Z-+rTg8I%N1y$a>bGbGi9Z%mlt2j
zQdHz}qQ9x^bOR-d<aByKE<`@$Y7-Z%OX>Z@-Ew*J%GhLdt*^&xS5Tf-Tyz>axwGJD
z#5g;r<1Sq|BV2MOVs1dFv{y(#xrkG1so6j$Ae$Vk!}t_QEO#onzlUa|-Z(-#7t-;#
z%46}Q`_IR0@VJGl>cJd5dKEn*upc0I%4ytor+mL^XR}HgAlIn_Braw=Ijg4VR$;vD
zKWghCHUmvfNAVG%f)zw=ckO+~l;tcp**NNa#SePvSJBt<+boQ{rJ-3Wn@l{O4{RyC
zmcdV5B4?Tf5*3vgp~$4SorJ6-B$f&@^Kv1PGyn}s>oZb-UPqx1#C_(7`d2=UmB9DF
zvDQCS%7nsJ`6q&2uFiHZ8SbkC6{7VnC3SE<0dRPw<;QB9nHJjF80j$etv1p2>DxpW
zXP6dup+X2hFiHD?Vu>z1tsbJnPt9c2%%eme&_+bq9a^EDXpjC*T+G)nW4u~YCFQ3j
zx$@B8?W6*sQ~L>!k<Zt*+h_I&1^<vYr@<(<L;{{!lQ#$}$sKpJ9I$RA+>hh~Vk34#
z@ivwbA;FATb;C2nTuif)z_aOdN37!_L!ZOX5VqAx665rf)$Gp@@6RRC_hChOm!5A0
z?nfU>r*4BJ_SQ<gw5;zHIy8XktAFh7Qih<Gr@=L1jCK&o6l+L$T?E6C<X<L6M?u@>
zvtKz+aJU+`jFOIr8fBgJ-|!1)XP)Q<j^ak}oa4Tomyf7w;DSf*!zT!|Xk@FP9G^&-
zfF*?hwL{6cu`eFf7t0rKyhI(5r4l~BVil0X+fEX0DKZgUF+c$pxLsRlXXSv&JTSlB
zjI&pXzq;6Wf*a3<>MEqRGVQpZGlFgRn9q-Z$j<N{_hM1q-V7KEi9-4ApZ6s&{y|0f
z;6u@yLQ~V0`Dqp4i3NqV<0R_VxCuHX9Ac6TFF7Z$H+)V=2!q0vQPN~ny$Miv?E~b=
z?4Oz+a&u}#(c0Y6&)0;#fOBg4Y!p*uO4V&409VujQj44MI`bx(OXz`M7O|%WG!XYa
zE1g0v(rW#UE1Y_k%TYRsFexdl>Xp2!p4`y1-?^FQ(A@LphfF4(ToO}2y?#7{QqlzY
zhL>ey-)PAK2RK`hd~K^?-Bm7z63`QJg8aT=44d}H_L`!w;M0?%tc|?|+==^Gu$?tN
zwymXU#DsZ6N#jlFhc_a@N&~(-IlB@?&fte2C=CjiHgiAfsV*>BQ7`;BtP|K!<46eB
zLe@Tmn{TF-O;$|OYrkI|22+hxO*}?)Vp3d5zNX)BDl~99pLAg^j!{8M11x*fa-yY*
zl?GN<>jyo4;)|jMAo#Ay6pSB=q`M{w7&i^uPQE-p*i_l!=bEK#YWUrhekEulg4y73
zFL3||9Y4J9<r`>}#`iX!Y;`X^eg4iTUX%d&oHgV8@BrI!-d(gDDRLp4i=&^K=PegI
zRc>W^WO!0-#M^&@EmIgR7B)Pj{o-8yH5zjhVHf(=wFgz2V+)lWS#moPTcG*TX|W^A
zXr<inK&l?;%ex6)-?psesCQ`Wy(OD6dOSOla+}UW6W6#8$`uoT8?Jcmt9jmx)5+Ga
zLy{D9gX^J`h(aZRZ2x>N-uO_{q|C68bMPRk<zM2?bCmf7+B=QAsbLDA^B(6_*ZCnv
z@rz#x8`0;{vQLL)RZ0J(@3Qm4{Jm3p8a*wH$`)beriH!J-It1e;w0o%E3EcNX|$|5
zNNHg?R3g`5i?Ld)I>S9w4>9dImQGIxd%)z5n-z_T1ClD<`YARGhd(DRkspR-lyW#R
zt<oSlQv#pKb3;FnYKK%(pps%_+85*Kg0w~YN~?HJyD+!N_OGs7L1<y%_m;ywllCMJ
z1lHOq)nu^owzD{~hK}czJs{_L>lI{X)K@1+@ZHcth&X<L9dFh+%^&bb2fF28C)(eB
zG~3dH;fji;-62l2tR6n}?-9@8dz{Ah7lruE?-MQG^+~Ipr!#l}6+v`e8}mAYTSEe1
z;8=ewD+bqyrL^>8->WmbZ_>EQ9>c%S$W>e(o3FYIsWXcfn`1`$cokhB@79f8-*#LZ
zF7o`E6G9nxFkLhfM#%clhUWITon15)93?wO_QPg_jU#-S<(=skpYQB~?n)01I+g|U
zLg6L+H1rn^VBuUBef7CtaR9Rxq{Gv^vehh)$#Ut(1B9ZV6Wti!-|Bo5BFB~bt1A5;
z(=M|i!tksQ&ZpJ~@$q*QRiktA(XS5^ygSXe6g01%H;g+QbkPZ{UDxcl&JepG#oIZ@
zI;ZGJcM?o&OMEIiGI4Q+2v%R=Q@ipv6uJ*Dpap~W+vzV$Z5pWME4rONM!R$P%Xb#x
z#&Xu@I_s{2uM`(!!Bjh?{xzDlii`KmiyIUkSh)Y1BqoFzIz8&dSl*&~q}>ss7yyn_
zYpltS90tv*s(|VzbY9Stha7GOztNl{{-DFBr#o~T!nLN4a<pat#{zJ|{U-?e91T$L
zdc9uxp?udR16=paWjV%s(igCGeEim+-hjU&O#bfi<>1t*uYaJgxs8hGAu5xd&E>aC
z`?mcg>4eMX7_M-{tL@d`^lf;tdw$5=K2Ol?YUJEqiruM2nn+_y%1Ilk;mX7cJLk>u
zbc(*P2t~%(?)u~A_US=p<eEy_R0?(^*um6?92{|RaUgOT9&*tqYp@I&;~dAwxU|Vr
z2JeNOFhxxD&}Yi7u$3=14@6#6pWi)RIe}jn_k9F0qfaiOq-LhMMU9p}1V!*Gf&$z{
zjV^g9Ez;T+FB~r{^ZEqf&*W~cPn-6Gy}v2kZ?jf^%l;AAcEyBdIXt!aY=;07d~cUk
zZWdg17E5^{tNa2SJZ){8As8Kz#6AArgTDm|p(*lo7O!KGKHGzH>VxSdm?FB>SC_{;
zlaW~-l$-nuSn^SObULtZDC15TOuKk_!`aSTs&az>5=-izt_{!)kVN_P_m86k?<>Po
znuH2UHU9VKFABN@=%7B^_UyjZ{g%Dl%|ib@shaM(DZN&MpS>z@C0>k_Nib#k{S_wX
zUoGRO+;oq-&D<j@L&kxj*ApeagcFaAGJSso>enXU=D&>2m-k0_N>t0uO{+4R7mju>
z{fjpQYDL?#YuLi!b?h$WN-Gs7E$nb^WY+f|+)bfbL95*2`^#Ls!s`{0X2M2yjX|{{
zb#&{Eq77<IdqLi5&G=$6);nu^MECbyNkxkGDN=t{d4WYLU9aPL)h7o_MSsBGv+_nS
z1`i;nN&XJb8^==3=ub267!1F<L$h%7!?`o<SC&_n4g=42H9lR56!t~evD*^ZEdQ{0
zvEvK0p6Kc@*8k3?yuRM0l05gfOAMS<>3b*8dUI-L9a_YX&#A!rLP45m6VCZXdYLze
z?)_MW%mfb$6GvQCCa85;{2mN`sbhm&#%Q|`#O_&|(UPD2K8eLD(?37wHr4v>GnZJC
zt0azq^WxL-Uv;WSCVY-<)xWf0bqvsrw>3TS1Tnt$o4bJr(wN0|m4#!h*$j`L_r&3~
zt~=geYq*HzE$a$j_1xc7Z9-vW7qV{}fb$5+$1ijd?*NnrcTS|7r%KHsjP<+G>IjsR
zWRV2}GI*eWa%TcW&URSX`<i(p=ip4Qs-hoX%I4?~mH4QYV-K)12m^H2^M71EpLCYF
z$U3;SIv%V<bXFZ_4yJGz2sdRGicnO+Pw3NA<VI?`-!^Aj(B*|9@E3T~DhE@dq#vrW
zI@PTwosTv3PvY=`rt7d~bx8${EVeCg?Hb+PQbbND$&!J|a*<jo40RR0q@trFxZZ=x
zd%KU8xd&gG6-~FFrp0dgUtOHsW-C~&738MLn>>~v7h%)qE8H3Ii#T@v2O$ZHS0Ak=
zsa$~7#$-PS8967ZkU~^Q-LHol0c0OhADWuT|IXJ3E{~&IL`E`{M)ib-Z(6WAxz=>d
zoPn?X^BGU>!72_<de*(>_ff35UVS2g6yoSu7$^Y32^{?vxET0~y5`MkH6gOAjYml_
z`YY%DF<r1j%zv34TW{QT!zq|P2VD>X7@p`h^3;~Kl7~(T5U~hXbr7>>`M;LAaQr;S
zhpUb2r8l1PqLbcLSh7C|RUwKkiqIo9<YC|<_*c^5{hAWS&ntS7W6We6FyTYAU$3AX
z-$Bl;ygYtW5Uw>+uOOYk6lttewAjI|wa8{Xy=1=qO~^dgIGjuSeu+_NdL{p-ejNx$
zO{dTr2;Fj97ntWHyOPdqOAnFw{R5o~8}e0$RYOjDDEhh#kTu82<}$nB5mJL^Mmeb8
zw@5-MuzQ93NM71}#V`T#tZ}+E>3h@CJ^0w}zUIln)?j%L4CafagpevqWVfMXg{e!^
z?DcCQKPhmu<WGxAHG!VJnrJuRz3#(=HO6L5l~J*)NohlwqKmo_GDI>Y8@wmSO>t@y
zblv-E|DP?E(^12w<Z@eNpUpfuW;os0Qa(yrz6vUIV(?0elm2bu;oB<w)&@&7ralsI
zhyzy{vhurL^W+w*x{(Qeahsp$+dc9vOA-X5iY>Pkh3y;|jp%4s#WE&!(a`(EDbsmQ
z{6tZ&tSf&{GQb<mw|-ld{4D_VtMD_LCB>}DiTYJtG`s!8P227X(T)~{vC(DH$}2<x
z20PTMb^8Ye;Y=>s9vq6(<K6KSYWu7u6ZAooiOvTuE{Z@`b=3O&@!MX8#)pK7aV*zy
z2HEB&Jvj#HhgydtHbbPHi4XW5)z<`~zqt_c!9!p<Yx0QS1DA>*HS~Ml?E{#i(KG#F
zL>^jR%$L-mvJMes2W_&;moavYm+2PEKI|u7+rDG4fGS0%C~6R*->@wGHzIIRhMO}P
zXWDbqyanIrQy$w!iWbsw7t6dqe&Qe&$bh7cs-P&L&I{nh_q`dv$neHi^d|*e;k@Ba
z;0EKQFqWf`Nte^f%7c+7n%-$pF*Sh<UVL@#-GVs6+9Kn6zSVEaLN&sPhe!@n=lZCV
z>rDwxy@CPeBZ-3S+g;#8W}%m*BR3P5Ie)aj^RBZ)%6W2f`pR*3k2rxHE{@moM+<eF
z9P#nshdP3$>-ERVgv&%s?R@%2qQlo{hZdQaV*USGzbos(qj30L!^-;Rfp^*Io|l}w
zs2PTOG)+g0YrD+8WtBMl9^{{71$xX#s5h2ODMl2hF9A1GyZ}o5#_|z6-d+@`=xe*>
z#@WC7Q)UJk5x1NdmV-9vs)mFyXnkb>+(6F0JlP37l8O`Mb``~BVk?r6T#3JhlY@Je
z2d|O9cG63Wk!qAVm}1*tbE{Nh^g%=-!Z6k_;vg{4UrvYX%OBo&a;JNS<)=-h2j(tl
zh_~ae0@-`nOb&4fGCSYF)AQBMRi?Y7&`+Q>;<5=MqL`$KDieU|n2+{%gYe@tp;=^~
zwqfw-Y)Z}WckJIP(P@T!PjHzsghs+FB8N>+E~O;zGjXSgeZRRmQCbfXtMTX<WQrow
zFeeB|ArgQU9*$7BdZww)a=(PY@KxU>hEx+^*yHjMQtuTYI2>iHzOZAzrreS*)$icK
zIxo+HH=%}dQl?)<SZj4ID37*2FJ7-{G^5h_a&lZ(pl)gTZb?Vi^QvaHDpjA0y&BH-
z3!ha{S>YTA_;j$*!I#oZAI}&b_7qp-szRT!&zsCa_mJnS{X@^1rFeC8`osqNP*CbI
z7JR_Mzs}byeKby$<pX*1s^DVYH|@|t&wEvudX^!sl&RMxNeRAG();KcCt6g7<o3EW
zZ@xOune;}Bj(2x)kLomp74fV6rAv5z<1()%mye?9`H{X{@#HuifaZ?tM$*GvRI9+4
zBy^tJJ2*+61X(5lh0NzK$vL%gFq-csk=Ri%Xw4%0d6bMH!u0J59#+p=@kO3|f6UGZ
zky^27<*%MuQ2&q3mQOt%boPHa?>})PvTs`)yVPG)cX$e<d-u_4=vq7t#Sfw0yf`&+
zQ!S_pX6M<OJg_J+k#OZ(_J{r#QuPBJh~RHe8#9doD3kEfNl)=)AtD^(VDTfhilkhA
zs($v)8a&;UM2hkkj4a_l*K{P~ikO(kJreDksFw31_2`<;%QMld&Y1inlpk-Uwb}dy
z?WBWQ+688ipmnEer1vZ(r;tL=u@Z`F=i6vu8j5L-L_u*M#OY}-@8)$M`Oq@{U90(k
za)%?DC&YJ%)E=;Z$TA+xm1oDXLzojtl)*!EQZvuUK4K$a=iK}HRAcsSaZm|%B8`(2
zPt2Y$TZ;bisByVKF%f`UX+Ym34hv0hyj^Q$>pXG%5RNEf>{)>I{BzL8Y4_;nr>3VC
zup*xsGJ}2kbxq$DFM9F(W?5Y>%tn(Y=Q^FIO5UBp7=Ey}eyVEu(Ex(V*9<<xmdSUH
zMb6@wzd9JrdwHI`Jxdfa8~mJyvy{ev{9(1I!|p`i`NFPg=wrnn^jG4Ot}LG$I7lFY
z1^<vd4a#At<~Ujbj&VQbQ=>F!Q$7VfkP3NLiP6W}qUA31IY>|k15h+ZKGT>trv=x%
z^~H2e@cOT=?TUZyMIS8PC6R?c1#>O1mrdG+)+;dq1&*{o42E6#Lf!K~C&7B|BW>mZ
zmVu^R(jOUp8c|&4jaZCrApsdmNGijCFr4skEi~xZAbCF;CA3a?B0ZZsC`mNU`9qrZ
zp^8z&509q8b{b=7MlFs2$*@SWse@bNwDmCM9X^%W$iL|=LtR7&;G_I)-ukVg3f?QU
zF(9yNdh1whg|2SEx8UNUDctrTEanfM$EyymwwaONq`jxKmZ-C4Vk~4YT8U{CUM(9n
z5B^xk50F5z%iy7SYn~MK%Y*wHCuejNv-b!BJJsA`nn3FKBx(J$epCM2Y+F^t-IYf-
z0=@_SuJIKg@G0-bp9%1UI0fi;Wq%6u`_1Qem!M>-B9*gs^2m!ngZ<WCTNa|DZV~ao
zW>cS0+T@$AgWkp>t5@YXChJAp$>-CFBR|sV@_@lrO+TuFIz@r(wOsT40w_`3)Zxok
zFm@Et=4*b2<<OpMntTq2WoDt&c_hoHv+JYv&xvy#M@iyre~uJATW}WA9nTIWuk62S
zN`T!0Kym6P78N9BiDw*SoD*zW#)ZB2ZV9@FavllTm52rBb5H6ySLFyLtEZ4YPo$tX
z&r?0sBIuLM9kd3zhK|&hrZK3!)(?d&#-kr2y&LAH`&>|ZY^~B^iU$dssn|z5LG1eG
zIT)l4Hb56h`XW!`XF{(f&P1Cu*k;P~&ggyHh)QzDzK2*IE0uC4zXnWI!o@1rr2)*?
zssH4gmNijNC%8Uw>Ps#TdcQkQ{z61#L~=)NT$dpSD{8Zsbr7&UrX-(^7nPw|_P98{
zZ1CAw!+#kJKYwefgVT_{<78qkh>eJc&lM55-=%7$rt{XeqRO8hB)V+A-DD4MyskvE
z(y2lEAbxfShir;E&!m`9Wc*8;l9Wp5-&R6nJ_BtFb8@C489jq>R+>@MObr649e5w1
zL7iD6Fo*lvTV#O<wb~Yno<EVdOU8qZq6-iZt1(g6P6{7fQ-k_7;-1vb!FEtD$zho0
z0vR7~pZQ<+pc>=fiFk7cocY$anHJlO4`~Rii2oE_%V3TK0UaBU*k$g#cZB#jrwQ}r
zpB(~Q<Z4oFXu-_v0&lG{^CxBRH6_9t+F9src+Geb?|2{`R-<7?&_NV1<AXJK&+l4@
z&Y-ZlFxl1zj$xkrUOZQrK$(1YCh3g`ROKjUUtEoz8bvQskc%7<U6rXp?4=6$qLx`4
zo*)bMy3KLE;`ouTW!ZeGRo(Tt&N*^%E55<=crt)#Zs4iMvQ3pLEQ4|6`o=zT+~Uv{
zn!Y8am+yLtLMWS5s&0Dy;L77ZYGsHr*@!J+(@J2~;Q^i1fu{e-{CwfH-M{^<5aVH@
zvq78a^`bH1(YI7H2J#kCdJ@>B)UCz9{wSOqZ55vdjXx2dRIm~uV7+7_j#*#uQY|({
zE}jkG=4Nk|LeThAR~cxfjA0(Mv`+BBlTOhDbU(`LtgVr!IOWf0j9|ii>z>RO$2qn<
z`zu&0EZMe98^w<f7rrH2p-&RnWH_?cK{Q<UzZmy<pd;WRB#Sew-7NF^BGsdVBC@<}
zHY}5`?J_RvUxxO_PT34}p5L|)?jKS-7zOf-@RHm)O|6)o7dcq4{ZdU=GF#}5ufd-1
zHT8gRTB7*4o;$U7Y-dS2gHpaUPx>I=^heq*r%WaUkF)aQdSMANEVN-^R@!3L-DoP*
z6)&66a3}M?A2!-eu~!0iG*26!{;f||8POlN&_md;ae}f2LzF|mgm&9w$G*8<u&`pn
zd&$|X9sXkeDbzp7yR3UfI;3#fO0mykBJkiW_zw*KSOD3>(j^~mbQ0$!^)_CZTzrx7
z9w(?|Jk1YBqGv9{!YW_s3FrBApQ9+5j4h3Z3Ebk9A@<o+F@QGF*|w&ko)^;P$4h^%
zc`y%&*{MOHKEd!i9VFNfAwv{4a9MAp%3(YJdrnb0Khd#7*km-nM()6Jxbp(ZMkf<3
z+1n#5c98G~hb~*MW=0uKn@TrU$`e@dnygyDMvp%azH}KJlnHiLoPKS>b9-VbyxxrG
zEgX(-Eq{4vayje3*whhy`27^kLedG_fIzcZXy!Tem_i~d<N6CDS)Tr2Ni`N4e$Pvx
zXgbdNya0pb?}!VW+Y=j2>-gnLC{ePa%s?G<WKvkTVEn6Z?J^Z71rCo%r=h8WI>T%9
zbkH<-=+!*DAvY}9N@(9x%#xCK?Ld4z{mCXhbt3=29&T*-|KWnJs$HMn0*f2(!n8;K
zh~6PU8W1B5HhC^v@1og<t>{YwWvMKkT(oi|p5`XvgKhKaGl?H`mQ%lf0oVdL!~<+b
zpz`>pwRZ3hBdYH8!0$m7PEQ)Dt7n0iMtA8aXvRh8&LVDFh4-NEh0i;8FbQl>rlqOY
z;r?b_1Z45~s{q7udx)vi@h)qV{P=&Uddsk=*6)9KW~iY{q*IU%LFpJkK)R%)ML?t*
zsTo2*T9Hl#q(iz>=>`eu?(Upt<2mR1e||4`!*$Kx`(F3z_^h-?(R%N;ga!*gWPR3`
z$^7wk_$$!`DFo`GjrlRf%lb<=Mpf;i{fV3X$F)S+q#mUi(b3HWI!n=T@kx|mnESKM
z2GzL&&h@R{FOTS)O$+<f;;!1%#BEK+CLHyyT8Ah0^o`KaS{@qC6_sc1qViyq?JP!s
zq$==2&pE=k+TNsg-px<M_mbwQe32I(MUGd!s&%@=3LbuA8@yh{-~B4k`dR(kn!!BS
z&7%6M@FN;(m@6{L)$Y4*#Xw*tC|5>Et<XPMKXTu{_H`FMykeWQKY?MQ#DFs<b^`xd
znw(BaoLtgN9u4QQE-WGQofn@X>Q-T!?kvsS6+mBhM~_Ek$5e*mlU<=B+iT?@MF(vV
z`d8|JB|24%(C!MNlyX9@6mfZ)AuY_P3F{`;*meW0w=<=$W9z>m7>rYR)d!M<l-F1+
zxbl2PD|B62X-=ST!II#X-->2Z(LXkO#e>C1_boXF25g#DcfzZx@0vcR`VQ;V#BY49
z=?gs1mYm#EHS=j^wGdnn;SVXIe_tn+$Bk<afMJLa_>fx)&zZE42xLX^Zuc^oe8&BS
zA0tZEPDd%ayoo>9j(wkDQ~Ol-S$#6^z`{97E%J#i<%yfRd?D}B+9*NCMrr?KBj(*?
zN2g6DuG=1+$$o7CtN&bhqqEl@cD=+>smr;g!LCEKXI5{ldGf%BaQO6ATsHS)J0+N%
zkgvi!MZ8YKZjuUfwAW?xE(_Ca<??iR3Y2kDD{q!v<D1OEk<ql)jYaZhs@40-OtqVQ
z^l|q)lIZ4AC+e&+u_@B03@Pzto-j0P_L!|fHC(0^rCqr@QTIBk+as*RobpR3QqzU5
z`qlJRuch**&sP+&gPG3Yh3Nsc?^>|<x(yseZaDidH<F!Xpv-r4u&nf<(xJN?g^D_@
zGHDzVSjIwSWuyMbDk&}a;XYe+30&W|(YJg?y}&h;>g^wQEpu3a9r?xFmg}CU+pvM2
zE@4q%nU-KF-eVwz@Vrtkoh98skKbo@y<*$4F7a$Ga98D}ujuAM3vJ9miO8Xg>~>Bj
z-=Db)ebE(WZtm*>3Sq_Mh<=gGZFaa<`a!k(yM%=fMy9=*ui?Bx=*?+lZ>S$jMp(XU
z%VzGA0y1et_g6EiUluB}C<lgpkiw1-Az_~*(`EW`uxXPXbY0`e?P%&Oxoqrsbs*{h
z&GLd%XMe9hp+3a&l}G)ILS?0Gnk^fzE4Q2qQiWwuLn<ml=+K1qPb9^XkI+*^J2?!S
zweh&^zF>%<wbX}d&6F51dn%>fILpRTojgu=?vJV862gU}wI;ZIMmZurVw0*!%16)6
z8|Iz-hQ>2q_{hXeJgZ>6nKxgJYkGu3@nr`5Rr{Tz!iPTP4Lu4^ka4ho#dncxP^nat
zvJTFMq|X`IFQV)0sJsYm-mC{0mB~-T?XVBD@k+hGNcE%=&8HEa@lkQH!U^7aRVs0I
z)?e&(<Sq>g55+Qj!Unm#WcDU)nOTP&SS7h1x_VH}LDjNSBrjB7PK{>#@ESEfe{91K
z-YRjysq`qj#Pe(qBlig}5`Ga}UOOd3-h~U@E7aX6vU)qD%5L2ZqsjtbG6NL0CnS4-
z1;P@G@4uU-p_<7xVF7uX6~4X{&27*gRugoH(*HZ8Z-Gk0>Di)pTZd=<weM@dpaZOB
zGqi$rwt$5xsmtg0>CteJ^;jgqr2gt=?PWf7Zq!rxeUAQklJcV!e0?G()goVQRkXto
z!o^ozU4b|0cGt#9DPOp)>HF5+ejCLc?NPN2!=#*rnJKO;;caPFS5tnGqz=B^Y$lYG
zm%n{gm%STp&oplP4mbZ`<fAupC-FF=V`XJnC=NgIC0XZ-B6Q`NrG){km+%)x8q}@&
zJ+wy4mF`Bl>mPQ%g>D$;AFbr}h+g*9h}JquOEu|@G8~fxTqhBiHLP(?DZ5h+<9<tr
z0<{b|#OuW#J>PjQxu{OcG!)3KAE*pw3`}D+9hA;u9#=J@zW=!-6SSa&Q^jhw9BJS`
zGc?UfaZtrA-x^a?^3dLRP3VB;3cAt&LHOGN1l6P`=*SD<zmC$c3a6zdA;YCnz|bco
zU^A|Y#`8v}grvs$G!+(G!V1E(PWfYnVnQ_VJYxp>&)3DNmF;J)lHsCFU!!y87SeGF
z&`{{TU#m+Euvveyww5u{0bgw?*Y(kM>-5XB9cXXtc*iI#PmkFe2KXAuXHUm;uJk4@
zyL`;9ix_rB9e=jo9aSx--|D7i>iKOTy!tI!)wenTj@iLxgjP2`_j<pos_Xn65wFf|
zn%39%Re#bwM7~P7G&PhPNZ4lwexlnItT{Pox4IKv8MTG7q`X(4h->)+`a;)jBKS#F
zTtxR9zUP}H>`w0QQ?^P&qFZ8;p{MKkzd4U$`w7?EwIrRcISfC3_f-}?$dpwcImR6z
z=T-r?#G&_9p*}cpzd}tJTZmT*@!E^jXM-Jm7ibvyuxovXLTG8cp0|GEI>*B%ou6G+
zM!NnGxRL-|Kby!)kzSGO3-aqyocXwOIVT8xX7*hdLk)fMq>t9`7whBX$jBRY7M@`%
z;%L)LxZGQ`<~_RTV=NG_Su7TqN^&L;9=EDCeAT9#^78``qW1ylsptg&MnGl<eY534
z?qqhNI66WnqvC-5jIoXJW-kO(RHd@jThE^S5<Ikn`i1=^OL`*5Q?Gc^d>EyxDmQ;c
zmxzw+=sHHen)h@c5qS}R7>eD@7X$5*8<jjZwQR{BV|mxqzm>}xo)C?!M|Q=xv!7-t
zMeNsJX<u&CStJ%7HWa$hQhj2EtFJ=V9u?@X9_sxPKBhU0j5i)B<alZr@`uoVPx~3k
zivTuiHC|xeMAG=H^_5~}NlVd3RkST$1PlKj*6B#;R_G&z;9uES<+bv7!w&B3?eklX
z6tpyY95N>YSH_t=AK@F?Af>D`0`k0cvO?9BdNlM!X9Ql-0kJfq?00VVM2}IQh$uP$
z#6eAmNNN2bYT_@r@(GVWU#o^sTuRr{>2ryi$@zGT+0Nt-*2MOx=IRFNi^YhR3^mX}
zs1jW@u%i`b+$dGB^V9Zl+Q;}8`2{+v6Ct=q?0fk@a3T_&HO@lLzFoP^X@A;5aXm=n
zajNl5ge8#3dFxQ^Rqn`VW@oW%cW#m6yxleEk%K*<C2(QJyUKdB`|8!#%9AVpy~K-a
zm!XS)ex}rU^GHS`t&iR8%rlwTDDfj)IbgpCa^WH-=2egNJ7Mz?krT``MzpYZmR95I
zg|#*1Dhk_!X0-_pQX4zRwi^oE^VZ?)k=*jbo$-e9I(6Syl&ryn#eMPZ`Jv`9ScCJr
zq&}heSJ<)-d*Bh=F+l>=-G<6VWk$2be{x0L+1&ZEJ;Mu~-t}TwjlZW`jq)mg`Ifvy
zv$|1x@{g~pN|Mv*bg?fy$$%kPYs*sjcjJ?&FVAG#8m^wLl2{qCj<LUTELA=hX)b&*
z$n-Yu+I178c!M<a38T`VrNf9TIMR<fs#)9o{^y}yuJ53gZ<Cr9i&>b$14(7gvdFb9
z5qrh>uYt2P%UwC_cCs-a<$mV5-z*NF-A#Lt+uKM`ui4pIT)V6VMRfn1&k5)d*t}V?
z+r8AZJI$<6ab0!BItTlGMIa(nuh_Wz>WDF7BHh~H-n@Z7J{6JiU)f{@dwg;Srv2Yg
z`bmBTmG&s3mG=zk@F5)$9|wyE0@FPv52y&pu%JVEU;X&aPKRxrJB!C1Eq#nko${=n
z9#5^=2aNH@M`8@guH#$yR4bvFWw!1qq@estKe>Frq43ICOx4$yHz(G-JEVO%6nj;o
zXM1J6+x#X_FhBoA4|Z6V3YvjZA{#1Kss?LtBRMs}f!QqbZaGPKy%WFfrpPm7{=sbi
zFE>9a+wx1I4Dv_{*kqHHX2eWBJE$+^X_b@?(Sx3NX00wmc80n6**_e|ipeWo>e+V5
zV7{EQ$eD*AL#$Wn4>FAuz7Jkp^0!F@=}mOJ@p=1VJk&B~k;3JSw)t^t)%rp!I<98%
z`^I;#V!dCCmUGCTV<_{*+Y{VLWUx~XkQwLoRC&)@WaKF+Bd_-nE*FCin|b<Qa?Wl%
zd)N(y(L*Jy4xdn9y?@t>Un}XI(P5)3W%Hsy6ELQd!JsyG1JHi25)Zb0`Q<|aey0#_
z+AK=qQ}a5=K46gv?kzI!+t@y~M$F~284?2TKLc#<W+d)rVlN=dFq2$5lT%JjUmKw#
zv;Lwo`Ey2{+>RvGq)J?Az7IHi?L=TsvXF|M2xLow!qlHK<?p#;O|q6t=LPxE=oX!)
zF7OqPwTbnuzKc}8u$2i)>y`BBWS4F)DK;%(iHrta6*A4QQeL0Naw);DzO09j5D5tl
zv-GpE405u^3Y-)on73c8HoGvj2uCbuF0;M42_e!exvP(h?~WB=T1odLFpcGEY=+nS
zQfHLGWFO`q?8Po>W0fBjv#`aPDNvgGUx~Epr%sc&C<pZ%mT51uvQmA;dLmXJEB|tW
zj`^*4NB;UWMQKJx*QK8LVyhcsGbz5_GAi0De|sgZ$ny#=UA{3D+@?3O{A}<#?m^Gu
zBgNIBe4;$H><fNnv#eY-e;{r61eL|>QN>L0Fy|BGkT3}_R7^MIjH>j|PdXuSUnr7(
zrR5RN+Xo<YlGs7g6%k@3Z`{;Fo@s4DmyY(00BWE*m?hT|6pLRlbeykX<MpM$A+wFd
zAJex>#Ugy%y?ro;k76cb;HJNdM?7MGt)5aMo%D`uKH^#se(e5J9=<nPo1FY>eU#j|
z{IK`=dhqdPIQ+4Ivw(0|ug!5Me^POsxdOZQ(v8nt;>B{LLvu}8n_&k^y)3uwmgYt2
zJUlWD+rba(*mB$QS`ZYacdYKIMt8kjP+7S7+=ES(mPX=Lq&f|d)*zcV=VPw3^nH<@
zd_0k-es<Vw-}mBulu;b%#<s_T1`56%XQSfN{<WZH@)@3P6O{vI?gV+Z8e`$|rzCi-
z9BHa;j*NcVv_cj$P-V^7v3I_YWS*z3X=P~~8+`YN$GnDJcu<$SBo;Apsn{s$2n#6I
ztHyWZif>-zU|Ty{EXk0CtHwt*U&@Vb9tRrhjG`4C?y%U(nl;o@6brccraUaE1<rYQ
z*sv^X*gbl5WYCyarH54wT+cta0X2W`0D5Zx-8M{&5Mc7dJWrYHwn`$K5uBR839n-J
z4)*fHyu=4a{#%TzZDNE-R!0iUmHFT9awr|pHbLoL>I*$t>`2qh%|(HTwAp=7$zI0i
z>|N9QQ>g4IyBx@X+Y*OD9Nkw1iwpW9Lg-?m;i9lSuOIDVcVX^S?JzK2vzeE{sb-q4
zh1q1KP8;WxNoTdctoh*@0V~6?%AU$q$TBW0`SgRYv$q4J1T%rsnJl}N5q0cIFMJ5%
zI1zyaNP%0F8o4j*r>i(mStExt<@VJst;h-`b*pR=XIv)?kAUu=o}<-X>XwuNA<F?O
zU`LD(fM<Lj58%xTyGs}}H-98By?-!|K1T9{U0%#>PDFGg)~hV-Z9DL11wd8c5ez+^
z#;i!i>>8p!752P%Uw-F!w(Fr+!{U)LCMH63ySUR@{6%-!o?mHaZt85IGtNbEeKlrE
zEEF@|()q>rBKFO4x>lMrs9Fcv=$8$0F1Y=>Pjaq$y;8Pe0T2_9xZvpRzW`hdkM8{=
z;ya=D$E_H&Ux2YFeE>m{?R?Iw1X!^0^$37T*Xrr%F^~%$vX>G)0}jW0KT~yk^L=l>
z;aH{iYO7%O*uCkPS_tUwrKSzzmLapdzi6&UL%9LUeVc<wec$SHhQ!3Tal+bjZ)b6&
z6yr^C0{?PCMkiDdO;c(xgN1XnoU^J|2I<?MO8cX+lS;bfUvw}s1?Wlzq$Tk1bbF#V
zzWK(y_OOF;+H??11-;tryN7#az8OrHFn(uko&EiLhffm<6IjR5@yE-TFKY(fTCO7m
z=A!rE$ZL&PueO?&tz0I7nji#XC~dO3^&3D??CiPQ_s*e$-(5P*enu<1?iwCxDC*eN
zb4!Lu#coj~P^-JTV%0vPY306$LUDqwY$xPK4+d$y?4D15#YVb0msn6zr{H@Ku&-!n
zI6c7^WY8fU6hs0^?6_;k3XGmYz_<yz^w2=D$>vDt9<WX7+l>3XPnk(8WU9<OjCg3?
zbDNX7E0Ym1-qiom1bML>)vITj$^=E)fLrLgC{-_{>@B)KGdcA?o4D^bW6nu&3Kd}o
zt@^WqZ+0;rJ_Zo%5HL?v3YQM#Xx%r9wZ6n7LM`-^Z*S!Gka*;o%;lu-e16-nXW^3>
zh{(_lkFj9lH{ZM#qZDUh75P<EkBYfVOT@YJGpa)C{S|p`!_5Kb+TPM6xz9Hl)u(Um
zMEvMgC6Ea^(dF%*2Y^L*cfxj7V`mHfocgPE*Ks`>%EOwf;;f^VebK6^z}(2Rt$?1`
zK^_h(6#9n5k4HUTOAw{p)E_o*UeSE@yJSV2<c^fffMrnZJjIKX__2}$|NQFn=yeAP
z8%?s(EZTC@c67_*0GI?YiLl7ia&_g&%FXQ#AhOxdaSTcz8(wN__gLkmKE|MSiB?K_
z+MW8O<$Q3Lk5&>h+Mjm@6;=2-Lhtbd=S~{u@CE?k|LD<d=&`z?p=S11@oy7?jRXa4
zQXsUiltJ>y&sM~Y%?6)b6cB-9%{M_JR^ld8xO5`)XzNSEzcgw_aY$5>8C9?SI^d04
zc!W5D?hqq^hStPEric4gVQl(IsSEQJS6Wv2c)`JLD6(=`ao(XMi+2y#8IJn*eN^pk
zCp+ITQxD#c71ka-L;R=rfTpY%ERe<4@P_T53V8tU)}~qs84IjUvbWwE%gY<s+002-
z!Q6tLK~JMZk3wcVw~O|on{|wRet%$PWp(WF1D1+r%?Yw&@?^?JI2B+4&?(E>l%<{v
z0JKiJCd)xKXvCiZWYz;Z|EHU%0;*=5E0AF5KC4w+cjI*FKOinvgw;T5?5k%qyvsi}
zQA}2oMO?>Q+s+qS>r+#c{2{7dKZ&<Cx%n5dYBKG>QrC0q1`eFTgX8wgr)a_+%`($D
z<Cbai!t1@mw8)w-n^oD`VypF;A3%v79i#S#=4G5k4+qw*eFOWyL@9auxTiDk9a^T3
z??pVevphPV-JP3yWv9*|k>k_pd_MC?Ba59QiDHFE%R-q#V(t|CaO!bb%)yKq4(%Ra
z?d8)UbKcYs=gX>{ne}%-x07(%=1fNC&*RnOA70x!Iz{@-=g7;!d^DC}dyes5qkW%}
zzT{_$6k2(MmNXIKOEY&9H%o3_`6sG|xG2;egPL-7;<j~yOQsPWG9&%zXQszl-x`$W
zz6MjK=iBZPrSePxoTWjvY|g(*2&k`s2VhDw-6Lso0Y;#aV}k-BR0Q(S`+(MmW7u@|
z$GW5&z^hF?h*ER>NhsHKvN<}tBQcHo7Keb%u9j&8uA@_5B3eIq`(!z)_Na&5{BY^l
zo-a_sJPI?uk+N&Pbps$NadB}6sL@)QuJ^VdpaT#L!(Tu+SXL%GPCpl!0add>0Nx@9
zE!PvyT^H8Q(`&OsF)gYQt{Y#hoN_qc_aSU?SDm%?5Fk1W-jJs`;LQ`1vA;=WmiW|4
zYi9K^?VItksa;2}&CIM=72*4;Lz~V{#cEoC)+KMp5o{__-|J~7KQ@rXTYW(Vw2|$S
z8mW#ApRi(tQ@K|h-t#!>J+W{N$CjzLVsO`p*UDFilU%ev91e~n(sholNokfC@g)q{
z4AV0A<2J<ydN=+|J<N_*oi}d0v=GKBY<|~#AgKk~sdn%a{ic`;zc?-F^%pyPQS?-?
z@eyfS1%+yVOt1FQ)P=Nv@MU8C)PTg@a>z5Bsw9_$j@kG8o_qZ@rA9Yvk<>ZW9vrr7
z_M#jmO%lGc7^>;PUXN+)#&T)d16wXPbJ9MGX@MPDzM++!95S!yrz0C0<YGbn`Jjx3
z9Q4Z$ZV1m3ag@YrJi0(;gp{n+Dv8j@it-kXyJF#7btWIWJjHSQ6i-V(&l10RgNvRo
zN1BqU#-_^mPSr==ns?p|nu%n_>#+`k!5_oMu%QCdsD3Z&d7d8;mk|<>LI1Y!!x}Ev
zlK0|P&pEEwd0J?1H{_fO_t@7;#Zi6ZDDCH)3=>x6OdW1dCq()MDgw=d;Hd+=H@o(5
z=kyzCJy?Px(A~7|TKeM^KBt!g2K{$V%WhtFd|l-hIy5sW3AYU;YDRz&hL})u0}|X^
z<!5I+suigqpP~>SnSKi&aBET>YrSZDz^KD|S+Ur34P9YED{EjZPJtlg7Yp}JP+Cv$
z!0kg0zat(-eqB^~?{;gq|Bc-3D`9vImD?+oqFZV=SRfAmdsJ^GL?yGd_$Yk<*pGwZ
zUOyG|?F@GEXd+;60I>;xh)>%Rt}fEA7M7%80$GB1Mm;7B-Lo?!7ZLz0{6d3T4X(x$
z4fmG$Y5V5gvs=FD!F-T7t;bO}vj`f<(PZ)+$Ue==WCKQcRa?VsYmvi%EpTtKf}uY#
zzWJ`tnzk$?N+GJ4KO|S#+kJG=Fv)H#cjF_Wn{lB8J7g89E~c!Q3?|;xQxEgtgVJ_;
z$`=bS%pe2uusTz}9K%`Y!x#TyQIY-aAPMxHcOalc2hRq2*aTwZ)z%uEQ#`7fUW8Yj
zq>J5pV?|pUo3@B~A)nv~@~~hoeAEC7c(jjx0r3;K{3~~a5J}x#8k_OGgnkWIc<KJU
zdz5p=8R15uK~nRS@1(=LD{3KCr!-lyqlgMAkd^xD$K1o1ZU{ky-ZK{B;^~e@{jiK%
zo6bXWEX%3Mg;<u}W0#BkIjrN3`wb#yR&fahiDPu#R@qK#v`L8C1c6_L_p7}!c!(bg
z(l-ThE{1oY;Q$3LzyZogCn&ALm=4VH4HbTV-@AD4yMX;tU@cctM8sEZDIQGpgaJ5z
zGv(`d1a)}}I)<*X)9Zt+-lBZ$gGRR##&E-?;^3!?b_M7)o%jBnN{!{&JnDN2ya9p*
z6NxjVnGzu^rHUHip-gC^fYLnd2yVY`9|q3Dj9Pfx%Aaj6Aw&HQ^WQiB=afO9D=QB{
z?Z0(EbQ^qO@V(mgo*eO0R@3k4Bp|8>9;d%`>gk{-HS{gV-OWo&uK`5<G!gcexRXpl
zlZ8Gkf3N*U9bnmIde{9n5<aE14NDg`HntRhKS_QC&=-`uoo3uN&Qze){{FnTeuzr3
z?+<pP1f{9|N9}(|A&qf=^uAP)3Hp9scpx0r)naE*^tg|D4#5gNNC5UnX@a~@3yfX8
zZl;7=-udOE`~LAci)u##9_|(%^i49@5^E9wy!dINr4@T!2I_$rW42@@V+(NI0Dxon
zFZYRnH5C0gW8Rya*o5Bv@49)0phFnw_cwAv<(KjjG@0QxUa02;%xBc7UMr^x|E50C
z0Tx$@?{?-OGtBZNAmW34JI;;^v}<Df@1yk326rT|5S;o|f@p}=UsIq%P87vB4oA^N
zQ`~UOTcG>=5Yz3SOTb4h-2KXlr4PD7IV6z#`#&gjg%|ReZ^em1`VRzB8w68H1H;TM
z5Me`io2u|XrX4uQ8pq`<z!~nJd30hwQ=<-i+Oo=da0vKG0lHu}vQy&jhdw5#k#n)S
z@s{PG8dafw^#JCj4YLV5SONV3Xh=WcHHuxi^DbJ@$vq9)F~HWrr9}}G;<flfxc`?E
zHaH<dwGf07eIH+!VS~qyn>B&vPsFOC!>c5VspLL*r_ySjrRTJMX|@pVri*VWKqIRY
zU^8nh@%ERGFnUvn5&ow4kSS$@=tl2XW9?kQJs<w{mx}34ut0yfo0WSjUH<uye`JE2
zAcMA|sg(NyBMpFWM!*KxK%jImSL{t7v5Lbr5_rw)d$2hXZ|?cqJ@?i7UEWd>7`K<f
z$SFi(ELx5IT*H(h&&}+<FEhZ0)h~5)a<p*>1VW*0ze@0k2}S?8WLi3t02&+Xm@B%Z
z7G6Lc{*ygG0!%{w>KgRgK9?r}@JRrr%&va-@u2v1Ve+bRlXorgI5}#0V0tY0esYUd
z^Lq_9c#@;pr)hAWyWVM4;aoUMWKU3NBO_o1n0_Q2Kw02{wSA>3wFU8aJ#Jt{33{ss
zox%dh>_i3D1PyUr*}jTo7Gb;(K>qm%J!wGv$#_-%&R}c+V?qU>QgSYf?OL(}m3y~%
ztGScLtEL=eLkWsaSG|*LmxKqdN`-Vj7Cpb-DUZ4jK=!`Ct8fmqz&3%taks~n;5~H;
z6G1+NWL0*n{hOQXJxLlMvc4zxAVG#$`_T9Y{#;A4AhmzRkLM{N^mb{;yM$h6N{)`1
z1cc+1_mk@A90<>TVJ_4-X3Pg-63=M(5cd)8B>s?dU=G*vMeia@BV4H^xVQ`j#4HW7
za{@(;(IE=bV*CWLU~j6732QK2<Ge<D;(!Ajy)GD0={k!|^6yvt%lD|LL45a~m`T(f
z;H{1C-KIDX2ss_JVu<+B($Ay%B<}{3nS-V3Fp<!kz7uEN4BVuzod-B#-lb0-Ur4L!
za_uQ&nut<4Ui>55w}FUC_2+UT5B_}fg^2%8zX}B)=1JF-zDY>|ejxN-x&a8x8M3&W
zM+k}2G0i<qM9pzH0WImu*J{5Xm`Bh9CMKr)=<)%$Z)?<pXWPDl1;=51s*Mo+mme#>
z13ro!0Z=jpqDLs|jil<^F!UwdK*9esNjw46$CRrvB08?sAEv?%vMH_iJbjm!o9mFk
zaFC3MY>9M;I<R90(=8=p3&S4*f@GP=96mhRICb!BG2IJ5%!IwQL03G)+r)w50Jvw$
zj5-x&e?#2=qblnH?jO$a=&{FfABc>eno@G+e0eGmt_h;6d2}+pIw~C?asv%>0#CQm
zT`b#Ufi@2Rau*beg9>Sa&{fEw9HL95{CEFD&<h`WE6m$PSo0?Wq>1!>CobqWn*gMt
zza!ZslGe^m(u`E9ewY&9Oa3XH4a&lTgvjN570E?IP4K_S-zIc~2N+@%mWTYdbfXWK
z{!#V!&xb!ExN5zV75ypjfPm~N7UIvJSHb51f-D!l=mFxuh8;|Bc1!MSypUsBns{A9
zpz49@yBxraP{kbp%s>$jPwV{plLtngUD5#4@CXuyu!GPoxuo*{Bly2kgpPHe;D&+L
zV-V)%=1#}`0`&zYpzA&NW_D~+E*Ex)8rjcSbRQD?1<JotCoE0J0uq*Hxxn~qfe|fg
zvIyUyee7T-Bk4K7OnkVnghao$xJ*2i!{h-Fy~Z|?=r{@xWLv5w-(6#^slGI?)5?qY
zfTheTE8|^_NKeH^Fd){IyfysVl>hSg1`6sDN?JzB4oWmi@4trjUo%JLCz%N<Jx36k
z{0b#GOL*o5Y*2_Kod)e3>3}j2JZREn9+tRgEiAy{HqarCOfa<<ZYT{fihmV`Gz8qt
zjdQyY?U7ASd>h`9p$YmD7uS>U#B8RoVIG7?eg?5{CsDlk5+5((gojdCQsS-vLiG_*
zBA`Gv)jPU8<MiYDOSd;tE%wJw%7pTNYTi;_7x+|g*PQ5hC(bE4;Q#;40*~(f&4JK8
z?<GS=hq*wfWI(vddZO4>wAyBhVY<rJ84HB!iwCI~1WUERh|mAk`0z&y*mX_38O@`F
zQQTY?qekc1{%uR;f>**#9=`3)|I-5ZK2U4uJ;iw@3vzP_0*~8)kOWU;hbISWQkCXM
zi~cpGl`dZ5#oksJJ=HY!1*B!XNT1p`5Z=UP;z))}>lprBfm-(ujpYz-5&YdsW@cvj
zw!GDTrOFp}zq#{8?=F^kz0PdN1$-M6DQ(TGl<O~mRp1u;4bJHu@w+D&zW>U?kO-=i
zJb11?C2$Dr=O>wA`&5YM&|OFyZ(SN(>T&p5XfrD&C3*lv#smuT`(A>2K+fk-)xnVJ
z)N*d-pr@(1?D1rBjl8Lep=F(V?;j?G(=T9;RVe$I7K%L;(WI)#9v5f0G0rzutG#H$
zHedP7R0d$^zUcu{2GTG24mTp}X^o|p>vz27W005o$T*FN{Z$F19<V=ryy&8ko2OpH
z3bW$>XajV1NPsNZBtRYYE+{By>=&OeKfAq~D!S`K3{e}0h=aj+kVnUSaqCr^blv?Y
zwT2-|KpBQ*`~}rQWp4d{R4-h!akG7Fe)C_n+52iXIUoKiTSTC&2q?z)ysXp_yU0+I
zrz!q3eF7ker>|YN^>Qixau4ee=wC{H(*B~}=KB4<QwEIeU+zTl2iaCd49g?tx$$23
zOJxCNl8}}Rbr4w<j>0Xrds-3rV4qWICa445XDyhr{ASV{jSlEu0JtIA8mcQ|8QN`=
z73KGZ`@$K$XRSY3v!FmYG?Pw3wfO2+|B)fd-MmqaT1P&QFR%cwZ1=a0`4$k?U<=H#
zkYvgV8O5DNUYH*_?^b#~ENELq+BHpKA|KAzQW$d{Qagu>dbQ*7zB_qKN^ARGHq$7Z
zY1pqU<?wYykW7a|>!bfv$pf(V`c?YQnhnnt^p9gX##2A~BSZ@w?7l&epQRu_Ut!m$
zQj*cvfZxF!)@MHWaNLFhEu8YjmYB=XblR&bVjI9mD`i$q+j*-Fb&y2yNvVE>^}hfh
z1GjDH@u?dc0{6>8ZKY?y41E9gXxn&>q55WTVz#H>RH0Ejem=@)Psr-KvX<#hFEO*i
zQljM>Kf9@(xV)FL&*UwvUCsSy=i{F?5vodXhSibJt1!i^oD8Ns?xcZ-@6=8h<=xTg
zTj6>Co1dqvhYndD%JA?NV&V1ZOW$wFD5k&f&(~i%267+SPVLNBJp3NdzRm}_dR6(A
zVcxJn$eubo4su8Y-xdKOA>hf8=-p?+bIY{=Bsjkm#}0Bk^llGc={E|9ms0=fJ0QRS
zqP_kHAhC$K3&J}fOIzQ7yxougaJ@sn4!`rhToMrH&UAg4>ZXCL{PDY2`TO<`7Wk!~
zf=InxKgE>SV(U@trbzcsT*@rHk62S&*?vb8MKRa_l5ps7=E`VEVf1zU9KADXU(BD~
zN-hqYKT26COrKfut1Pb&Qd({NzbCp$x$oi%FE%5bI=P(R%&?azgmp-J_Y0G8j9sWq
zo4H@k9CP<XG&f1&!RPC>5~s5i^x-5hO87~u4Xr)^n<IKMq%q~S@3WG7PQw(Byl`?S
zu+jh1X85nBTA_fPm|EC;8%+CKT5^emsjz_xd85dlNQnbrk+s|)wJCuOI%iKORo16C
zK|jcGjz7XsU6X%z;=2>iByui0G(Qu5E3*JUo3dO@^V)OtZ^j>GF)Z#GVR(Srfh~hL
z?C2j^55@*+x_~@nlo0Zufp());Ulwx$`?7x4JVZGJrhlb&uUMb=6n4xsOiiv%}0`M
zMu}B<%d~&!cRYxQQ7ox>F?U;w{KRaj5-S#8G7?=!t2zBH2i4=+R!E1G<LTBsJ*kiM
z-DwzY@0dK_b5#dI+ggzYnoY`+F_K|d!=7?^F615Vkt)fZamq6>rW?|?qAHjf3jRr~
z#49c&cjppo&?%q&_Zos_Y6{1SPoFhGGJM=#HqsM6j*9u^#r>IhKoD3<bQoW@U0mM-
zOlLnn5&NI}vPa)SHbWbH-Gi7>w0)rtqZ1$mrYl=sipgB9OCW3Yw|Yjr&n^%0ns%qF
z>wD}YKmn$KCxCUW=75@me20pRn~iiO5iLjnX`)Nw?l8*D{&ia*riy%vCAu-N&Ch*s
zgux@J)LsF#xz(zZQS_hS+82i4#|(%7%^RAvNi1?TZM?4C(U0#ov!;o&iuvAs_LD!)
zs@RU1ZyExUpqZhdaOoXeizwSptMBSw_f|Tq+loIL%lc9FW>?lqy%F5@-e2<1RrTtP
zRZP}p+O_%I%7>$&?em^7y?oTSh4DB3Z$+dH`a#HXZIZjNmlqRyH;UY~8os`ps&CqN
z$a(iF1++GzE|LxT94k`FJR5J`BW0X+JEJ~teJ?s1AAhD{q{nrc6y$QFY1f^+l+Pfv
z&1c!ObNLTiV~m7bS+A38<r3k28T3ASz!8Mpk<B#YV<EusXY}9zf_v}wLNJM7FV24}
zTzrr}WOWV|d35B&d}0rzsI`k;ty-J`X;yd-Ae>(5so~Tj<3%h$n3zuTToRG^-AngL
z)jPz+Ta%r(L3;;}ziuuN5;H>@4Z$Y1>-+F?FXkJGialR)G1D)F)&`WUqNz%e&`3$)
zwYh4?3BB8f$ElqqIv-m3^(qEMr?hXuQ^%z6SmxM?wC(CFZHORKOHcKRV)=K4R?32v
z78G#~q{qd>L|*5*G5+6=V?p9@lF7<lP8PN==%>gzfs&YHu1488BOaZOrh~HN!zhb8
zb;w2{Xt`izd7Ho2)~i1zOjT4WDNNtotJf`$BR9HDR6FDoeY!;6`Oz2B%iqr?mgq4W
zyx_Ha1J*0V`(pZ!2h%wEm4_`YQZ4@t8vbTqXrnODU@8rtqeCQvU<2$Rf}eU@?=Xz$
zPaf?&x+rHr5EsmQ15;T*EGU{8tTLN>ec{t?q#bu!?vEe=?_95!O5l{=0SllVfxr~^
zweFRwnUwcao~nMt^-z~!$lv*G9vCzM0;;bEFbSKX)o#15gzf^DSJ$JEN<ELi^ju{f
zM6uY6t~Oz{lqC@*pMI~+ka^XUl>PRL-N!#k++GdN?p6v<dyE9;vlS3*T9B7HUqD55
z_!7n+kb{FG?OOA?kAipIKi{l=O7G4})O^`x|B?x0%Z{ZTVPtuCjGcICA4ltZ{J3@%
zD7poSS@ce>PX{7_1yEX`F0IsAK5-Q$J@5ap0Lu5`BI;wJ0|_{46dm!^vQQ@&vUT+p
ztQ@hvj7Ui@VkofU$@nV*yP_0amdlEl`H+`;$@L=jQv{ojr<C`U=NbggXWdsDrUaY^
z&S&>KbO#uaR)RSVcqLKfh;3C7=ztWhAyWQobQvmmYm+|cFkaB{OY#MhY4d!%{&`bH
ze|XRfF<Dw+BAt0S8co9)ArAGk2P~sZ{d06C1UyhORACfIHw0$65w#g0nNdJLw220~
zY-Ky%H;-Y|_Hx`bE;Ru+S&prr&%=%NZk`<+sSP<o-V8K*pmu%M{`^_K0gA~$(-oKU
z{6Tccw=((ZvX43l##-5}XweuP2s${RB~lh9;q|7u@(JiUD0+Q@vZU$br*&MZk|(q3
zgi|0&%nNNM`rmE?$2p({R)<GopRwSDn9}FeN`!RbV#v!UO}!_tT?|{2@L(DxqTm;I
zCEJEC2u;Ky$=xZ8uGXv`Xgq*wq-ZgK*72a1Q870XH`D8f!-m`$-fy{A`i=ZqWKc1-
zf6UzdI!X^M@1;Drnrx~$8oOO&m6v{{j-{bMMlKu!L9|Dy^<j|}baXf#BP}$;$<P+t
z#B(BaAh1&UyvTkdTP!lve-3jd3v2599P?y=Dbq9(7or~o%OM2?hJ-0L6Zm2dFcKD+
zr>DG`5~tsMy%;Z)tYH+=VAJSzuKoVc7Wc%*bA;|yXE=EPCh=pFp$y55sd8ql+Am)`
zAR#7nX&6a2)`yaFz2D(4n9p0ODDPkBw;O>Fg)?^J)4dO}wHg^m!gvtPD!vpsKAys4
z>S%ssA5;iIKW{jj^ZxKfRrf1CrErfawS=%b(vB=!9mt`OmCeH@8~JxGPhNV*%MfPp
zgO1!t$aqwU>>ph=7wd=@ZLJEr?st2f6-Y2NyFZcg9uS#P`HbYDLC&&YoE5`OH+j%+
zk~J-AZ>t%Qtc=KriktI}>>MS8eiz&kYosoxC9!=HItOK-sfsPVR6LKxAm3KwgJdC-
z$%r$F+h`*-UmPqI)~mKl*n2&B@~WH<V7L2Y4fw<K2{X!1dQaNvhO`JazCaL<CxQ6q
zSC)Ltmskn%p>N+9%p>9v2;O+(7tPT=i4=6;n>R+yHCMggV^WCyU_T*xm<#UB*VHOP
zs}GpaL(Gi}t$3ATTcgF5M`rplaMnj{ekaQO|BnNa8=ov=L`$kp^s>_PRw;X);2JOc
z-{oYY{|=d~@h}!ORkqsyF>aJbQ?Y?g;|X~qvk+Myy(%wf;z;b|^~P-D?zVJ2C+yHR
zh|+8PL*XWfap9dXs2l0pc)WqB<|j{F+@3DcjPl+mjPPt?X>-2$gPwb1<Yl|UCkacL
z;}oPtHByv&_AdFwUH!7ZW@pP>gr9NP?1AffOB}TvV`_q6rf&83ho>h5Au?t!x{v7V
zpJH=WEB0?rkZqY({BdqrLR;{oob7b%@s|fg3L)7-H?&Fc!Z*@>^V}qdGH^3m(uA2|
zC=U&oT3uS2ueLWfKP0jTIc~<Uf{trCD*ATgdADoPUG#PCmZKzS9?6Ec0GZ|ADM(;4
z{<&c$=i9Q^h-lA54Z1*M{vTJp0nd@T4@)5LyDFIOy7ALeJ@%DG?<LtT6d@Y$95nf-
z!gtpbfqvm(fm8W|f}#x`x@a%C%K#Z7Zi%C9|0865u(wRR)EV{gQ50X5H<yW$sQ+f6
z1&%=Fb2=H2wJ;1#24NEl`kml?l3KGLTW~O*Tz>G&(B5n{1M(TE)xTmqE*vd{bk*ZZ
z(Im{6hGPzhn?JCbZ8&)7j5)by_tUvX*90AHCWAKp_R_k+<9D;ZtMC4C=hCDxwcm~S
z`w)jvzlb?#vV#9dB@_ozN06{>T@9D%*}sG<4Ip@XEiw}V5`lV*_HhNka)2h+x}-wv
zTGDFo%U1R`23>X0zNu%EX88A@YGlGLxlWg)I=+M$fh}QjEkMPfD75DY@u!a4H8dE3
zO7w*hAD<J{6(I8yoO%)<yWbxm`^fD6Wi10zFx259<*oPeQUdNzkG?V^e=A=9hMG;t
z_lpudOd-G_T3^xIII1hP`GY0uG8R+!l+B+j`rV@kk)|B8hdCI_oD7JN!gs>3XT_P<
zO~;++24XujuD&wWE)TdSqZ76Vg^-2nX+K@<C<pQ|mrpU71a~hM5e!H!55?Ki)uE&G
z9`o0>>J7-DPLK6*{KftgI<<nsAIk;Js+~H6N}Yz*c2ctH6yNCaOo+3LWH<bY!Cu6-
zpb<hTpW~W7KY+*X?Zb`%>PmIZofwzcljd&sy<46lcV$%JN>Bze_tdDX;RcZ^=*SQ$
zcBYF%D^B(6*ROYTP0?QO=|b3>`yxnwz`mo0Kr;eBJwmA~y1p>x`r)2a2H}my5Rg;j
zj(LoC<ECfdKXz#6E$WI8<7n(jxnnP|#%5KsnZ`BrreJ%TzU?)Ab$y`+iqusmA<-J@
zd3+TWjn6=kE@Nn(s?W&Ghs-olvJU~r>XljO5=}g$y~uhZGtJ$E0Xn!D3+fOi$So0%
zZgBb;ZVhi|z}QoKJnTTViaK%0J0W}HKa1L(yHq9ACBfeWj}UtyCmFqPu*@Hg;=pK9
z$(U+Pnkei7%VNzH33ms63V{p9y|I{2+R>rhG$}#vRXNoQ9(Z3K2_!iD(p4ZnflLNM
z=n_IeEd)Of9C;Chpd|Yup?mv^14+g6D?-xjxJdI*^FntV?#Vaw5ZAUb9^tzLrc=E6
z_}gghY&#pgO3^*)e06Gc6hlj-5uY;Zigg&T3~lxx?|OWU6r&kHUp2x8%Yq0Pm3e{Z
zx;=&*QT>U_DrNweEH~?l=08WQ00Rf)AJdnlw4kxh1!GuXw;bwAuN7Y1jA-9i`|>Nj
zmM`gv!g(ChQ8s5s)%01PQj@u;8=pwjGecq}-&|-6-HsWtWP+kUnYK?>KJiZ8Y)Ly!
zagq^hrB4GjbZC?O{P4SC{5Yb4)E#MYq`CxGVTqjBjF=BwA9t+u1J6!&N`(^DR$N`b
z?n#w^<(bUoVCzD1Q;Z{)@0_8b%nuI?sg`{!F)YNM8K)+n?YM7vxw(66&=X|l4%38>
zVDvO)Aze>EFOtwR-tln%C$8m$ljHj>sk8Q@O_CYqboWZ`7K7`J!Drp=Uqli>3aXMR
zK+tVRH=IU{;`ZuP(+EuT2)1@<X<@;}%Wa-5PKd$yku1aTE~dNr@lDdr_W1~gm3~js
zo4>w~8#?4FG536W41;$@c0^wxBdb%&UB6**l{#DPsm!g1<5KcgN<&K1#oIS0^6?nV
zTRH+u9}dTb2Gdkh4i_B{R$dKm)M>fqzAIcQ^Cm*23mw`4y`gU$t5jdXS7=Q@^X)(_
zHN}Z13}=477<ND>{}cLN%DNiqjKYW<5Jdms`Stugx#O!lR)RNygfBkj-c>9+hh3VT
zfOLC_v=ye?gSR}G82nhMnDB7w8t@;A);-Xg|NYh5Q0UjP5|{d0R~R<kN3K$TK{QY?
zTRWTqHQ}FA0UU<`zPwYs!&Bnlb4@c!N&~z+0Z8gA(9rnh?*g3y^Q#qnqwk=xi3#?w
zW&&^em8C5SpDUM2rgon$`d|~F0qJFN*=O#FZeIB3H$4c05;U;wEomFKCT;~NqX^l7
z0&BG}x;Nx12*llCd69&7jV#tCe254%#s-o<i7&tw#-=8_YytJvSrE!mb{<W!4>#I>
zdc9GwUiH(M{QWLnAnz@UARnc~T_uk79Bb#;cGL5H&H6{B^nr=ZKREVVr8S;x9N4``
z)eQSFSllUK<rZELpHc8|Q}yv8!w+p<yOuWtlb*IUlmQcRPbB(@>}I8@57wVCz_`&w
zJ~nTVGJpb;+H?iV4Q3O+5Yjxo*xEQ6WF>k)vC@z!*Q?B4!j&@w<9^}^n|u|N%3`9K
zptdDr*bsR#4{hS?N__N>ffXVcn)gf16!=bx?pGXqZzfJ?t7<Oh-KK3lu6L^sfptuk
zQab)O-Bh~tr@ZUNT@4&)EYA%CQS`750`SGvk_}ka&GQii-tz1^#Xs}43dWu}si1=C
z@BS=t??1boh=UViy3D_1TKn}^(YicC?MjvbK^Y-nwsNl#vga=embR(56CX+&@w+m4
z%Q<R2I9fDMFS6mXr6p-czjIbC{W`cG_T%JxrS7wA1KWH8YVgh`|Ch9sFq1*DI!9rx
zsdyEGau)w6Z+?%Pk5-_M6xq)ld*R8~@eM7gb(?Uj^+3cg$CZ=>^v(;xcQe29!<nd~
z7mke+-iY_HVt%Ijz&}>^ZXsM`?6WVPcy+rFC;Q{E4r?KCOr9=QkSzu`iNnnjnz|e}
z<|7c4?lJj4j$K$w6&3)X`uw{k;Jik`fDGRXzOaA*sr#%eX>siu1&4l>Qtd7L@E55E
z@b|-_Kgq%+Fe4`?hrQZYZ(OwjHLwu-E2%nc?Mmn6OO_+9UZ_F?f;rt=!<N?-7Kcs6
zV*&zl`vI*17zK5KH@%Ntu{Txck|_Bx{;CTTX1W6j%ujEoTo2JlkQ8SI>U-ml2+BRi
zf;NCm$uc$6hx%7taKR_IqOchRWW8Ucy~;OWk#%dN3=O)`b(UBzn*sK`9pE`K9Pd1M
z&X$>br%C)erM-E9l$~cOYU<*(5or0vopCqQWr>aQUAD$5X3N^((lZhqY=_+&o**7L
z4O)=D2;We&e#vWs3Ica5(20r3Q&M!2iUw4vL!Nvger9=5ADjmt?N>Zp^DUvzBO}+d
z8s4d=E9`KBGr-EC+t$tl4bT4dl2apEkSEkN<s$Zf1fVVuRN-u(8r4Nxt$q5F7`AqV
zPw^CrLF>&kAc6GeFlrz>Uh8iMg0!gn&eY#!h@~}dMq^R%a{>ZYu)Ie47<(E>LpE|+
zg}MgVG0p?D5Hit)gwR0{jK`(wJPD)#&)>U{>Vsc_wI%`?<^$dZ^q9=wpUlSnx+Q<J
zJkFM{+vLJ&bJH>8h$0m%SNf-#rgf8WY?es-rLZsKg70UNFR~`<$K$RUxUFVO8>tvK
z4nEIhfAmaf_%VEjf1O`4DPam(5feLi#2u9Jf(US61kG>$%s0hR=&HTr$CT}=BY7Wh
zDU607lL^b!KO$qdc#l)yzikq~PrxdJ;eQqS5Fg>1`x4UHaTHLO!o8%`A_zVC#3E&%
zYW1IIH-t$Lz2CaBFV#;XEIFY>iUTnOG!#1s>VJg61)ucPlhCVDJz{K0*FD3)qk<-`
z!xul0vPFRi(JTg1J_7Y=rC(@6?(`B8#(Kvx(6{fF28H*S>=2BONYWp$trQ8kuX8dH
zCCt7XKWW9xuzBjA5RLjH!WYkW6ra{<(L^wa&7lnWJ$&J_>h36ivH43^+VY0%;QYR!
z7q2#JUl`rUIc8UfG~9ZNP$-z?7T~tXo+B^7{3l|Bx<~dVE~=Ds`5!ZLtC)J4AA%Wf
z9y@)`#V(m}?M_SbQxLde3vXpI?b}z4;*j`_DKMx2o_f;_B77X=j1)T$TguJPr2Et#
zbHYeqA0#LPPNf*he7kUAexcwOO{~EB;>(M0F`7?G{{%z`z>v~sG^2><H!A__!wu2=
zR5(Fz30Cn92ixP#E{EC2edsrMEt_+5p+JR-ZDHQAlR6lvGrm}8LBoEykZj-78cxpV
zqV<m3AMq25;0f$Cw99DbmPx*mK``Xhm|xyD2b`;P{Q9qntz&?=ggBv7zxbHV0)}xc
zwq?fTRriDql^IdUEg)onN|=)W*a<r{>`6BduBJn)l0{z#L+#Gy#ICnRJ5ElZU3O)h
zYb^MtTk%a@?{4}td~x?1^VmqQFVS{mH@-tCyxbB&gpoUHWZWe+KSXR|Oc|u?YGx`y
znqplO_?5sz9ft*d5_<=VbEb)1x&*4RbR?gk2|sVMui5Bfxlw&u#xweYvO!OLl5&^8
zf3Sr3vGvI-l<0j@kpSw80A;5U#=pkEgka+hlo1;=%^2ujc9^gScwbK;hO(d`1_XgS
z{kGH?6Oi@jJDk}6^^JS)w$byn?c#9R@sCx`*M<hF-gxfL6d`9G*R7YXDL5{Yl72_1
z(V}^ZqNq<dNk2)Jfau;IWyt#;Fiw~ODTVvU;p{n(GCA=rm?kRLm+zrmka8#FwKtvW
z|9Zg5VDsDRiDPnS<c7Mzz&^1={H|GA>6^#rKOY>~VL{sp6sZ+JrMQcISKGA}bOE<A
zXD44(HF2=hkIYW0Tl5WJ8E;d~3rR;xy5ZEW6Y`9AB~SLBg@Q&WKm5=h?GdD1_PX{A
z1&QgIyr&Y_S?oNp_er?rpF)<rr;pjjqtz%;k@o%)V0RsEt=5x)s191_J7`JkBtwT=
z(;pQRi#d1+Vtn<BU^(MPQJ@i+cS@-e%z>k=ru;8xO(f(2QcX=F-|bUL{8YF>UHFDm
zC*I!iz1f9#Jqj@incOSJ{Pf$OOXjgRh@fiz*QdMFq=2!d9RRwP);1yKmV+JEC5_*;
zaiX<Q7(bpG`$Ms&;;&qIU{*TJo4x!<&_rxP<KNI_gATRoWx@l$ml_S-c=6NLpRU%#
zp@b?7jcuRg+Z$bq@crH-KlGWBC!a^S2;Or2+<d*iu_|-%?g}J2nVah}%8I*DT}_L<
z-pP~1g|uI-QoXa*v=OXljTDd*dg3qjb4HIaeA&!RSf5PVw?q^)iNOTn$bqW$5##7P
zv}e1Ljm!qUA0c^MA3+1IG!ne>BxvFdJZM)AaVBs5{%ETRB41(^yxy|6K4GMb%jGDG
z4f^<lxntLcD3Re){L5gWr~es&Fqr<x{MqfmZmQKR-OwfB#t8%gOW**#)$yTUl<HY+
z)ZMKFcF?+UqIdnUSz^kd#Um1d`C}@KAp`J)p#VB@+n-8nb#3jS`(8Igb_k*((IBTO
zwvPL%@jngr0r8OL)JS6D<huVfv$RHy1oP!{V7J*&gb}eReci{5_a7Bbo`O^fN!vw+
zK2E;uZJc{whhI$9du!YPu~DJq9b}i%RKcZ4&y%9{E#SCg3mq=ZnL1L9+%+NYkAo}U
zh1rso8Ke6qyu$9l%mOLmgZ6UDBcIq5$3kI8a33(*;-<QRgjghfz;1%vr&gLZmm-iM
z=Eg|+vpnc&BpWJCGzs3T&&z58yd|9eeA5vC0JZ(FukwL@2UkMR1H>d77G_=O8cOQ_
z3-S5xLwo}`{$6-f0zWRqkOY{v0Cmwe=&mwtnh}DY%1>y+8&wA;q!26JKg5|&<wZe>
z5FViafXZ#sRDmU03-WW<xThyTraC7Fw9!!PIjY<YNT%N`Hu!yzd{6IS`=ME6r?s=O
z^uCYm@bpJNtz9A=nGN_hV~Wn|Artb<H)Q_x50k`)CiqTxK1&o@k>(n{+Tm%-M?CwH
z=94kvDE4bp8)twjPqUV}<J%D|;0h85uHiY!u;J)&W7xJddP+kqT_u5c9;HlntpW^*
z0{u1COc0xpWns*{^@?TB&qzY}_Q%Qq%|(+!grE*ev=&y`;AT))D_V$M=?rv-98b`z
z#`M@JrP4dixq-8<=`>+A)w4<SB~;atPCCohpk?LXl;(Xh2~clsP!~)v?BF+}!C9FV
zK1liES@*>Lv+nrw?#@@B=*E=MiS8)zL@qk{Bc@IM(^C!Yo^FfJe}6hT4DI5x(*JD0
zJjfk29iYi2f>ttnO;INMrj0i5YYbe(RY7~iY+&(q5D9baphQ~cc2k{FWUUMp|AUx9
z<U#r=*==PsTqKn3B7Al8&5^O92D~a7>1T%{#6#PAWYE>+)E2jf2%Cc{KO@W<E?{Tg
zYMDfi+b}|2I9I(31(9o?+j+d@l%1WU-41Ik4Q3%>3|i_o2f;kCa~TJ1-ht^ZC)Txm
zlb_@}YoG;S1?hYs@Cns~Uag~q6~5~$_&3erB97W;e>C8(suU$G0Wnkn5eTmSe_Xv|
zd>mZ6Jv?z5+qP{d4VyG<Y&W(svDMf~8#cCWv`J&zwlVMYexCcB^M60(+x#+n_P(&z
zy4Dq5(KIpc<5v;s%keX9=bq>D;T?Y~&y#@FN6?>Cxaca~<)p$%?Tddt<IfU$LiY~w
zlSg~!%1UbOp$&@gv+|~I{_D!8!niTX(n$2zL53<kU=UY1VcDVk_WZThI)^p^^thag
zB1A;uEAF&2s6Uw_=G~Hi?VY&c^=4^&rV{eKh<XGBKn?rMB&nT>XoYXT=+g3pXOtp;
zvt(+_6-FdWxW8MAY${qh)Zi*OG*2r8Q7G4BQysnYtS60}jopV#J28BC5N7(3zJwZj
zsmzt_&$Qu@rAr<!0VSjDM3NjT5(AzK#d8yPXb(+a_`gy5KeT{5IdoeLAfFv~yqoIH
zR3k1l-v&lG$t{Q0=kxiU0d#;Fy4cv^L*0Vg(IIF$)n0RX=3sB}Z???8p~#PH@i#bp
zSScTVUaIL_p1HG^2kq&2&13K4Zh{AndTNJBqOT^21LwSAyr%IQ^>&(zP3p|aK`>P3
zoFIn}(%mf(4tK6UzVd6DlRGFjy)G0@pLGYOg1QWlR+{m~@xO~Q|3;P(puF=rgdk(A
zaO4is(g{g@B_qIZrnXZiL7+g1d1-;1IU;8(4kXb%&C5AsK+oqGN(a1(ETZ)z<4z3a
z#>YuZ@k&3UQcDI@5=F}*{WM^;7S#!N1L`C2b|RSgTTT5>=C6Q1yjYu97M)=Y7PFMh
zAO8R#7}zE46W|FDf(|JiH*mNP)=WG#pP>jiO^Q!~0nnG6B(_n{2b>n!Tk*Eqt&!IA
zf`hpLF61?D1xVw>+WOEsw`iUAz{4y)>155|?C8qYrn@o0>lgd*W|z-JKeFXUfRhqQ
zWSE5XZ&Ws|GUz+`FB7!-+p?$I0*$+aN8Aa6JwBX<1|h<R`q9mw^y&0S)+1gQp1(dh
zP(5874gTqrujPo{6&-|<VW51tS+b74ZXJ7i>Ck8R0sJ-G;fk9X1W|ZD`H|&dC;rU@
zs@SU)wP65yle*^HtKnqPyDc^nlIPR|-tCA1Ja!3%G<rTv`TYwkWg=(Y622PQ!nYv&
z3lQM77D=@G^1$=CTB(1jd)!}Y>{8(`D)kRd@;9c`phKqe`xTs4Wsr+L?!r|ixYe%H
zI(YMo#t#>yqTfzWQ_7nhF>`aL;QVaR$l4wCqA!;MSQYGrn=cHE-Y%2XaH6CA=;-7{
zzq;Kx5-nB`w{YiqzyHN)y_i@n)fIOv<8$`b8N6b1kt+x0x||v`i|ul|_S*=n`ahzI
zgjl6@1bgK%Nq317FO7uorXpz0!pVeC2{RBzw%MXDJsRx!Y$3L>AEa<(KOcYUP&t;~
zDvJfzL{PA~pBbOCpg7n~y4SVRa^h|)kXq_Fw-n`qlL}YxO?4|a@OLca16Pt@J)~iM
z`7_`POUV5k$q^nd!knl;Go4r_{AAzUj@a^rAi&AZt_muCs6fkc$F*faa&tiGR+OCv
z-}I9Zvey-pnYt(2PVEBrQ{G)aQ?}DHK0*`HegFU5x(@KIYnWL1IKvq%cJR?CjmKdG
z_3gd`YL{mO)xGoRVVP3wVEm4PZlo9nU?+a!+dO?cLiUFrU6!Wg`k^55>Hf6Rey6r1
zw{H*EFh;5M_Tc>>FW#Hw$_u=ppsf2S&K9V4HU|UQa*W&kn71->cXAN_-dm98AYeFD
zc$I2%>o#hdB1BL5!dTsg;S;kA1zzkY+~vP1+Vg>l|0|Za#eSb%vxdH0mj-e4zSsg#
zNgeZY%sE>(F?3s<JK_(;#V-HZyJ6b)AitjC#cw3s`$NqjH>$@Y@`(r3HgGQ(`;auS
zqT9a62!cE!WOR9?-ws=Y58sxZoD6i)LISVtHug?MHMJ(lEP;~bL$Nf+qD`~dzE*Gi
z`dEzclTtWBY6<_Wre=x^50i~(;2D`QU@{GoGoYN-FqSc|4WrZNZV23_EKOk3jQ^MB
z{O4kdEyx(9;Q$gH;@`=$JJLvhKZiFY_!BEDg97Fk<oP>~PVV^sd96IL0k8TW<UYT*
ze+ZTM4fM$Ba$cD%?Y2rB=@xy+rT~qHp~_UlAS%<mj3!x`H*NLFC4ET{5R6ZHX=<$e
zq|0uPGJo^SMeU1^{F0(WQ*-u9E(K4`bo3$#;qrcy$rWA)$%Nd2fhrC2Vd5)9HwH&=
zHZQBqLUc(|j7+@TrILR&%Xajx+=e-rfq2;o=2v6)TXt1=yO2r0f8zCgxB(si$O6Ze
zVpzjJYSt1-q%rwFBm)Gz)pC~q1Uz`U`BSppoGt&JuP=fbnuli3Ig9<Cj=6=Gy;}D5
zr)c=D;dI%71w@@4&7Bx;w%4nFy5o6c`eS?~nCtj@gH6!AkL2>78~_FqF(B@8Ht2mU
z1kBM6JK#@wAjMX6|J=*e;y~?+|7hN|+3n~WdgW7)9s)C#;6qCQUR8h>u%L*%?W!rf
zWK!My{;8$g9fzZ5_lBKxol3=iVBf|>3#u7{zb9&f6I!x*ysn?Dt?}`=%@iiAL(o$?
z$GtlYe5cxrpAqf`+Ow?tzNi^Y^)RksK^M-ZQZE;K>8Hb5kj4ofizTb88_zEo?#MJP
z2u>NGp5xYc`rBUQfqYSF1w@NMY{5YRNpHz`Pr8|At4PYj+((2<nsOVTL5gQS_lKh-
zh12Ql1L&Skm)|jK7ecNUJ-Yqaz%cSxTz7QHUHsJSTNj0iQP+}4IK?kn5eROLZpU46
zUXig%a^!&>ZcITRrMzG?D)k~!OB4r1;zgpWqoZmT+T2Q+>3XaPc{aN-X*P2y<HRid
zMcS~_@=IIbm$IYC$1BSY?0#^LN_$($CtAl(nxID?pPbZ!eW@!9ItkRVu^+d>N!e0o
z1d8j|+4uHJjoV9V*7z}Lw=-NOrK&~zl=bu~hNw&%tdliQZYbU46OW8Cv@^29{#<j@
z)f!2{^NjxA%idEJ74TG))KZ_hI==GxXXG>7P1Un8+YSf3D>USmV@rmuVx9=GroJzC
zSLPFSRqGQ05pce?Wi#p~Ieos3IXc@;H`guYbu9|UcOBKm@d_r*<h+LbP}Gt{f5y)7
zDtiR^O{1b`+TU;LAj@Hs{}AANxo3j}kl|3;E|Kb)_e=1wd!{K=6(S6wQ(bL&irZkg
z?oPkE*YA*2@xiT5bbqPqeCiK3xjZo3yy_N-g1h&W{kB{QOx5!HBT;x>kl^vwk=U81
zakYd+GSPA9YOAFY2=dtiIZlt#a{KT$VnY;?2-~+BJn!8+&w{N39l&URHrj3H!!jZ=
z)zMC#AC8(_N1kpw&IS9$R+6FwIn1|d`?WtgFC861QtvC}7bVxb>+s)M^J{8?JS{lV
zO=I4OUgCkJ_wT*;B0m<d9wTXglomp-VVr&F-AJS|{r1`MD{3C|&;Dfge|xjw0HN-G
zxR@ps2ueUh@WMQZ&!Ge($sBF*GrFvjk_;ElV3Lwhq@mt3qR`cA-c_H<Bsni<e5(66
z!rHZ4C3C$lqK3~x<QrdHhkfhf%}6lYUQWEDj}>}H`JtUy-`9h9=%oi5Io6Xk%ubPK
zXvDG9?GDa~e7>HZfL9sOJSs5!J6eZB`=Gd-;GDe}K+oD4!MgE+Ca-OHK`pPYETH|a
zxQxDVYt$_9>T<7#B<u-P5OStyOS|1vZ&U14s`7IgW**U|b|X$TH@K!zU2HMBeoDVu
zd*Cy<pmf?*li4C=6^`y$72?*<7fxiH6na~o5iK@j^?L3+&)Bt+Z-rL;T=Mef|8ibl
zEKVdl8HJv$dbxQuTo54Hkv{K5exXfuh9M($Y^|GD)!f<HKn>pcAqn{7q;qfS!{VJr
z^!U)t*|O>Hxfz0)pr%ziCih1JUE0is^~mYi<+{r*SH$vPZ12A{DK~Tspr(9Hg_9(>
zM^U<GXm9Jh<4tk(CEVxgX!|GLss~%pt0wwdjry*GZWuYv<+2eoOZTp8cK26yYuxG{
zs3+~q<OQy1z_#y(%aSwGiFVMsr9lYxiRNY^BdwEvCpOV-$w+>JCV3%B+*Nh_=U#oy
z)j(?DsHv<wxlRlorD){u9SW;0-ohm3>Om!}qL_2vtrejndegR7Qoq|>aZdxo#{;K!
z9(wwQo?70D1;6E`#Ur#$9yl)tqwU;F0@eaZfGeFMtUgXjxZg_>3Uy^$H|rimUh+xT
zE@n76zfJnq4y2`~mhqT#V-wdXFJ$R$C=tthf%yeLvZv)v{=t01i*;F39~fJu5Lhd<
z0odAi&@3LXOxR`Ozc0TH1yYxi!6Qc{BbNZWi4{^Bu-NsOxr_|ijt$xQeA`zJ@>h?2
zs^?bYe`qJ14_)9`7G!RvayD~ZK}N0p1!oI^0N~z4aA@(nK5DtyqK`<c91Lzfy8JTF
zt9uw)@u1TMYfcGQu)ys>xgWLtI)3;;3=W2TWK>ekL(AW6k%$UJ)SpaiFyK(tLMShT
zBz-};Px}qnHe0VpM~l3mIlKMs9Om&3+md|0{(IQl_2QZ;*(jpe!g}osALZu4kaf#!
zE}@5zFJX|1D2u>>NyqI_wDm+g!8pi~6`C}|p4?0~u>(vGn4m-y8CKj$3`sf4(tuV3
zKK(S5ecNB2nL$E&+R!Nc?e-5HkbgpMBpFcUF{u#m!SeScS|79K!6$(Q*))K;7kW`b
zR?dgH_Z>N#QK`Mfv#R;dU}O4Qv_(zmLKqQw&v4&5o{-d0%lS6uWl4!4RBFX{_ylS6
zfbrp45vQ57y<_i*%=o(Rep4sc8{}B1+u7raDhFUlV@jftQLqheao~D#=OFKq_q_cU
zRcq{ohXy1@$BVsCn<L|cv$Y(p7*N6o#dD;FPy)>dS&>+Eq|2Af99p{O9I{4guNw0D
z>{Hzza{G4mTwc91kfihl=jC29&i!Ob(t?9N&9ru!mxrh9-r3nX6YAY+97I#Lw0+8K
zr8EHh@x2*ORqf9|*TK~b8tLicy7><hm>DsG4#)wtSxuAGlvC8$8soFH9YDHn6cCP4
z5`JY@N;m|W_vnhJnkr7bDaQ9{o`$lX2C}Axj<fO+#f!Z0Y|Ag~e77YPn$r`AUsI(3
zyv(_rV=xiU6LwZVVnSw@IX;^Y(<=c!+|m}RX{=+S!aBVGpRRbXE_cIgB*!LeA>Xy_
zL1Q&a<3NN_ASKCJO8hvB5M)=b_T^st7UMP9g#Q!qXZRsV9D>t+_s;{dj8GH=QRLLj
zFsQ(1+Uy39T&Y8;jE=QVcobkemlZMqIsmJWb$F#8SyUT(5&g_=;l-5UZ=3bM{Rbu*
z8)T0nV2#TPZ7~HM&+k;0MN?BL+B*U|6X^?lN5Wc@4@BVkHPfuK;@(wJ=e2VumEVN7
zW#_R_+k%WAJD&@&Y;;i%sY8%xYGCxFD4tT+CA%$H?vrpHRw6>>?#XRw_!%y}9%(#`
zGhqWeUKRRsCwWvxdj^663nDvp1ymm29o?<)j+k1bm$x*&-10VaowqaSrv8}<)Y|fR
z5YBL&r@AYp^YCRZFM>A&0E2Kvl|TjgF{bL7<JAIbHe(=~MD5x@v2jpgYZ_K2ht>!k
z6ReEu9J*D;p3G)X8izh#A%_h3LRYA_`fiR8&@>Q%ZE)Qzljv>!9Eid|XJ<Qk-!zP;
zkn=B*eg<z_eUWB&@vU{5>`x>3aKskc42zq=6iH-&)(CYhzcbggcVRw@LCKHf6^ufC
zCk^@p&+3P3jkGB*RRvN9*PQH6vr|z9Gz;=czDy|;fFnO^AsBQIJQWY<gKRDoB`yUR
zjkz6&JWK;%p%k={d8Y+yi7t@-S?`J~2#eL9=Lv0KO^+b%98@iOMV_1U%7ioSl{&K>
z=!ubFICHk~aU3Z24RizaCll)A_@;U&<^6!wa!oY$OlnL@@D>Zt6#)m(-=7h>d=%0^
z6V5RCV=cyv_m%0^AS^Q`gQRU@CjF-~6Qf)RZ1rSxKhOtY;d|GK0jS_4zF`m@a^FR*
zBVIEY&Ns9EH+zG1iHMWL`qe)t$!ZuW!LLLA={&O*AKD!aQU^e{R1g3C%g}55W9Uwk
zT;lhmGLc4VFI`pXV|fM{bh1nd^!zMh<nj~tvr30r*Y!^^my4H@1d}j3o)Ma|LjF?w
zOUzf$hr%A%sVI!%d5k4wBLP7&hApV;e*26ad{0tLBpNYYE*f@bPpJDXa__;O6_zv;
z&rj=)x1T~w66`P6@Gn_;;~c%=jS&#)LBhCspPvxQ$292cRx4$APd(1p@%(R<rO%o_
zLO$3DTAccpCx^h??7^v~&k%aY9R@yu(kI)EDlN#K1QT1DkAHZX{=>!m@8jqP1Mxj5
z;j3I<(H3FQWz+L^T)Q0_=8~wA6o)Yx*OQ_d%3U#N=Qsk)jtZ~SzcVi-vU-hi<hF>N
z6>_8$I*xy5sF={US!nN2O#W>UC`x>NAW3dS9RKX>6Q!Gd^?`)u$Q}nGy+ksA-=?Ne
z6Xn_9isSw6+@nWVzP8koXB4#TKGGd+4<Z+uXCy9p_a(9wR@<a`dPsO(xt43A4;vs-
z@x9$F@qBysSdx%u0D*U|7-q$qf*ko!y6yqoj>25{E*usdCirFR^2`J<{PS!hz0wQp
ztV7erj>}NNlvO$1u-{~%SxV$txc|2%*2jU^f%s$YkaP5?DA@xK5JdN#X%IKk6c<aH
zieQd`odCuE9P#21FfNQ#p&9WyVW(Bo$yG65**|({&`4^qae$&H+#&KSM;=eKbJ6~y
zRTv&t%=YebkoEgFvFk$D$Vpak<IULC`x)13%E>~%9D2arBOUbDW`A^u=VWzb6)OQn
z@+V-euD~;MwLLjl5oizUwWS>e;>F)7_J6>Qk?tr#J*OZCu}Hmt>>{&W=feTkOMU|d
z8GDuHtwa>$32MdO#MW=f>|eTeIPLh*EtQ~k(%y>k;nfb&eoSqkPUnW|_)wvp_9_;o
z3VFGbsq=wJgK~fF|Mmo6me)fZ{MFmXb9i>R;7<Y2kVxM(qX`nNzRwV+%bJ9~hFe<=
zTL47K-%#R-yYw7PB1N(=pk7Z}evyoJa1Q<)V}83}n2Tg@Mj9Srg#B*i2dKh;gRI>;
z^qEw6<&JiFg~~<|bAWN6^!bd!Tn+^fIv>`8FvRxU+QWkMn$(7|{({lRdRV`8d<>s^
zc-F6iizMDs5<QMGUD+kr34blyphk#pM%GcBPRzNUKFAn=?84x<oh4)RXUcE(#S^@d
zWAD&o_9}+gg2JZy3oJ=;s(?u3I1oTGJ8To7heNn1a^~tg`8oE#LC*+nkqdGN%4lXW
zof9_jGdcK`e<nA*{)^>TN(a<~@Bzxu0ddsn*Dx2Ze6_}2Fz?)B&PA+39B{*3uJEA%
zIHH(Y!`2#DRun(^JFgLBKlc4&^vnI$O+!LxRRB-}v(LRsp=S|rP9d0Dvx`>u)Xk-3
z0F7F-xMf#Yh)Dj#0eJz7fUp{E7<fu8D#jXY^XeotwGsSr@(2~EM5~HeP?I)2mWxaA
z6i<I$4HI3I$9$k(QQl0by))AyWYX%LH@Y(mVZg<LWOPJ3&feh;Sk<;47%Vp~hzK}N
zv;*I(0CG4L87~^a+{&T4-zgc0|L}+Zf%N}s&)S&4WzS(<^Mvavm^(s)j|B7pCHMrB
z%@YGxD0ui@mXv+<Nani?BJVD~7@u9cjgTaYli6yCn3{8vJ-wJiQM2E+mSVYF=ma?c
zxe2RC+;`*0#oxB2UoU_8s=FIE5xy8G2X%MU!rr&~ujWZtLn1(q78)i2mpB{9?PXzd
zOCg5ps>0S$3b7=OPbT>9pU4N)=%M-W{=^4`_HT*#xlxXZR%+Po#ZF2jHGi9dla$Wq
zg*ezbh#CI@s6k0FocmGNhH=Di6)~ipmq_%b7RBq^3pxfWz}s@ywWj3{IWbqt|D=2)
zLNqoKzzQI<)vQ_O?-hTO=>dS54L)c{EI^sE9ApP^#iHw(M<IWLiv$5o0K(kS9_Qh<
zXaoFKF<q+PECpauT5>7c8Oty!ILZwR@m)2zdZJP9>h7yBW%eOZAN^Q0C;f1|7qhuq
zS|IX;^zloBRE4U<Gxbklua~tL{7bxtf{bP^?wGDY@en#LGSMg_h7!z#S9y%Sv;1zc
zj|x;!jDt6(rB13yXl~*drk6{*%aUbr>Mp7N0WNo@#H;{EJrd8z5!GAO&V|a%|FD?<
z5fJ|6gwI33nnL%IcDo^Kv_*S(tqP4|z?UBq=tkxApTBdTq^#QgGQ}=jtckTD|2@8;
zADhg{Ujp=lKLO>|G#Dm@6(_=SL7%8xePS+KFW1z+N^okAcO<)Z!g>doeqf5vKkd9b
zbWwm6F_<YGQ%LN26iQw{HW>SGm-{=HIBJK4g_<we3o4p_p<4!%BE!Ayt=<rWN~}cE
zFl#&8KS36vJ#X>Lb<XV2vsL7SVAgDH$Cn#Jw9k=%sOdKK35I;1`bID21uuS76Bx!F
z9T<(2{}Yw;(ID!5?QlD+ipO&hz-_c^*^04%DcWHs{8t@<d}JTtgAC4MgW(wk_No~U
z(hI4br=RX2hEd<&pUCE4orHs;F=>2oB1y5tTgx$GN#Sa@B%&8rP$4)-&GNfQ>?MyW
zBZOt6-~8Ckgf>D*ixWetVQ^|Dp=@S%VdgyWlWZl@%#(J=SN#iV`^1*29r~1qW_0sd
zqCdz+re4px@q{!oLQHbc!qkZ9pkx{N#p_p9+h3uTHmFZYZH$VA=uL^u&DXNhk9@(V
zVXa@RWlmrI-y~~_&ZY)%XId|A)Q19pu~UMFshB>p8W(i5p>eFZ!5VVa^8FJBTpU6R
zN)e2+g2hewGP#QPHk5Qr;&Gebf6y%3!qMJ%Xx<?i$iAPYxzC~?Q!HZz6byuInuWo)
zplYd!m38vOJt0xDCB#A2LFeOLGefd!c%Q`jvmU_Nl097vT`PsKHv^eJv6{a^H0@wH
z^<_dBsgq@fWa*+bGgJ}PP({r_+^dhthC(zomkwqbch-Y_oyA)f7yA3-WO;a!a330w
zYA6}F-Tvp5{YMq-$`5YD|Loak9M$~gd&mNxS0OlD$!p~-Y(H2pEH|-~tn6!lztBmO
zpD@j#s!PNqCZQgr4Nkp<CsZ|f*9*I_7SvlZShQ|6BV#^SkvbYJ*->1CWZ}c#WF07a
zYU7md{q*6eIdC^G>`HuhkL$Eq=eYWt?^6cWrXG&GrJ8qS4_y{vO(unyLlj^EqWp*Z
zZO2Iev+boaIhs8yD~~s5SZzCkcw6R`+QL^tDR7Qt@kQrUq=_c%5H1xi;Eak;@2AKj
zL8P1li#=-I{dMBimQ>l@u8?}lamU)kaA!sS*W734@P7%7Kz#tXaHv6CmE;T|jth9A
zZ|NuJMJ9lD*N3(>#<<M)poGZ(D8p0^fi;BAPaU&3t};-P$d;zX+;V@_OKke`D=HP?
zjh6DD&TneC;4-<GOlMPaG7~RV*m4ji-B9wnyK0b)<=*rA!4KnA$!QRs+$&L6ciuOU
zU-sueOpt62Jsd_`WakbsCSF`YA_v9BN2bU%lksE*z4<<xB|R>DE7@o}t}yZy5ki=O
z7uQ@{4_}`JncpLKR~Mj~`@{LtaKF&rMWQUPEINe;yP$%9IPr)~>;Ji?f1wrE&wqbU
z?u)FWM)7<X3N$MIhnd8+A*g&xK}JL*@Cb<{4M+OMc(y%T;`sSDNBQf!PvM=t-W5eL
z?nxKU&cJjLm}==MwsMpr%hp<37Qu%L_<fgm|MuNH4Ny5g&ZeBs@x#(WIBnN0C3q=~
z42SLI+|&=H`*XCwz_U9;G4ud=Oq3S>kfK<K<cTQLIb90Mn)swuN1o>dj^5Ey_%HbB
zKOSWM-14s>r<=@FI6G&zIq;muX8ZPZ*`q>;3DIWrv~fA=S+!c#tO$6<1tRtROQZZZ
zeg-PWgQKUw8#4zn7rZM3G=?5eSJe2%Tq{0$9+Ng-YkHfYzy}$NWbq4t^i*0vaDBy)
z{y|YsPHvPZB_jOR?>h3Aob%FlKjt4Z6m;4I{blXU@~^KZi9l;8=b~RvX`SXz&EH;!
zugo%$`%%YxaJ5m81ZP7_f~n3J=^zW$pi3PnA(`S#jXk0O-Bx`Jam}s~$mRP^0untC
zGQ#@roNFWAm4w!DhW#3zXI$S<T<geBM5!Guz0gZq{!F=m+!#5;nse-t&9RuJAHrw0
zc2#4Mc+%kw7WF2G{^w=pBa)MCm|GBt;kFqUm*+tK4W&^lMgqoYhuiS*OO{b@q?IS4
z54|e864~>o`()l9$n&*Pjl8t!#ilj(M%|pz^_SL`Sav%W5uGwRloZeMeY%AYH7<(Q
z_{Kdy$#s#QMOQpQFg^Wd2-}V~fuOxYHQN-e-Cgmr;(VfQ?athNAH@(1BT0%SMbyhr
z0^sbov)%I1=K9BuBUQyTMF50ox52_EEjjf3aAGJrj0y(Ff{j?I($jO*b$BP7%X_zi
z%_J;n%NO*m#L&d-P<zj?7o$mPeA=f4X|K@m7)}TUlM>jj&t3?*ctRZ9+ipgevBByu
z(g5ZEs2BeenEsvy80i9IJ(c#&_!Z(tg5+X}^z@1XMDHTd7ve_|PjZ!DQ3roUZ9S`8
zr7V13B4q<47nOjCoAkF=UvEk#tqFcmwCwxMDV|pErVqG8fBn5H$}RpLO@!xfE0T)U
z{w-J0`=XH(V1y)Zr-CG!Nzrq%rza3V0T71vwUw`OzyZ&w;o>MmZ(avS(}uBmI`Whq
zeI`4T?GO)NfLeIu3Q9gKxXmDrbUEt9!4B~v&e7^z`<;TSp_=`KgV(rF8fV`-Yx!@t
z7DyZxaAmM!teh3*uJRZAj9y<{v(p-7F>*e2<U`v@bWPlirg-X@*jQtGHXJVRcD(Ca
zd-ipI1gXaT>V-kdnap>A7_YNaF(A${c&x%cF+5Jt<9FC=>`<d|*sl-cIY_+5ORwht
zro6Iez}Y`EDV99E^eYR*@bO->4i*uC2(P7A2RA=u1sFxF$vbpu_8p2cj-@YA4^?$W
z&vDn8AvpXBCWyUoCdWvw3b8-F5dM<q;HElu^V=6eD5xQwXaFG{WKAxFN5$YPG7l1e
zE7mPxK+?Cj9SC>nB;cCWoaIR@x1!A~^P?@ZMFrzeWd4|yZ9PafsQTPTcwR#nPVf7}
zrPt=#b`bN3<rA&w<g-Y|zlD+OC+OXWoWG)lp83CpeP#c6^0_4ZSJi6ZK=T`UUSc9-
z+IVQpFQnNo3q5D4QcH3eXDc&IYmtCuMSZJiA7{=93|xumw^DB><WG|%5kp#Nb+Dbk
zS#}o~Mk!N9I{i6VRbqBGK6$g^?=~<{A5edRmU=g>5DKT>?~rQ-iB=B<<tifSk<>DQ
zemOL~B0f1#JRRHyZpkDYX;<M|VX+WtXSe5V2gRn|fXB^inQ*83#gq3qXnMBRE^phh
zu;=Y0ptVQ`C7O6QCvDhRhrHuYsw4sJud*t^P0v+VvK=d5v$OhT;`J|J6s-Cb<Kary
zzC*r^@|Vm6y5&`V-0<+;TBctp+yAu@AicI6jW&J%G}RX3^*?v#@0^&?g4o|mc*t+{
zOqyJDF?8UN^b9!`nQlWlE;EzB{H$5<^sDXHfx0^Ls8>WW`81ZnUm2WPm3i&NUqSr=
zFej&{wz~%hA49NX+an;JwaTguv_rRiP=-$rEKJ3HkzsQ^=^*dvG+}Bw*hd29fS>2H
z<Z9T|$?ryee%9C-T>J2EC_eGs5o>>Sm}oceQ5&z#50Bmz?O=Z@@#&@jWe1CHZ=P%A
z?tLtqM3%|KMM02hYJqBEYwzJXWATP6Z2d+6Z)A=$PC5&v)ZL9ihq{A4zq7*yfp2`{
z3W!2RTsjY+)i81&3G9`*lfcC9jLil7_Oo9B;;%IA9*t*bS8W=B_|NixRN*k%ST8-%
zO`n{WcKe91be-{37&eobkB_<gpeu;fU-PptF^Os5Xd1~z1WkQyc;bU7U;0PT{-0Sp
za2Hwh7ffVv6ZDAh{d&z>@OHoAaMkC+y7?Y{?%;9xqOb_p>3zE&?@fsF-hx&jo$)kz
z2HA+6!3(;!$aWvH!sB-?qyUZ1s{u#i(SxOp#x{yKkL#=YhUYkI4nFLl6~PFjMN>!y
zVPi@&n`w^tI9q2e+;=9w{p=Xv$2~E87RSFlRsCg&))UAmL6`)jJ$OxO5Y3R`02;9}
zjoy<pr)Yp&6M?9sB0oEr2T%~K(!Av^h)H01emV9LT8N2Pp|HL7<a$1vHq{5_0$7Hi
zjsEm&Q1nEx`J27;zc(S>^ef&9R`61o%sU8%HC+_7x?l6`HB<B=sS#(}*G|Nfig?3$
zsxttjapS^x)lI1WAR2+7F7E{|HqYBHG%kM2BSO+<J0h@jJ^CtS^P!87YJM`}U@2mL
zO#kmJ1z7hvc{1Vap|Byq__rgi@EE!+*N5hMGVHYAwr@MP5PATrUB1Yi_oj*Z22M}g
zyWSk=9LUkLfL&2&6I-b?Z!P32&{U+ZTNZ}x9#q38l1$~U4H9W=Mtx2cP8NQrEZjA(
z$ukR7yT#78@4Ac*+f~mTBtEE0$NQ=6QRmU)A%UHNQXUWc<7>d)Uq;u|NlwFS9(2_K
zvLO)r7(Xj2kSJwh29iMUh_EPl5f|$;^uh=uOE#pg<Kx@HKiu?j&ku#yHqIDrY9E(4
zd{=~#gEe>(T$2DUF#^ZHfU36z?@mvS{^-sjtO6Qd7{3`IM=+9A<k0Z?aRj&`X-s}z
z9PmxiAxIV=uIPa0A%>8f+l6!A1|UIz-m*dX=}vW-*C1%54nMOPuc9`VuvUU~m8+*I
zrop@zMU@#CLBl=8_P|Ukcw`*H%L=FH3tIB%xv{xCA*}A-$|H>u@$;c%j)j2B7+9_p
z;*My0el1^Jdky82rkAzLU-<LDX|Y+DM+^f*d)&`*`0Kr7!5Uz8k-A32&guJ)y7`Y4
z8r$T)q6?#fOdH+bpXUd!y~k-24M_CYyEytUMxY-*&X>uL#u^aJ)fhm7LuDIhsj(T@
zviXCRY%T{NB!poZ>PHt?(?gPvj@N}rju&e{F>!GSoY$5B``J39+!XKI!@$94+^tzP
zmcA6t+;GmxSNwJ038s+y%Lcpd@2~~x=8N|{#*cWi<^DRR%G&EWR8tUbkA`xI?_V(e
zUdoTJKI0cWdx&{Qxz$L&X578Je&4^(TznU$mypf$KlswPF`pJB+)j=b+e;eTBd$ui
z*#%T283joY)h$2^ad{wwA>sEOA0g-alITPmt}LHd`Q!vM3Mc<?*dXEC3i)`sY~x^B
z-Fe>!cK2Rk0*r7D|G)KPJI3FNBISIaMF{8fJ5cYjfC7Zt{Ya+Bcjr0%hBrou6UiBM
zc@F}Ma@%h^zO26eA;x3t5QRl13JFG0&bB}K*9$<fwDpSHMk5~xf@rykGu%wotqPh+
zkv8GRN;CAK+2Q)~qwWU*$3j~H=96$IR#0hK)!?%FiPK!PLxIIIswa~uX4kb2v@@rp
zx;b$!!89%}2?s>isRGvif%3qJdHx8O=h1WZeo(aZtOoC=W7`-DPpguqsz97whKhr9
zNN%^5hyH4#ta|wPJ@Xz-m2kjHXV}@h`7bsh&*v#R7G?>1MH(TJ_+LzmKd3z0^%TMW
zr8p(o?#N;Hq#>=*ICQn&HN{16e(Oh!rsW21fZkyXEqBRD%I%u&bz^NU*nW3@tzJ#t
zwUfiQD(rOr9qZB4+cf9km%H;CBj7YWI&8H6K)q->i_Z7B8LXaXZG$h<`|mj)HozZl
zQ0FuS7n_0!iHN_&`qpQ5eQWUi`)X*qT)rrIR<no`W*pz0@)wzMS@#N~fa{x$LgD~G
zWVz$QkZiDy^;IFFlGtZI?sv~KD7qsxNZb-g-|JD_miIQ!s}n=RzP@ZAsljlayZ48d
z7PpTeh@uK(MEpw}WVs~KG4UzDd<A_8oCE<$J!#l@Sy@7tC${~GdVtRu&nBy1`&L(d
zoY;fN+EgVKsjxQ|Wj7h22yDoXWT0fX&aq8*p0h|)K=%j2c}?TNF*mKwHX<O?ub#U}
z=!7OmYX9H&{;X$rEJFpBByr@FFFy=Lo0cjARG!TZx?&8Q`}^}0oK71bWIK+dHZ5t_
z14Q1URCG5Y>hAXVo)15?Jgkq;j=@Y_db=svVlau7@mSTv(~*ZYQz)v?;*|G}2*VmJ
z^Qy7gSG)Y_Ob&`F{q&zvtpCYeq5otqS5A+)?<4V!wddWhed9g;J?yw7q1Rfi6d)dB
z!F`$MxbC|SQueljaSWGXJ!h=0_eVnC_vf^z1$WlpgTHyfIHdGM3M#!SLk!nM>qV5J
z-S7)GQkd-i@nSJ)tJKeyi=YC>{$!8K%h#0bgbn0}Tpz4Y-qXi<7t$)<(o%tOy;Bid
z0~;~ME)TLuz)!`Fd?q8icT(i2edN3!%uwDP*T1!VI}@fjyR-C3ijy!<A<&xukeAA^
z85O_<G!mJ+1ZVLpL#Fo!V*2xtG@~tStlbEO*4UTo8HU51<6d9nkEpK4+{96UG6_If
z(pmUAE}9<J#6%GdO0iLS!QL^%3#dS!=d_m1g9nq_!@l3hz1jZ{S@`E~eh06F({DGl
zY`p8P>O#TQbA=$ux+m+4BYXW0VE(CVeVm;4kXhv_6jr&7L{p}zvB+#4<wv<=OOx~L
zeN@MxWN+N9eG05HjegGhA}bl7jJ1x%s@QSwDGx9bCGp+F*xmJ(`(z{gX^%u(E{wAO
zSxzH|uDwz4DH~oj=4`krCqi;Yc1$W@q>q%AI7;dk@=)dkDEDBCg<Aw3<qi~z0$BZY
zx@RxU#C$CzfzyOnUcBjyAgT+J^pVqulb6SIiYkX)<Y-}!(i1{_sO=oItya3gxINA3
zFWUE|qn9gs2+r9R?R#$WH)vG|tX&f3yXb&Q0n}^`&$V2j;{M5^$SZ8D!=5<1Yb?0N
zni!B`n}UGZ8IY}ME}uNv*Ih1+gPu6Pscm#)J1oe3#-x?LZf^Pc()g5H8=`Yf9<mcp
z7(2^F%fLX;e8{0T@?Xlqoe1)|m6dtSBkKPx)7N|9M}qZ9Ze4)s<vJ_`8UbZ^`k+wB
zpO*d{{7Esp56*HcLT^&v^s4MK?yGE)Xw&3n-D$$dAp}83RE&Kx{n<NJnF(q4CuvTR
zC$+IuL&gVnE|Fb`DJlHd&T$nC?27t6f^O)Pf(rp2i+G(P-wNYoL;Sv~%Lp#m|8S^u
zTAg*Xjafq+c%vgw3Ggq#d%bwUUi7&j5mM=Yp<#rgL&NA?77@I||Ne(e{z0mr{Jeie
zHl7_t9QK1pL<n0%-!_DvUr%HoB<rX45;E4wz=mYD$a<+EbA#@jbtJuyVsqq+ksiVQ
zQZ~W`gSvVBu`f#fLaJ&-D6JroIPE4^EG!hGu4wUnuvo&N$?^chWjf6++ArVJsRG^a
zrO;&pME-cQL%Mm{4_p8F0~;OWP+U(&Wet8-znnuHTOWiClYKQ)mMnY3j3|#x*Pcfv
zJRFa|Mp0aXXjzpLeKkCWr*~v&t+Qm-r(=h(Jdf6mGSXMwByVAns!cI<nu+e5-*dG;
z+x8}zakj<~yjWJ<hQS(#=K~(~+1-C8+Ww6khl%ib5c%@!O>5ONq7&K?Q_U!nAyj37
zCpEO?-GVU4&LV`&gYKEnjGAA*d)pxg#qhA2(SeOCT7{jl0&ykk>FsGGrGw%_@wolp
zejt}tlVwmsjE*SD7=s{NTF!l`h@M7k5!h1%GLK&uYdoO{%CnNmzG){%26cIj$y0pd
zXkWX;SeGL?%y(<wO$b~p*M&WpMT{<Ml1={#x57?uqR4@F8-CRbcXPQdzhQJdOC1xI
z7mpc78tX@MyQ3O%R9a<4LH^)4D#7aP650SK_g-0q$o=GC4ZoS=VX;$`R<d<coo2e>
z=d+Vt|IoV?j;j9nvuU|CV|zCtvu_VVo7IZ$L~+M808a$u%U;#KWv&3)$3emy5E}X{
zrUzJgrqa}Yb2WZ7D8d2+<O-XO%5O9A8WEnXP3K1Bn|-s1JE<Q;IPh5CLLdsY;(Kdw
z(z`NdifX&!R6;jW%j5Q|mLz&PEP(OM;Ol-_hm0Xm|0Qrg6e&swqZE||ox6^5w#lUZ
zYyk7vd@pkGpzAPcMl8xu9rqChKT7W4JlG#93Rp)f%5MRo(|X%dTjB%)D<po&{dZXH
zAL@tZZzY%cVAp)qNP`)Dz$6_%)%hnx`q9d1{z(u9K2fK(1@0K?@%m!sa(k}Yem0hq
zg#W{fUJY)xL2ar%6D0hwV;iwnX9Y&}>a9SRkCjHbz`ckAlVZ!sS2K@Ei4gnyv(NO(
zkdT$j(Orh2maJY7j3w3f>cc9{BvJiUf@ob#q@yKtIF*VXi-bqv;Ng_=kgB^_d@QOU
zDx($q(3H4HDa{5bb0_;5wNcGfGk&FuNM*7h!?k<Z_s0^YguJw%ah4Ur4ZmiDBvv5F
zFp+S=&92hEFGxXMQzuhvyEVq3e$Vi{2x=|``Ejs_HQ{w~XdtrF@w}DtGHXL|@P^el
zI?XUUBuR-li7drVAjuOv0jtf=Q&`x7r`Drr(iX4_!ggyal}+8Vp?C!q$b=weLVhHv
zobmIvoRP}8W3LL>Ysx(w(Ky#JUfRE@z2Ya#eI2)Kx#h6Y>jv+4tuRoFF0b-Zv13fz
zh?^#9O{Enh#O!D@jP!8>+ca(RcE6z6$7AxYwTQmoRWI?~oR(aM`^5Jm^Abs97w*L-
zIbR%X=zr7)ENoml-0u+%X*h1r>!SAjkizaTbSSqwJ8oD0lGtdMCqCEE5kiO4=qucW
zKQWZU$^Tz!vqlXK&1vax{bY24_Vp>W-fbac8a9wPD1heq^WA57jszXzmTcYZ8<5pi
zvW!3BMB<3mi#b^lPulSFuDm4f4z<RLM%c5zoCt31*4ajP{Lcs9?~WsilM>Z=DJFYx
zHY&Bn7_53%2m}SOe4Aq*B8HeXt=2Su%71{LgAj5aQ_}+J!&v2nyX$GsvJI)P<~$x}
z9BEA!o%+95yKKr?2Jo9>tAGB9`?Fsh;=8prx4+<X;J}AOUC%ArC53UN!If@5(%A2?
zL^mt_W^C5Jspjgak_*l3BB~M(nrX|k2A_EY2qA_nB8Kr!<2*)n!u{oK7F#T?s+9ex
zPcXMjY*aPOz<9NVhtASbnD{t|Na`Kv)xX~IR1EbkBPk3%7((QIV4>yu*u!aT)Wz|f
z--iM(s?^ArgIdfw**|*RJDX(#*m5B(^`7^5GsWjHo!cPk<J9X#$$phz;xu+N`Qtgk
zp6XE~waBeam}dmVpQ91U(612#=yfc}#8|ExEbunlt7nlAewCRjZY#9P{Oemg#%>Ma
zToeMr0iRO>>PH{HWrfP+vg)CJfn*!-5SSZ?pC+q?x0G;m;1@n4_LJySp}6Ped%;w!
zS>7>@RH{GUQF7Yl?F{MGy&x)OT?gxL4+Rg2=fj?4`WdVz&>ZuNb5X>bXZ5tx9=55|
z+?>PqkYQJ3lG1Vf`mLVI%m<y=(M$xYTohE1$L|!NhjkY=mbXFALQ5wYxVAS^zFIhz
zjz{DUu!S#Q{I;$Ti9N{Rh{evCwZLP#U1lF->6kQG|Nol+LjH?5+N=)i`(sJKo*bR)
z4Y%$=yw^wA!l7h!Kb_fUXxgfLCYPyI4)Q|qK=%M<82$og<Hy}0j$uFH{?KnwB8lq&
z8JVS8<XcEF8?-;_+dg(6R44h~^Z&%c{}msFE!t}mI?#5?^2^(yiUMSxc;KJpz1?GY
zQNVO}vGGi=(cO(AFRB%IA(|a&Op7AHr@%ppnT#n%7ZtpFQICt~CHn2Y)sJh)KnUT^
zhVb%2&Vihf5;Jf00sA?36;pV~?IYh}8;ai=s15fWpUSwb_K6?UV80;glmVk9mfI!W
zZI1lWYH4z;kZZfhE60v5SN@vxR_1V;R1D$3*V4>~-NQb^`Y<`^B|&)z%~q!x{#8XL
zRT%)#P>~HRK(S9tct{nY?>lkcN{Ub0et7VYjAkW>LIjEg^nJoK*%G)tKNwQiJQtUL
zx76zP=Y|P@y#L-9-F}S8?@UG1pLY(#b?9h?O#-r~pCxbB4j&l(O4n0Fv{KM2NFs1J
z8qy#d)yH)RlAdR^zpj&hYnuD{vZh5U{qbXZFOvQ(ozYrQ{p_cF3fH;nG6Xi9AY%U4
zY*vGgY|8+b2?DX}3lpS(J4dInadEi)@>j1LP0nfz76dhf70HF<6_JvkuY3+rAD&NK
zD<}IK7h-lhqf|?^<5zu2r7}ex4{ls)O$I+909d5flN?g3O!s3NTh8v|@e8X_LxYVk
zi^Gn{)f62Fa8ZOC;9t(NqLm{I&}%=vcaF(6QIER4S~t{^Ah`V7hlm|W<m;1nxwuW;
z4uS1k{!RdwbO{%`5J1QSN=-)UpW|==k3Jjcbp@|446{s)6@D2=O&T>aERjAjAqn=w
z<%G5Oge=0c9uKGQ84(HDpRDN|25JmXgOk@uX1V7n8mn>pS@0t~M4q*Bs!Pp6?o|`%
zbv|W{(#qKiq4g8BMam;wZ7dqbiG3oCwvFkwLsfW6<E}JX2LdIJ*!7|mM!HSx<|o8e
z_p6aM+q>WMj~!F^*iEj<S`bc0m`4X7fJE^iq9;Q)`z>7g1Ys6pbi$W>XMuaELsdy=
zz&bu7Sq>U)Eu@1VMnPAOIQ9m}h<xo_v=8orI5HUZL`ovJX5X1*U`NR}-li%mY*JJh
z_T_XT7<%ryCSs79%z!!gZM5?Pdyr4-v6wp#zJMtIRiO`=^0F5xMK4}1(7%|$<4Wqy
ztNN|uAanOcMb#EYqoS(H0-uz(oY@V+a8}q{p95y|=>SFZLXETIak3ki9>VCchAZ_4
zAU_1kZ?5Sa#>z$@a1Ir}dR1j~qpeVgo=)O-Mm@sLgBKL=<)n)bbkLuy{9VMN0}gy0
z;c0VU$qgP4Ao$*X8DlB;m3^ZVMuWCY8}DmvTfTOuW4dIEKUmD!oy@pvZQl9aykB<W
z0J@_yJ78C~kd<vqMxx*yCip1TI-4?lveLg42I}C^opU;2mU#cz0lZ_-Dri_NC_yF#
zy8dueYQZuqS1c`W+Lw}~#V>IKHSd2?oBzLJB{55BFnXQybe`VDO-WYnqHct31y=(2
ziVE058dWH0y|qADHjo+GDP(*KJHGS0FdHxGKD2D*yAFl=BIRuVE)#wAREU541_2_7
zPV5}4UinmRQ6+vaZdFsVtb$uQc&u%MVR?w8k0*@`wH;~GeOw`#Rg(XwfjpqjL*u8j
zl*}&0x^UF>A6WH)`CyfihY7JcO*btOH|!U66vM7?DlH)lKBIe04dha@&E6sN`R6;R
ziStlpdjR2UY>eP$fTi+y-hCN<`Be4KFO7`rt7j&uF_A>_(~C`h4mphmbFF+wO_=5U
zPXYH{`_bl^$c>e13nkSK%?6{cKXfD2WudVqs!CP_sbS-xqJb6ayP&$!&YA^2^4&Qw
zGQgzgBYb%vI@wdHjgE!wUE?c-$<jJ|9mn@tqmYVO4Nab+LCXYrDyFT?oa^n)&O8Q#
zCm<<nh%NV1jOi`EI((+D`KMf!(jHAAFMC4a)u^4^_-^#>U>2Lr{3nut!Y>?>LSL<P
zuXT-Q?mMeAFXmv{5>_?Ii%-K97{8XV{&pL`8>OGJW0Y4E;1lkpShiU}n3yBtO%pD}
z(@-b*vI|^PCXEx|2tNQjOLxSJV+-qrT@v1&?@4ZS{Vc6O+G_5umwn2x#Ht;G^;gu@
zfKsl9)8m=P?K$(%0*XF&Ez!wpkIF$v4METHj#!r5b=FmYP?D=}b|%^_uDVLTS2dwD
zzgeU2|1LN6h2urp!-_44qYDxYU5Cq_{%#~Uq(pksY0Z2^;gy(q^$m&qox-f~mG~<5
z-vsw(6s@MKT2Q-0!2>+wL<DhjQk=9wHq!|WX{J@~rS+MDVtm3%(@)C135M#ez_4l$
z6{tH4`|uU+8f7d9=mj`2s2n(+vq_kzg_-&*9%@Vc5+E6>cusGs51;bLemW|W?lP+C
z>oY_2C0UcgVba$2u?>Tfq<EZvW>FK4T=`E(F&lHE1j}Oa51a;*g*jddJ#sS)$A{v(
zRr;ybN-P)7(seT4OYEQPeE^2cv2PYiauM(q!6~vzW96X@)T-!fjb|wlD)iqT;d_(O
zd?|%5ClP-5ieobbVe6>}Kzwkc1<&ujm?=;JT`n*eKC$Pa(dZ~JLx??7e}ck%na*CG
zFHxeas~ndj7p$w#nq4ZUArEQ5Lew_X2l>9sqyU$Sq_Chp<22s<{cJrSd*59j3_~p6
zjnN(GT@T4g+Hx*JMc(lB$yFx=7NuQCcLTsS^loKcrt}n^YA4Af6nj{Tr!xAL2_6&B
zN@?#SEfxN<xu1UDISm+_C{+g)hrt*7cSz*0FrigPeA=c6iXbU)vywMl_NqRa^Px{f
zqh>N;$Rn;zmCsS7^RkU(I@c*GY%>c9a?#0z=Sj9b{>omm(qX@o<5BT0db>%cSWm_u
zKmR>{G0vu%Bp^vKCsxIDU2Wkg&7q4Z)@kR-4P)sKf@QBt>WOY^qKUd15?HWCh;SWg
zUMR=kIDlbl{k6eyVj>aze@YU`#?Y%2S14Tf9<h-VIX@2Lu@hyRd>h0@*KpAd%K|RN
z%0D2Rp?!*r>sOnMC}ii|$;mFUR_Ne57!QO8TrXi>p#N*J@?ZNr0dNy-w9uN?ek;qh
zRc(p|_~2}5BVYW!Fg0WSb-aOcM~juA3LTNE#^PQ8>tXccTP96~|FSdfWP3Iwgq&YO
z=Lp|OctfNC*96LsQzaXfu*Tn=BZ4_Lf8wcYn`g?((!<fXw=^+62B;y>nH*yMhA)^P
zH`73HEJ*WU($tlad)Rg>{75bj*lYn?p#ca?wju3{&?5D6DpU8q_Qp;%uJ!*!92DY>
z){CCMY4faXlcwL32oYqH1NKF+eUQU}q#d9q2iU3!^6c*EobSu0X^@jBYOW*RSnz@!
zGBvhyH*kzE(Rxb=$~D6r_tc{=FF;&dNG2lAg{b4HFnCl|B>vrqB=KmDuozV5qy0^2
zHT4w<-uXbFSBg)M|4ku-JdtKaLxh!LT#UR3ZWcc78XN<|+vBd9C`(>;>@Otp$pI-n
zEdeTRiD;<=7)$(7o>}HJC*O<=b_JoH;EWB;J|&EEc}w4DZt-kktH3^&jSmt5_&x<J
zLGAwaK~5+P^c989>p+4rMu`>>L~Y^?<#-CIQF$QRbD=W!adyJtTsd=gIO>jOT#^K0
z$$UgfXv(Qp_XNd5=xsWB_8{hWx4N0~0txfqk0K$OhDWic@e@1A$b|kbmVoB<p~=C{
za;K4A5h7Q*G)l9#v&!tLwu#RjYL1@{b}!0Xld|Y+>;9|AG?Jk-G69@^9r*0iPVkpa
zm^(jY5g>`KiDYgJyEVkjLm^@U-mZkQpUy~hXe#Q%y<D+>nY1Bat_rp*z1Qd!6%7gf
z$aGSBOYxRw{}|Rb#m5{mB-3B|*e&4u4y<SQ^!kv!c9cqF0>uGuk74~sNupYf@`H&~
z_7#jPtek&R!jNQHp;SX)SpYSaR)+h$s-+FR8g8WwzZ~CBmQhAa<s`AtAF1Ku$q+jX
zwlPvYHi;*H?mPx^v2y0P9L=VSBdC8DER`M4`RzY;uH(U?)|rkb>db%nF2wbI?}2zx
zKe1~%ZqRE4bXs*ju?Abn8hFto4ije;6^oMPM(xDAZI+srJI?&BXW!Ev`k<^~Tq~_B
ztOlKDK+348ZKC8<yJ~u$qeXwh9xO7yFrei@4SU<{BFBdgXXY!)&f+#Uksq8Y_)@CE
zu@-EAzm1;{+oY~+`-9D?X-cP>X;&iRE`mqpwWMyzaA?1PI)?-+9u`k1UhOj-X6JpI
z)KGOdPbkYBmRL*79;T8;!t27$RQQbJyBEK#T*;?F*C8vG7~*b-0#IJ(1)!#)bXtVf
z{X91}+lAsFMi5#YMx~cXOgSdM>PJA^kIl9p@O0-0&xmvtCSrpDbmfVh7-39ofumjm
z;c4#|<u4N_D;@^J4+5Pc+&69Kl>%;M$L$C6l`ag#_e8}{lY`6tBLc@KyiLm6&9-+)
z^f&ucm!Zy>mU>R80bJ{`;iQAtxGmcC5&E>#l=E93RKtmzgjUal%P)M}b=KWs9Y<_E
z7AMj%Q{sUY3ihu*M|MD~NKk->l@S_uJ-El=JsGe4mqBxyeI$sFJ!ovu|NNmNhW-Um
z7MQHNwFwe=v!Da%auDX<D?^B-=v(>$)HOTF(&HXx_1Q6q1W+n2hCDC1&#tGXPN=Rz
zXfT$%|39+cGAgd6+Zt}1;1CiVg1ZykA-F@3;1(cAaM$2&jRg-LT!KsE(m-Pg5L_Aw
z-nca%InR0Sz3=#b@uL|v_TE)%%~^A<swIgumw{?`Um_qqYE_uO4#`>wpd1E=ucAP0
z_>VcS<o=jGoXask2@-y;di1h}0(c3Rn?6UvP!G|j@<81Pa}^_XVzd-w?Jy&<-<uSE
zd%FmIz{KIJT-BK<OSG&Q3~kaemt9`UL>)f%N}lZHH||7wcsp)^i0R>z+?O0~L2t3d
zU+oxhd<k*Sj7S8jc(LPcd>z5JemW#c59u>_Pm%J9mB;m@D>qZO$0W}n+W4wg4UGN7
z$>z2*i<i{97a-?!x7Or;#cM9Kg~gP<@lnxSTOt9YX9FAG=gF_$YCXNlDB!0(Pr&QE
z5Z=Bzt&vpg&<r&{)chC>j-}Jh8E^5-QBM0`7DYogv#|Ku$l_9`qLyZIzN%W<@Qhlu
z+Rn{0qlU~FVF4<-*Tt7N_XNCCyY1YQ5nkawLu9AUMO!)r^L~q=16#FK?K8Ft-L9n}
zZp8ZRrpIXl<cn_%xuc<$`3j@&OwmWB(5692$<>CuuG2)bu=e?I7g-BN;FIbCh!YCD
zmPw2<latf$zJc<|-Ol#|@UA{0*cvyY%;G<OSAvCwgk-+q2utHI<hR}q3QYRKEoJpv
zN7N7)n{d|Vy4AH<-_N?sJv<dvM@k0pMMa*Ob9q8(UFkT(p{tWchs<yFX$;B)M4%Y!
z<z&-ujX_Y&&6B2%vH!D(<nR$qvc+OBtln`W4*?KA0*H}tM`O^D7kcD_MB_D=WDzYF
znG>cwJkDaj;1kARB@kxJ_Fg+Zoc5gKj@)RvMp`^EGp)?_rG&u=d_(?ZmZiK)h*iRr
z6XTuGDF0;sRq!oMMQo$UvBb-iNrt#vnQ2$07Y9<mmAKZ(Uinhym`ZA3{t4~OHHqon
z8`stmUr&(yQD0$Nj`YI7nji@+oz0423Vnn5UB!H`az_io*R9^(nF#~RdrKqAGE{UQ
z!J}6$p`PR9*4ILRikRav&)KeYFgiMl0-4pEM?^4|#Hxo&{fJ|UW38=lsxTl(*{WO-
zMnR$SZez^l!dP^g#LAw&jbqkp0eF$TYlhrpVu%xBArJi<#dE)W?S$(vf{SJpLA^yA
zBl%?D4P;4&H@j(O;Pkk0xxiw2>{xiDgztW$VMu#O_e&UlG)>%oS2-I-H`%yZ&_lk-
zDHd$VO$ib6vvB)NMZW6l1ej<y{46XC-C6Mq<GDJhAbBSS5Q9LaEHKYYMQ_>OpnxiJ
z>PKy8j&wV`V#T0w(VL_sJhlpYA>cero|Vj#Q#Xa0voaz^co{QRtfQH}5k--9O~(}#
z%;}=Gkyj@8Oa0WA-)VeA3jF|(j@*D~TF`L}gNZ&mE<_e#xlEnVKJbJf9E?s<<i95$
zLKL2~>`i{{J-HfyV)gl&BXJlwYN9VM@BI2phQ#^dqK^xX4bb5BTIDl$L@>1(Ix*ru
zf8xZRvkli(-r@}#cbX{^Eq={`Q>{CO!gNS5jugF^iv}X=BKM;ghwF`?+=pF1p?8Uc
zSr_{}<Qo~u{Bis;gD&{VdX`!tv{TD>HcSi@_P-0$Ew_XQV6EM-D;CA-FU`_}R6eo{
zQiZjN3QNfg+>bs?r-@P<0sI{GMWWbcZq|{-a47T1Mn8>~NyN&omrTX#dbmrNC=X_>
zlUO<d`7#~Jq{a<3u=sq8t{r{jjeQXE@M0S?_Q>axa$tXZk{tqt3tNL_?y`#$v5%_s
z{ef+)%!@EY{!IUJd!!T%YlWSOl86kT1e}|0?LJV>sZEIG(u3RX(*RZo3#pFn!yYh5
z96!aYy9;Z0PLnx;qJ)O-$ybPe9$wead^xRP^!r1|`|L6xY(%_9Vz--M)dWe=2i{gk
z-qfRa%(DG>N~?IAsI2As3yn*<n~r0Gczibo!@>E)fh$M&1n8@doYMfdMinWHT7BrD
zaNVO8d{uy<EdAA-ukW0c@HN6iIhH(^b$8>-RzPvWRi;Q_5{7+(1ZRUa2Hi<urJ&4e
znQDm<z4L{Ig1Ac{s{NmSo**@n(q$PRPFiXn5ShzUsQz;OTaHvlnW4hNjEsIkq;NQA
zkjHP)E5oSGMa$0^#C_!tFD)bA!ZI~>p=Zc>KM&NSMA*P!nT29*`V)ytnH@-I^+BB=
zzXp~F5>EVE_vu5T7|5sgB`N^qPk0@<FP9GpFU)2%6v^pc44jlqA6t|ZQr@&>&>@C;
z7a9((IKXxJ7?^vM=Tgl&RP!&4$sr*gR%Y=cV}<n6CLNhz=Y^E;Ax9vE;O$z;>=z)s
z`K7zToHIC?IVO!b+f$aIyxEGQxQ0z1hzfH&ZHkH+6#P?*UyDVUJrJU}|A4|zE9<|T
zAwuVC*Cx9&M0cq#O+aLUeJ-scWr9-j08)zf&{bG6(74j`#dtRu@1YeamsXq@O1*(<
zo334`VLZdJ!PyG{Sl6EuFg>5y<^)zYSXR;}*uAJwRkRZVlGXTFSHKTsqbYP5Mq7%=
z)t#$(#?Dkv1zY51vb9rg@c1@-*6Uv@Eld3XVfmqhoVj&S0WEYzw9KPAeU9D31_1FN
ze1=ZIGF<r>LOw2*=iZy!$-u<i4B)F;%+YDVh?@Fd?Q(6drtv(Iv{W^f5!@Q(ExO?1
z&W&vzrm8RT_geb1$Jn?*x0|hVy2FL#rO*`c2WW!Gj4Sv_S8_2<5p&(BAxek=y0oS^
z+9^bX=}goAh)cH(Yyn8Lo{O6xgy$>K%Y8pN2DbE+8H=AKNBQ5zrfGQB14G-n$>l4+
z^%bi_m&}VRQ`AqM4zl0ONdaF31wTE!u$UI0IA4e3zhHCQQz<r^ixNRuNTVLE`7F+c
zFe-%k#U9NfrwaiI6cpH>3TesJjec&KSQyesS>74ze>JPvcJ~$N|J0KTtMN)Vck54b
zSV6TMh6qC;L8Bvsrcq;Y70?FEM$4KzlS(6(_gYTv-72g8pR)L*r1IY)eHDhaZqGE4
z*HL{$ASdoG4P?IkJujB?bl(9Lw4*-8!i0!s0}}(kVUzJjY>Q;*^{of1@|xr6Hv@lF
z7U#G*Y5n>1&2=5ly)Q`;<YyRZ6!?xb8!@7{V|g^naB<^f!FI6JhxYC>ms!O#wxy*;
zU3AXE$G87sSO1W#0y;b{BuPclp_yuAk*%f+wXfo%xq+__g1@ccM<N7|f$#+P(5RU_
z&r&OkADx(XGsogor|5m1+6Mk`$>;k4H>xXqA7vHEmlLMFY=iatmtm;nTP=XpR6U!w
z(n;?oqm-feFX?2v0$vj)r<wTlYcTbzX1;Y+$faAIr5-hPS3o_eGE~3h7dkIbnh+vx
zkto2~Pv#G~Q<E~_8e=Cb94_O!Tl&E8p7E#hW-0$@XBY`$3rN8^wq^0_?CCEH;ML3r
z=6pkTlDMxYg>IkZQ0~Z&u+6PLe5e;i^!1YWn`1{Jt_sP+U{Bo4-YboFGie(sgH!@z
zV3|!8uaT(4+|9~@gN`IV6~A(OlJKJD*@5iB4;pxUwiMGcohbVP5prSYrrwa!?*zkw
zo@PMe*@0biq_!ux(}&5YYfl3g0&HgEWA&a&IsfGe!6<Y0r^z0l?0XjsNkPI?&%?%o
z%uiYQLA|W~UwpV)i<8mfI0gyc@AQ%YUW}`n-jg1h6FctCc}L))+Kabf5w4IPwn(-h
zxIR2qg007_YA4wQ?7nf~<+$m-y+X82|7?=%-opVrbr2^>#SH|YR=ex-JE;gk^Ur?1
z*Bp@{gfP;+{8R)x$k!VcS(~T%9DtTzac!jNHG7%ndKv<C8j_;_XexTAAK7`qGou1(
z3eu^gP)4k4m;I;~I|g|M*L#Rv8t>{#?(otYYSH*0SGu{9BpHkhi;@j9*Du|>&as;B
zL*{cX`yYm0(DZll*oi?>D&t83uaCOWzaj#=y(}&yG<Q6k^q{PIc1)~(VNjYzqT<4H
zcgmCB`3Yl$z;9y#jFRu{Qn*S9%jOx2Vdc>Ts%d^jdkSQOgcpkQ;~D8|$LUuR>kAEf
zbvkb<A0n?46$VKbm>+>3n1b{(*1p8=f7(hB!qYCwS5hPdqti@SFD!7<UOtH%el0x)
zUfDOq_%%Dc%Fkx{c~WzIB@DXo*dORd!z|RX(BW<5W}c?==Ih1NqDYONpUfydXi?sU
z*xH>M*$T@|NxXf>qCR-ae)-`~H(c0e|B4vz2s7WToz2sTigV%NIBS=;!5-~T;{JwC
zG3tS>LiuogTu&$S;jjCXM$v?1V|D8Hc{vf{_HsHkT?`zYJt?4(AOf<%67CW)8o!fQ
zso|Jhv`Di9SvAe2Do(d{3nbVK>H|E8#P7?OU9Fygsh_qJThhUe5X&n>;BcE8EwOQe
z<?a*u%tvgT@-;)XisV<r#r4`^W$iL;gAUj|mRY+K%o$Hz;w-VREfxW#joL2k>6Shf
zb+rbmF0+R%PS{`_V6q=2mhQ$;n2LrS{D|En^L-M66O%yQnS_WMc|}Fch#p5C(}@pS
z94^S`e24GXWu&u~4A$&%R|)!n&=(K<p7yq1?|rzrY(HIi<L~z4d{60Fqs(B;KOX2t
zv^(s<OGXMl&skiM>7M`w$K!?`qaEwLc-Mm!f!-;?^{vVJhzD42neaW`5B`CJHUDS;
zD-5Wk8{wiPqjMGEuVc0^Pm5(7Iw+n0(q#vWa1(35n5%!B<X=K2j=Wq|J*~&anoQ00
z9iIycR30d*EBMZAzgzj;F$j4blbgL8^<c4Z0s7wdtrWF5A-KWLB`a{vgp%mvt6^s*
z!kjAcb>JTblwY})+q@oQe2OPZ!r>{j8_A=@8?{>z{sp@*1SW&j$^3j}vQ3~plbjm!
z@Z|umMa)xnsp9wP+1Io$X$Z3V3XSOsEyAk$>swVGCkeP@g>7jIi4iMKLK!~jahwIo
z3$3Ptj-Ldd$muo|HKSGHlu(P7+jv4d_Y!{g?|I+<3R8LXs9X-mDi_qe-I8-~x*+58
z6RkAUU(drJnx*syU@<DFndksQ$0*YJnO=WAY4I|;>fh4hSAldP&iyna3zxy|gJYxr
zLFRNC&j_DMW(z0iaIcr25N(}aby~1`fSO_<VV#i7BOiuZQ=eqb7A<rp6<uh|oKJ0I
zl%o_uENCD(vljP#gt(-1#~o|g)~B1X8h!TQVpSWGi_k=Hzj{X3s@F+oC9aE8F9Wc*
z{RfiGuK*I~52!gnlz^HRo7=rs0mN&qf-QnC<eUSRZ%jX$FAn7xyjt`^*~Fxc>Cf^Q
zO!VIwj~RVvTP>HsMrvzFLJOQNm4jk4_7M-OtY-p;Vo_BJTp+O_aTgoI1%ctz6sfNJ
z{h_!oci+6^;j#G-2j@ybU!VlgMt4JvG0-y+3JCKoUd&68-IjpU$M%OiRRgcr9UCr+
zi%P=JzX%=qGf@yy?gU%UOrgW91~fmn>Z1TJ5BWZ=ifkdrp{Th`)1(m9<jzQonPw2N
z;yO4HJ)`TSxuYk8NM^ovAaOD~E@rsuNn7!6H;vy>+EzTTLH2<fRXoqfXPn-$DVyj(
zs^=5UW_wX7E!LNfy;??dvY;A(Mq(^}nc$yab3O944`HWY@}do1n;=*I;fgqUzE2SG
zd+}X=8pWWZxrOiMDz;zPzJhzVAhhWALawL@=}d?Qf`4q2XP42lwnY*H_x6iDY$Q*|
z7S^*papelS*B02B{z?&l^1^1uxmK~=pV&Dvi2eIrCg0Qql#4D=lKh3w7eKzXDWsBY
zHgFZs#>xMNB|UE0+l^G7E~fLwLgFP^*8gs2h!HIT2)ux}kVw9~ScO6UcoQFT+Vx%2
zJLcP!gU_ii?sXO2Jd|iO{=|Gj)`$-aJ{LaFnRX_PjMzn#8gLann!zmIOf7=`C>=%Z
zKbSFD#)b=0E|L|yh<aCA!_Lg=z@v{F6y#gEuIZ}lyBp|tH$}HeD(A3sNJdWfi1|m^
z#jj0=@ZUJS%&uCI9!q+G64a3vs@LDbGqn<Zq1vtI^^J88=o(Gm7Gf<7wX+^>7}SyS
zMMT(I;N9A~<k`uz^?redh8Tj^mmt`Aiv}*jCixISwycejQ`ZD<gEJ?F+yC9W0STUW
z_e>>a2H!lUv7Zto&b)7zZ}ZbC#XWzJ!;7@*iA+*u1yk~Do()5@YvW4;Y~CJpbje$F
zncLdW(cm#K9Kv0d^F^D$Tb3dr&hI4BG<hk|6Y%RyKvCKA&im8=`DC<M!u+vtpR+b^
zkNDVYJav*&IULx(_3N=VKi@=~IbL=~@T%J+(0xlA2I{B5+)+*bY2RXAEKHMs*N57+
z-`-`_yG)lbrQAM2{I=Q^ca^s@(|r4#9-G6Rb~AjcPUW%W92i7Q3a+CXps3vbm~+Z)
zqnp;$Y_1e6^dCViL^C{i66dG%qBtNX>^4I3=`Z#^IrDtSmy;Ag>fDy-VPU26`vCXc
zIC9<ATczn>bw2h-1F9v+-RE9CY;??mh|A2?-fzT1lB3)n-T0zr?Joni+gdx#*)U&P
zi+LH!!hOK0i9y|5z|l0ugT}Z&uKsBNeA3dJq}Q|)%b^9I4CQq5&VyiZuTFI>v=S(h
z#C>>n*y(d)c*RoHe8$gyPadwbxap&DcKX%9j`xpbU~V)IgJM^V;#J;Ny_Dr2r9Z!+
z+}aA?jVaICX2P)VdYifiSvl|Azsi4xV$586LJ$J-#HVI-nKOdUnHA@|H3M(KjnL<Q
z?upNbGc>=Fd5uY-Q8CyAJaFHhfEh;`=y|z(a|haeT`4kWeebj{1;+Cu<{wq{(2eV1
z?$&Q67tpz%n^g+5h_TJX-7Ac|Hw?Fz*5C<jhC4?#c;k@&QHjtHOCJ&wcFjtN4WF})
znS)rZi{S@j3=KU!#-8>q-L~}y%<ZA;H6~aIw844W|HW|qK1JyPEWa)A4c?sAeewWp
z?<!)o2G2bI=y}Ep=UVFp87!PLK#Jq>cZm>ATH0IJqbGm$XM<Bi=%8r#xpQY7G1+jM
zqBV+oeI(}g(UrcL;1BLg@<OjvY|s5=kEF>UbyRV<&?*-0RGVO!b!b-?<rnw$!D(|-
zXD_&kPObTv1moAhKzIWS=MCMyLNWB!VRKObg!(8936h)--$rXNN16-{Gi<kt7JV3@
zb)C4b>5B+e6xw)hH26h*ZdB_2{nkxaogqmmBh>at{WH3mCknrZQKNO`!!D62aN><|
z<4$eEr=Oo}0Ob`G`|S0D{{r$qLJ8N-^TGpV`dMwYfQ&FekAUZ!0HN(<wW->xo-q&G
z_W~n5$A+}^U4Kdn#p8<hW>bQPO7FIA-c^pgMJr%tDz471dkfdrKYB6>_1|7j9LZJ>
zYOIQAxL9_BKzaN(Zg-(5hdIp_gY~Y{?}$d{yD!-dgw?nA`rG>b#1c09Z~v5L@0?<o
z6mw@=pEom*S1d4Ji!r#)jFyeqh<nsHthB3A`dw(scY7S@?)KdMsnme0Cso$8Yl&aC
zVHT6J-`SN}WPz5WwX}_+yXbrks9uhHldot$M7haWmUMpE63Gv8jP{3*)sAFQc_*sm
z3ajeY_zxAD(<*N%FjakjPC8s4@z6OCh<Q<3zK|joA^**>DQM<{dsK*gh;*rn(ZgG?
z1g~zHPmFV8WNLw-BLOCNw>;`&_Ri>CI7`Ro7-sXPk;Xr5KJ<)A{?LxUzAwgxnPs;7
zyO8db^}ZD#c7y7`<L2#qYWMe8IWHg0m4*cchu1nTX4)hlrknoo8r6n&b0&b<Xqe`k
zvIvB2Yea9yX9b5J0R$t`aSA70Yk}oB2?wFcJHbeur!qJqIymB1L5nNEl>7(m{kC_2
zO1UneLDoTnBu=UwkEN>u`e(~o9HF~ROIP=M#3keeeZlpD(Cx!Ui01~D$VFXfabcTG
z;4L2i<N#_2&C==CaSCz{$1wSPS2%O^%$`^P_5o+Dzx$ZF&;Fw`%*I6YOTXb((8RR_
z{cgUO$)wr0`-G&ioc{|;C1JrN0HuAqgwS?pR7pP4G<L)0k&NetZcaDTiQ8y;M%40@
zF0JEvZ^0y}F=$Ay2zwB<MJFlC3U~5rJ8xm*MCqK>oLF^uBrVFqSlA>_h(TeI4TewW
zKFJ~!NBH4_J7sJS^N$-s#J;ef4|l1NGhCd)LBCgFC(M&)y;MZFr%`XQ+2ERX0vH6K
ze8Jfo;G|@mhe{`GVeJ^*IeMVkaml%9v(a@CngO<{h1ZB)9hh30hKIU^@s9yR`#Ap3
z_DA+_3XT>XIn%&qNhQznI}0bWs_nW?$K<+eyWB6c9vdf_YUV1=={vS@k_`|oF!wkl
zLnsrzR&7QbG@Cu@wFMvyjyGm@qH2V5D+s&55e=Hn3Uk^w*PN?1skjWGcx}(kbL(y`
z#(zdQCj1u$ro)3tY~<(9>t_B(uxw?kXL+iu+sPVxQYEezIbS*P)Gzirbnhl}fl`${
zITI7kb0iVDlSbSd8Rc<_VF$}5sM&#}v9X*oe_HP2Uk*{J=;KWA4oiR`5PMws2UJ)j
zIBj@1b$o^6F>2l)7S5gT@9~><JfCr<PGu~kyQ2^{BUUCXcDAXt*Sgj`0l|l>y4143
zav+L>(rH*+4yEs6mHr&M$eK`$MD-D=77RhXATE7SEKuurKG_}JdlQ6e>tjrQqKF>I
zp}s6AK^0`0*<tm;==7^-PJY*EWO7#<CH@;7<XRfiRNl2)H3NQ|1ag;$GuP+F6m6Li
zLvp)IRR8M|aUm<AJO?3gER}7;*LjRr9=`O!(0V$WaqRhmLIa^xiVNe8<<j70la?^5
z?)MXT#L~#NJcVGZ52xUfjfLUO5HhDEOYsZpECCOe1Re5$tQbn=d;5PGDHi%o#vrzg
zXL>lb2EkuWN=IpFr}rgZq|EQ}PfJf)=&zcz^R+Af<fA1q=vw@z49`d9dQYRE2?RF}
zCr*Se64ZQydl76P=X=!0MKth!;=%rJQ=%YoVQbCvBW6h6&4-&QYLE@Yw7p(2!KB+L
z(7P7}R?k`s482~I*Tpq%9$Ng58)k-wzIW}8r^p`t97}(RT_$ndC**QAm$06;3dKqB
za}^)t;oR_-FBE^YDAILIFPGN@zp5ca6jgYGrOHYeEm)KgTb!PwhMg~kcI%QVolY&{
zwR%L=8;|vPMMuhHB$S&|pY-Ui_?a_?FOD3zqCvMb{w+a=*CSL`kv_6^@{#SXm2pc(
z-F=Kiuxry2U`h0m;;*pzzhVIJZ!|EAO%PPYCcq^^8=?C+nIYIup2t8gFF}aN$Ab~M
zQ7V@B+o81B_nmOq3FnF#_@@M%ToqTFB!Z^1q)^IJrft*U@IBO;r>j|Q6ADdHWGJV>
zZGIEt?w1~GU4Xc{{ELC}^Xg`tf}+Z~N!b3X$Iti2d`LUB?qqd610R8JU%&9muE!f0
zS>X{#fS-h`GFz705Tiy+CgAvZKKlAtpMP8oqi5AT%@Qv(d99Moa=$(o!!sw8tKeJ4
zylwfrwodF|vDWI5f%Fsnkz*w3CCq({FAk7e&j@N+yEbV%-EG10$x9FUzuBxm`Z=3L
zymSQHPoayR&nUy7^syyayZJW4U)$vp(I%z|a2OFMlR~%1<}LS!aO=Q#0w*`hEr$@0
z&=pahZwz_8Ek0je;gZiv8j?t7?VwglXpg5|4OU{%t+MM#3Vlk5zssk>nU$-=9`J3?
zokv2A1kqA$w-SSD4%5?z7Bvp(-%GkR<JpIV4j+A>ervQ~bMz6qREAj}P0|p_NyMmO
zXx%;+|JQ$~ir52vfgo7(TA@nP66-H?)uZvR##F{XG}d;~L~02Ql)Io7wNOve?t<tj
z(BeFj8m73QKVO<g%rfWRA-!<J@?D=c%-JdFo|&Pt&77$`*`3zY=Qj=iPzX`YhoEXC
ze%p%r6gDRD(P{jQdBvpa`npAMGP$P%BB8F!W*DJ)hFl6MdNU>pW<7wWG?f2=4cQsb
z*%X=qqMBMdtmMt+ujLEM<qK~tbE6e(5cPfC0LVokW~Ln}ftK!7ltJ#VPh*qDe#C6H
z#lI1e`WuwH|LlG2C9Xs8NHpJ;n64x97#mrgEgjA0u7pBN+hlcvpb}PaAaf>hNEYB&
z>dtk}welqP&t=yA{-y9<s$Nh(-&)}}$gtkIj;Y;6UUx*rns#RC*(^#wUjh$7;^>_I
z{BE-5|7%L4Ah-JpmS~Vw%8XJMpa!o@uoDcrf3kDHD}=q?v@&+1jSlARD*!l+i31q~
zJ{_|r5mBX}|L_*A&0h^@iH+CM8H-HkNLQx{Xqwa09iiatrlV?mgwSO2JT2xw8Xb!~
zrE0y`P0vm^vD_yK%=tB}u^mnSe6V6Do`(A6Bu2;s@t8GD=Y@z3AWEsUWHH?J^NSP2
z>ji+CnfJ(<q|a4#O?oYrU)-F<cX8vFR;MsDN+97)(}ve%_x(t(etHV13gwqX1fL6W
zMc~7fOhTX#Fo;8-^`MH^T4L&ldBAN~r7rmX^L<wpNGrsT-zmlLxW}|RYL;DkQ4G;Y
z`kvPneO(9x_~dLKtDwqG*-n8X=!)C#%Ktx^AjE>!3^mw-_R~WIDncA;Bq`VLG5k4C
zVno;e37OPfmm{(eM-7Km4S%6NQ@z(2pH#B1;sDe{%|Ed19}1PHb+qI0e`W|cxvOZS
z_gs|IS`UQ@$K{o6FL$MbUsmdYe?WTPs9WSdpjKs>#^9g%&u(Thra86~TbU`nF9EY+
zL3>EXe30bUXwl2Qh*vjgeQU#hXs~S6Ip!jhYKRF^Nc7p-dvY2fl7C2EEt(v8p<fx)
z7q{;;M@fdNpsif_a1mWr%)ZEcAR-K<&`)<ATlMR82D!7nS4iQ~5(^_?-9D$0g9lv=
zr9xZV++=M*(yJ$i-75T`a_5alT&@uR{cg1F+502b_c#&`vY8Vr?|$cR$b&d(xnvc8
z$?-j))RX^fPQ$1RLS=3@*~Xvq`<)yJ3lLywMOcK0V5`Rm;Il0LH31l5aWDGjuvLkt
zHX3OWaMYhTqL&Z*)ne*4umP(G#dV)upj`lb#wNUd*K_)7^2Ah=+N<l}Nb3mbVunKB
zidZH%;>5JY%yiCmtRvH=tM@B}gp%B&#1)7BYl0lA)A#EU*4i<<r)w{RsJizzV%L+r
zRwotO#n^I%>Z=|t%blOFrQdOgIR~{NTf@j<nkB!Py%rwxi#nW11pXvouFj$-y#=%?
z45f-6xXC}M5x?QFJ6wgh_S0vgDv4)c)D<ryC)x3^`SBmUJP;TmGgHV6o4_#^0_~39
zx>-|=2d?vcah<EglEatkYI`)RscPjBKtvZL=`E{A;gPaT{+I6j2VRuW5e`;>Q~hlF
z-!(dXkA55y0GJXD2B);sMd=-F|3Km*vxB(L$A?)>^`EAT0tsW}wg(hnLMs(?5yG!@
z9cFGe+8T>fFkT+#`#U-&Y#1oN9vx6o!l|r)^%bz0-a{C-Lt}}Qglwsnn~iI{cZ7(%
zI0(0dbjG|+bkbJB8wdP<m8s=1<;%2JniSq~!rFqC*@J}lk#8Tr{!qKkk9#PypnIH+
zeJxq|IgDoY(N^M`snA)(Iv>mR`MMSTZ(s6wg}oumU?TU<cLp+i;^wH*OqI)#W_U@Z
zs4q75BwDNy_AClSI-BKe;erH8@HB`x<NTJ_H2i+7FqLtXhK)5d^i=z!%H@q~1tRtf
z85SEeQ$BeeQU7-R9n6Cm_J>d9xA#gT-=(@&cnhokUxhyGFDSnd8&9dhcooP7DYalC
z7n^*h-|fGO8eFN%up+JUH9owy_!NW&JoNJt82KK5U~Q^$pe_{+AO7>Ut$|7}{PJ9+
z1)P=or`YaH^mdNb9;&QybDNFz{m5YKni?MS&W(P#iH!D8r@Z3ACqYjbbG@&P*BqeF
z-uTV@mNjAje!1&<G}o|sRFuil-rVTsz#MHX42Mm^*6whq-{sq;T1gFeM~xviU_^U?
zbO#Gy(%sgxD2!S9*rAQlfC?Zbv6@e)amR{8SVu}_9C@!V4|lfD9uLu^3B!gzw?tng
z????9t!Vr>w$EGIOB}p~%bR(#_I`yt*EkM<7)Zj61VR@DfM@=)sE}3sI(k6YmSuf}
zr0HKW#~H>J2z-<DGofHkk*w@<b~B$AZp4T-RbDXlNupXd6H)EbW(;hhRJGx=ij}2u
z_Ji51E|I5-k5T%J>ujsGiTy!R2L7%Qv63J^`huETVN@8eqQP1g(5A&P)$-swSKo2+
z?UQRVARaJVu(#F)p%FT6)3c&tT3lOeefQdo<?%yY-;-@Gn-H<J!pZ8!73FCe#8^gZ
zo*v-4ZC3h<_S6Bp@g8&A_K|23J-pr766r0V$!#AHhqg$MFc1-oR7#szhP$flv|9I$
zV*&6I?ck*}YI4#cN{oo%Z|G!DbqZwt8iJGo?)~w8gcMBvaJzUpLcMN<+$cTH!s`kF
z{U>b~P@(T>bp<Ao{-u^y&pLZ>bl-xc<mKbXLnKM-3E>^uJA!RClmFfYu<TA1yfxO&
zce%vxnC|w623EVmH|2e7>|w1nJN>5PtG4S1?*a0;Ku$*;1KUZi)^0jrxvRrKy#6io
zHUE#11Kn;qb&gyPG>b4%Z0ltS%-|QfU$CHl??l<wvY*Yo#osJwpf{&{z^6prciUCZ
z_wIf^FWuWs#b-HIYwM5jcQ<$^K8Has9>zrq@Kr&hR&jQec>mzgwe%)7M`c}km-&n&
z>x;j*zz?O#@3EuGnJ-SQ+$tZs>b0E?%<huN@nqWSeb%YfyO@@)bJ?Hod{BEkk|Cj$
zNydPzBUiUk6xIONjbOG15B-OB7kox`K$To0CJCpWB74>t_pm8q$pX;bB{l5_onWFc
z_Jig1@2i;-Z0Lf1Sa7o^zeOtHYu>5Y=T1w&A06}Nj87azAZ{08q`KafRBYz52lX#n
z{?cshruh*?zi2h`3LV(<!ybQe)xmF#^U`*&*t4OaeKQPxowT3a>Fq8U8_T@TcFmWt
z1jx&*mtX~hVbr=q85$<xqeY&N*nq4nM=q>jA)fIe+h$`oRsCQ(%MK<U3NE`QDTc;<
z{cZ-cdTa?&jBl;^WQk+jusU)i%Tf71+}ee_v=Xa%$*f-sA1viS5>oebli02njth&g
zGbfydeiiHAzDk{U{@F9^&qV9!%{3h^mZBf_e_5|3{$K7mSjLY7R-q3Ue&xaGgaUXU
z?X@F^hwx|e$J8w3JGPY1b>1+iXBku+D`)1B>_bNQ@(pEJcB=mulEsi@SSYIu0d7h0
ztD-fP@DM*CEb|m-Jqvz{r%EJene?%n;^~IUJr9$Oy)X}~G@fMR=I|Wd5OJpV&4~=F
zG)#_Zh9XC8O{{HefM@uuzc66MD29GCLi-w1*owN2v(^37s7-Ne)Jl#3D~wep54ZW_
zc05yd`%!F)R-*8?5vR0XExZ5^IR#3C-1PfgDJd(=GpP-4`<DR1w&b(6z9K9?9%O4P
zD<#V|(*Jl-|43gNMt|!OjYQ*@@TetA;$ni7XlAmarP@MY1dpX?4>o+I6bthSYB2Bg
zNWe!2%ku`;iNVHQAy6TJi68Kl-TgMzc;dC#b{pEWU~+o{?Q0;qouM9g97A)wjAAM8
z?I38tGbgePAL5(o&qX+pv=-a}ZpCo@WIieH^s8^WTUO*|8Z>9>)cB(rGF&Gid9|_8
zD(MhKlmKo#VmA1hl}-#Run17Fo--DZlDXf}br?dEM*?_}d6Oizpu)4C3+$k<sPXu4
z?h(k_ON9}b74%DtXls#5=b!NjE?bDK6qQQ^8Yxc0Ov*WPkR7n-rReO;M!k$afnAEm
zLD!7;t!lyyTT)U#Xpb9s*(~RPA;=xE2mtEVc9YdxZT!$F8<#S%PhLc3vwTD4>S;Zh
zKF=z;fRbCQCiGRh&-J14?MaAUj}?pQ??Bjf@cWBo^v=69o1~!bdw=NIOSw_!BW$%A
zuK!v=cX-dKy67ZJKYHl(bKDUdLhP5*)0Obks&L#VM5NC+200=Xni<tOcbmLw1Nr-=
zZS{YhaI0k9?jxGdX^Bn@#_lC&%v|<?OO7_x!;>-W1>hVX`X4%B;T~tMq6#T)2zN$;
zoQN(Q#@Ad}DHg(k3OnhR+hQreVQzsShQ7Mp9yc_-!4h6VH;iROCMX|(E%KuWS_HVK
zo}T$6TYu*Y;N4WBE#C8z7m14k{^C^dyKn?E+}f4%msx&`SY?=$k4Z<lQK^OAm7&)U
zaN-A^26Ue;4CAx<+xM<pSDv>BS0n`;{>n-m`Nj#4SLIbUKP_KVczm1w;_Vq>o3ux`
zK$CO-r?gl_nqs6kxvy-)9DB@HH$Z1qprWsubPqI&W?no?!t}zyY=PRPthG@_I&>(f
zA+xhml)mSaIvCD{m=k*mfNWlXEGvt&LhrE`<k$aDyf6rDP`_%(7=%J+zEaze0`$?-
zzr@t7+3ElCLOBu}A5ARM7Kb;HmUhF&Ry*8Dchu)!rT?`AYB|2vJU#dU4I0LTAay*M
z*L0=^@8yKKln4J`X)ofhw09K!+zMs+qnk!V>BhJZi+waYP$>==A@;Un;FHMJcbOuU
zSFhXiP3D;sPm1qY8Zd$qq!%2RemH8BReXYQ#EyB)&cM#tSD688gVMJr{4Uj!8CnX^
zr_QgL<i^^}6B-d<Z!Lh_%<lRLpOG9F>v~oK(BD}(a{L_+%aed=EwGDq3|cjcPYfVk
ziMqS2W)}KJP5rsH7O2K1bV?}06{1W_A%D|_|9piOvGegsj$hAk&Sy@TRTyJksKigH
zNs<K=`W~Tdj$RUGE?4)yh4qgwf+Lg(ySa+w0)Mni=~|$Ibi#ZtSF{Va@uPb3-qWXU
zy4Z#M=-Yop=M`{8*N~&}#ycWOOG##pg*yC4Myg{(gp&X~F+h1Y`cc$VM1O$<lRB14
z6L}6$2k8rk$pg2$>Rp*Er%-cU1;4!`yUvnPcV*l>lkvC3X4vWn)B%cavI|u5HBG6Z
z)2&U?2s?rCbJgnAwaKOfo32~UA8%O+eIPzxFQ}*M{GDA(a<ugJf$RLI<6&Jp6&U-B
z=4~J+m6oTVr8<{4%W8D@R*qQ@OJScDF$R51-suGL(b7__%+bjgU{Qq^nm?b*Jd_Ha
z_DK&34|kg#bxAFLKD2~eg<#|_sV&1F)jR28_(k3f$kbmIio<lf%=m^x4Qv4n_aoG3
zQ-2nm&BzN7B+o&VK|GbB42hfxqtzmY+rH!a&Lpf`RZpwmGjoL6KH!wc^%n%o_97zh
z9eH}=IVU3Gy0OobzZ1K?fa9pc(_{aGHj+=zbVTy0o<~VW@-H!=F^8ASne~(?Ly?#^
z21lFbWWik%Gjbl$!-^XPbZ$BBl)rW*>Z?Qr@=Q@tzLQ8`ZHvgG#0cLcd$=s(4t<%(
zWwzUy_K9K&B@h>TohD3-Krq!^7nw&^BH=1sEvh-3_L%2H-uD8LD*vs)WWU%1+AD?m
zXwibm4xXwv0gfIuSmc9_XK5k+#EM-`azbE{{^|D9L#lLb3NYBOX5}*jJ={_z=yrpK
z+&n3MizlR1)JGDU;foh!<(riwF2uf6w?Q3``amQv#sG=}2@h+c9os!$I4So6(dc)|
z0FqBDNs5+`5{C8QzXk9k)Oa}vW^%#ge4gg$7nskOdx6P7OUjJglx*7Vkag(yrvf&0
z)B;wFWXnjn;>XJT-Y$0(Juj7Ca;#2lw};x-ugooc)5zBA`zN5g)!#gPHbZ_Y$BMdG
z>$rK$?W-eEjZPdb@!Nc3d^h@!iq8!SZ&W)G1JH~1-Ob~+Gi<1^<*i9R^cLP#SyFD7
zT?~L6-%3gsTawmdsT5qE`*UD|M*U5=iW=>%PD#QAKf55ku&a|43xJO4sT0tV^X32n
zGLmAYH@gJXIesslWu(%nu7ZOPOmsOLB+Qli34N;ryX#greZSdwi`V&nV|4uch-|pV
zLAQQ$tESblcUV8|FVDk05|wE`lh*2b(QUV<1KEZzV@*)6=Kobi32Ds6o|ycZbc;0;
zpL37gBQ5C~N-@Hl_~cD*gDn5u+5B{YK7e!3PvnXSgaV2fVvn*_oj8kcyLzu;Mg>Of
zTVdwi?;x>Q`*YXF?a+RF?_=ckASdtfm1RmO#(;=L*t6_Kx;k+()D}qwrMgf|sB?OF
zWCN~Jy>9(=j{P9&Jt2JGk2o4}sC%vxRL(=n0w2?Rv;ayBW6EXmrPnO~R$#uoLS#Y>
z+A{xFQRYLR0z6M?VehZjbdKjlz_emx$n$pA0Kk~*{VnG)T74v=rc1ZmV_8!ly&GHG
zqn_f8--%zVQAS{5W=*g^UwD{@%kk|ewlmJ+s@oY<%~5&n!@9!B#<?4`gZ}$^xXNA4
zOPka%7d|Tk>$C^+N4eYS2uGfl21GJm*P4j`aS_6TuP_Z5wBhozsr3zUul|-k>*mb~
za+FOXqFeGdv-ZF}4DR-dV3!?KDUjS#;R;))q)D~IiG&TE@640XSv@|rM}NLSELH~2
zbfFPW@BGBlDX!A%4*1T#deMAuQ?K95D-o4*-JXSq(1$PAgEh~<@<E^{Ke6VokIvkr
z26ufuRw)5J3LRqS2kmLHy-rr~$X)im4t2d9P=uXiI$o^U*Cbol>(>o<e*X8{#r(A%
znS6<Lf!v|bvpqCk^gP?xmW6y7h$=aJiYA>~IJY213Fg|KOWii79_t3@F~Vs2)D%UF
zpB`od9Nv)lZ44JRbEYsUD!a(9K~#&l!tD!!xW#WQU-4FNNrKm~?U`DsDI3k4*3k>t
z3pBaoQ<;DLXdcBad{{%`;FNes>TGt(<ps>m{ldwqE%`S}iM5cw@B+rsxr&|1&Ix3n
zr5ySj4dow7pO7=L!k?}M*4TQy!G_P4+N89HX^Q&h$+u|Dip+Wd27csYgIXe{J8g)@
z4@6W%dfpyM<Q((CNWTw>x2#FE^d||yOM;-<(`*$lwDKS?zIHlNuhEG4=227UE`pw?
z)<d4#!M5G83liS#aH6j2rz-753DNkmf3~{G(xBh_$<nJZ3h-Z3n@yt2Mc?x+A}}oj
zj0O?aRtwl7gNDdcCU;QzYXo+<mWZBC_0wQuuj07r&&Dz%tZ06d0%!+z-R`UuwXfaU
z=A40uDt$Q=T}9IGH_wexeVA0$H%L$X*)jcDf;rZlkXv62Fq`h$`<jx*U!(YBC>?C=
zmR*|iBAo1h!3a`lInWEFG-&A=Q}#)kYjYrtpEv8$Gwt{DM}>C=%)>8yRr4p)dgYg}
z^{~BU-%K)GNxXz^c{5We;wN`Zz+6UMjyCytz}h~$fXNvlr1Tk{m#qaVtfs1Do!43@
z@DxV$&_%TJWp=y02F1?o!>*2L^vkp_*X{<W9GoSZ`Df3WhCh1s?vcD&BKPFOLI0Z>
z0(&?Ytmh%BAG+7lDGz@<?YA1_9v<ln$E0}mRF}*BUmDtuSI_{FqI{A}d`>R&ybUvP
z*ndNXKQA?HCK4dB>u`Fz<q+J`eLHbH|LYfnqhs~dE$`l%d~rpa!K%;QK5R2pT?vV>
z3}R+{qStfvwgm_pp5(xM-d$I6n)ug0^iVx5xcEN4U>s5BmMQx74bc-}9J!#+y5<cs
z(*bvt{91QF$6=Ru{rK0n%DSHy-mE>;KBcHz2&vf6Ojpb3Xnds4(=XvpC?ct}|K$3E
ze#q$KKy&}UoDB55iN6oEENaqKk}-3C^Q_8FpOIG)BFRd!gMOd7IZC`zgU`L!(N!YO
zefa2pxX)7gy|}yEq-cVZ1~Cov!5B-PUoD$|f{+=dI7&R;G<Q8C+E-QJ)xz)gcA6b7
zxW49o8ErFMv*au??B~Kii>^K-xcTSBA}-(G&xa)Q90^GM;Bt8q#82pE^%t~~`MI~q
za_@YqV*y&^@e!7hrV^AKAUI*1Buk}iGX5EK6w3)U*xZ<_*{Xm?)o6ca5eL_Ld4+5e
zCo%+XE&^)q`=2+H2|jAMdK@y@uO5g1jZi<oTXO%ZD+dpvR7rQ4-@z#n$qhhcvu5GG
z7Rky}1RdEo#kk)G&+G%izr{4%(ZM~5Qb@rh2t(VJP11>P5cw~-zpNYn`lqT03l-t$
zuv~(eGW}l}0E9;jMxVknTkEZVK(0QdefD4hau`0~e_$vC5x*`$Jp}N<^}mBh22TRk
zs{}bjnm%u2`i1GP<Np<SX&(S=e*gRnYHYBFFKTQ~$$wp$1M~%~;CeW6^~3*f=x6@(
ze}|3@c0?5XNVQV;S~PyEx4LJJ!gUF`PK46)pA`!#mjell7TulcZ~W`bMGzwxBbxC7
zB8d06Cs&ytkDKz7Dqo!37A==!#h<a@wBPU}nN3X@NdNO-5mX@xbSdCDw%<ZbhkgHI
zY!0;~{p1yZ*akNM@Ke=Vwg$fcH0tOj&aveAR;VODlqqj{J=1v{i@0|3BOq>`@$==g
z8xX=BEy?%$r$aV^nTohHYtz4c4gq~{k3HZX=QY48nz6)R^mdb>ZT(P0c2!upI}oNN
zbi2@Holoyp{GBGRQVbj64TWAK;<EsAe6|$+&j>|S2$RnpHXwUJYP$b<WUP?Fch4VJ
zCiWzAHvs|O{+%cJRjRcd1H0+%@s{hrnMAU-ctF?k>46^<`Zk+BOG#Pqko|?(+NaJ#
zqN%q)zMcGr_y3$Y44IJ!r2~L)-e%H&H~klJ!9l3O><D`#WiC{qnvZk|(ZHSJus>To
zHu<E{mgP^YdS0VlR6W{OS1Yi>+1De6iA#n!D?x?hIUi0wBH{^<BDG4s8LvQ~-+R^#
zzTp1+ZuJ}&CD8y8vFGgo|H}ft{KlXEq-zA3{|Zg<UKnNFTeunbpAW;h0rQtXxwE{D
zy4)>NgUR5{a!#!~^vRa?(8|w7ET7j2LP{D-n%h%~C(||w{t7bJ0{wsfVx=Vp!V^|7
z_j_m7s{g7s8pwY^Dh4#8j|D)$5#Qq_mTcHyygWMF<!B^*uIz_*q%hlHW%5@`f46x*
z)_zrN<h!Enx-S4{md_P7o)q`t^jRrXww~_XCrI@9(~$iNAXidn`WyxkrsT0Hw5wu&
z>+!g7@asqbTc?GFY5%$$SCW!8fCYzEvFFmCVBsPCyj!(bqqCP?b`MfqIT&egQ5_UZ
zt(CRtVlW^Ex<~2gqD{@3l<n&r$)nfc#j?qaS@q|)d`JJ|FRDsa5D#9jqy;i|uka&T
zcFJ!J#&3SdQl4(#`k7V|z|>yH^bo^t>*aI4bztG^ix+Mq?j(q(U0X!!^g@ya<=Hv9
z<-SH)f&%dOly#yT<!6m|&@v}l8K3Jd)3ypEjuFV{00Z1>Ou3uN%?yxG<d#UQK!-Fs
z)6AhP34LVIqj=cS5yJWzcNJQ!4Hrd^ivhL}aatGErM?V*r?@TdD|F=Z5s-%w4M5NI
zRoV-Al_bJn*bm!O_E1KNn~V`neVS8-92)0w6MY&k`9GhAuKvy#GO}6Iszs<$^!j)N
zVW40iff8UIF_J!pqIZRp)aBab)-T9T-ku`XxQ3YP%qy@J%$O@twcwMW9!Nc6H6KDV
zAcS$aujFwK+z6axX$0C$0yL0<Bks?rjvLan0v+`BX$*XH{XG`L?*csHlwPD3mMi1f
z1kSCy7b~8<H$9_@;fX`bi=nzlclU*KBN^*;m<OPuDTD;wtZ2uH`By_U-xP~6B<}pi
zIUxqw@-fYdG5m-Md{f|B<rubVzf`sHX!iCSo#utS@fy`wfN6CO?`tdNr2~SHCtv9V
zVe79s0R-vj<O%eMZo@nOEYNaWPss8MQ%Pw<+c*}?QL)<MVkcwNUrfo~O{y%LFLKP=
zls~b|E6`6iu*D7!XnS{@lP7wSPn&JcO;0mank;?IrgxbSg@8-+o?c()g?|>c;MMWy
ze&Tj0Nb!L5bV_x5LaPa4GlamMp2u%jA3|s)vvwj|ev~LSpL|NTvgxpd&3ELd%MPC8
zNP(Ow1#5Z<$)}?R$F|$bs9ZJee>u9r-_Ea5^X_)iMa$Z>-~@7Ytz6?G;O@3o8HQ@U
zYW-R3Be-@7?%3|#{YpPQO<h>k+Z;q5&q9SbAVeBJT9a#Nd~v5LlJk@;A;EHx&7e55
zEkxyjgmZo^Wb!UwCU<`KMzsd_+r|zqB|_v|;FI66?-;k8twY*QbD00u*QMh2Qk*sE
z!z(AM{$8XU)e6U9Brl0$X@18Q=mYp^_gYKDJf%1#nmdG70Pc4h&Q6oM+3-^P@&4f9
zE|UX4N~)%v9slORc$FYT0Fu#St&X4h){(~f%#}LAWC>5>@Xj!bx|A0Qgoh-Gchxk_
zm^<fDvMFmyDonK$jy}c#Wr`nU*+-5td`IBTEMy)2Wnv)Y!Z>GW@jZG$iLh*Qb8F1-
z+4V+Q^H~2<-n3BS7FH5<&GFq4fy`^*{EvgL+hh_xI1OWXFGs#npIDKehzg6;0ThIY
z*UlF{w%LeTw?9!ee@iQ)Bat%cPg+{BFDAWQ>aKprvSE6ko$-!kI=yb?$c?;^E`-^&
zq(QKyDwV}~HNx|&_tPQ7UY0W0s!YU1Kv+bTX@S@kBoyXkvdb|qE^zqC&3i5I#JBAc
zrHPCIGU%87dv{^x=dSnmz9Vep%I0|uivq>e27JLEudyA}>C7@!M_)bNi@tU#dR70~
zJbCIPS$wnQf!y<tP7XwWnDpR>D9QR1&JmP6uYcPH%6-h}ucJy=)2YCdf2Ev(t^y(m
z@nyqTaE%77)yu92b<!hdtP_T$Cax%78As3~ioSbuPjaq?j}AS?WR|a=`HE1Wukbnq
z*R;(4<Yn4-o(skIxtmR&RQOWSADF^o$@HA-!d%mzOGHW6aHyi(d05E!WsRsJS4Lg+
z0cGr!^|-Q{^q~Y9$rJ3{`?fG*d6ps`H@hEUv|Jqv!>vrV=N+&5s?v4j_4%u!0l$)(
zWOi$F2r`(#_RjeYUOngvZXIvN9JlT;7TXXqGt7Uz%O1HvNz*bhrQIid)>LOuXsZQV
zj>>`T_EQk#$qA6pOb$jxmO<`dmbNeEVf`zknfi&~z3}Pi6Ni0Ze63`jC4O(ooEm3F
zv~m=$+}VIL$C$QfKtiU&!rp<KidBB7QpKo?CYLV5&1)z13`I=FCV*GM4djCnd$Q~O
zYZlq?yPBgYS!?-nm9Jb<tYOItDmBi6@~q#7Rq{hG7jhJcsvcgdKN&6uV<UOmTwBa&
zBmZhC+isu|r_Tszye9}5Jpb5A@;d?T_m^oNnL#XoKMn2Pjj`kseYO{Wtizuq61OpH
zGGs8PEt?4%B3Ir~n^Cbzc`fqR3K}K#!|BYuMCTFLTJ=$w(4hFxAQ9eiUWy0v`axB(
z`PUjj9><T&gCD2Ft<xXfTcog0$H$ymt=o|V`vF|vRluP&d+3aGHTY(u%}5;mx1rA2
z(IPH8q-^{PI~X!=g588!AtJ%|IJwh9{L4n>=z=-awKXedjT`2_qdbf1ks1!S7o9n<
ztV&TMfO?dy>5ja_zY|V2KWui&CnnVIpoRmiGuNa|^Fv*`@&Y>W&dNSJUKG?_GR`#9
zia44WMq>{MVP#S73bIm$sbru#OY*nKno+3Xw{BC$%`9`4Q3+_T25zpxBIb`+QyI<P
zAS@(AJl2l`)`@PCJ9oelx6H2=!dS8j!bikOLW9T`ha?W5H^?V$_@3N!=y;!lScT}a
z;$D`nShXz0qe<o!xO`DLtF+U9O{Kjh*npm?g3Ar>0*o^~(>B~E^0~Iy<4!;HV>K(U
z2+-7X4@wd5;0nD=4o&Lh-{o_<>!jf7-%Cqp{YFkq-qW^oNAHIg0km&v|8g{1q{p4_
zxPcov6|S50v)d=?PRRkg^CMSR#k|g*eOw?9Rz6Qxli)ykTY&Y4yW`(0*CI<Z49E)0
zk{FG};gx5EyfvoZrS*rz@!kc&*+IZ9a`&(n(jZaV*PKRmkIcvj=<FF{rDyg#?{vSn
z*#*3EYNG==b0Dufd}yY?TlNHvTFb;R_pIql@2Pfj`EZci&dXVTL#Z1Wf68G+8d^Bl
z<vH!Tq9w8>3Y7wl^4{Ts<_xorxuZAocqUxX($0G8TKEi*8;&9l+%y6kdusxA!~%C>
z!X&Q@7cf*-8VrW{x9&WbIl<M!e4UtR**x)q?yRJn964R$P5oIyajrQAqTR8}D#rI^
zY@XZ{vXcRgt+E~XskC1!>ZrF~xq+c!kEJ8j_v0zyZe<%Il82s1w4mb%xoEf9EB$d2
z1Y7iVRLG%Mxw!r~>~aW<1?Vc|#d0~^c6N(u@Yd<}>aA!viF8W0p&A$poUIG|eHl^k
z|M7GdTy+J@w%%AExCGz0ySuwP!6iU&cL)x_-6d#ncXxLP?k*dbjr-%AcklfHYmDwS
zs(W<R{HkVC9jG+&wNXCF%D3~_c`SX?`qkrM!-d~J!RPcT!Rbxa1izM4>o6h$P(v}K
zh&Thsi3SQY(pQh#sKW}3k_@`qWetu+;uPUbXT<tvgHPS8Wj`28W-c^q-=BwITM1W8
zk<tn8988kS4W&7lPEZnaALUYWzHKKL;%tP|KHtL<MdV=iGEoJ2t(dzZt(@&Mw-6b(
z@@SUlgY5lrq?ZF#&r><Qv!gQKy<(sD@}(_=l!3v9Yk4au^-XP_ewc_2@Oj>BgRS!&
zM=4u_VNrQD`XK~3e*}C_r&VW(2C)BiA~WO6Ur%jCnkY7Dk6mJj81=oOHQlM;Ev+t3
z@hB1Fv|Xp>8y_pItAi9eqf$4x@HI6x^`Grmi3aq4rOqjDMU(V5S679**JjmSe0w$l
z7k7WCEmm$(B1JRQ*=p8*+KeO~y2%suDi-S*PBxM`rfrYa=ArmGz8Z5waiAYA`X4^>
zUgPwLo2$RS%a7PH4r2Qm`Dh{Q04F;gLcSZ-iDnXnJl-r1)pRti>}keYV$ossmVF(k
zJXrm_56p`+(l5@!Mz%CU3XzCRPyWhLg_?d)EW5yqDTO$*I2_hms(2#V9``SIwEyLY
zu8>g7#E%bG%V#E4%|<#FjX%`mY(nAVl-ehXHA(*oBbniUGgD8>>Lv1Re0$dJcJy=t
zJ7eup;nHD9(qJ+gt#uCqNCHHWp^9pRm5&^mrHC_UC#9SY9uIAr_PXVv)XB+raA|i|
zuE?>6AHOL#stzs;4zehwkCKMrBv#C?H)q`-sPA33T)P&P)5`Y2+>85%l@~Ztis0|e
z;V^V(F_iAq$HehA+*D*rz^O_%4<{Ui(FQ#g_b<dP$-}|@-lVv|w7L{Gor8uRgZUp(
zq?>I2Mb_;4JhiFvD;@1)d0bPI?5hL1-1lU4O%n_axbi=vNInwg07MWyfDN$y6#Zp5
zRMFJ({x%%k%N7$q`G;$CmBadALDMjv!@6k<3+OpJzwE!Kh+eg)uA)N2vB06KrVACR
znv7A0Bd<!rCE&q6Z$Uopk4-=n>^8CYMm2S1wRxOuy7@ESZ!MBL_UDQ$+vOy;%1NWm
z0_9$Aut{n@+Hd|}iwbIK@O~#rmeew~B%U3t`-*zoUm6gKjLTLwNnG~RgLd?&r)=<d
z)4cD<lV(DDE0E8nbn{2@B1Ku<k&}uQn`%Rx9UYKIt+roc>8C1@NMEKAMt$Qzire<w
z*b#MH%GiTb>U{1Y`^Yury>Sc36F54Y7+a#-nLT)j{jCm}rDhg6dta#mtDrPKo}WH3
z#yy|6bj{Fe#1s-qZ?7K?z{D#)K0oDm0dnyiMeSzr#{^~wpgTCNkg;@<B!EGWcE*kU
zhuM03k7pk=J%V)1dsC2VPt}ZMg`Z9+QTKV;Pfp_DbpDz@ZEDLIKlH3dv!OdQZFTPd
zWTx=k(cEINrj<mS4yR?UtS9`w=0zkEo>#b0%5zTXyES=Mf85B$c}4|VY%8TgI(+GI
z;9~<Ia_x5R52HAui_Xr>(0rW`Q0Og7?;A1T4KnE__O%2K#|H%F4DD~Ze90%*LY24n
z{ryMr$Ag-EkQKFl=ROPLUjV=y;Nn7_X{vRa2@pQVGuwg<E~NHN=u34?T5CdP_ej!L
zWZ|g5%;<elETZZ5*nuc9*9w5ayY$63gDqSi7xK7InHBSIQMKc1ony&NG<+oJ$>MhJ
z16ac+1{LKB5l#&>@=awu=JI6jw5L1592kdNp2z%1+Op;%o<3XXzh1xP^hV&x{Q=g4
z<~h!rjvpum3}`E1d_ET)YhuJ_kI1}iVJR}szrMIRUSth6W}6i-04;vVhB<S4DTG?f
zbqEe04X5iXxrrn`7Ts)&YvdU&_f#eQ*^O1|=5zBT{q{yyRBYNiP#|BW*uJ;Iru@9}
zcCu|ltA)TlP7Hlka^^KAgaptR3VGR^rxwONwC7$k`BZ-7zJ<h6Lk=cu<Z;W}>rttG
z|9<Sdu<#u<BkARbTB~WMu2P^SMW)VQje?zT**jvUKX|SwNF}qsXLo`AroqdsFPAo7
z2K`k9ZrOJhAf}qwssRr*IPEACgH0+}vwD%G1~ML8&=_F?<!_)&xUpf)n+n$pLZ_^y
zKD)%V*LQ$JvjEzn&&Q5GSS~Z1E^Bv!GiZ(?yfy?gW$sZ?A#)|i0%=?RjP9SEc>N!x
zX!|7i>dvO=GtI|?lw}Na+iHaAQEpT@UnrV>7d`ZG=Bi>wCZ_&oW~;3}(y*^Ag|A?#
z;x~k*6`TA-nJAao-57Q+=~vY`04kD+EbhtNQmWT9&AT+(_{a>-u^}f9%^b^#q4weR
zPTjcp;ulfi?VrJi9I(uKhkfP}c9A!D*go?^innOTzU7)73P9nN!~+iv6MQOu!dz@Q
zTOgwt|M%ZNV<nMmL;yRo!*e&4IvI&@J|eFs@J-mEGMdvMYJ1qI@Aubx7Q(<#Nl*1*
z$yjbRgGoSc$+yFD`5S$zu8v}|i-A={K=4j^X*k_M%IVEf!&^yZW%Bd$uP80|mV3?P
zNg^O*#7ztV9}sFVy+th>3DmoTCohp1&cJu-VpVb=sXnk`27pGxUl(vR`-mL&E~QUQ
zY?_YZ(gZ?>Q5>YP$`4zI)K*V${%W8r8Wb@)YDHDM=Xm92)7+hCGO5^>hZ5!waqUT0
zG^dAGgvy<rPBbq;<oZ(ls3hA;^WKQ_G%QPd);=)fYajmAmMFd=FC(Iz_Raev9RCIF
zthyE{cRE1lJ*@b>L1?&P-{=cKcA49aR{9&B8!weo_8ITPx1z(t!*$p-CgrI7o@=Q2
zxzG@AuZWxeN|%$DJ&($r+aSfK2XTz3>0u?ySI6E{?+3*ExsGrcB*1_Kfg$g%OyT@x
z1LK759GjrWBr}7dlBM*X`xx0#Vi6bNJ9pt7sB-DO1FUb|H6~{HdK|=#x1`Jc6sKrO
zU423w%dVp$iD_M^mecTly6wZP=*gBjmBV$JY~T}8I>)Rqe)Z#52n|8?+f+`>PDE@@
zk<ilEaL#5<v5+9n6nm1TuW(p7?{3u>QKbAFrcR*>CY|Vq;%h@|Z+pSx<A$yb1D~NM
zOK`CD^N-A&;@N-2YB~p#%!NxH&o1u{om5>mUdIh@KSD!oLurfTi(ivN564~Jtv4SI
zl2UUNZ<ODoPQ&fHuDp$W2|EW98PmFF=TL^MGb4M5gpm4QuRF}zg)^J&w=NQ>r_S^g
z(^&^;RC_PA<3hW=-?@kXJxJ{xm7ji9E4;p0WWP;L6_T&M8Ke=Kee|^Qr~!_R6IB`c
zzQ0=!f%b}zmq`}fw35~Ebf~AZmTg2Fr-sQ4(+;sKlxim4S)Z#p1bh@QqEKcny#G<@
z3rg|w`r&$BqM&SA1N&cOrSM#JioAW0o0guQfxQjCwi2s7Ejm5~4O?ZfD}suUKKn3z
zqBXlj1fPyx*#!#Kx^BI8cZyYbk#0aD!QnxME*(XGxE=q#V3pNI8fC;jBaVX_Ch&?q
z58BN$c@;p#OCEliIR<-P2&YP!vyX3^;Cb#@Yh0Y7C0{|={w}?LIEtAxbG$g|Oj$zm
zH>QG5;5p{IH%m_fM36uh*qLiZsJAUHN!CjOi2qc;TjSAoimx0!+Iv8}99{ad?w=A8
zAftSXl9QbfjG@LFuJ&q#DO{R0d#RyA#$%p&rEktd?e$tZJAH}MZ9Nd}!}h-X<*4yl
zHopzu)1veB4)?_R4+Qf(97>>2a6n+6A~j5g=%6)igO#hANItR3<KrCm;N?sGQmPmX
z!xqAR@q;1C@5P)czw_y>>1jWO=j~1~T*!?<R`(PlRR{wE!$wl!r}11mkF!}7+rCoy
z(rt3}?)(;a;ha-h_0H34wgr2pVAdkjRwLQf+YI|#-onoeqDzj>#Vw-ZTiIgv=lCDo
zrtU*gxKm3p#j}>b4obU19u8kD-<AXlujd}CWvU-U3_V%&^zBWlqK95QEp@u9T@clD
zI*Y2Wd$~i{qF5Ekh=r(6!o2)Ub)Kwsx``$d9c8DvJ0Ip+g|~<b)pVj~9S({=SK|Hp
zcKmkz?f`}#db*k8zT>d({G`TZp9)oiV~8x;O4W+TDzxj{Xo|*iERSCwo~mT>pRU@N
ziW@}U<(G1}4=#&MTW<~a7EliJKhJ_++M>$b+>!^<&DP5k^%S4`FTMuasevr;MErcN
zaT))@!;P7i{e!^ZQ~%piFF%e{u`BZIiBFv3)1yz}Ld~{MmqVe75D`*8PIZha#ngbt
zcqO-UK@vD~I=ApRsOxa!&op}mc6D;fl1t}?HPDAwhzJ|?F)>!rle+Xn&_e-lvY)8f
z^5&^PZMY#L#@Fu!m=WX6?stH@KkYEtuawUZE?lbdJ{}R9qZKM#@?sF{azIksJh5K&
z?gHNoKRq#LKFES%=d5Qf3~pDp3RO}RqeJJ46r9f+Xp3Yo!|MD3je5NbkwQT2RFx@A
zhThCoTzKGFkLQySvHmx9yvx|nm`#pN5$g}~jZ?flR_lh_<@b4ZAz8HIM+Bc9XTQFh
z&UpWVM;HRh5y_8xNrj4{N^IWjH<U%(EyLx?(AFY)KsIbDQorfysLn=Bk`+>t4o{+L
zBNqBuDL@WEmc6cjz^c8nXdDf_p!FQ2><>R=3N5rR7lEZJ9_K{xx_7G`3-UXxbih0A
zib(JRMqKJUpLHABp9tG>M!C7lad#PC0KOI9^S}tG)o)Cq5ZbBos$E)VBXpbt2~0oj
z7atQ!Uzs(;@%6e@Wmi7`zu|!^PNaIBwo1_x2}#w7x^|)WA37j}E!C$sP{OQIRGOxv
zs|(DeY44pXoB~+b+PY@ZC!Y4zQ2N@$(loog63)&zl&~?#XA_Xae9Q=j(iZ$&o~!5&
zWWyguq@Eklf+bKddLx^ooC`*Pb2RfK+mc7{MX&_moO6pAy5rw2T)_o_YixE7yR83V
zEs7ts_*n1f@|Y?=CoUg!>nCKb?_=L`O9Wy878wGGd`^tKyJ@UnRo<7Y%8aM&)8FR-
zJzhhJF}KfTMBu&H4k>goHo&*{Y{ajy=Vx=pfSIyU*RC?<Qb4H?c`#1C{EEY|ToDnh
zMlcgOUs}YDbeD(8w^h4A%Bctvd|p?ZqY~lT8x!j}%;Y}rZh6?+BKf(e94VvL=&gAh
z{6~l-#n>jIGaFUy1A6+V*3XBJup_eD?q}7<48QNcH6B#+ChX|wG)RQvv^ra}_FnEp
zP#?3Im2FOVbrUWkRo5bj7=6%rAmcm;nYZM%Zo0S0B$sS%kWTy9fpqA#c6y>IP;m`;
zS3aHaoV)(@EXTOU(5+dt{^N5x+P`$?1N~x#R39vbgcA>0Joih~3$c295I$w@qw|?i
zAQ@$PjME_RDPJW#|CZ&u`p&21;1{j=>n$Z7#WSJ#{*RQ7@ux~XtCXAi`uzvB@N3+u
z+%Y!chbvRX(D!eSq;Beh$K_-(XFoDj%fh}*Ke+!2;}OF9WKjsaXy<HTsfSO(IE45Y
zk*P_8p9VA;UiJ&J<lb5^%#rBmi?6eE92XTkn&!^r(fpDhuA^0V8c}vD>g1xrIW9RW
zuGWW`V3RfP8D2fCa)PFN^&C-&7YC9fu(Fy6Y~+?fKQet#5QcTukee`FXqO_`UcB)%
zJnRNR02W6nFhvc*HjNZhyi(_>^osooeYhBf#d4=Er|l*w(lRDsRa9ei`1&O6ewtUM
zNK5El%kN#icBu>C^ZlJ8rcO#nK~8Xgc*`P5<})k|FCxa`MNP7%0z}48pjr0hj{J@T
znf?md{ouiIMTIafSFBx<oOaOo`Q`G(G{foKofag!7h8WCK$1(~dahn}b|O%FKmOd)
zg5OB`k0=w<S;6GJ2kq!nD>6z11(;+o1vhoBV$mTvF6PWyWIhFn`E$=&zM$IV<5qzM
zT7dMJX#bkTYSlAo_FPN~&*8)j1fQ!gt0s=sRq^ottk3u-C2B>@J$2H&=@>4`VS0W)
z`#yv6997(>^y@uM;~=&Ljcsre^GDL#@n#~>G`M~j2U0Ac$HJE+^lw-H<lGej??8B^
zZ(KTpkj`o?`+6v{`yPJ>TpB$#>}9sY8BGUwYm7akfYF-T<D;bYRpaH?>Fhq(oViDN
zZCdWOUp;0?Qw0>^cYre?6&X-0JYTZM)OsG|H21TJ#Fk&RY&Y$D*=_mm^y?73+vk0g
zbJ?`8`Y8qvQA57|E7=Pj|3B!HnGg+!Zfw!Rn=`*?YI&XsxEtm@Mguw%QwadE`(9K_
zQe+3wSfO4iU1}cW-1-)NhAAG>BYvcl#TS1SvOEpc|EkWvr2L6+eQoBCKTBF%TmN5m
z?m?w?g&z9b_g!}SC;jd;>x<NTD-}-v>u`B_pORs+@Ap@Zb1jYMH&%-;03kd#+y4+k
zJ=9Xf766=s!N%SHn^+(rA&jYf=W6f&*UWfA79L^@{zXas=*|U7@p#EJ36ZIg=G{kt
z|1-S`jvK`P59`e=i@FUv(GA`6sbwd?n*1+{_n-C=l}JFcU)JHYC|D;|#VXV8aF{!!
zwtLVw6)!{5_TY;O^Jnr4$u4L7-?d1S^u#9czIhyXKK+*|_*|cGDOoOj`g5UyVY#6r
zs<K3mlNg1ec}z*2Qt(#wZEBr&Iz%ovtEt|9rF$GF=tq`1T!0vIz3KnWsKkM!_zn2n
zz-=SZ;Eb;;;>`zpN0QHH^D}s^vF&ru!lNYHIS@S*fd6Y*47mOcNao<Zb0v4@H~Qg9
zzztcpkHT+yTzHfrr}N9T9`C<@N?8@|Y7dhgpfy}vKv?_zf14jrpw+K0gC_odin+P4
zpWMqoC}ynxBCS0ZV*Xj#+vos>d|b$HUvK_L?foC-;FsuUu~&e^WQQUEfJym1YQmV`
zC3ZfRq5ADXEcNtp|BMSzViT)G9#XX^@`SXBqCd44S--=}KfUHaD46-C^->*L482E%
zJ*e?^t#<P{Vs3}8!vn?K?lTk>8yKpMB>czF{MgK=T%J~Aj>VvaSQZ<PUbU8IT*QLv
zo$i<*q{-2F&OYV8zRxol2!fm|^~RoB;eJF@&U9s?>|cphyspAr0)w4~)h{DcgB(dA
z2a>n?aoNncg%Lq{i3q#$nkp(g-u<h+%C|zRl5|rM?ava^|8S81(*T0QS;CONBk7;z
z&Z&d{*`}zyG(XS1g;%vJ@YPtRu)D2|H`LbDw9q27%Y!G{UePKTRLe1-x$*leMnOfz
z#0G8jr<&{mt)8t}sdJF_$U?-gDTgbbTUIs(Q>k4)^c3M0H+6v^CXD$(mF>~@St1-W
zP^+I7so=6*okuc1b-smP^C!g|UtQHny+}9DcI;}RfHF245FpLvw(iz;Y<icBjf-v#
z8(G>O(krd(2@z(3Q${o1lQ2Eb4MI-9Ht-Np<i8ewdIbqFt)`{d%_I0jMUkeAr!XW|
z>NdB<$I?}`h!!bkon!~>@C!40krc~gOn*9{j)x%OXZo#}rj8cKBqE*~IN)1+W69>Q
zPU*j!;=4@JwQH4#5q!279@_WJwKy!+1b(KF^j_zUsq5Z1li;^YKSM>n^M-XoY}v$|
zpx}F02;&jAps|?<OuGH|m&??fDL$ns9uSZXcn{m-JNub7IRm|~daI^CoBoG&bMkW@
zk&>c3rqkJmNAEuq>V2;6r)YY^uJx`UD405wU%UK%@7|%ORr>9~sk2i{!-Cj-EP*jJ
zxE+ySHx`nfB9$H?JwMQnj*c9L099E{A=Wk2_nC?;3Y3X<@Z?e=>=ht&EH)hIZ<>m4
z#e4DyNcf0Ca`jY@zWlnny6uxK%ZaO^Um}H-xL^8V$Jb^Lq;e}O8MsVW9j0PcSVTVs
zM#OJkhk12!Ia;TPso82;6F*RyGhu^Pmt{=8_}AW4R1^dW3*$3W-Wj3<CQ}^4KnOLx
zpBf}+%@d<t?VWZLlJm)>z(NRBy`S<IV5tKj2U23l6kI|YgN&r#A8S9qk}=y$D<#tX
zxZ@7_DP49kyyz!Do*r#d<ZJV`w1<<BP}=rM-5;vxNc<A@kH*S!WA*x5fAvZ4WFqw2
z6PF^L2IO*h=$u|561E2vuxG*sE^b?X79&i!;*u5xQJ^dPEEI|m`m4K3kwEXH9BxN{
zO^Qo2RK;@5p=Z^>*EzDjZp<`N>xP3u)>HtD2cgtW#x~TWKAs$rLHxnfzZXxkwa9|y
zpZks?3fTNid#pm42&K3IH9HqlGx&}g@_joO;L~6eB#s1^*yE`n_o;!S_p8ojHs6j=
zRJrdF_dPra$d=E2iaE)RGfxx|q-io<fjF;Nhx@HW+#rx$o-cG;SFqPT4?nLp+^YxD
zeH#Ku-~~uK_qJneD|JbIw_(rhc|p)yi*3yY7}{jR=b|tRI?u?2XyRkcVp51fiN6V^
zi(6&6qx=5Um((@yjgr&*06%x+@P+RV5kVvm+&^hY!&m%d5oA;t;+S`LEEkgOr+m-B
zf5`^PlA~-dtC?4q_k_|s{jemHV+eo>K0>2QZSpd&FTN)>^ysP)UMzGTPtB;}%Jd4G
z3dQIjVYO)ai{3*&WRJhm%ny|<km<$$D5n0FcK^FRCm<E;>2CmWCy|$sK8=2UMmF^W
z>GaddpMG4#z^yuO+v@(ghuN#AqorB>hec`-T@Mbz_|AkA3aT~bXsBhEU}%2f87n?f
zk%8CjOLMH{aGP2tO-|Rzr3!;oDv0Mcj4jP|4`kp^teaYnofhgIw|Wsu^of}u3Vk-W
z#G^@zlzQ9UDO%bojAU9au$o&n;zO81Eocr06G5KiP^eiR%NJ1)BFVAuX2l)HGC9>s
z!L(=Ny=TKe%v!hq^b%{AudGg@s6TCsZ*-?5xWF{k$B0boewOc<7WI;v^@$tbLmTcV
zx`aGaLJoL0&UdM{wM@9v)h#GurF@}JTdovajhFtql?wLw=5%Q~v&5G`H-gimjQC7j
zHfy`GKwHkqE{nVGumzJyPI$_Tn`$e9E;J-j_v2{|O33bO13@_SDssV6Q$Nv`rst4O
zN452m^$aE`Bt_BF@tko9Z3~}OTOVz_(D|IPCNgj1Aa*J?>w`A{)C=k}N1wcrcak4I
zmhdu{&DQViAKgvh!T9N<?}_}i>*2E`rpsS+Zs$8_kfY03tM4M_A2CxOAQ+0i|I)=$
z)qNQSrupudTgS017}^g^FWs#^_w>{zUjp4UGZcon`<)g|o1B~7;x{!)>wlMDmbC6p
zYf1Xmoj0HD<99l@pmu2wpU(yz0tewste+2)6Me7X=P8rzSE-`N?a-F#-QvC<$$3a0
z=r&Y(1#}qgC*?~3A1z4nLIL);S0|<($);^nwghVw50%Oj>bDx?X`N(?i(fBoY*M#2
z+I0v$9E%%Viwf)L>0zg;6Pv5Gh}oz#T~DJ}w^SVl(s3mEj9TA%Ih-!**Y<lP?!eg?
z*q26eODJFYuBi-fes{R}1-%}Ep)w)-v&Ot~)`^>inp8M1P8|5n7gNV+LZ{;PP}0x8
zQTZqmCwB|n<5_TxE`}%$giqwClGqEmRRJ4ptY~_4=6SFBGi8gj5QW}%v0CrCTv@%G
zf-|9Tt7v0+O(J!6^g*+@9pYV2<DmUEqUuz8y#}p&UG~xB<I&WnF<X?XM9t==ugN7c
z3oJZFA2i^i{6lk3PXda=QP8AH1t*TB?_((TPhFGZjyG55gY7~!r%OE*Ivr>;-wFfm
zZe3sSlBN+Ld@NK+`!I<(d8euZXl!9(kb=<tROkJesSWO*mUo*ubJ%p-((&{at8Wlv
zsVof}s~x8r(~Zeu!mu7E5G4Pp+kk94ZGWjxrc`N}q(N<%Y@v&+%P+Ed-}XeY;)ZHo
zy#Y6RzhUdNL1dWpla|apyFnUjvTRLE@Y_STK$GI8<BVFJ#~`%lS%L|{6n+y26o>;n
z{T*p`Ha<{=mNb;H0?O^?U&xY6zvua(Wb0ivN1c;xz87Vq2c;B4rTg?x@Namj(+|!T
z#Gxx9+2W~`zp5YoLi|j+Ztf$v7IY~3T_Ch_Ue$-&@wNSt=^b5e4#x5>*NVh9eFXw=
zG3?^V8`D`_NE10Cz-YzGtuYhXz-uz61y<I3$VRh-dBfu+vaT{u%<7sk>*cVsAmJQY
z^`~v9R{?=F1hTn$+Fjo3dX(U>^N}+!R&W?!FQ>m>^t5n`^^;ioq;Rs6LaX`v?s%3B
zHlIeU!Og|ZWA{bB`yG1c;XO}P>JP3ui{1OrQo1|ond~i`Y^$Nz|3KL4D0pB`dF~~g
z2}`CzmYd>~3$8(qSwa)N3kkJIUKr(=kURscr<Xui4(2&~3P;Wrk~w>e!Z~}>N6t1!
zdDFceN00KFwia=Q`R5*J=bo^u&SPN9(CN6u*fctpB#8r`id{T<uG9RtkWc)~y>lW<
zhX%B*JJMC%-F2ZKGEqz9zA~K?kMCQjQuR2iy5gR<Wd8_?)IE4O;;L9(rTyA)lW4UI
z{&kDL=`qiLo7gEh!r<qptzm29*74*EP4I&M85jHg#f<J>4E)|jblQmw{zHCuc<9=7
z66X>bCGg*zxIJw%R7cpHCRr*|TLPB*TNmZ_cg(pWbK{?`M%DKHDb#@JT*lZ58s16W
zu507q_F=a%!Evj7C@LlqZ*s2SsH}f#Ro?0vb`}@`yG-o~qzhL$mT^j3jVcCRj}F@W
zUVVfFYXW1eLy(U~QQOUyQjr~dnoM#pWg1UM;WVD^i-5S`#RXaXv*aVauBJkLWFg<c
z3T}&(PqV&Mx`RH$YF7e9OMn|1|KN#6>$AP?{%o^dDpTi&Fm;W09qH2RGw##bv}UAy
zB$PSO1e?OP-g_@b0SrR84`t=8-sc5Z?FPLD4eup=xJ9k%-@T+Bq=dSUOaw1z<5JF5
z6&FM-o<t)#ZO9>!N`24YJMLs_-n=X8xPhIHoX>Bym)p}9Y5S_udf!U`u9D&$N0}Cq
zr&LcpsL_--A;fVLd@1K3Ww7M2s+ReLrN^D(8u2oIMqsvXJuYePcfU8Fxkin8De3LA
zo{7?0{}c}-NE-#OCG&|RSHz)Ir0qq0uefp46r@m%;Uo@FKc^W6JyW@j3O?8*eOB2W
z(gg}vuf6XV2<o<)384s>3&Xe)IcbGFt3;;SojW@mW{m29@F}!Nj59bNVwo#;|K4`q
zIl#$VmCnYGhh*kn95)b?a(D?P(wo-<Sn)8XPNQGzvno1k%!<$6&W9y*X3PLqq5Asj
zcE1SEFANvQ=dcNAUzqL@S?LT{7-79J8qzDyL<tKSNril!Qsuj?gZO`&v-(NeTJ9i9
zxBQN{=qlzM>Hcs++U!pPcG;jK0+NiBL_QO~L?3deCACK^$UozX8H@;Ki(?uS4xXUz
zv16U(84|QCC)1p5c<<#3-~*w`R6ZtdVMShg3%v)zU8b4ZkH@>}F!=~s*U1n2OFlq-
z*~PtI7&$pf6k<XRx&{u3Fpd$~d;o@KBRov9)u7dB*@ACV#Om~-apem}CUsyK0w#p%
zNQkf~Iy!NrJRAv$u$$I<4rtx0PXQca^}@98!z1On_2*?Xjq!>J0AN;;5f@Q^%5?Sx
z@pQW~s*gFl3P};1zO<imp)G<LO)p8(6{l2;Kb?#K>U(aA8|Us@34!-fzJ6;IBCHLD
zVRdnW{O0YiThGSv0FP#1@1rDcf*Q><BSX@|MMTnCZi{K2C}?ou2|ZOexcdqk^9)Ku
zznq2TB~6d3sJs%ut>1j|lj~hM6H0HpCy%xjCNm$HxyLxkbM-uBRybV0AB8^p1%xA*
z*C`)%T(G&h3-sIu_GmjJ`~7j2{{l+;GG+9=!e&jMytW>r0y*fN?9p(wIf(~fc7Iwk
zc`UJckh=A<qZwbUf-tMjKZI%0M+oZS9QK0GHet{w>$2FfC}BS<$|;`3cHfG+LQ60(
z;bf8PKKBF4JeWY4)P7l+UagrRZt0Q$*)$^6`;R*P&GLmOuoZ^LA2K5MS00LbR?@Wq
z!ybMNb0IFtk8gm<64t2)DIT}of~5XvKPtE_0faen%4In>k4FC@wBLmydEP1-vWP{7
zLqzI<Z*?LB$uEK%ZkEw&hI)+EzUhoP*y>|F*<I+!=>3iX!62(jb0?Wfap+&8X^MhQ
zcmI@EQVeLF-3fYIyk!YJxU>a5U83p~Imq=Flh-d38JjT|hAGOoOZYoIVjDv5n>%!^
zEnz2H%0(-*G%f(G1LUC962RBr*2iNl{POQNKWz$f&PsVGVhz`|%d8Yf_H-jnA@2pk
zM@8gg@0})>FCqp6Tex90_=ISrHUxf|pwI-HKD}Q)jQ<PMa5`9PC$E+Qh;qLQM2xie
z-3*`Q7ZyNjVWp^#;2Rc?i=sY~;D`sU<|3U+o^_zY>Yi;Sz#IR{)v$|3iler;W&_8L
zC^$cilw1hb;RZdbnTQq$=)D?j>X8$yH6_F*#*CDh9)o)nW=^cgi%o0VY@}D2xERNh
z96P;D1*$-<Mtg!s9dE7cl;Ne&8V%A+TFDgCc8n>GKCk4Z_bwi>H%~4?ioZpz<=m17
z#2?50b&)v1WeZ~*7D%&K6!Tdtjgs|46-b3ud!uTSW4;%Yx3)-T2e}W@Jwz+Nfu`IO
zC`Q_Yfx#5}nw_tva1~2(=n)imS1h9en3oSk1s<7a#HIX@k>EN8PbUyI4{NPGzBUv^
zC9+pZDBCJCRc-oH=z%S@L;(Xo&6kkBev#`B7m7gH@qfWi`X2bElZIbNTQPAoduClg
ze0-)G6^>R;ZkHY3zTR~T)9UCEqaY(E1;o+NxqTaTZ^cZ|b<@i(93FqmKWVMt&FLp-
zb`@H0s8_D~pcWf4eqB{or`wD{#e6f!7{E@}7;Wd1O)^e4aHg*pQcQMz`aa7vp!=)w
zAz?I;Z>(v8jFqcgKBU2#B6U(BIWP=)7FU+RAk-%a?8`^*H;4Umw1rwIEKzM1gHVj|
zAjTJt>#fMCtm7nY7uXE}!a<yhhnvdlgwCoitSzMk<%%NQ+{<hO5lcPXEi*E321Tc`
z149R^tBz=SYBB^<wP^Rqd=Bp2*~sx0FG#Lj=y-G(UYHH;&yN`Ld0%A3m90HYXJ(md
zq?`R=duUpWyvlXG;14sL9sWMu4touxiUKn8J5h!(vG>vsf#oOMQm_ulL>{PzbU|W?
znR}7mQHkdVRt_<56v^l>Itk*!JFbW=U2al_UlDGTvAZVX2L4)k9-jK3BQX6fA9m5S
zHKYs7biJ@!!?Nc_zR;zq_DQGAInW#<z6z<@N2)RyIz;+oA<m~o*BlL>)U^Xq2MfQd
zyCs`A6UX-_H}}_Jo#GhA1<X|l<A&~N=$f4AE!gF05($dDfdP?MUuWFnLqj$4*TSAP
zfbv6XN9E7Cv+63#S>IuN6=DAw9~WGU*(>N!dqRKO1p3I}_Ux71)6cy0XVCmzaF3Nt
zT~KeFiA4Wj86`aE1u3sFana5lGxOGXrcnINw;a<k1Fg%RX;ZkWMhu-1MP?w6wmh$%
z56BpD9wnt1E-qj50+*5CwetXk;fH$ZzIzZnAXdkoFWMv)$?v92)l5XrZg%ODNU7BC
zl!9`qtLY)&Vz;5X%VN2+J>wAf5A;uMH;0(5flwjPOKALWGz|L8q%LO?Ve0qpn1mdp
z{6TSYTJLJT2j2{7Dtql@Z{@1KA00n$1mklx>RNBpDn8DMgQ;TgU?I|K$y0p?>v(;0
z*4-#3bU}_Yi@V8dHwW1g$934}Ib>Fdl(O0jRLQztVjd@9G?eCs13_tl90pty836jN
zjM#8ZxfMM((aly$y^EHz9A2LZe^lK2Y3OkHn-tIML8m1Ss-(5;&T8Al=-`C}B<#fi
zWmNTi!!Z`*6GmR6epsGyKkEwg*~o?8@v<d&@*S}578DXal~Ie?UxMvLNc%4BF@%3P
ztT&K|&>Hq(TN{0cY@N1R5PfI;oB!&l6U92A&)E?f<teCW4B4^2P|y!1{|3`aT&H_e
zM$S4S=R31uXf_S3qC`p@))-I1Zi*lhUz$CWHR6Wcpm7zly5hFGF7|aB3fp{>gv`v3
z8GRqaV1*;Zk`lhM`0BdAd%JJy!@5e&?|YH{4^89P4L#N&Wx+Ff7Uhn;u0E&3#lE5;
z!20P9uC;A%kbCrZ`AbtK?I;cX@W4@ljdZ9f{3j={*S}wDh^&z|V<oUxSgES3MG@&t
z`xA>leO*9L4g*AnIlRBqx@M{%l6(?6a}>$}gq}gsj}2a|Nr}^-KYm(Zt#ZdN{I`md
z{`MN9iW?!r;H=hh{l^GC-?D`1qq%u}eZIftkVZzDNd+E2J5V}86GD2<N&RCv>}H!~
zz-vhv*+Z+ATgq5q$}w+}M=zXj17+4p&Xj})mVadk1zBzJgNutGF3nC5UDH+8P4Jr<
zNOa?_{#&cPL;!e9E7VsQrYEmo82}6p1u(x|U2L*KlMqaa7Tj^4T_mbTuXLDNg6B`>
zGV>!Rd45D%s5j_Qfjnrw66!=aYb}1na``*E*lvV5BZiHnSZ}S7ZDw^I;8UBI0JNHL
zJ0P8CVJ`qVN~dH?(U*A_cd<W&!k^YO(4u_s(Xhl|{Mj};XP{bpk)v1O9k#Z-6G(V)
z5O&U(SeSnm2EK&+Md3Q@&EQgB1g1_~iubp8oI6BvdDp{qKrFs1SQK9xF6kHP+j&+;
zMZl+^F;U8PD^?zuP~#UHI_kZ@j*Eb=rj?d4yyYZ64bIw2ZeCLNcv~($^sq~#oZAFi
zAPPW(WPwF##;Dxxa29#u;99t<@fF-;cEnLaExOY$BG|FTqX(<xaULxJ0-V&sZNbmw
zWC+OL$2U1@xC59MjD?FNN*lY<_H>>k93p>zTSp>sKOJG_coH(Bl4<kw<|-{*!(fLC
zPsjPKd@DeZ>QJtbWy;-}s|UsqE;Di+8RkQODT<&JU2`K!0>5!MeYf`uzraL1^@;9)
zNv+Kk8$NLIP>iY<gY?K!fyyJk3bI3M(d>_IL(O<(@Ep+DAG)ypDXwm@@msZ3JHbT+
z4GnhuTh8DH>|RmLtIErH+43-F$8%UlF8rzk&&gPO6~v<b1W;Z3NTZV*=?>m>`N+bW
z*f2fB`rjm;!qeEy&Ivc65NaMPmv}=!;7$R#({2=WOoQm;mXlT;$~^U{25VT5+e6i9
z)Cv6Le*e&kvUVkT6*nmdu~+6lY-80Ro{odS<!u!Xjn-gO@WW4ef9Bd(?WoVFPWl3a
zT~iV$@iG+IH>#_S-a{B>o3q&+bVfaV=Q!=;A$>LlQ*}T^A%KnX{&i!1Kc|kYAShN3
z8-u)*{Ly0Zw#eb(uc<Ih*lxt7T>L52Wr%MUG)#F`ef10-7^rA~)Bhp^IYL3ZPpeDQ
zNCw3%c5yaUs*#7C`HImlysw$YPp;)Q=YxmEXDs#UZ0^tTZCD=9P65)R-p$uQ*`Sv<
z`q?Tn!s#JA0Va1L_xS6B;w#!HW5Y8^@)E;2vQ{@p*IXq}qO~;>o?(8RL5z<!wo#wQ
zV#~oicDgEsPb#!@RLHRiyZ1n>zaSHjbsoVPx`x>%My%JFsF3(UF?r%>LvhIUI+1jq
zt*qZ9BA8X2)ZiXNGc!NjePP#~fM+-!1FYO|z!TruE#D-9eAe^$c+`Vz1@@cGUQq-F
za*ivL0!H*`>E#=~OqRKXE*Zf&AtrxcgpWqMz26m&X<l-Y&DtI!!W-Lvg&&O-n&eTe
z$>aEbmeUmE3|!G9)4aC|av*ky0poclW<q@l9q-dw0s(=SKaTQX+Th`<`j!7y%0t+T
zy<|f(A<#mnjZ~F1sIK<48()4X#^w9vP{+QKw#^K*lnz@hzSvHHWplZ|uRkPZ{svc}
z11F?3MT4;a+1g+yXfx&|V5Y?Y0d^sK8gX24AAdOvSjzsmQm!6ukHk2A*EAd*#?b||
z3dbr5k-H!bwMbPf|FVQ8qe56??d0Pj^y8$MZDU+(x)4Xo9(?t*LuDoefWEjpYvMyN
z{5g7V`V<yQe_Qj`j|>+RB^WY|*Y6JC=SuWSi1f)EiMFh>E?(4;<hf!DkDKs~KfABd
zpbrFWqgjZT6Ia}J-X6>oD_DjSN#AD$j~XSB4*(LpN+fODI<M-suCwX9#wYXJOUM~l
zU}^U?JmlCRVSfP33KvY#QwtmDO_)C!7rKeSO~{8J0KwqClU@!oZ8~zS3Dza4)}FKj
z+z*@zO;fnjWogyeoBSWwdn~`MuBFbN3Sufv2Lotj__gvyg;$%eRUZV2hT%7c7{55`
zePnlA^-IykjuQzfq(XWOX^o+IH8kT_49U>-zjHU`yY$N9RK&)k*;2q6VC@7rG(#^|
za4F&-rv}yh)pr-?LlOSSixf(%vGx6xCM!5Ze=65}kx12K4E};3>r9VVE+XyH;=4(0
zdQgCF!l}p4MJTL@a=#NYcyX!go+p64IF_`GJPXShOW!HFHWFnt9Q^fA6v}&{3t>j%
z82m>=y|BX+EMh^OlQwU0awJUt)-K#<J4nV>egno0PTqx@C>QBjHU4{YA+a~H4vTMy
zTe|u~ZsgRn-09~gA*uv+y%<BjTHLs)safIeWe76@-;BA#%c9dunD7F!7qMcNg!#ub
zq?>5-wwf|y?z=IpdrAT*aDG22oC)`&_oub)PTg~_BC7ZNFbCAy{6ea)M)Sb>#Yj~7
z#`B}{&f|b@3vhIbaO?N|$zP(A_lb2PrptlfM2;<cXlA{;p>Fc2283)S#S24?_;$$q
zU7w>$U#ac2!#1S0Oh<$kF=c+56M4R-K-BCO(iNsr(U>-}lY!DMw}D@AL-(ufdw7<!
z??m8ntwj~RM|cG5c!n{XsDPMM-J&B4pT@$&C~z9)4y3UfQ43oBY}GKW-{dtdlWaU@
zYi>hb?}IRL!Lv=qm}b4to$Z>sPyGsS1+e_4E<~!Z?Wds|MVGC0sq5@*^@BV=Jkr6X
zlRS7kHqOWmZ*!Ss;-mL!$wDJgGv^0kLC(zUiL7mKo-p4)J$G$=e{Q5DD!n0<IPnsV
z$zBiITf9Br)_^o6+*N(_c7!<8bMY4O<+wDA#zMs}eKrt0mL5JAFR%_<vbT<!PAZqW
z{mcl|^*L!c{-|Gt3Zn=@9hw*&jxWQ>ClRG)oQfJMbauA~as35nze?hF?qc|v=XvKz
z^+H{qt9vqEL?b0x+fGMHW{v6h-sgfi;Q=UR^6tKv$bW;*p?$qk6a^3FY*GtCyHyO>
zLfq-}B&6IPB*5Loch5i%GSRg%zjYDt=E;rxl)wVd3GoY=zZ|)dpW%S0Z&#=ES6ZEX
ztrYvvd-TK)P7g-2TMArfOpuk~SY_99usiCGP!cNK>s}-)UO@kjxHcJpeIsp47G_4u
zhTX(NyX4%*$gCpcs-})REMZ{I=T-^9eU$hkB_T;4>eQ-a3@X22G^`R)__ej(!(?_I
zhS9g<9|^Uk;z|leV?GIjbM{f*n$42U)<zscz=xKVh?9<Ada0gcrIA7R>+xM{`ae4n
z$X!2{^c?nqI*WQG0Zv!ttTpCE@9$9T)en8U>O9b=ez+C>D7}pta$oAAe!GV-t~m6j
zECdq|EC-oe*-4mS29EN69JAUhR3-KJJO_Ts$2Sas4!&M6RLKiw_0$Se^{%Ph;%Loz
zmF=dY>t(d}Y1B>G{xz`O+Y51GpcxYrCzDTFK?WRlg1m$8gBIQ9ap6JdWDTH>q|{yf
zdU03kShV2d(y-9<_~q1{FbO^c24XHmLW%u5A`|`coCzewx9jEs2XM>97-{iTZ7rE#
zPW1+z-<k#~njp6Hw1Z*znVAtboM|NEgsk5KsC7&rYr#uSoiE*W?FYr0cIXAa$^x}2
z8uprycz4~tk&Kdd`1J^SqU%c*{-3lY<ZL?k7^Fba@q}|S*xxcXN&1GIQ^0=C;%{Z)
z7s|ge2lMTW&uSBKyNkVlhvS|cMbr2cN~LuJa~JSr8F^8y6D~Wd`RuuNfk6AR`ajAR
z+G0P^6J~8CH{;Mo@L3CDIabVxaw37>{E?P-Fg|od^2T229=tOdYo+0FnyWP`>3hUf
z;d8$UKTZ%*52lia#t^&s8?h5OP64SM4}T8I>{PJGmL8zV0y>-xsX+cq{Ve;97Sbcj
z@2A|bHC`B=Y0x`#ic{CIUowLdKa8V%{B+WEhItqVA3u!|{_eL75F=jy*$6#Ix1aGl
z3Wr!B^<^+!tAq6XX%fHx?wN#VzCmElkdN=U#l#v<)PDSLDhN)>Gsjab&Lp^{R#}oi
zMm*v^(}3On2kS0KNHOm;YCrE>@V<U3f(w;z%!`3&aR7UyPTm2Q+Uc^RqZp5{0a9e6
z$D17=S}#pHW3oOSmS-9@H||Fr4pxE-1<!nm4iOwY{>6JtxW_i+FS>QfJFp(P|2OGX
zm}>Y{Y3x*G?6cVAbrJ_J+M(YT0`wuVU9I{lc2mh9Eb_5Sv}P$J9~i~MjJpm>IkhEK
zp|(+2SnX(MR|fi<2+uYTwm<Q9(jg%@Rqx&S|3n6_z#KBmqc1W@G6jzh$OE|sLSB*N
zB=MT6Xy~u{c!4;hQ>sYiSxx9x`4wIGr*)W2zX_;n_VxFqIk+J1KK4v>f_T<yf>k-z
zn7PiM9X7}8Qe<(P2*zq^1zxu|?P>Zw2(m?kus+aEfh}Fr-j<R4&3kc4d6#;>!xvrn
zx?<1!R$yCys;c??dqM;`t@VvLflP@^Rhckn10Nd6M~{p5>a6Hpn%^9_j6Kkxc>7pp
zoQwxK6`XFRMt*OR<aZNQRy$<*UJbp&t8L2dST*~#l}{U_k*i^u%P_^2l2U8Dvr>$y
zGRFB|@7n3HPuURZG|l#ln_e~lsPy7vpiBRKinOm{gm@`FAX`rz7;C>kXnRIm!@e<|
zbC!gESS)84cLPLySW(L_K+=<=Db~u-F;Kxm;5X806={*4iZ`h<rP{}c;8S{EK;RZU
zc@T>Ueyl~CT8?&;tq!Az+L55p4<>I?9{_uAWH&|~ivO4?lgE9tszVgTH?`<l>ORXy
zuVxL{wilBAjxpmo=T%Oj_r$F(=|CxLquYNoI2VCo9wNd)aT&%o?%t5XxeYwSf7RZb
z_@xyLWQ5AzDoWTGga9qs$0*Z%V_7$LWc<c^6-PJBbDD!kIXE4anB@m#+!OU7hbNI4
z$)wDwoV=$lIdwz^Lj)d{Ew^*keGZp<#WDy%>@{{A<%#<^cwYHKF>?s)Zimi<+6h~@
zA~%J-3RsUB{&^RZ2a#~Q6rb=q0M}Ys+<hx?fprM$fim7xW?jDdmviGjC{Fd>>ZziI
z$utC^#4(MQ&)<-?&xi41<%`@Gu5Bc4(VLLYE9SP-K?X1ibxA}Xd*<)G;xf#}iqosE
zGcr@@lBe0`R#{7KXW^H*rG}SS*M=t>MmUdbaeKy*4AA2!T#3jcmi(_CTMsm3a&odK
zhx`{^^a>?ub*CBPaVwcTNs^K;@VeXVo&<4tey9_z%_wn3evzOvHG?f*X#>NM0NA}b
zihMq4hGf*RAh4upA|-4^2+GkHKMW!Ad5r^h!8@t1(QGi!#V($|@7|r_<P@W%Gd!~2
zi_9K<$i4GS8FA#Ou}o+NS2W$@xAce#FY+jj$9yoaJ>~I2{$5HN8!ArnyLkk()LqEW
z*e;9ix)3Z#g^Z!U4>9IrtiC~xF;mv<`^(e25?oJIbN(FPN10=o_NX{ycGmLehdQOv
z_jmOvkEngg{f>E0bZ5U&@xJSPq6Z`0v+;9AL2mf!-AKLWx5*PX)_piH;?={iia>|)
z4*j~ECyZRU^f1>s!%jL$hRMObWmyK#ARx(=_%j3Rg1s;t0$q?@JWYLw?8gN}8DU15
z(B@JW{I$uS=N;Jc*s`vZzn&I66F8fFfq1QMKlqMgF$J|MZdy$nr`72@@Bh8ffEfhn
zmE8|4KHVk;Y3-StcIFH;7X|FQ%VO8LYeUJ&n8y2a%ti#`9<8(GQXW?tM%*eiLpvhd
zu@=m1Y*sk&G0$dwGFycN#V%r-Mg{~ra*~x5bN;^gz4tnKnu$boe7*dpBa*lce%UYy
zIzT5^`<eb>TVyko;A%qpngoJL{<&cB5Q^q2j^b|>6&s#L4^7h5%=a8s_9BUL;LC@%
zBR_#Zg35pmju<<r-Up@?aP0%}%oVQ;pXk45>p2TU<~_>tIH?|fw8hG|(yIpSA)xdR
zNJ*72moF|CA@Itf@}Fd9%o={-Z&%>$C37@cHEKmjD|g^|z4!}La<hKW&jBj=xWzLc
z<cUj5Axuj}L3(QD9){UQZxCjiA;U=KXW_sz$V-vhs3<j<eM_I5MKQoJyyT&MAd_#%
z3jIw`XLxcQqNk87$+~)IzuZkq=#AZ4X9sCt!(1|r?{Sjg>UHo8gB#cpjrxyjznLuX
z=VF71)mLGCbDNJ(>4e3uY9E}koXyW)VX&c%Vj}nl15y&=U#3+*e<bO@Z-nGrj0o;~
z?sOr|UsyUI{+f84CZfOeP%`F!omKw1&EV<z*SnrZvx)d?7Pfje_8m%+U084XQ?$6m
zJ1%UYGvv{Yp5Pz+^M)Bqa5&~`Pr7wh^+-jWpuSIB<+76}`4`zM6aT#Nk2hzGpCqYI
zfiIp&>o`mN-zYFbTuR&B@CO>oxB>F_2q;TsU(37vkSZX&Y9JwGG`Z1XSz}gdTf%9u
zAQc*n^rc+Cp64RsUn+;xvc)4ZKg~EJB<zo3z9gR>%h1O*A2mt0`ii0~R9PBTk|A8g
zJmJ=mVv!$3mi!Za-6h{gGNP*=K@iZPHy!&U=Qg@QWE!ai2$34N?)LR*0Vn)Ge3tPj
z)dQTTr$FUYjV9!DcS`BZIE9*gxT~6{d)gX)y|S;QUt*-Pzlf<l=~Z}8+LhmZLrR?8
zdHF?NXg$~VUBL8PaEq$+<OTyav0hm1tI{jI{6%|Ljx6aQXZZLJ(>O>E<9TU(dX=$>
z5BcpuKfR`yC;cMhQrWMT!K0Sps(==OhAHfSqO+|^_Iq3#U%HjV(~vcuJRFR}`hr8X
zBCyIohR=D4$qW?x3^JkL=n`Mvj#H>P;x%oFgj45?Bgn0Uge7BtnTF~R_+$RVCB*Gy
ziKi85`8Q(TJkIg9I=VYNl>4HL=JJetYtnk~knV7Zu+ly382)`9snrz+93q~nVR1a_
zho$kQbtl<lr>>7Z3mN`41^XgaHO0>$WSC_?T5jW{&!>a`z@A$ao65L#h@-I4>6-zI
z{Bntt$!j@i4%_;0tJp9|H#(AVTD6xaCCK?!(&G0N{_Z|dPxAVm=WCt6QFvOiM%y;<
zeIIz`wDJXN3h}qGtArwOVUa|wFK~6_8+9AjkGnWKkElJW+<i=7HC@|ve(M3@5_Mv`
zc8bp-(i7E92(h?n1;S>})rvWYYRphWG$u%QzDN0HG^&eMJw?vYiQdN2dY$HmroKBW
zh~792CW&#T6B5%-N3oS6jPU)RB*gX(=GlEUXgeK9eEa**nlI!5&m!!&s04P0=%tHX
zTJM94pw<kSL=}ywDVN0@kCG~{)5u_07blXAF()D&*7vtDOX!~P!W+2XN?U&J>TxM-
zc7vM54BPEs+&}seJ#C+S=g@r`0b#7;;{Qsh?P?j|mJ&09>V=l_x*8bn3*042KZ?KT
zqz6vyp#(5PfYKDZTwf-0cf@N-ZIQ1TPLhne#f=-K`QB3>YondPAIpEP!MiEO;e987
zATjTKra4&I-?mSO$pU8Jt#9(n_B7vgrCBTP@b8U%ERwkfR4r5xa@W>`uqnp-4fjX4
zrz$CM5~n~!K!3#f6zhUuOuRDv!)obNOZ(z+<qGpRDBg*2cd7BTfUMhT5KNUTleIlH
z?pNXZIIf?H@JWGTI}3EGSE#m)@6Zv6f8Onz5h2`;-oPh_)JUP(8h9t1PxtOTbwAiD
zs+5<%bzl`xwhZ&I1Wpujd>_2);|mAp46^8zbPJq|brU&u0QUc|dUO%=dxaD9ms9bc
zef&v4F#UhcU1u~LT(=&*6A_G-C@-Uqgs4MAOQHnPdl!k$1fxVvw5TJx3<*Mv&V*5i
z(OZ-tB3cZBs1tQC*S&YGcfH@e-~E5jzq8IR&)H|4AN%a*tUbKQ;tV)wyrIg0-+bJL
zTYD2S)!DWG_B9ekU5E6Zh$>jSm)sc8XCT&(VJVbRLjRHeYSSGpx9Q6m!|mATd{sos
zgI=R|?1vHiJG?RsmawSpf_7ouop!Kx5b8M$#=TPHDmi5O+++vclxM9V`XgZW^L6?v
z)hLv`FjHu)S99(;9)~CQng3%7a_pjELUG`@`?tFk?Z@+1)`{Olx0XDoSlQ0)_{I0r
ztSDuFa^rZ}1vr)zecmWz8ff3E|2c71h@lCWHGNLg%Rm+Z9m-rU9e1E(wbVpOkp-y-
z2ciyQYFdoEd=7~H`JM;gj|?~1Hw9}Q+7JFTMEZ+)GCx#4ooUS;l5LMP;gruF#n7rN
zN-|ZuYU4F9!hl@Yw(L@V(i`Wgm!HqgaA`$+^DK+5^pZk%1&V$<Yq_T02?mTWa$5Ip
zGv=Wlf6{n(c#zJTlA>zJBB>Ao>$lL660F0%hBIROYr>|Lm7XMv=z8SKfOCu4`SXa}
zy?b41a?Atg=CD?wB*`$i=oVf~kaPcq!=<g?+-jQ%&nniWu7viel(m`y9)3EIVgA5#
zJ6CO%ykyXf%MUlL6XN6-ti3=4>wtM9V=3H?Rop)u8f7S)p_Naq4oO1g$%N$r(&uWR
z2BX2-x`}_tBVgjT?*t{Q!0_6(P(c#5&Bm$?37(oCmL%3u3b(g9b99csGV6g-%RS`-
zn+5`+*QZ$qn}G}2_8I+#B9t(39Mwv|E!($Z?1%g5C<9Z877;`K)DlEa>+JFDPL6*r
zTPtq(dd`t)ZsP6+9Xv>vZDGQSk~aqaSKRBq34S&HO{%R%5L>KsRfw`g%vILwgZ6gp
zYX;ih>^|ysDfP;2dD#2nI4y~HeRuwwk>gT4%1$Es!PX6*7{Oc`ZOJ4?I7P^iAn9Os
zV5Uny*5LLTe|MDs!P=%$d}LJQP_;kJ^CCp#LA?L!6U|1KP-wbl_@smi&5(#*q7n~w
zXfYl-zAVZi?OLkga8MA{H1FE?da!5jgFFBoMmh+n!eL~!U4E0v9i>C6f0ev7ZI$J7
z9*rnf(avC!9(1-&ZT#y}zhYCG{ihOJ3N}ZwC(Bi!j>Pn!bB!Ax5DCSosW@Ub$dkAi
zv#Wo-KZZ{Q^<BFO)!F^*N7jl==4VmH(^^w2j2v-C2u?h+HfJ*vRW%4@1rNZ5U(xuo
zG6&laUnoA7Kw2aY>^AiuT{THe=?T4?BI@6b4HmmV;JBe_1rL0aJ9DAt2yvx@9{s?9
z=2mTvxFcYc_+g_R^K2ZnW?MS%LS{U&j&^IzThT=9mcVh(w%MUcC~nAqwhj$+dpI2S
z(dk1u0~_KSLZaPZCZF{iH{GXe7HR^VpQ|~eOxWye0}o;}#iVg4{~jsI6)Vct`W*^y
z`#6Alym8Yz2DT(fu*W<d6EKGQ_6sNbrj7&f*F(3dx>FA?Y9PgZD3TekL`&il6rrP#
zLp`5l-Vm|S#1civ(yNk4UCE9`GP<2a8qIb3G1Jh&B`NJ}gtLD=I6EG&!7+&)iDb3J
zu6bk)eTbe)08sRw7Z@3c-5UK}G_8MRtlHZ-!S#*Yso21Q5%4Jenb4uw6}fWe$omcK
z>Cii!m8_6LU4$m(9*sG;oSWrz<s=X<HYZ4vKI{bqfV=&VqkxZ}tqUR%?bKW4fmshb
z7C_Nmt<Gy^z=%nm)!RRj9j{4A5YAF%=_%R^*e!gHt}ib@{(L-uP>48>tYmpdFVs*p
z-Dc#@!R*pQgtycYjU$Y~KMaM{`9qs%Gw2UJMVLnPGe&r`ZG3p9rCZF|e*AT;EMuwY
z|HsT0d^YN4zfK~rC-(A>_sHoSm-9zZP4l%2Tc;jblZb)S)*DSqQr?ev&`Qb{c6C7o
zFSa)&K>J-q4mM|7Sr&CW*t;%MD+J2U=B&C7(*UANaaqNd4*>)gAZ>Nt$qhvx4tZo`
zCtpfNV&pguoVKxKE=pYvN>4s%1})R&BggK&$SV1nvhDSpze_xV$eP^Bcb1(ocO2i~
zNi#94<_Liev?dX7$u8&#5_89Wa+;nX$dT!QVt1LHvaFi3LuSLlg(@NuBD{~zE523n
zWJo$$o8lne*)%`(&ZAI;V0$34U%(}HGX#^Pne^u5=_2{>Iw@u+J|Vmulk(M-TQN8G
z(`bSRl4^M;X%WhmV^@1l4*hPh5P0)%MaVYe?^h1D@mcRQ%hD!ID}FiU7%bWH@#0k?
zJ$vxNV8PFAXHBVJ{j&+7L4hhmK)iXR{4#l9L|}<qZ&&0dwglYq;PRDDnnAW0(wX~}
z+M2i3Ut~^>W(~e7_9KbJ6eq0)&<-$Rb&u5LPF-=}(LKR*ySQ{QW_Vg_hv78;iwF)a
z?b^_lBm-WU+cNb7G;^G90bf>m%^jz7tt+yOf>1P6gHNlz9>>2sS#QAjY}A+Z<dT$+
zJ^oSIGharM^%GUF8slq|`re_(EFt}5O99J3$gVX4l$UB2Ifz8(xO_0h^jD^RQrW8V
zdSCf%lz=A4rg?hfDeW56LC{BEloMsm`L@&KG^*vhL<>XTJ9u1Xl1cqoV|ckdegMHW
z&5|MtVPwfg+7PM)5|kx{slWZK74@o|T8wZ?aBNVGnrU05YbcN+!u4xWUmJx@mP=y>
zaI;_YHnwPNwU%6`{YO1#?eL>2=qG`g#!obZOhD)9-_@qIAscb?FK3=g2E!rv@0WF4
z?)n{cmFM78LSsASd)gRSG$z#FEfBp5f5c@KQdmbkcq?fs<W^r^0>~VR^66f8y1|>-
z9lr3LR68g~NygkFUjET0+ydaaJMDMcZs(q%@qi+8{~>)%(0Q*+_QpvFJ*728AxP@9
z3dU<G)Rx(0x0<n=hT;U`?PBe{Pk$jg&Aq4767_go?!^I4n#HL^;OA~y5C=izWWV@)
zl%jSyJof1elRL#fs;%7k>T1I4X?)?T*YK^>XHjRAYw|;)6`+c}`#SbE%R&KJP6xa#
z<AFZ5GI5oV8~1`a9iP=p@j<Rl{tm51(GW@io=2NvQMYqy9bq!&){6wzen4l)TKZeX
znke;h!zgadE3G3Qb@-5*1tP%-@4gx$-1-RiRVCjnO5Oa(;W}MClH2L2FO!7es!!!(
zveBC0a#oVx$GVRo!Uff2_u8&u>4w@xF|W0ORTF!v{F(2fDr}-PUX&|eSFtzK{#|3y
zuk{VViCR-kFY*lbh)WD(@gtihW^sel1!<m54s!v1Rd3Ik+BQRd+FltSIl+e6>(7y4
z)E?#AM;hW+Rn9=zaScOCeU|Ig3a4GzHrU*--hCCKoA8!$tT(4`7hCnxSoHU&%mh*Q
z&{gxo8+0d0EOy2j&QeNZm6q)ot*IJLDeF-qIxKNhzVBo*KU$|^L1#1)_c^QQm2jHs
zYXmsn;@K7iiGv{YE8?XKSAp4Iu)=bTU4>(9mKK)8QzS60F`(ZurXMhh)2*Ndtcpu=
zlW3ka=S069?_>d$bSEM&jJGQ@MVB%bx3i<6_hs|bpoNPCY0#ygseSI_K4{BFAYI*+
zo5^Y4X42nw{(2|>hl)+O{wGpzpf2`<ppX>sxKW9<@|N;?`r{X<k(ZNWyfVkDTwy2<
zdVpuZn$7YA#VND-*tzk0(6s15jKQA$XP3KMy{#mKWXIX3mfpYNsjs1a7^A@&k6Jks
z@{e}|$!ofcqNn7JOJ%;S?^8b`#SRSZwDBegH|V-`wTlr_ThVvbNxwJ1L%ie4tuCwI
zPi3!wDLCixpG(*V2UtKoL&yyJKE?I#Q#p?d*7vhVAasH<$8mo9CCEviihW37X-VYt
zmu}bnw;vYcy%K0zRQYR*c&xEh$23o%fsCZpVV|uY7e3Y7d9zCV?s(P5>zoO*6D{`5
z%X#nUfq1c{Z4!j%b@)E4Dwg}rVHw(1l1`aQwljL={&SS!-9Hf@Ve}P&!5n=thh=(-
zUsTExXETHE>v5~_Ro3wL)Lgz#h%<8x!px-kHWwCKezcw7$vqzn_J2{_`d~^z0+rbk
zaG}Uw@k8Cr?ubsv-MPiy!T%|Ll?+pSlzFgIm+nm9yzAG|rzf4VjXYXk%2OAMC~m~4
zN7C5jf1-vFkT&rAm&QUVoBUZxzdkO!mei&%D^7^cU&`&<T(xP<>!M9BZm-d0#c-NL
zhLjnwOL%avUsI{#pJ3_>h&gxLX;Qd(@z8rm1E`_(yrfR!;llvq0Rrq`ebIGbkVjKW
zNVE)0K(`BTIdDzC2dSEATd~88K$<zjp=|SA73X64uX?sc;lmfJd$NimVeOTFDSlAC
zo^GjNuf%M}z<?LQO|-F<u-{Rwlg~ViCpeFPx89hXwF_g=lm)GyabF^+HFZV&D#|W*
z&m&bn)Fk;$%yF<pwD0Y?!Km~6&v(cSO-<?477b(6lZ_A|mgBo4V{tY$YxPY(xp^=O
zJ5V1+ZGFdVgq7&2xorlGN05Y|!B>+CrkmKY_W{&Y2^(*^uX>M2DLZ^o)f!OXU#)2}
zO#ZX+-SmNGtcYe4sB!(HJe9&CvS8P6SwtFi{6vSb1;^bz8(9raZ%SM2Vf<y>r;rVD
z67X}tv6_7frl$Loc85%DtEV1Py(}_!h?az@8)qBdA6MT(=^Ht#z>#_#4W)(?mODh#
zkbCql@(O%d(%h~b;C}uxX8cRvPX?M)R*#{#`xnfN?35IVJ64FOPo-_KPXI8>q+kpo
z|MC0%YRd2Rr{b<Ho7O%Vw+^X^U?JD8T(Y(R?~5l)4vdNdq(nU)g}G=X-ew!JqMm(=
zm2{oXi<oqbli6VN5$ajW!6mfFshVXse?Km0Uk_i&C2mN+8^IIjkBNb!1heg_^uDfw
zsF@DVlrUX_Jj=A}*><1xoKf<rzHb0xw;Nab6@^!-e|dE6Hf=<GEDAlTe?Outhg5_0
z*)W$LV|ap(Z}S$KmURhL(TQn(*DP_*n#WxwtuJ&Va7Oa$-aCJuF}G#$!_B_a=r^A0
zGFo0`rqeSk1wZbwbO!nk;Js#YzWYr2I|n)3EmO?;#vE<~Is@34mGQ5#{sjBuy2~ks
z2S$&*uZy)79XO9mhR1mSEUt#eV87}keth;PEWK%VQ)%{=>+ZKuVF-s_Zg=Yqak+A#
zsur8(6|0wN=0XF3Q^t@0#}5k(gjtn$O}_#!Yvu7>41H#1Gd_d97cHQd^~%idCf4>J
z!n(rF?W*OsN*9>Gmt(-q5QVKI0_Rlq8}}vx_+sZw`L58}uJm$6*d!HVc`j%qrcT|i
z<CAQ7%uw^Zz8=R?w?-TF97HzXGnEj}<Pw4ns2Y8~x7_*>Z(G$HO<9_&l1K8NPl)uQ
zok~%v7~ZRYmDE6TdQwV~=!n0kmvhwSk!a#}OZFDm|6Kc9)JKo`>MWqN9cc95ihnQu
zx7ks~D_1@NKC*##{<o9=lEo-!UggQ7BIj#s|AOEjhU6hv=>cZ8bM{Bizeh_?x_*PC
z2q0g&mzVc{!Cm^zdqoL%rE-O`|6`y3@N%0v--tYsbSb~f+v|#o@^9fr)<;J?0p#=K
lkJ$W+=0D>1|0*bvL@KzV*meE!Epx!t(9+b?s8X|!`Vahmn;rlF


From b950816743a12b4e38ade302b760743c8397c3c0 Mon Sep 17 00:00:00 2001
From: Brian Neradt <brian.neradt@verizonmedia.com>
Date: Mon, 11 Oct 2021 17:56:41 -0500
Subject: [PATCH 09/14] Http2 to origin

This implements the HTTP/2 to origin feature.
---
 doc/admin-guide/files/records.config.en.rst   |  51 +-
 .../statistics/core/http-connection.en.rst    |  15 +
 .../statistics/core/http-transaction.en.rst   |  10 +
 iocore/eventsystem/I_EThread.h                |   2 +
 iocore/eventsystem/I_Thread.h                 |   1 +
 iocore/net/UnixNetVConnection.cc              |   4 +
 mgmt/RecordsConfig.cc                         |   2 +
 proxy/PoolableSession.h                       |   7 +
 proxy/ProxyTransaction.cc                     |  28 +
 proxy/ProxyTransaction.h                      |  12 +
 proxy/hdrs/HdrToken.cc                        |   3 +
 proxy/hdrs/VersionConverter.cc                |  42 +-
 proxy/http/ConnectingEntry.cc                 | 157 ++++
 proxy/http/ConnectingEntry.h                  |  79 ++
 proxy/http/HttpProxyServerMain.cc             |   2 +
 proxy/http/HttpSM.cc                          | 735 +++++++++++++-----
 proxy/http/HttpSM.h                           |  30 +-
 proxy/http/HttpSessionManager.cc              |  13 +-
 proxy/http/HttpSessionManager.h               |   5 +-
 proxy/http/HttpTransact.cc                    |   3 +-
 proxy/http/HttpTunnel.cc                      |  33 +-
 proxy/http/Makefile.am                        |   2 +
 proxy/http2/HTTP2.cc                          |  72 +-
 proxy/http2/HTTP2.h                           |  20 +-
 proxy/http2/Http2ClientSession.cc             |  53 +-
 proxy/http2/Http2ClientSession.h              |   5 +-
 proxy/http2/Http2CommonSession.cc             |  26 +-
 proxy/http2/Http2CommonSession.h              |   7 +-
 proxy/http2/Http2ConnectionState.cc           | 462 ++++++++---
 proxy/http2/Http2ConnectionState.h            |   8 +
 proxy/http2/Http2ServerSession.cc             | 418 ++++++++++
 proxy/http2/Http2ServerSession.h              |  94 +++
 proxy/http2/Http2Stream.cc                    | 464 +++++++----
 proxy/http2/Http2Stream.h                     | 120 ++-
 proxy/http2/Makefile.am                       |   2 +
 proxy/http2/unit_tests/test_HTTP2.cc          |   2 +-
 src/records/RecHttp.cc                        |  14 +-
 src/records/unit_tests/test_RecHttp.cc        |  30 +-
 src/traffic_server/InkAPI.cc                  |  12 +-
 .../chunked_encoding/chunked_encoding.test.py |   2 +-
 tests/gold_tests/h2/gold/nghttp_0_stdout.gold |   2 -
 tests/gold_tests/h2/h2origin.test.py          |  94 +++
 .../h2/h2origin_single_thread.test.py         |  90 +++
 tests/gold_tests/h2/h2spec.test.py            |   2 +-
 tests/gold_tests/h2/http2.test.py             |   6 +-
 tests/gold_tests/h2/httpbin.test.py           |   4 +-
 .../h2/replay/h1-client-h2-origin.yaml        | 596 ++++++++++++++
 tests/gold_tests/h2/replay/h2-origin.yaml     | 624 +++++++++++++++
 ..._slow_server_max_requests_in_0_stderr.gold |   2 +-
 .../gold_tests/redirect/redirect_post.test.py |   3 +-
 .../timeout/tls_conn_timeout.test.py          |   4 +-
 .../tls_client_alpn_configuration.replay.yaml |  45 +-
 .../tls/tls_client_alpn_configuration.test.py |  27 +-
 53 files changed, 3888 insertions(+), 658 deletions(-)
 create mode 100644 proxy/http/ConnectingEntry.cc
 create mode 100644 proxy/http/ConnectingEntry.h
 create mode 100644 proxy/http2/Http2ServerSession.cc
 create mode 100644 proxy/http2/Http2ServerSession.h
 create mode 100644 tests/gold_tests/h2/h2origin.test.py
 create mode 100644 tests/gold_tests/h2/h2origin_single_thread.test.py
 create mode 100644 tests/gold_tests/h2/replay/h1-client-h2-origin.yaml
 create mode 100644 tests/gold_tests/h2/replay/h2-origin.yaml

diff --git a/doc/admin-guide/files/records.config.en.rst b/doc/admin-guide/files/records.config.en.rst
index 5f4080f75f8..811ebed7811 100644
--- a/doc/admin-guide/files/records.config.en.rst
+++ b/doc/admin-guide/files/records.config.en.rst
@@ -3984,10 +3984,14 @@ Client-Related Configuration
 
    Sets the ALPN string that |TS| will send to the origin in the ClientHello of TLS handshakes.
    Configuring this to an empty string (the default configuration) means that the ALPN extension
-   will not be sent as a part of the TLS ClientHello.
+   will not be sent as a part of the TLS ClientHello, resulting in HTTP/1.x being negotiated for all
+   origin-side connections.
 
    Configuring the ALPN string provides a mechanism to control origin-side HTTP protocol
-   negotiation. Configuring this requires an understanding of the ALPN TLS protocol extension. See
+   negotiation. Including ``h2`` in the ALPN list is required for negotiatnge origin-side HTTP/2
+   connections.
+
+   Configuring this requires an understanding of the ALPN TLS protocol extension. See
    `RFC 7301 <https://www.rfc-editor.org/rfc/rfc7301.html>`_ for details about the ALPN protocol.
    See the official `IANA ALPN protocol registration
    <https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids>`_
@@ -4002,27 +4006,27 @@ Client-Related Configuration
 
     - ``http/1.0``
     - ``http/1.1``
+    - ``h2``
 
    Here are some example configurations and the consequences of each:
 
-   ================================ ======================================================================
-   Value                            Description
-   ================================ ======================================================================
-   ``""``                           No ALPN extension is sent by |TS| in origin-side TLS handshakes.
-                                    |TS| will assume an HTTP/1.1 connection in this case.
-   ``"http/1.1"``                   Only HTTP/1.1 is advertized by |TS|. Thus, the origin will
-                                    either negotiate HTTP/1.1, or it will fail the handshake if that
-                                    is not supported by the origin.
-   ``"http/1.1,http/1.0"``          Both HTTP/1.1 and HTTP/1.0 are supported by |TS|, but HTTP/1.1
-                                    is preferred.
-   ``"h2,http/1.1,http/1.0"``       HTTP/2 is preferred by |TS| over HTTP/1.1 and HTTP/1.0. Thus, if the
-                                    origin supports HTTP/2, it will be used for the connection. If
-                                    not, it will fall back to HTTP/1.1 or, if that is not supported,
-                                    HTTP/1.0. (HTTP/2 to origin is currently not supported by |TS|.)
-   ``"h2"``                         |TS| only advertizes HTTP/2 support. Thus, the origin will
-                                    either negotiate HTTP/2 or fail the handshake. (HTTP/2 to origin
-                                    is currently not supported by |TS|.)
-   ================================ ======================================================================
+   ==================== ======================================================================
+   Value                Description
+   ==================== ======================================================================
+   ``""``               No ALPN extension is sent by |TS| in origin-side TLS handshakes. |TS| will
+                        assume an HTTP/1.1 connection in this case.
+   ``"http/1.1"``       Only HTTP/1.1 is advertized by |TS|. Thus, the origin will either negotiate
+                        HTTP/1.1, or it will fail the handshake if that is not supported by the
+                        origin.
+   ``"h2,http/1.1"``    HTTP/2 is preferred by |TS| over HTTP/1.1. Thus, if the origin supports
+                        HTTP/2, it will be used for the connection. If not, it will fall back to
+                        HTTP/1.1.
+   ``"h2"``             |TS| only advertizes HTTP/2 support. Thus, the origin will
+                        either negotiate HTTP/2 or fail the TLS handshake.
+   ==================== ======================================================================
+
+   Note that this is an overridable configuration, so the ALPN can be configured on a per-origin
+   basis via the :ref:`admin-plugins-conf-remap` plugin.
 
 .. ts:cv:: CONFIG proxy.config.ssl.async.handshake.enabled INT 0
 
@@ -4259,6 +4263,13 @@ HTTP/2 Configuration
    misconfigured or misbehaving clients are opening a large number of
    connections without submitting requests.
 
+.. ts:cv:: CONFIG proxy.config.http2.no_activity_timeout_out INT 120
+   :reloadable:
+   :units: seconds
+
+   Specifies how long |TS| keeps connections to origins open if a
+   transaction stalls.
+
 .. ts:cv:: CONFIG proxy.config.http2.zombie_debug_timeout_in INT 0
    :reloadable:
 
diff --git a/doc/admin-guide/monitoring/statistics/core/http-connection.en.rst b/doc/admin-guide/monitoring/statistics/core/http-connection.en.rst
index a2d95c4e089..667dcf9de15 100644
--- a/doc/admin-guide/monitoring/statistics/core/http-connection.en.rst
+++ b/doc/admin-guide/monitoring/statistics/core/http-connection.en.rst
@@ -183,6 +183,21 @@ HTTP/2
 
    Represents the current number of HTTP/2 active connections from client to the |TS|.
 
+.. ts:stat:: global proxy.process.http2.total_server_connections integer
+   :type: counter
+
+   Represents the total number of HTTP/2 connections from |TS| to the origin.
+
+.. ts:stat:: global proxy.process.http2.current_server_connections integer
+   :type: gauge
+
+   Represents the current number of HTTP/2 connections from |TS| to the origin.
+
+.. ts:stat:: global proxy.process.http2.current_active_server_connections integer
+   :type: gauge
+
+   Represents the current number of HTTP/2 active connections from |TS| to the origin.
+
 .. ts:stat:: global proxy.process.http2.connection_errors integer
    :type: counter
 
diff --git a/doc/admin-guide/monitoring/statistics/core/http-transaction.en.rst b/doc/admin-guide/monitoring/statistics/core/http-transaction.en.rst
index 07a6e60a0d8..9dd730c2be4 100644
--- a/doc/admin-guide/monitoring/statistics/core/http-transaction.en.rst
+++ b/doc/admin-guide/monitoring/statistics/core/http-transaction.en.rst
@@ -165,6 +165,16 @@ HTTP/2
 
    Represents the current number of HTTP/2 streams from client to the |TS|.
 
+.. ts:stat:: global proxy.process.http2.total_server_streams integer
+   :type: counter
+
+   Represents the total number of HTTP/2 streams from |TS| to the origin.
+
+.. ts:stat:: global proxy.process.http2.current_server_streams integer
+   :type: gauge
+
+   Represents the current number of HTTP/2 streams from |TS| to the origin.
+
 .. ts:stat:: global proxy.process.http2.total_transactions_time integer
    :type: counter
    :units: seconds
diff --git a/iocore/eventsystem/I_EThread.h b/iocore/eventsystem/I_EThread.h
index 05de946ba05..34b14f1635a 100644
--- a/iocore/eventsystem/I_EThread.h
+++ b/iocore/eventsystem/I_EThread.h
@@ -48,6 +48,7 @@ class PreWarmQueue;
 
 class Event;
 class Continuation;
+class ConnectingPool;
 
 enum ThreadType {
   REGULAR = 0,
@@ -354,6 +355,7 @@ class EThread : public Thread
 
   ServerSessionPool *server_session_pool = nullptr;
   PreWarmQueue *prewarm_queue            = nullptr;
+  ConnectingPool *connecting_pool        = nullptr;
 
   /** Default handler used until it is overridden.
 
diff --git a/iocore/eventsystem/I_Thread.h b/iocore/eventsystem/I_Thread.h
index 910f41c29b9..ae0616e1220 100644
--- a/iocore/eventsystem/I_Thread.h
+++ b/iocore/eventsystem/I_Thread.h
@@ -121,6 +121,7 @@ class Thread
   ProxyAllocator quicNetVCAllocator;
   ProxyAllocator http1ClientSessionAllocator;
   ProxyAllocator http2ClientSessionAllocator;
+  ProxyAllocator http2ServerSessionAllocator;
   ProxyAllocator http2StreamAllocator;
   ProxyAllocator httpSMAllocator;
   ProxyAllocator quicClientSessionAllocator;
diff --git a/iocore/net/UnixNetVConnection.cc b/iocore/net/UnixNetVConnection.cc
index f8a7d78d224..f1ffb55c2b0 100644
--- a/iocore/net/UnixNetVConnection.cc
+++ b/iocore/net/UnixNetVConnection.cc
@@ -359,6 +359,7 @@ write_to_net_io(NetHandler *nh, UnixNetVConnection *vc, EThread *thread)
 {
   NetState *s       = &vc->write;
   ProxyMutex *mutex = thread->mutex.get();
+  Continuation *c   = vc->write.vio.cont;
 
   MUTEX_TRY_LOCK(lock, s->vio.mutex, thread);
 
@@ -443,6 +444,9 @@ write_to_net_io(NetHandler *nh, UnixNetVConnection *vc, EThread *thread)
   if (towrite != ntodo && !buf.writer()->high_water()) {
     if (write_signal_and_update(VC_EVENT_WRITE_READY, vc) != EVENT_CONT) {
       return;
+    } else if (c != s->vio.cont) { /* The write vio was updated in the handler */
+      write_reschedule(nh, vc);
+      return;
     }
 
     ntodo = s->vio.ntodo();
diff --git a/mgmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc
index 3bf7cf9f77f..1c3814e10e3 100644
--- a/mgmt/RecordsConfig.cc
+++ b/mgmt/RecordsConfig.cc
@@ -1317,6 +1317,8 @@ static const RecordElement RecordsConfig[] =
   ,
   {RECT_CONFIG, "proxy.config.http2.no_activity_timeout_in", RECD_INT, "120", RECU_DYNAMIC, RR_NULL, RECC_STR, "^[0-9]+$", RECA_NULL}
   ,
+  {RECT_CONFIG, "proxy.config.http2.no_activity_timeout_out", RECD_INT, "120", RECU_DYNAMIC, RR_NULL, RECC_STR, "^[0-9]+$", RECA_NULL}
+  ,
   {RECT_CONFIG, "proxy.config.http2.active_timeout_in", RECD_INT, "0", RECU_DYNAMIC, RR_NULL, RECC_STR, "^[0-9]+$", RECA_NULL}
   ,
   {RECT_CONFIG, "proxy.config.http2.push_diary_size", RECD_INT, "256", RECU_DYNAMIC, RR_NULL, RECC_STR, "^[0-9]+$", RECA_NULL}
diff --git a/proxy/PoolableSession.h b/proxy/PoolableSession.h
index d98f93c2540..114479fb373 100644
--- a/proxy/PoolableSession.h
+++ b/proxy/PoolableSession.h
@@ -85,6 +85,7 @@ class PoolableSession : public ProxySession
   bool is_private() const;
 
   virtual void set_netvc(NetVConnection *newvc);
+  virtual bool is_multiplexing() const;
 
   // Used to determine whether the session is for parent proxy
   // it is session to origin server
@@ -237,3 +238,9 @@ PoolableSession::attach_hostname(const char *hostname)
     CryptoContext().hash_immediate(hostname_hash, (unsigned char *)hostname, strlen(hostname));
   }
 }
+
+inline bool
+PoolableSession::is_multiplexing() const
+{
+  return false;
+}
diff --git a/proxy/ProxyTransaction.cc b/proxy/ProxyTransaction.cc
index cb80b3cc2cc..a4d5cb6d83a 100644
--- a/proxy/ProxyTransaction.cc
+++ b/proxy/ProxyTransaction.cc
@@ -235,6 +235,34 @@ ProxyTransaction::get_version(HTTPHdr &hdr) const
   return hdr.version_get();
 }
 
+bool
+ProxyTransaction::is_read_closed() const
+{
+  return false;
+}
+
+bool
+ProxyTransaction::expect_send_trailer() const
+{
+  return false;
+}
+
+void
+ProxyTransaction::set_expect_send_trailer()
+{
+}
+
+bool
+ProxyTransaction::expect_receive_trailer() const
+{
+  return false;
+}
+
+void
+ProxyTransaction::set_expect_receive_trailer()
+{
+}
+
 bool
 ProxyTransaction::allow_half_open() const
 {
diff --git a/proxy/ProxyTransaction.h b/proxy/ProxyTransaction.h
index c6d1ba79cf8..43fd760114d 100644
--- a/proxy/ProxyTransaction.h
+++ b/proxy/ProxyTransaction.h
@@ -50,6 +50,11 @@ class ProxyTransaction : public VConnection
   virtual void set_default_inactivity_timeout(ink_hrtime timeout_in);
   virtual void cancel_inactivity_timeout();
   virtual void cancel_active_timeout();
+  virtual bool is_read_closed() const;
+  virtual bool expect_send_trailer() const;
+  virtual void set_expect_send_trailer();
+  virtual bool expect_receive_trailer() const;
+  virtual void set_expect_receive_trailer();
 
   // Implement VConnection interface.
   VIO *do_io_read(Continuation *c, int64_t nbytes = INT64_MAX, MIOBuffer *buf = nullptr) override;
@@ -119,6 +124,7 @@ class ProxyTransaction : public VConnection
   const IpAllow::ACL &get_acl() const;
 
   ProxySession *get_proxy_ssn();
+  ProxySession const *get_proxy_ssn() const;
   PoolableSession *get_server_session() const;
   HttpSM *get_sm() const;
 
@@ -203,6 +209,12 @@ ProxyTransaction::get_proxy_ssn()
   return _proxy_ssn;
 }
 
+inline ProxySession const *
+ProxyTransaction::get_proxy_ssn() const
+{
+  return _proxy_ssn;
+}
+
 inline PoolableSession *
 ProxyTransaction::get_server_session() const
 {
diff --git a/proxy/hdrs/HdrToken.cc b/proxy/hdrs/HdrToken.cc
index f613fca3e8c..1c8682a2552 100644
--- a/proxy/hdrs/HdrToken.cc
+++ b/proxy/hdrs/HdrToken.cc
@@ -230,6 +230,9 @@ static HdrTokenFieldInfo _hdrtoken_strs_field_initializers[] = {
   {"Strict-Transport-Security", MIME_SLOTID_NONE,                MIME_PRESENCE_NONE,                (HTIF_MULTVALS)                              },
   {"Subject",                   MIME_SLOTID_NONE,                MIME_PRESENCE_SUBJECT,             HTIF_NONE                                    },
   {"Summary",                   MIME_SLOTID_NONE,                MIME_PRESENCE_SUMMARY,             HTIF_NONE                                    },
+ // TODO: In the past we have observed issues with having hop-by-hop in here
+  // for gRPC. We plan to work on gRPC in a future. We should experiment with
+  // this and verify that it works as expected.
   {"TE",                        MIME_SLOTID_TE,                  MIME_PRESENCE_TE,                  (HTIF_COMMAS | HTIF_MULTVALS | HTIF_HOPBYHOP)},
   {"Transfer-Encoding",         MIME_SLOTID_TRANSFER_ENCODING,   MIME_PRESENCE_TRANSFER_ENCODING,
    (HTIF_COMMAS | HTIF_MULTVALS | HTIF_HOPBYHOP)                                                                                                 },
diff --git a/proxy/hdrs/VersionConverter.cc b/proxy/hdrs/VersionConverter.cc
index 16280157e48..6e938b2d075 100644
--- a/proxy/hdrs/VersionConverter.cc
+++ b/proxy/hdrs/VersionConverter.cc
@@ -76,7 +76,7 @@ VersionConverter::_convert_req_from_1_to_2(HTTPHdr &header) const
 
     field->value_set(header.m_heap, header.m_mime, value, value_len);
   } else {
-    ink_abort("initialize HTTP/2 pseudo-headers");
+    ink_abort("initialize HTTP/2 pseudo-headers, no :method");
     return PARSE_RESULT_ERROR;
   }
 
@@ -91,7 +91,7 @@ VersionConverter::_convert_req_from_1_to_2(HTTPHdr &header) const
       field->value_set(header.m_heap, header.m_mime, URL_SCHEME_HTTPS, URL_LEN_HTTPS);
     }
   } else {
-    ink_abort("initialize HTTP/2 pseudo-headers");
+    ink_abort("initialize HTTP/2 pseudo-headers, no :scheme");
     return PARSE_RESULT_ERROR;
   }
 
@@ -110,8 +110,11 @@ VersionConverter::_convert_req_from_1_to_2(HTTPHdr &header) const
     } else {
       field->value_set(header.m_heap, header.m_mime, value, value_len);
     }
+    // Remove the host header field, redundant to the authority field
+    // For istio/envoy, having both was causing 404 responses
+    header.field_delete(MIME_FIELD_HOST, MIME_LEN_HOST);
   } else {
-    ink_abort("initialize HTTP/2 pseudo-headers");
+    ink_abort("initialize HTTP/2 pseudo-headers, no :authority");
     return PARSE_RESULT_ERROR;
   }
 
@@ -119,15 +122,29 @@ VersionConverter::_convert_req_from_1_to_2(HTTPHdr &header) const
   if (MIMEField *field = header.field_find(PSEUDO_HEADER_PATH.data(), PSEUDO_HEADER_PATH.size()); field != nullptr) {
     int value_len     = 0;
     const char *value = header.path_get(&value_len);
+    int param_len     = 0;
+    const char *param = header.params_get(&param_len);
+    int query_len     = 0;
+    const char *query = header.query_get(&query_len);
+    int path_len      = value_len + 1;
 
-    ts::LocalBuffer<char> buf(value_len + 1);
+    ts::LocalBuffer<char> buf(value_len + 1 + 1 + 1 + query_len + param_len);
     char *path = buf.data();
     path[0]    = '/';
     memcpy(path + 1, value, value_len);
-
-    field->value_set(header.m_heap, header.m_mime, path, value_len + 1);
+    if (param_len > 0) {
+      path[path_len] = ';';
+      memcpy(path + path_len + 1, param, param_len);
+      path_len += 1 + param_len;
+    }
+    if (query_len > 0) {
+      path[path_len] = '?';
+      memcpy(path + path_len + 1, query, query_len);
+      path_len += 1 + query_len;
+    }
+    field->value_set(header.m_heap, header.m_mime, path, path_len);
   } else {
-    ink_abort("initialize HTTP/2 pseudo-headers");
+    ink_abort("initialize HTTP/2 pseudo-headers, no :path");
     return PARSE_RESULT_ERROR;
   }
 
@@ -173,10 +190,15 @@ VersionConverter::_convert_req_from_2_to_1(HTTPHdr &header) const
   if (MIMEField *field = header.field_find(PSEUDO_HEADER_AUTHORITY.data(), PSEUDO_HEADER_AUTHORITY.size());
       field != nullptr && field->value_is_valid(is_control_BIT | is_ws_BIT)) {
     int authority_len;
+    // Set the host header field
+    MIMEField *host = header.field_find(MIME_FIELD_HOST, MIME_LEN_HOST);
+    if (host == nullptr) {
+      host = header.field_create(MIME_FIELD_HOST, MIME_LEN_HOST);
+      header.field_attach(host);
+    }
     const char *authority = field->value_get(&authority_len);
-
     header.m_http->u.req.m_url_impl->set_host(header.m_heap, authority, authority_len, true);
-
+    host->value_set(header.m_heap, header.m_mime, authority, authority_len);
     header.field_delete(field);
   } else {
     return PARSE_RESULT_ERROR;
@@ -234,7 +256,7 @@ VersionConverter::_convert_res_from_1_to_2(HTTPHdr &header) const
 
     field->value_set(header.m_heap, header.m_mime, status_str, STATUS_VALUE_LEN);
   } else {
-    ink_abort("initialize HTTP/2 pseudo-headers");
+    ink_abort("initialize HTTP/2 pseudo-headers, no :status");
     return PARSE_RESULT_ERROR;
   }
 
diff --git a/proxy/http/ConnectingEntry.cc b/proxy/http/ConnectingEntry.cc
new file mode 100644
index 00000000000..2bd0bd2ada0
--- /dev/null
+++ b/proxy/http/ConnectingEntry.cc
@@ -0,0 +1,157 @@
+/** @file
+
+  Server side connection management.
+
+  @section license License
+
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+
+ */
+
+#include "ConnectingEntry.h"
+#include "HttpSM.h"
+
+ConnectingEntry::~ConnectingEntry()
+{
+  if (_netvc_read_buffer != nullptr) {
+    free_MIOBuffer(_netvc_read_buffer);
+    _netvc_read_buffer = nullptr;
+  }
+}
+
+int
+ConnectingEntry::state_http_server_open(int event, void *data)
+{
+  Debug("http_connect", "entered inside ConnectingEntry::state_http_server_open");
+
+  switch (event) {
+  case NET_EVENT_OPEN: {
+    _netvc                 = static_cast<NetVConnection *>(data);
+    UnixNetVConnection *vc = static_cast<UnixNetVConnection *>(_netvc);
+    ink_release_assert(_pending_action == nullptr || _pending_action->continuation == vc->get_action()->continuation);
+    _pending_action = nullptr;
+    Debug("http_connect", "ConnectingEntrysetting handler for connection handshake");
+    // Just want to get a write-ready event so we know that the connection handshake is complete.
+    // The buffer we create will be handed over to the eventually created server session
+    _netvc_read_buffer = new_MIOBuffer(HTTP_SERVER_RESP_HDR_BUFFER_INDEX);
+    _netvc_reader      = _netvc_read_buffer->alloc_reader();
+    _netvc->do_io_write(this, 1, _netvc_reader);
+    ink_release_assert(!_connect_sms.empty());
+    if (!_connect_sms.empty()) {
+      HttpSM *prime_connect_sm = *(_connect_sms.begin());
+      _netvc->set_inactivity_timeout(prime_connect_sm->get_server_connect_timeout());
+    }
+    ink_release_assert(_pending_action == nullptr);
+    return 0;
+  }
+  case VC_EVENT_READ_COMPLETE:
+  case VC_EVENT_WRITE_READY:
+  case VC_EVENT_WRITE_COMPLETE: {
+    Debug("http_connect", "Kick off %zd state machines waiting for origin", _connect_sms.size());
+    this->remove_entry();
+    _netvc->do_io_write(nullptr, 0, nullptr);
+    if (!_connect_sms.empty()) {
+      auto prime_iter = _connect_sms.rbegin();
+      ink_release_assert(prime_iter != _connect_sms.rend());
+      PoolableSession *new_session = (*prime_iter)->create_server_session(_netvc, _netvc_read_buffer, _netvc_reader);
+      _netvc                       = nullptr;
+      _netvc_read_buffer           = nullptr;
+
+      // Did we end up with a multiplexing session?
+      int count = 0;
+      if (new_session->is_multiplexing()) {
+        // Hand off to all queued up ConnectSM's.
+        while (!_connect_sms.empty()) {
+          Debug("http_connect", "ConnectingEntry Pass along CONNECT_EVENT_TXN %d", count++);
+          auto entry = _connect_sms.begin();
+
+          SCOPED_MUTEX_LOCK(lock, (*entry)->mutex, this_ethread());
+          (*entry)->handleEvent(CONNECT_EVENT_TXN, new_session);
+          _connect_sms.erase(entry);
+        }
+      } else {
+        // Hand off to one and tell all of the others to connect directly
+        Debug("http_connect", "ConnectingEntry send CONNECT_EVENT_TXN to first %d", count++);
+        {
+          SCOPED_MUTEX_LOCK(lock, (*prime_iter)->mutex, this_ethread());
+          (*prime_iter)->handleEvent(CONNECT_EVENT_TXN, new_session);
+          _connect_sms.erase((++prime_iter).base());
+        }
+        while (!_connect_sms.empty()) {
+          auto entry = _connect_sms.begin();
+          Debug("http_connect", "ConnectingEntry Pass along CONNECT_EVENT_DIRECT %d", count++);
+          SCOPED_MUTEX_LOCK(lock, (*entry)->mutex, this_ethread());
+          (*entry)->handleEvent(CONNECT_EVENT_DIRECT, nullptr);
+          _connect_sms.erase(entry);
+        }
+      }
+    } else {
+      ink_release_assert(!"There should be some sms on the connect_entry");
+    }
+    delete this;
+
+    // ConnectingEntry should remove itself from the tables and delete itself
+    return 0;
+  }
+  case VC_EVENT_INACTIVITY_TIMEOUT:
+  case VC_EVENT_ACTIVE_TIMEOUT:
+  case VC_EVENT_ERROR:
+  case NET_EVENT_OPEN_FAILED: {
+    Debug("http_connect", "Stop %zd state machines waiting for failed origin", _connect_sms.size());
+    this->remove_entry();
+    int vc_provided_cert = 0;
+    int lerrno           = EIO;
+    if (_netvc != nullptr) {
+      vc_provided_cert = _netvc->provided_cert();
+      lerrno           = _netvc->lerrno;
+      _netvc->do_io_close();
+    }
+    while (!_connect_sms.empty()) {
+      auto entry = _connect_sms.begin();
+      SCOPED_MUTEX_LOCK(lock, (*entry)->mutex, this_ethread());
+      (*entry)->t_state.set_connect_fail(lerrno);
+      (*entry)->server_connection_provided_cert = vc_provided_cert;
+      (*entry)->handleEvent(event, data);
+      _connect_sms.erase(entry);
+    }
+    // ConnectingEntry should remove itself from the tables and delete itself
+    delete this;
+
+    return 0;
+  }
+  default:
+    Error("[ConnectingEntry::state_http_server_open] Unknown event: %d", event);
+    ink_release_assert(0);
+    return 0;
+  }
+
+  return 0;
+}
+
+void
+ConnectingEntry::remove_entry()
+{
+  EThread *ethread = this_ethread();
+  auto ip_iter     = ethread->connecting_pool->m_ip_pool.find(this->_ipaddr);
+  while (ip_iter != ethread->connecting_pool->m_ip_pool.end() && this->_ipaddr == ip_iter->first) {
+    if (ip_iter->second == this) {
+      ethread->connecting_pool->m_ip_pool.erase(ip_iter);
+      break;
+    }
+    ++ip_iter;
+  }
+}
diff --git a/proxy/http/ConnectingEntry.h b/proxy/http/ConnectingEntry.h
new file mode 100644
index 00000000000..3427295a4b8
--- /dev/null
+++ b/proxy/http/ConnectingEntry.h
@@ -0,0 +1,79 @@
+/** @file
+
+  Server side connection management.
+
+  @section license License
+
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+
+ */
+
+#include "PoolableSession.h"
+
+#include <set>
+#include <string>
+
+class HttpSM;
+
+/** Represents a server side session entry in a ConnectionPool to an origin. */
+class ConnectingEntry : public Continuation
+{
+public:
+  ConnectingEntry() = default;
+  ~ConnectingEntry() override;
+  void remove_entry();
+  int state_http_server_open(int event, void *data);
+  static PoolableSession *create_server_session(HttpSM *root_sm, NetVConnection *netvc, MIOBuffer *netvc_read_buffer,
+                                                IOBufferReader *netvc_reader);
+
+public:
+  std::string sni;
+  std::string cert_name;
+  IpEndpoint _ipaddr;
+  std::string hostname;
+  std::set<HttpSM *> _connect_sms;
+  NetVConnection *_netvc = nullptr;
+
+private:
+  MIOBuffer *_netvc_read_buffer = nullptr;
+  IOBufferReader *_netvc_reader = nullptr;
+  Action *_pending_action       = nullptr;
+  NetVCOptions opt;
+};
+
+struct IpHelper {
+  size_t
+  operator()(IpEndpoint const &arg) const
+  {
+    return IpAddr{&arg.sa}.hash();
+  }
+  bool
+  operator()(IpEndpoint const &arg1, IpEndpoint const &arg2) const
+  {
+    return ats_ip_addr_port_eq(&arg1.sa, &arg2.sa);
+  }
+};
+
+using ConnectingIpPool = std::unordered_multimap<IpEndpoint, ConnectingEntry *, IpHelper>;
+
+/** Represents the set of connections to an origin. */
+class ConnectingPool
+{
+public:
+  ConnectingPool() = default;
+  ConnectingIpPool m_ip_pool;
+};
diff --git a/proxy/http/HttpProxyServerMain.cc b/proxy/http/HttpProxyServerMain.cc
index 6b5a1fa9ebe..d092c60a369 100644
--- a/proxy/http/HttpProxyServerMain.cc
+++ b/proxy/http/HttpProxyServerMain.cc
@@ -51,6 +51,7 @@
 HttpSessionAccept *plugin_http_accept             = nullptr;
 HttpSessionAccept *plugin_http_transparent_accept = nullptr;
 extern std::function<PoolableSession *()> create_h1_server_session;
+extern std::function<PoolableSession *()> create_h2_server_session;
 extern std::map<int, std::function<ProxySession *()>> ProtocolSessionCreateMap;
 
 static SLL<SSLNextProtocolAccept> ssl_plugin_acceptors;
@@ -225,6 +226,7 @@ MakeHttpProxyAcceptor(HttpProxyAcceptor &acceptor, HttpProxyPort &port, unsigned
   }
   ProtocolSessionCreateMap.insert({TS_ALPN_PROTOCOL_INDEX_HTTP_1_0, create_h1_server_session});
   ProtocolSessionCreateMap.insert({TS_ALPN_PROTOCOL_INDEX_HTTP_1_1, create_h1_server_session});
+  ProtocolSessionCreateMap.insert({TS_ALPN_PROTOCOL_INDEX_HTTP_2_0, create_h2_server_session});
 
   if (port.isSSL()) {
     SSLNextProtocolAccept *ssl = new SSLNextProtocolAccept(probe, port.m_transparent_passthrough);
diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index 71a208a0950..767af98f8f8 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -24,11 +24,13 @@
 
 #include "../ProxyTransaction.h"
 #include "HttpSM.h"
+#include "ConnectingEntry.h"
 #include "HttpTransact.h"
 #include "HttpBodyFactory.h"
 #include "HttpTransactHeaders.h"
 #include "ProxyConfig.h"
 #include "Http1ServerSession.h"
+#include "Http2ServerSession.h"
 #include "HttpDebugNames.h"
 #include "HttpSessionManager.h"
 #include "P_Cache.h"
@@ -204,7 +206,6 @@ HttpVCTable::find_entry(VIO *vio)
 void
 HttpVCTable::remove_entry(HttpVCTableEntry *e)
 {
-  ink_assert(e->vc == nullptr || e->in_tunnel);
   e->vc  = nullptr;
   e->eos = false;
   if (e->read_buffer) {
@@ -237,18 +238,6 @@ HttpVCTable::cleanup_entry(HttpVCTableEntry *e)
 {
   ink_assert(e->vc);
   if (e->in_tunnel == false) {
-    // Update stats
-    switch (e->vc_type) {
-    case HTTP_UA_VC:
-      // proxy.process.http.current_client_transactions is decremented in HttpSM::destroy
-      break;
-    default:
-      // This covers:
-      // HTTP_UNKNOWN, HTTP_SERVER_VC, HTTP_TRANSFORM_VC, HTTP_CACHE_READ_VC,
-      // HTTP_CACHE_WRITE_VC, HTTP_RAW_SERVER_VC
-      break;
-    }
-
     if (e->vc_type == HTTP_SERVER_VC) {
       HTTP_INCREMENT_DYN_STAT(http_origin_shutdown_cleanup_entry);
     }
@@ -268,6 +257,14 @@ HttpVCTable::cleanup_all()
   }
 }
 
+void
+initialize_thread_for_connecting_pools(EThread *thread)
+{
+  if (thread->connecting_pool == nullptr) {
+    thread->connecting_pool = new ConnectingPool();
+  }
+}
+
 #define SMDebug(tag, fmt, ...) SpecificDebug(debug_on, tag, "[%" PRId64 "] " fmt, sm_id, ##__VA_ARGS__)
 
 #define REMEMBER(e, r)                             \
@@ -372,6 +369,8 @@ HttpSM::init(bool from_early_data)
 
   magic = HTTP_SM_MAGIC_ALIVE;
 
+  server_txn = nullptr;
+
   // Unique state machine identifier
   sm_id                 = next_sm_id++;
   t_state.state_machine = this;
@@ -601,8 +600,7 @@ HttpSM::attach_client_session(ProxyTransaction *client_vc)
   //  this hook maybe asynchronous, we need to disable IO on
   //  client but set the continuation to be the state machine
   //  so if we get an timeout events the sm handles them
-  //  hold onto enabling read until setup_client_read_request_header
-  ua_entry->read_vio  = client_vc->do_io_read(this, 0, nullptr);
+  ua_entry->read_vio  = client_vc->do_io_read(this, 0, ua_txn->get_remote_reader()->mbuf);
   ua_entry->write_vio = client_vc->do_io_write(this, 0, nullptr);
 
   /////////////////////////
@@ -794,8 +792,9 @@ HttpSM::state_read_client_request_header(int event, void *data)
       ua_raw_buffer_reader = nullptr;
     }
     http_parser_clear(&http_parser);
-    ua_entry->vc_read_handler                    = &HttpSM::state_watch_for_client_abort;
-    ua_entry->vc_write_handler                   = &HttpSM::state_watch_for_client_abort;
+    ua_entry->vc_read_handler  = &HttpSM::state_watch_for_client_abort;
+    ua_entry->vc_write_handler = &HttpSM::state_watch_for_client_abort;
+    ua_txn->cancel_inactivity_timeout();
     milestones[TS_MILESTONE_UA_READ_HEADER_DONE] = Thread::get_hrtime();
   }
 
@@ -997,19 +996,23 @@ HttpSM::state_watch_for_client_abort(int event, void *data)
    */
   case VC_EVENT_EOS: {
     // We got an early EOS. If the tunnal has cache writer, don't kill it for background fill.
-    NetVConnection *netvc = ua_txn->get_netvc();
-    if (ua_txn->allow_half_open() || tunnel.has_consumer_besides_client()) {
-      if (netvc) {
-        netvc->do_io_shutdown(IO_SHUTDOWN_READ);
+    if (!terminate_sm) { // Not done already
+      NetVConnection *netvc = ua_txn->get_netvc();
+      if (ua_txn->allow_half_open() || tunnel.has_consumer_besides_client()) {
+        if (netvc) {
+          netvc->do_io_shutdown(IO_SHUTDOWN_READ);
+        }
+      } else {
+        ua_txn->do_io_close();
+        vc_table.cleanup_entry(ua_entry);
+        ua_entry = nullptr;
+        tunnel.kill_tunnel();
+        terminate_sm = true; // Just die already, the requester is gone
+        set_ua_abort(HttpTransact::ABORTED, event);
+      }
+      if (ua_entry) {
+        ua_entry->eos = true;
       }
-      ua_entry->eos = true;
-    } else {
-      ua_txn->do_io_close();
-      vc_table.cleanup_entry(ua_entry);
-      ua_entry = nullptr;
-      tunnel.kill_tunnel();
-      terminate_sm = true; // Just die already, the requester is gone
-      set_ua_abort(HttpTransact::ABORTED, event);
     }
     break;
   }
@@ -1221,14 +1224,6 @@ HttpSM::state_raw_http_server_open(int event, void *data)
 
   pending_action = nullptr;
   switch (event) {
-  case EVENT_INTERVAL:
-    // If we get EVENT_INTERNAL it means that we moved the transaction
-    // to a different thread in do_http_server_open.  Since we didn't
-    // do any of the actual work in do_http_server_open, we have to
-    // go back and do it now.
-    do_http_server_open(true);
-    return 0;
-
   case NET_EVENT_OPEN: {
     // Record the VC in our table
     server_entry     = vc_table.new_entry();
@@ -1549,7 +1544,7 @@ plugins required to work with sni_routing.
         api_timer = -Thread::get_hrtime_updated();
         HTTP_SM_SET_DEFAULT_HANDLER(&HttpSM::state_api_callout);
         ink_release_assert(pending_action.empty());
-        pending_action = mutex->thread_holding->schedule_in(this, HRTIME_MSECONDS(10));
+        pending_action = this_ethread()->schedule_in(this, HRTIME_MSECONDS(10));
         return -1;
       }
 
@@ -1624,6 +1619,10 @@ plugins required to work with sni_routing.
     }
     break;
 
+  // Eat the EOS while we are waiting for any locks to complete the transaction
+  case VC_EVENT_EOS:
+    return 0;
+
   default:
     ink_assert(false);
     terminate_sm = true;
@@ -1817,7 +1816,7 @@ HttpSM::handle_api_return()
 }
 
 PoolableSession *
-HttpSM::create_server_session(NetVConnection *netvc)
+HttpSM::create_server_session(NetVConnection *netvc, MIOBuffer *netvc_read_buffer, IOBufferReader *netvc_reader)
 {
   // Figure out what protocol was negotiated
   int proto_index      = SessionProtocolNameRegistry::INVALID;
@@ -1832,28 +1831,24 @@ HttpSM::create_server_session(NetVConnection *netvc)
 
   PoolableSession *retval = ProxySession::create_outbound_session(proto_index);
 
-  HttpTransact::State &s       = this->t_state;
-  retval->sharing_pool         = static_cast<TSServerSessionSharingPoolType>(s.http_config_param->server_session_sharing_pool);
-  retval->sharing_match        = static_cast<TSServerSessionSharingMatchMask>(s.txn_conf->server_session_sharing_match);
-  MIOBuffer *netvc_read_buffer = new_MIOBuffer(HTTP_SERVER_RESP_HDR_BUFFER_INDEX);
-  IOBufferReader *netvc_reader = netvc_read_buffer->alloc_reader();
+  retval->sharing_pool  = static_cast<TSServerSessionSharingPoolType>(t_state.http_config_param->server_session_sharing_pool);
+  retval->sharing_match = static_cast<TSServerSessionSharingMatchMask>(t_state.txn_conf->server_session_sharing_match);
+  retval->attach_hostname(t_state.current.server->name);
   retval->new_connection(netvc, netvc_read_buffer, netvc_reader);
 
-  retval->attach_hostname(s.current.server->name);
-
-  ATS_PROBE1(new_origin_server_connection, s.current.server->name);
+  ATS_PROBE1(new_origin_server_connection, t_state.current.server->name);
   retval->set_active();
 
   if (netvc) {
-    ats_ip_copy(&s.server_info.src_addr, netvc->get_local_addr());
+    ats_ip_copy(&t_state.server_info.src_addr, netvc->get_local_addr());
   }
 
   // If origin_max_connections or origin_min_keep_alive_connections is set then we are metering
   // the max and or min number of connections per host. Transfer responsibility for this to the
   // session object.
-  if (s.outbound_conn_track_state.is_active()) {
-    SMDebug("http_connect", "max number of outbound connections: %d", s.txn_conf->outbound_conntrack.max);
-    retval->enable_outbound_connection_tracking(s.outbound_conn_track_state.drop());
+  if (t_state.outbound_conn_track_state.is_active()) {
+    SMDebug("http_connect", "max number of outbound connections: %d", t_state.txn_conf->outbound_conntrack.max);
+    retval->enable_outbound_connection_tracking(t_state.outbound_conn_track_state.drop());
   }
   return retval;
 }
@@ -1861,14 +1856,26 @@ HttpSM::create_server_session(NetVConnection *netvc)
 bool
 HttpSM::create_server_txn(PoolableSession *new_session)
 {
+  ink_assert(new_session != nullptr);
   bool retval = false;
-  server_txn  = new_session->new_transaction();
-  if (server_txn != nullptr) {
+
+  server_txn = new_session->new_transaction();
+  if (server_txn) {
+    retval = true;
     server_txn->attach_transaction(this);
+    if (t_state.current.request_to == ResolveInfo::PARENT_PROXY) {
+      new_session->to_parent_proxy = true;
+      HTTP_INCREMENT_DYN_STAT(http_current_parent_proxy_connections_stat);
+      HTTP_INCREMENT_DYN_STAT(http_total_parent_proxy_connections_stat);
+    } else {
+      new_session->to_parent_proxy = false;
+    }
     server_txn->do_io_write(this, 0, nullptr);
     attach_server_session();
-    retval = true;
   }
+  _netvc             = nullptr;
+  _netvc_read_buffer = nullptr;
+  _netvc_reader      = nullptr;
   return retval;
 }
 
@@ -1891,78 +1898,72 @@ HttpSM::state_http_server_open(int event, void *data)
 
   switch (event) {
   case NET_EVENT_OPEN: {
-    NetVConnection *netvc        = static_cast<NetVConnection *>(data);
-    UnixNetVConnection *vc       = static_cast<UnixNetVConnection *>(data);
-    PoolableSession *new_session = this->create_server_session(netvc);
-    if (t_state.current.request_to == ResolveInfo::PARENT_PROXY) {
-      new_session->to_parent_proxy = true;
-      HTTP_INCREMENT_DYN_STAT(http_current_parent_proxy_connections_stat);
-      HTTP_INCREMENT_DYN_STAT(http_total_parent_proxy_connections_stat);
-    } else {
-      new_session->to_parent_proxy = false;
-    }
-    this->create_server_txn(new_session);
-
     // Since the UnixNetVConnection::action_ or SocksEntry::action_ may be returned from netProcessor.connect_re, and the
-    // SocksEntry::action_ will be copied into UnixNetVConnection::action_ before call back NET_EVENT_OPEN from SocksEntry::free(),
-    // so we just compare the Continuation between pending_action and VC's action_.
+    // SocksEntry::action_ will be copied into UnixNetVConnection::action_ before call back NET_EVENT_OPEN from
+    // SocksEntry::free(), so we just compare the Continuation between pending_action and VC's action_.
+    _netvc                 = static_cast<NetVConnection *>(data);
+    _netvc_read_buffer     = new_MIOBuffer(HTTP_SERVER_RESP_HDR_BUFFER_INDEX);
+    _netvc_reader          = _netvc_read_buffer->alloc_reader();
+    UnixNetVConnection *vc = static_cast<UnixNetVConnection *>(_netvc);
     ink_release_assert(pending_action.empty() || pending_action.get_continuation() == vc->get_action()->continuation);
     pending_action = nullptr;
 
     if (this->plugin_tunnel_type == HTTP_NO_PLUGIN_TUNNEL) {
-      SMDebug("http", "setting handler for TCP handshake");
-      // Just want to get a write-ready event so we know that the TCP handshake is complete.
-      server_entry->vc_write_handler = &HttpSM::state_http_server_open;
-      server_entry->vc_read_handler  = &HttpSM::state_http_server_open;
-
-      int64_t nbytes = 1;
-      if (t_state.txn_conf->proxy_protocol_out >= 0) {
-        nbytes = do_outbound_proxy_protocol(server_txn->get_remote_reader()->mbuf, vc, ua_txn->get_netvc(),
-                                            t_state.txn_conf->proxy_protocol_out);
-      }
-
-      server_entry->write_vio = server_txn->do_io_write(this, nbytes, server_txn->get_remote_reader());
+      SMDebug("http_connect", "setting handler for connection handshake timeout %" PRId64, this->get_server_connect_timeout());
+      // Just want to get a write-ready event so we know that the connection handshake is complete.
+      // The buffer we create will be handed over to the eventually created server session
+      _netvc->do_io_write(this, 1, _netvc_reader);
+      _netvc->set_inactivity_timeout(this->get_server_connect_timeout());
 
     } else { // in the case of an intercept plugin don't to the connect timeout change
-      SMDebug("http", "not setting handler for TCP handshake");
+      SMDebug("http_connect", "not setting handler for connection handshake");
+      this->create_server_txn(this->create_server_session(_netvc, _netvc_read_buffer, _netvc_reader));
       handle_http_server_open();
     }
-
+    ink_assert(pending_action.empty());
     return 0;
   }
+  case CONNECT_EVENT_DIRECT:
+    // Try it again, but direct this time
+    do_http_server_open(false, true);
+    break;
+  case CONNECT_EVENT_TXN:
+    SMDebug("http", "Connection handshake complete via CONNECT_EVENT_TXN");
+    if (this->create_server_txn(static_cast<PoolableSession *>(data))) {
+      write_outbound_proxy_protocol();
+      handle_http_server_open();
+    } else { // Failed to create transaction.  Maybe too many active transactions already
+      // Try again (probably need a bounding counter here)
+      do_http_server_open(false);
+    }
+    return 0;
   case VC_EVENT_READ_COMPLETE:
   case VC_EVENT_WRITE_READY:
   case VC_EVENT_WRITE_COMPLETE:
     // Update the time out to the regular connection timeout.
-    SMDebug("http_ss", "TCP Handshake complete");
-    server_entry->vc_write_handler = &HttpSM::state_send_server_request_header;
-
-    // Reset the timeout to the non-connect timeout
-    server_txn->set_inactivity_timeout(get_server_inactivity_timeout());
+    SMDebug("http_ss", "Connection handshake complete");
+    this->create_server_txn(this->create_server_session(_netvc, _netvc_read_buffer, _netvc_reader));
+    write_outbound_proxy_protocol();
     t_state.current.server->clear_connect_fail();
     handle_http_server_open();
     return 0;
-  case EVENT_INTERVAL: // Delayed call from another thread
-    if (server_txn == nullptr) {
-      do_http_server_open();
-    }
-    break;
   case VC_EVENT_INACTIVITY_TIMEOUT:
   case VC_EVENT_ACTIVE_TIMEOUT:
     t_state.set_connect_fail(ETIMEDOUT);
   /* fallthrough */
   case VC_EVENT_ERROR:
   case NET_EVENT_OPEN_FAILED: {
-    if (server_txn) {
-      NetVConnection *vc = server_txn->get_netvc();
-      if (vc) {
-        t_state.set_connect_fail(vc->lerrno);
-        server_connection_provided_cert = vc->provided_cert();
-      }
-    }
-
     t_state.current.state = HttpTransact::CONNECTION_ERROR;
     t_state.outbound_conn_track_state.clear();
+    if (_netvc != nullptr) {
+      if (event == VC_EVENT_ERROR || event == NET_EVENT_OPEN_FAILED) {
+        t_state.set_connect_fail(_netvc->lerrno);
+      }
+      this->server_connection_provided_cert = _netvc->provided_cert();
+      _netvc->do_io_write(nullptr, 0, nullptr);
+      _netvc->do_io_close();
+      _netvc = nullptr;
+    }
 
     /* If we get this error in transparent mode, then we simply can't bind to the 4-tuple to make the connection.  There's no hope
        of retries succeeding in the near future. The best option is to just shut down the connection without further comment. The
@@ -2025,6 +2026,8 @@ HttpSM::state_read_server_response_header(int event, void *data)
   case VC_EVENT_READ_READY:
   case VC_EVENT_READ_COMPLETE:
     // More data to parse
+    // Got some data, won't retry origin connection on error
+    t_state.current.attempts.maximize(t_state.configured_connect_attempts_max_retries());
     break;
 
   case VC_EVENT_ERROR:
@@ -2076,6 +2079,12 @@ HttpSM::state_read_server_response_header(int event, void *data)
     http_parser_clear(&http_parser);
     milestones[TS_MILESTONE_SERVER_READ_HEADER_DONE] = Thread::get_hrtime();
 
+    // Any other events to the end
+    if (server_entry->vc_type == HTTP_SERVER_VC) {
+      server_entry->vc_read_handler  = &HttpSM::tunnel_handler;
+      server_entry->vc_write_handler = &HttpSM::tunnel_handler;
+    }
+
     // If there is a post body in transit, give up on it
     if (tunnel.is_tunnel_alive()) {
       tunnel.abort_tunnel();
@@ -2104,6 +2113,9 @@ HttpSM::state_read_server_response_header(int event, void *data)
     if (allow_error == false) {
       SMDebug("http_seq", "Error parsing server response header");
       t_state.current.state = HttpTransact::PARSE_ERROR;
+      // We set this to 0 because otherwise HttpTransact::retry_server_connection_not_open
+      // will raise an assertion if the value is the default UNKNOWN_INTERNAL_ERROR.
+      t_state.cause_of_death_errno = 0;
 
       // If the server closed prematurely on us, use the
       //   server setup error routine since it will forward
@@ -2185,9 +2197,9 @@ HttpSM::state_send_server_request_header(int event, void *data)
     break;
 
   case VC_EVENT_WRITE_COMPLETE:
-    if (server_entry->write_vio != nullptr) {
-      // We are done sending the request header, deallocate
-      //  our buffer and then decide what to do next
+    // We are done sending the request header, deallocate
+    //  our buffer and then decide what to do next
+    if (server_entry->write_buffer) {
       free_MIOBuffer(server_entry->write_buffer);
       server_entry->write_buffer = nullptr;
       method                     = t_state.hdr_info.server_request.method_get_wksidx();
@@ -2203,6 +2215,10 @@ HttpSM::state_send_server_request_header(int event, void *data)
           }
         }
       }
+      // Any other events to these read response
+      if (server_entry->vc_type == HTTP_SERVER_VC) {
+        server_entry->vc_read_handler = &HttpSM::state_read_server_response_header;
+      }
     }
 
     break;
@@ -2253,6 +2269,91 @@ HttpSM::state_send_server_request_header(int event, void *data)
   return 0;
 }
 
+bool
+HttpSM::origin_multiplexed() const
+{
+  return (t_state.dns_info.http_version == HTTP_2_0 || t_state.dns_info.http_version == HTTP_INVALID);
+}
+
+void
+HttpSM::cancel_pending_server_connection()
+{
+  EThread *ethread = this_ethread();
+  if (nullptr == ethread->connecting_pool) {
+    return; // No pending requests
+  }
+  if (t_state.current.server) {
+    IpEndpoint ip;
+    ip.assign(&this->t_state.current.server->dst_addr.sa);
+    auto ip_iter = ethread->connecting_pool->m_ip_pool.find(ip);
+    while (ip_iter != ethread->connecting_pool->m_ip_pool.end() && ip_iter->first == ip) {
+      ConnectingEntry *connecting_entry = ip_iter->second;
+      // Found a match
+      // Look for our sm in the queue
+      auto entry = connecting_entry->_connect_sms.find(this);
+      if (entry != connecting_entry->_connect_sms.end()) {
+        connecting_entry->_connect_sms.erase(entry);
+        if (connecting_entry->_connect_sms.empty()) {
+          if (connecting_entry->_netvc) {
+            connecting_entry->_netvc->do_io_write(nullptr, 0, nullptr);
+            connecting_entry->_netvc->do_io_close();
+          }
+          ethread->connecting_pool->m_ip_pool.erase(ip_iter);
+          delete connecting_entry;
+          break;
+        } else {
+          //  Leave the shared entry remaining alone
+        }
+      }
+      ++ip_iter;
+    }
+  }
+}
+
+// Returns true if there was a matching entry that we
+// queued this request on
+bool
+HttpSM::add_to_existing_request()
+{
+  HttpTransact::State &s = this->t_state;
+  bool retval            = false;
+  EThread *ethread       = this_ethread();
+
+  if (this->plugin_tunnel_type != HTTP_NO_PLUGIN_TUNNEL) {
+    return false;
+  }
+
+  if (nullptr == ethread->connecting_pool) {
+    initialize_thread_for_connecting_pools(ethread);
+  }
+  auto my_nh = ((UnixNetVConnection *)(this)->ua_txn->get_netvc())->nh;
+  ink_release_assert(my_nh == nullptr /* PluginVC */ || my_nh == get_NetHandler(this_ethread()));
+
+  HTTP_SM_SET_DEFAULT_HANDLER(&HttpSM::state_http_server_open);
+
+  IpEndpoint ip;
+  ip.assign(&s.current.server->dst_addr.sa);
+  auto ip_iter                       = ethread->connecting_pool->m_ip_pool.find(ip);
+  std::string_view proposed_sni      = this->get_outbound_sni();
+  std::string_view proposed_cert     = this->get_outbound_cert();
+  std::string_view proposed_hostname = this->t_state.current.server->name;
+  while (!retval && ip_iter != ethread->connecting_pool->m_ip_pool.end() && ip_iter->first == ip) {
+    // Check that entry matches sni, hostname, and cert
+    if (proposed_hostname == ip_iter->second->hostname && proposed_sni == ip_iter->second->sni &&
+        proposed_cert == ip_iter->second->cert_name && ip_iter->second->_connect_sms.size() < 50) {
+      // Pre-emptively set a server connect failure that will be cleared once a WRITE_READY is received from origin or
+      // bytes are received back
+      this->t_state.set_connect_fail(EIO);
+      ip_iter->second->_connect_sms.insert(this);
+      Debug("http_connect", "Add entry to connection queue. size=%" PRId64, ip_iter->second->_connect_sms.size());
+      retval = true;
+      break;
+    }
+    ++ip_iter;
+  }
+  return retval;
+}
+
 void
 HttpSM::process_srv_info(HostDBRecord *record)
 {
@@ -2349,11 +2450,6 @@ int
 HttpSM::state_hostdb_lookup(int event, void *data)
 {
   STATE_ENTER(&HttpSM::state_hostdb_lookup, event);
-  //    ink_assert (m_origin_server_vc == 0);
-  // REQ_FLAVOR_SCHEDULED_UPDATE can be transformed into
-  // REQ_FLAVOR_REVPROXY
-  ink_assert(t_state.req_flavor == HttpTransact::REQ_FLAVOR_SCHEDULED_UPDATE ||
-             t_state.req_flavor == HttpTransact::REQ_FLAVOR_REVPROXY || ua_entry->vc != nullptr);
 
   switch (event) {
   case EVENT_HOST_DB_LOOKUP:
@@ -2384,7 +2480,6 @@ HttpSM::state_hostdb_lookup(int event, void *data)
   default:
     ink_assert(!"Unexpected event");
   }
-
   return 0;
 }
 
@@ -2699,7 +2794,7 @@ HttpSM::main_handler(int event, void *data)
   }
 
   if (vc_entry) {
-    jump_point = static_cast<VIO *>(data) == vc_entry->read_vio ? vc_entry->vc_read_handler : vc_entry->vc_write_handler;
+    jump_point = (static_cast<VIO *>(data) == vc_entry->read_vio) ? vc_entry->vc_read_handler : vc_entry->vc_write_handler;
     ink_assert(jump_point != (HttpSMHandler) nullptr);
     ink_assert(vc_entry->vc != (VConnection *)nullptr);
     (this->*jump_point)(event, data);
@@ -2864,7 +2959,6 @@ HttpSM::tunnel_handler_post(int event, void *data)
     // Is the response header ready and waiting?
     // If so, go ahead and do the hook processing
     if (milestones[TS_MILESTONE_SERVER_READ_HEADER_DONE] != 0) {
-      Warning("Process waiting response id=[%" PRId64, sm_id);
       t_state.current.state         = HttpTransact::CONNECTION_ALIVE;
       t_state.transact_return_point = HttpTransact::HandleResponse;
       t_state.api_next_action       = HttpTransact::SM_ACTION_API_READ_RESPONSE_HDR;
@@ -2878,6 +2972,50 @@ HttpSM::tunnel_handler_post(int event, void *data)
   return 0;
 }
 
+int
+HttpSM::tunnel_handler_trailer(int event, void *data)
+{
+  STATE_ENTER(&HttpSM::tunnel_handler_trailer, event);
+
+  switch (event) {
+  case HTTP_TUNNEL_EVENT_DONE: // Response tunnel done.
+    break;
+
+  default:
+    // If the response tunnel did not succeed, just clean up as in the default case
+    return tunnel_handler(event, data);
+  }
+
+  ink_assert(event == HTTP_TUNNEL_EVENT_DONE);
+
+  // Set up a new tunnel to transport the trailing header to the UA
+  HTTP_SM_SET_DEFAULT_HANDLER(&HttpSM::tunnel_handler);
+
+  MIOBuffer *trailer_buffer = new_MIOBuffer(HTTP_HEADER_BUFFER_SIZE_INDEX);
+  IOBufferReader *buf_start = trailer_buffer->alloc_reader();
+
+  size_t nbytes   = INT64_MAX;
+  int start_bytes = trailer_buffer->write(server_txn->get_remote_reader(), server_txn->get_remote_reader()->read_avail());
+  server_txn->get_remote_reader()->consume(start_bytes);
+  // The server has already sent all it has
+  if (server_txn->is_read_closed()) {
+    nbytes = start_bytes;
+  }
+  // Signal the ua_txn to get ready for a trailer
+  ua_txn->set_expect_send_trailer();
+  tunnel.reset();
+  HttpTunnelProducer *p = tunnel.add_producer(server_entry->vc, nbytes, buf_start, &HttpSM::tunnel_handler_trailer_server,
+                                              HT_HTTP_SERVER, "http server trailer");
+  tunnel.add_consumer(ua_entry->vc, server_entry->vc, &HttpSM::tunnel_handler_trailer_ua, HT_HTTP_CLIENT, "user agent trailer");
+
+  ua_entry->in_tunnel     = true;
+  server_entry->in_tunnel = true;
+
+  tunnel.tunnel_run(p);
+
+  return 0;
+}
+
 int
 HttpSM::tunnel_handler_cache_fill(int event, void *data)
 {
@@ -2888,12 +3026,31 @@ HttpSM::tunnel_handler_cache_fill(int event, void *data)
 
   ink_release_assert(cache_sm.cache_write_vc);
 
-  tunnel.deallocate_buffers();
-  this->postbuf_clear();
-  tunnel.reset();
+  int64_t alloc_index       = find_server_buffer_size();
+  MIOBuffer *buf            = new_MIOBuffer(alloc_index);
+  IOBufferReader *buf_start = buf->alloc_reader();
 
-  setup_server_transfer_to_cache_only();
-  tunnel.tunnel_run();
+  TunnelChunkingAction_t action =
+    (t_state.current.server && t_state.current.server->transfer_encoding == HttpTransact::CHUNKED_ENCODING) ?
+      TCA_DECHUNK_CONTENT :
+      TCA_PASSTHRU_DECHUNKED_CONTENT;
+
+  int64_t nbytes = server_transfer_init(buf, 0);
+
+  HTTP_SM_SET_DEFAULT_HANDLER(&HttpSM::tunnel_handler);
+
+  server_entry->vc = server_txn;
+  HttpTunnelProducer *p =
+    tunnel.add_producer(server_entry->vc, nbytes, buf_start, &HttpSM::tunnel_handler_server, HT_HTTP_SERVER, "http server");
+
+  tunnel.set_producer_chunking_action(p, 0, action);
+  tunnel.set_producer_chunking_size(p, t_state.txn_conf->http_chunking_size);
+
+  setup_cache_write_transfer(&cache_sm, server_entry->vc, &t_state.cache_info.object_store, 0, "cache write");
+
+  server_entry->in_tunnel = true;
+  // Kick off the new producer
+  tunnel.tunnel_run(p);
 
   return 0;
 }
@@ -3081,7 +3238,6 @@ HttpSM::tunnel_handler_server(int event, HttpTunnelProducer *p)
       t_state.current.server->state = HttpTransact::TRANSACTION_COMPLETE;
       break;
     }
-
     HTTP_INCREMENT_DYN_STAT(http_origin_shutdown_tunnel_server);
     close_connection = true;
 
@@ -3145,6 +3301,13 @@ HttpSM::tunnel_handler_server(int event, HttpTunnelProducer *p)
         tunnel.local_finish_all(p);
       }
     }
+    if (server_txn->expect_receive_trailer()) {
+      SMDebug("http", "wait for that trailing header");
+      // Swap out the default hander to set up the new tunnel for the trailer exchange.
+      HTTP_SM_SET_DEFAULT_HANDLER(&HttpSM::tunnel_handler_trailer);
+      tunnel.local_finish_all(p);
+      return 0;
+    }
     break;
 
   case HTTP_TUNNEL_EVENT_CONSUMER_DETACH:
@@ -3220,6 +3383,84 @@ HttpSM::tunnel_handler_server(int event, HttpTunnelProducer *p)
   return 0;
 }
 
+int
+HttpSM::tunnel_handler_trailer_server(int event, HttpTunnelProducer *p)
+{
+  STATE_ENTER(&HttpSM::tunnel_handler_trailer_server, event);
+
+  switch (event) {
+  case VC_EVENT_INACTIVITY_TIMEOUT:
+  case VC_EVENT_ACTIVE_TIMEOUT:
+  case VC_EVENT_ERROR:
+    t_state.squid_codes.log_code  = SQUID_LOG_ERR_READ_TIMEOUT;
+    t_state.squid_codes.hier_code = SQUID_HIER_TIMEOUT_DIRECT;
+    /* fallthru */
+
+  case VC_EVENT_EOS:
+
+    switch (event) {
+    case VC_EVENT_INACTIVITY_TIMEOUT:
+      t_state.current.server->state = HttpTransact::INACTIVE_TIMEOUT;
+      break;
+    case VC_EVENT_ACTIVE_TIMEOUT:
+      t_state.current.server->state = HttpTransact::ACTIVE_TIMEOUT;
+      break;
+    case VC_EVENT_ERROR:
+      t_state.current.server->state = HttpTransact::CONNECTION_ERROR;
+      break;
+    case VC_EVENT_EOS:
+      t_state.current.server->state = HttpTransact::TRANSACTION_COMPLETE;
+      break;
+    }
+
+    ink_assert(p->vc_type == HT_HTTP_SERVER);
+
+    SMDebug("http", "aborting HTTP tunnel due to server truncation");
+    tunnel.chain_abort_all(p);
+
+    t_state.current.server->abort      = HttpTransact::ABORTED;
+    t_state.client_info.keep_alive     = HTTP_NO_KEEPALIVE;
+    t_state.current.server->keep_alive = HTTP_NO_KEEPALIVE;
+    t_state.squid_codes.log_code       = SQUID_LOG_ERR_READ_ERROR;
+    break;
+
+  case HTTP_TUNNEL_EVENT_PRECOMPLETE:
+  case VC_EVENT_READ_COMPLETE:
+    //
+    // The transfer completed successfully
+    p->read_success               = true;
+    t_state.current.server->state = HttpTransact::TRANSACTION_COMPLETE;
+    t_state.current.server->abort = HttpTransact::DIDNOT_ABORT;
+    break;
+
+  case HTTP_TUNNEL_EVENT_CONSUMER_DETACH:
+  case VC_EVENT_READ_READY:
+  case VC_EVENT_WRITE_READY:
+  case VC_EVENT_WRITE_COMPLETE:
+  default:
+    // None of these events should ever come our way
+    ink_assert(0);
+    break;
+  }
+
+  // We handled the event.  Now either shutdown server transaction
+  ink_assert(server_entry->vc == p->vc);
+  ink_assert(p->vc_type == HT_HTTP_SERVER);
+  ink_assert(p->vc == server_txn);
+
+  // The server session has been released. Clean all pointer
+  // Calling remove_entry instead of server_entry because we don't
+  // want to close the server VC at this point
+  vc_table.remove_entry(server_entry);
+
+  p->vc->do_io_close();
+  p->read_vio = nullptr;
+
+  server_entry = nullptr;
+
+  return 0;
+}
+
 // int HttpSM::tunnel_handler_100_continue_ua(int event, HttpTunnelConsumer* c)
 //
 //     Used for tunneling the 100 continue response.  The tunnel
@@ -3241,6 +3482,7 @@ HttpSM::tunnel_handler_100_continue_ua(int event, HttpTunnelConsumer *c)
   case VC_EVENT_ACTIVE_TIMEOUT:
   case VC_EVENT_ERROR:
     set_ua_abort(HttpTransact::ABORTED, event);
+    vc_table.remove_entry(ua_entry);
     c->vc->do_io_close();
     break;
   case VC_EVENT_WRITE_COMPLETE:
@@ -3339,13 +3581,13 @@ HttpSM::tunnel_handler_ua(int event, HttpTunnelConsumer *c)
         HTTP_INCREMENT_DYN_STAT(http_background_fill_current_count_stat);
         HTTP_INCREMENT_DYN_STAT(http_background_fill_total_count_stat);
 
-        ink_assert(server_entry->vc == server_txn);
         ink_assert(c->is_downstream_from(server_txn));
         server_txn->set_active_timeout(HRTIME_SECONDS(t_state.txn_conf->background_fill_active_timeout));
       }
 
       // Even with the background fill, the client side should go down
       c->write_vio = nullptr;
+      vc_table.remove_entry(ua_entry);
       c->vc->do_io_close(EHTTP_ERROR);
       c->alive = false;
 
@@ -3414,8 +3656,9 @@ HttpSM::tunnel_handler_ua(int event, HttpTunnelConsumer *c)
     break;
   }
 
-  ink_assert(ua_entry->vc == c->vc);
-  if (close_connection) {
+  if (event == VC_EVENT_WRITE_COMPLETE && server_txn && server_txn->expect_receive_trailer()) {
+    // Don't shutdown if we are still expecting a trailer
+  } else if (close_connection) {
     // If the client could be pipelining or is doing a POST, we need to
     //   set the ua_txn into half close mode
 
@@ -3427,6 +3670,7 @@ HttpSM::tunnel_handler_ua(int event, HttpTunnelConsumer *c)
     }
 
     vc_table.remove_entry(this->ua_entry);
+    ink_release_assert(vc_table.find_entry(ua_txn) == nullptr);
     ua_txn->do_io_close();
   } else {
     ink_assert(ua_txn->get_remote_reader() != nullptr);
@@ -3437,6 +3681,66 @@ HttpSM::tunnel_handler_ua(int event, HttpTunnelConsumer *c)
   return 0;
 }
 
+int
+HttpSM::tunnel_handler_trailer_ua(int event, HttpTunnelConsumer *c)
+{
+  HttpTunnelProducer *p     = nullptr;
+  HttpTunnelConsumer *selfc = nullptr;
+
+  STATE_ENTER(&HttpSM::tunnel_handler_trailer_ua, event);
+  ink_assert(c->vc == ua_txn);
+  milestones[TS_MILESTONE_UA_CLOSE] = Thread::get_hrtime();
+
+  switch (event) {
+  case VC_EVENT_EOS:
+    ua_entry->eos = true;
+
+  // FALL-THROUGH
+  case VC_EVENT_INACTIVITY_TIMEOUT:
+  case VC_EVENT_ACTIVE_TIMEOUT:
+  case VC_EVENT_ERROR:
+
+    // The user agent died or aborted.  Check to
+    //  see if we should setup a background fill
+    set_ua_abort(HttpTransact::ABORTED, event);
+
+    // Should not be processing trailer headers in the background fill case
+    ink_assert(!is_bg_fill_necessary(c));
+    p = c->producer;
+    tunnel.chain_abort_all(c->producer);
+    selfc = p->self_consumer;
+    if (selfc) {
+      // This is the case where there is a transformation between ua and os
+      p = selfc->producer;
+      // if producer is the cache or OS, close the producer.
+      // Otherwise in case of large docs, producer iobuffer gets filled up,
+      // waiting for a consumer to consume data and the connection is never closed.
+      if (p->alive && ((p->vc_type == HT_CACHE_READ) || (p->vc_type == HT_HTTP_SERVER))) {
+        tunnel.chain_abort_all(p);
+      }
+    }
+    break;
+
+  case VC_EVENT_WRITE_COMPLETE:
+    c->write_success          = true;
+    t_state.client_info.abort = HttpTransact::DIDNOT_ABORT;
+    break;
+  case VC_EVENT_WRITE_READY:
+  case VC_EVENT_READ_READY:
+  case VC_EVENT_READ_COMPLETE:
+  default:
+    // None of these events should ever come our way
+    ink_assert(0);
+    break;
+  }
+
+  ink_assert(ua_entry->vc == c->vc);
+  vc_table.remove_entry(this->ua_entry);
+  ua_txn->do_io_close();
+  ink_release_assert(vc_table.find_entry(ua_txn) == nullptr);
+  return 0;
+}
+
 int
 HttpSM::tunnel_handler_ua_push(int event, HttpTunnelProducer *p)
 {
@@ -4943,7 +5247,7 @@ HttpSM::get_outbound_sni() const
 //
 //////////////////////////////////////////////////////////////////////////
 void
-HttpSM::do_http_server_open(bool raw)
+HttpSM::do_http_server_open(bool raw, bool only_direct)
 {
   int ip_family = t_state.current.server->dst_addr.sa.sa_family;
   auto fam_name = ats_ip_family_name(ip_family);
@@ -5088,6 +5392,7 @@ HttpSM::do_http_server_open(bool raw)
       (t_state.txn_conf->keep_alive_post_out == 1 || t_state.hdr_info.request_content_length <= 0) && !is_private() &&
       ua_txn != nullptr) {
     HSMresult_t shared_result;
+    SMDebug("http_ss", "Try to acquire_session for %s", t_state.current.server->name);
     shared_result = httpSessionManager.acquire_session(this,                                 // state machine
                                                        &t_state.current.server->dst_addr.sa, // ip + port
                                                        t_state.current.server->name,         // hostname
@@ -5167,6 +5472,18 @@ HttpSM::do_http_server_open(bool raw)
       ink_release_assert(ua_txn == nullptr);
     }
   }
+
+  bool multiplexed_origin = !only_direct && !raw && this->origin_multiplexed() && !is_private();
+  if (multiplexed_origin) {
+    SMDebug("http_ss", "Check for existing connect request");
+    if (this->add_to_existing_request()) {
+      SMDebug("http_ss", "Queue behind existing request");
+      // We are queued up behind an existing connect request
+      // Go away and wait.
+      return;
+    }
+  }
+
   // Check to see if we have reached the max number of connections.
   // Atomically read the current number of connections and check to see
   // if we have gone above the max allowed.
@@ -5330,7 +5647,7 @@ HttpSM::do_http_server_open(bool raw)
   opt.ssl_client_private_key_name = t_state.txn_conf->ssl_client_private_key_filename;
   opt.ssl_client_ca_cert_name     = t_state.txn_conf->ssl_client_ca_cert_filename;
   if (is_private()) {
-    // If the connection to origin is private, don't try to negotiate higher overhead protocols.
+    // If the connection to origin is private, don't try to negotiate the higher overhead H2
     opt.alpn_protocols_array_size = -1;
     SMDebug("ssl_alpn", "Clear ALPN for private session");
   } else if (t_state.txn_conf->ssl_client_alpn_protocols != nullptr) {
@@ -5340,6 +5657,28 @@ HttpSM::do_http_server_open(bool raw)
                                 opt.alpn_protocols_array_size);
   }
 
+  ConnectingEntry *new_entry = nullptr;
+  if (multiplexed_origin) {
+    EThread *ethread = this_ethread();
+    if (nullptr != ethread->connecting_pool) {
+      SMDebug("http_ss", "Queue multiplexed request");
+      new_entry          = new ConnectingEntry();
+      new_entry->mutex   = this->mutex;
+      new_entry->handler = (ContinuationHandler)&ConnectingEntry::state_http_server_open;
+      new_entry->_ipaddr.assign(&t_state.current.server->dst_addr.sa);
+      new_entry->hostname  = t_state.current.server->name;
+      new_entry->sni       = this->get_outbound_sni();
+      new_entry->cert_name = this->get_outbound_cert();
+      this->t_state.set_connect_fail(EIO);
+      new_entry->_connect_sms.insert(this);
+      ethread->connecting_pool->m_ip_pool.insert(std::make_pair(new_entry->_ipaddr, new_entry));
+    }
+  }
+
+  Continuation *cont = new_entry;
+  if (!cont) {
+    cont = this;
+  }
   if (tls_upstream) {
     SMDebug("http", "calling sslNetProcessor.connect_re");
 
@@ -5360,12 +5699,12 @@ HttpSM::do_http_server_open(bool raw)
       opt.set_ssl_servername(t_state.server_info.name);
     }
 
-    pending_action = sslNetProcessor.connect_re(this,                                 // state machine
+    pending_action = sslNetProcessor.connect_re(cont,                                 // state machine or ConnectingEntry
                                                 &t_state.current.server->dst_addr.sa, // addr + port
                                                 &opt);
   } else {
     SMDebug("http", "calling netProcessor.connect_re");
-    pending_action = netProcessor.connect_re(this,                                 // state machine
+    pending_action = netProcessor.connect_re(cont,                                 // state machine or ConnectingEntry
                                              &t_state.current.server->dst_addr.sa, // addr + port
                                              &opt);
   }
@@ -5658,7 +5997,6 @@ HttpSM::handle_post_failure()
   t_state.client_info.keep_alive     = HTTP_NO_KEEPALIVE;
   t_state.current.server->keep_alive = HTTP_NO_KEEPALIVE;
 
-  ink_assert(server_txn->get_remote_reader()->read_avail() == 0);
   tunnel.deallocate_buffers();
   tunnel.reset();
   // Server died
@@ -5701,15 +6039,18 @@ HttpSM::handle_http_server_open()
       }
     }
     server_txn->set_inactivity_timeout(get_server_inactivity_timeout());
-  }
 
-  int method = t_state.hdr_info.server_request.method_get_wksidx();
-  if (method != HTTP_WKSIDX_TRACE &&
-      (t_state.hdr_info.request_content_length > 0 || t_state.client_info.transfer_encoding == HttpTransact::CHUNKED_ENCODING) &&
-      do_post_transform_open()) {
-    do_setup_post_tunnel(HTTP_TRANSFORM_VC); // Seems like we should be sending the request along this way too
-  } else if (server_txn != nullptr) {
-    setup_server_send_request_api();
+    int method = t_state.hdr_info.server_request.method_get_wksidx();
+    if (method != HTTP_WKSIDX_TRACE &&
+        server_txn->has_request_body(t_state.hdr_info.response_content_length,
+                                     t_state.server_info.transfer_encoding == HttpTransact::CHUNKED_ENCODING) &&
+        do_post_transform_open()) {
+      do_setup_post_tunnel(HTTP_TRANSFORM_VC); /* This doesn't seem quite right.  Should be sending the request header */
+    } else {
+      setup_server_send_request_api();
+    }
+  } else {
+    ink_release_assert(!"No server_txn");
   }
 }
 
@@ -5968,6 +6309,10 @@ HttpSM::do_setup_post_tunnel(HttpVC_t to_vc_type)
       client_request_body_bytes = num_body_bytes;
     }
     ua_txn->get_remote_reader()->consume(num_body_bytes);
+    // The user agent has already sent all it has
+    if (ua_txn->is_read_closed()) {
+      post_bytes = num_body_bytes;
+    }
     p = tunnel.add_producer(ua_entry->vc, post_bytes - transfered_bytes, buf_start, &HttpSM::tunnel_handler_post_ua, HT_HTTP_CLIENT,
                             "user agent post");
   }
@@ -6004,14 +6349,22 @@ HttpSM::do_setup_post_tunnel(HttpVC_t to_vc_type)
 
   this->setup_client_request_plugin_agents(p);
 
-  // The user agent may support chunked (HTTP/1.1) or not (HTTP/2)
-  // In either case, the server will support chunked (HTTP/1.1)
+  // The user agent and origin  may support chunked (HTTP/1.1) or not (HTTP/2)
   if (chunked) {
     if (ua_txn->is_chunked_encoding_supported()) {
-      tunnel.set_producer_chunking_action(p, 0, TCA_PASSTHRU_CHUNKED_CONTENT);
+      if (server_txn->is_chunked_encoding_supported()) {
+        tunnel.set_producer_chunking_action(p, 0, TCA_PASSTHRU_CHUNKED_CONTENT);
+      } else {
+        tunnel.set_producer_chunking_action(p, 0, TCA_DECHUNK_CONTENT);
+        tunnel.set_producer_chunking_size(p, 0);
+      }
     } else {
-      tunnel.set_producer_chunking_action(p, 0, TCA_CHUNK_CONTENT);
-      tunnel.set_producer_chunking_size(p, 0);
+      if (server_txn->is_chunked_encoding_supported()) {
+        tunnel.set_producer_chunking_action(p, 0, TCA_CHUNK_CONTENT);
+        tunnel.set_producer_chunking_size(p, 0);
+      } else {
+        tunnel.set_producer_chunking_action(p, 0, TCA_PASSTHRU_DECHUNKED_CONTENT);
+      }
     }
   }
 
@@ -6179,6 +6532,17 @@ HttpSM::write_header_into_buffer(HTTPHdr *h, MIOBuffer *b)
   return dumpoffset;
 }
 
+void
+HttpSM::write_outbound_proxy_protocol()
+{
+  int64_t nbytes = 1;
+  if (t_state.txn_conf->proxy_protocol_out >= 0) {
+    nbytes = do_outbound_proxy_protocol(server_txn->get_remote_reader()->mbuf, server_txn->get_netvc(), ua_txn->get_netvc(),
+                                        t_state.txn_conf->proxy_protocol_out);
+  }
+  server_entry->write_vio = server_txn->do_io_write(this, nbytes, server_txn->get_remote_reader());
+}
+
 void
 HttpSM::attach_server_session()
 {
@@ -6265,13 +6629,15 @@ HttpSM::attach_server_session()
   // Do we need Transfer_Encoding?
   if (ua_txn->has_request_body(t_state.hdr_info.request_content_length,
                                t_state.client_info.transfer_encoding == HttpTransact::CHUNKED_ENCODING)) {
-    // See if we need to insert a chunked header
-    if (!t_state.hdr_info.server_request.presence(MIME_PRESENCE_CONTENT_LENGTH) &&
-        !t_state.hdr_info.server_request.presence(MIME_PRESENCE_TRANSFER_ENCODING)) {
-      // Stuff in a TE setting so we treat this as chunked, sort of.
-      t_state.server_info.transfer_encoding = HttpTransact::CHUNKED_ENCODING;
-      t_state.hdr_info.server_request.value_append(MIME_FIELD_TRANSFER_ENCODING, MIME_LEN_TRANSFER_ENCODING, HTTP_VALUE_CHUNKED,
-                                                   HTTP_LEN_CHUNKED, true);
+    if (server_txn->is_chunked_encoding_supported()) {
+      // See if we need to insert a chunked header
+      if (!t_state.hdr_info.server_request.presence(MIME_PRESENCE_CONTENT_LENGTH) &&
+          !t_state.hdr_info.server_request.presence(MIME_PRESENCE_TRANSFER_ENCODING)) {
+        // Stuff in a TE setting so we treat this as chunked, sort of.
+        t_state.server_info.transfer_encoding = HttpTransact::CHUNKED_ENCODING;
+        t_state.hdr_info.server_request.value_append(MIME_FIELD_TRANSFER_ENCODING, MIME_LEN_TRANSFER_ENCODING, HTTP_VALUE_CHUNKED,
+                                                     HTTP_LEN_CHUNKED, true);
+      }
     }
   }
 
@@ -6361,10 +6727,6 @@ HttpSM::setup_server_read_response_header()
   server_response_hdr_bytes                        = 0;
   milestones[TS_MILESTONE_SERVER_READ_HEADER_DONE] = 0;
 
-  // We already done the READ when we setup the connection to
-  //   read the request header
-  ink_assert(server_entry->read_vio);
-
   // The tunnel from OS to UA is now setup.  Ready to read the response
   server_entry->read_vio = server_txn->do_io_read(this, INT64_MAX, server_txn->get_remote_reader()->mbuf);
 
@@ -6375,6 +6737,7 @@ HttpSM::setup_server_read_response_header()
   if (server_txn->get_remote_reader()->read_avail() > 0) {
     state_read_server_response_header((server_entry->eos) ? VC_EVENT_EOS : VC_EVENT_READ_READY, server_entry->read_vio);
   }
+  ink_assert(server_entry->vc != nullptr);
 }
 
 HttpTunnelProducer *
@@ -6808,36 +7171,6 @@ HttpSM::setup_transfer_from_transform_to_cache_only()
   return p;
 }
 
-void
-HttpSM::setup_server_transfer_to_cache_only()
-{
-  TunnelChunkingAction_t action;
-  int64_t alloc_index;
-  int64_t nbytes;
-
-  alloc_index               = find_server_buffer_size();
-  MIOBuffer *buf            = new_MIOBuffer(alloc_index);
-  IOBufferReader *buf_start = buf->alloc_reader();
-
-  action = (t_state.current.server && t_state.current.server->transfer_encoding == HttpTransact::CHUNKED_ENCODING) ?
-             TCA_DECHUNK_CONTENT :
-             TCA_PASSTHRU_DECHUNKED_CONTENT;
-
-  nbytes = server_transfer_init(buf, 0);
-
-  HTTP_SM_SET_DEFAULT_HANDLER(&HttpSM::tunnel_handler);
-
-  HttpTunnelProducer *p =
-    tunnel.add_producer(server_entry->vc, nbytes, buf_start, &HttpSM::tunnel_handler_server, HT_HTTP_SERVER, "http server");
-
-  tunnel.set_producer_chunking_action(p, 0, action);
-  tunnel.set_producer_chunking_size(p, t_state.txn_conf->http_chunking_size);
-
-  setup_cache_write_transfer(&cache_sm, server_entry->vc, &t_state.cache_info.object_store, 0, "cache write");
-
-  server_entry->in_tunnel = true;
-}
-
 HttpTunnelProducer *
 HttpSM::setup_server_transfer()
 {
@@ -6896,28 +7229,6 @@ HttpSM::setup_server_transfer()
 
   this->setup_client_response_plugin_agents(p, client_response_hdr_bytes);
 
-  // If the incoming server response is chunked and the client does not
-  // expect a chunked response, then dechunk it.  Otherwise, if the
-  // incoming response is not chunked and the client expects a chunked
-  // response, then chunk it.
-  /*
-     // this block is moved up so that we know if we need to remove
-     // Content-Length field from response header before writing the
-     // response header into buffer bz50730
-     TunnelChunkingAction_t action;
-     if (t_state.client_info.receive_chunked_response == false) {
-     if (t_state.current.server->transfer_encoding ==
-     HttpTransact::CHUNKED_ENCODING)
-     action = TCA_DECHUNK_CONTENT;
-     else action = TCA_PASSTHRU_DECHUNKED_CONTENT;
-     }
-     else {
-     if (t_state.current.server->transfer_encoding !=
-     HttpTransact::CHUNKED_ENCODING)
-     action = TCA_CHUNK_CONTENT;
-     else action = TCA_PASSTHRU_CHUNKED_CONTENT;
-     }
-   */
   tunnel.set_producer_chunking_action(p, client_response_hdr_bytes, action);
   tunnel.set_producer_chunking_size(p, t_state.txn_conf->http_chunking_size);
   return p;
@@ -7150,12 +7461,17 @@ HttpSM::kill_this()
     transform_cache_sm.end_both();
     vc_table.cleanup_all();
 
-    // tunnel.deallocate_buffers();
-    // Why don't we just kill the tunnel?  Might still be
-    // active if the state machine is going down hard,
-    // and we should clean it up.
+    // Clean up the tunnel resources. Take
+    // it down if it is still active
     tunnel.kill_tunnel();
 
+    if (_netvc) {
+      _netvc->do_io_close();
+      free_MIOBuffer(_netvc_read_buffer);
+    } else if (server_txn == nullptr) {
+      this->cancel_pending_server_connection();
+    }
+
     // It possible that a plugin added transform hook
     //   but the hook never executed due to a client abort
     //   In that case, we need to manually close all the
@@ -7635,7 +7951,7 @@ HttpSM::set_next_state()
       if (ua_txn && !ua_txn->has_request_body(t_state.hdr_info.request_content_length,
                                               t_state.client_info.transfer_encoding == HttpTransact::CHUNKED_ENCODING)) {
         ua_txn->cancel_inactivity_timeout();
-      } else if (!ua_txn) {
+      } else if (!ua_txn || ua_txn->get_netvc() == nullptr) {
         terminate_sm = true;
         return; // Give up if there is no session
       }
@@ -8249,6 +8565,9 @@ HttpSM::get_http_schedule(int event, void * /* data ATS_UNUSED */)
   return 0;
 }
 
+/*
+ * Used from an InkAPI
+ */
 bool
 HttpSM::set_server_session_private(bool private_session)
 {
@@ -8259,8 +8578,8 @@ HttpSM::set_server_session_private(bool private_session)
   return false;
 }
 
-inline bool
-HttpSM::is_private()
+bool
+HttpSM::is_private() const
 {
   bool res = false;
   if (will_be_private_ss) {
diff --git a/proxy/http/HttpSM.h b/proxy/http/HttpSM.h
index 7015d67bdab..d126421cdb9 100644
--- a/proxy/http/HttpSM.h
+++ b/proxy/http/HttpSM.h
@@ -49,6 +49,9 @@
 #define HTTP_API_CONTINUE (INK_API_EVENT_EVENTS_START + 0)
 #define HTTP_API_ERROR    (INK_API_EVENT_EVENTS_START + 1)
 
+#define CONNECT_EVENT_TXN    (HTTP_NET_CONNECTION_EVENT_EVENTS_START) + 0
+#define CONNECT_EVENT_DIRECT (HTTP_NET_CONNECTION_EVENT_EVENTS_START) + 1
+
 // The default size for http header buffers when we don't
 //   need to include extra space for the document
 static size_t const HTTP_HEADER_BUFFER_SIZE_INDEX = CLIENT_CONNECTION_FIRST_READ_BUFFER_SIZE_INDEX;
@@ -60,7 +63,7 @@ static size_t const HTTP_HEADER_BUFFER_SIZE_INDEX = CLIENT_CONNECTION_FIRST_READ
 //   the larger buffer size
 static size_t const HTTP_SERVER_RESP_HDR_BUFFER_INDEX = BUFFER_SIZE_INDEX_8K;
 
-class Http1ServerSession;
+class PoolableSession;
 class AuthHttpAdapter;
 class PreWarmSM;
 
@@ -225,13 +228,15 @@ class HttpSM : public Continuation, public PluginUserArgs<TS_USER_ARGS_TXN>
   //  holding the lock for the server session
   void attach_server_session();
 
-  PoolableSession *create_server_session(NetVConnection *netvc);
+  PoolableSession *create_server_session(NetVConnection *netvc, MIOBuffer *netvc_read_buffer, IOBufferReader *netvc_reader);
   bool create_server_txn(PoolableSession *new_session);
 
   HTTPVersion get_server_version(HTTPHdr &hdr) const;
 
   ProxyTransaction *get_ua_txn();
   ProxyTransaction *get_server_txn();
+  // Write out the proxy_protocol information on a new outbound connection
+  void write_outbound_proxy_protocol();
 
   // Called by transact.  Updates are fire and forget
   //  so there are no callbacks and are safe to do
@@ -263,6 +268,8 @@ class HttpSM : public Continuation, public PluginUserArgs<TS_USER_ARGS_TXN>
   // A NULL 'r' argument indicates the hostdb lookup failed
   void process_hostdb_info(HostDBRecord *record);
   void process_srv_info(HostDBRecord *record);
+  bool origin_multiplexed() const;
+  bool add_to_existing_request();
 
   // Called by transact.  Synchronous.
   VConnection *do_transform_open();
@@ -288,7 +295,7 @@ class HttpSM : public Continuation, public PluginUserArgs<TS_USER_ARGS_TXN>
   void txn_hook_add(TSHttpHookID id, INKContInternal *cont);
   APIHook *txn_hook_get(TSHttpHookID id);
 
-  bool is_private();
+  bool is_private() const;
   bool is_redirect_required();
 
   /// Get the protocol stack for the inbound (client, user agent) connection.
@@ -402,6 +409,7 @@ class HttpSM : public Continuation, public PluginUserArgs<TS_USER_ARGS_TXN>
   int tunnel_handler(int event, void *data);
   int tunnel_handler_push(int event, void *data);
   int tunnel_handler_post(int event, void *data);
+  int tunnel_handler_trailer(int event, void *data);
 
   // YTS Team, yamsat Plugin
   int tunnel_handler_for_partial_post(int event, void *data);
@@ -451,6 +459,8 @@ class HttpSM : public Continuation, public PluginUserArgs<TS_USER_ARGS_TXN>
   int tunnel_handler_cache_read(int event, HttpTunnelProducer *p);
   int tunnel_handler_post_ua(int event, HttpTunnelProducer *c);
   int tunnel_handler_post_server(int event, HttpTunnelConsumer *c);
+  int tunnel_handler_trailer_ua(int event, HttpTunnelConsumer *c);
+  int tunnel_handler_trailer_server(int event, HttpTunnelProducer *c);
   int tunnel_handler_ssl_producer(int event, HttpTunnelProducer *p);
   int tunnel_handler_ssl_consumer(int event, HttpTunnelConsumer *p);
   int tunnel_handler_transform_write(int event, HttpTunnelConsumer *c);
@@ -460,7 +470,7 @@ class HttpSM : public Continuation, public PluginUserArgs<TS_USER_ARGS_TXN>
   void do_hostdb_lookup();
   void do_hostdb_reverse_lookup();
   void do_cache_lookup_and_read();
-  void do_http_server_open(bool raw = false);
+  void do_http_server_open(bool raw = false, bool only_direct = false);
   void send_origin_throttled_response();
   void do_setup_post_tunnel(HttpVC_t to_vc_type);
   void do_cache_prepare_write();
@@ -494,7 +504,6 @@ class HttpSM : public Continuation, public PluginUserArgs<TS_USER_ARGS_TXN>
   void setup_server_send_request();
   void setup_server_send_request_api();
   HttpTunnelProducer *setup_server_transfer();
-  void setup_server_transfer_to_cache_only();
   HttpTunnelProducer *setup_cache_read_transfer();
   void setup_internal_transfer(HttpSMHandler handler);
   void setup_error_transfer();
@@ -637,12 +646,17 @@ class HttpSM : public Continuation, public PluginUserArgs<TS_USER_ARGS_TXN>
   void rewind_state_machine();
 
 private:
+  void cancel_pending_server_connection();
+
   PostDataBuffers _postbuf;
   int _client_connection_id = -1, _client_transaction_id = -1;
   int _client_transaction_priority_weight = -1, _client_transaction_priority_dependence = -1;
-  bool _from_early_data       = false;
-  SNIRoutingType _tunnel_type = SNIRoutingType::NONE;
-  PreWarmSM *_prewarm_sm      = nullptr;
+  bool _from_early_data         = false;
+  SNIRoutingType _tunnel_type   = SNIRoutingType::NONE;
+  PreWarmSM *_prewarm_sm        = nullptr;
+  NetVConnection *_netvc        = nullptr;
+  IOBufferReader *_netvc_reader = nullptr;
+  MIOBuffer *_netvc_read_buffer = nullptr;
 };
 
 ////
diff --git a/proxy/http/HttpSessionManager.cc b/proxy/http/HttpSessionManager.cc
index d20a1e9e7fe..09aeb8d73e0 100644
--- a/proxy/http/HttpSessionManager.cc
+++ b/proxy/http/HttpSessionManager.cc
@@ -165,7 +165,9 @@ ServerSessionPool::acquireSession(sockaddr const *addr, CryptoHash const &hostna
     }
     if (zret == HSM_DONE) {
       to_return = first;
-      this->removeSession(to_return);
+      if (!to_return->is_multiplexing()) {
+        this->removeSession(to_return);
+      }
     } else if (first != m_fqdn_pool.end()) {
       Debug("http_ss", "Failed find entry due to name mismatch %s", sm->t_state.current.server->name);
     }
@@ -190,7 +192,9 @@ ServerSessionPool::acquireSession(sockaddr const *addr, CryptoHash const &hostna
     }
     if (zret == HSM_DONE) {
       to_return = first;
-      this->removeSession(to_return);
+      if (!to_return->is_multiplexing()) {
+        this->removeSession(to_return);
+      }
     }
   }
   return zret;
@@ -447,7 +451,10 @@ HttpSessionManager::_acquire_session(sockaddr const *ip, CryptoHash const &hostn
       } else {
         Debug("http_ss", "[%" PRId64 "] [acquire session] failed to get transaction on session from shared pool",
               to_return->connection_id());
-        to_return->do_io_close();
+        // Don't close the H2 origin.  Otherwise you get use-after free with the activity timeout cop
+        if (!to_return->is_multiplexing()) {
+          to_return->do_io_close();
+        }
         retval = HSM_RETRY;
       }
     }
diff --git a/proxy/http/HttpSessionManager.h b/proxy/http/HttpSessionManager.h
index 6375d788c61..b11ad45be9f 100644
--- a/proxy/http/HttpSessionManager.h
+++ b/proxy/http/HttpSessionManager.h
@@ -67,6 +67,8 @@ class ServerSessionPool : public Continuation
   static bool validate_host_sni(HttpSM *sm, NetVConnection *netvc);
   static bool validate_sni(HttpSM *sm, NetVConnection *netvc);
   static bool validate_cert(HttpSM *sm, NetVConnection *netvc);
+  void removeSession(PoolableSession *ssn);
+  void addSession(PoolableSession *ssn);
   int
   count() const
   {
@@ -74,9 +76,6 @@ class ServerSessionPool : public Continuation
   }
 
 private:
-  void removeSession(PoolableSession *ssn);
-  void addSession(PoolableSession *ssn);
-
   using IPTable   = IntrusiveHashMap<PoolableSession::IPLinkage>;
   using FQDNTable = IntrusiveHashMap<PoolableSession::FQDNLinkage>;
 
diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc
index 5d1e2ba8987..5d8670d6474 100644
--- a/proxy/http/HttpTransact.cc
+++ b/proxy/http/HttpTransact.cc
@@ -3764,7 +3764,8 @@ HttpTransact::handle_response_from_server(State *s)
 
     TxnDebug("http_trans", "max_connect_retries: %d s->current.attempts: %d", max_connect_retries, s->current.attempts.get());
 
-    if (is_request_retryable(s) && s->current.attempts.get() < max_connect_retries) {
+    if (is_request_retryable(s) && s->current.attempts.get() < max_connect_retries &&
+        !HttpTransact::is_response_valid(s, &s->hdr_info.server_response)) {
       // If this is a round robin DNS entry & we're tried configured
       //    number of times, we should try another node
       if (ResolveInfo::OS_Addr::TRY_CLIENT == s->dns_info.os_addr_style) {
diff --git a/proxy/http/HttpTunnel.cc b/proxy/http/HttpTunnel.cc
index 19c65c8427f..1c1c515670b 100644
--- a/proxy/http/HttpTunnel.cc
+++ b/proxy/http/HttpTunnel.cc
@@ -725,6 +725,7 @@ HttpTunnel::chain(HttpTunnelConsumer *c, HttpTunnelProducer *p)
 void
 HttpTunnel::tunnel_run(HttpTunnelProducer *p_arg)
 {
+  ++reentrancy_count;
   Debug("http_tunnel", "tunnel_run started, p_arg is %s", p_arg ? "provided" : "NULL");
   if (p_arg) {
     producer_run(p_arg);
@@ -740,6 +741,7 @@ HttpTunnel::tunnel_run(HttpTunnelProducer *p_arg)
       }
     }
   }
+  --reentrancy_count;
 
   // It is possible that there was nothing to do
   //   due to a all transfers being zero length
@@ -984,11 +986,14 @@ HttpTunnel::producer_run(HttpTunnelProducer *p)
           p->handler_state = HTTP_SM_POST_SUCCESS;
         }
       }
+      Debug("http_tunnel", "Start write vio %ld bytes", c_write);
       // Start the writes now that we know we will consume all the initial data
       c->write_vio = c->vc->do_io_write(this, c_write, c->buffer_reader);
       ink_assert(c_write > 0);
       if (c->write_vio == nullptr) {
         consumer_handler(VC_EVENT_ERROR, c);
+      } else if (c->write_vio->ntodo() == 0 && c->alive) {
+        consumer_handler(VC_EVENT_WRITE_COMPLETE, c);
       }
     }
   }
@@ -1008,9 +1013,17 @@ HttpTunnel::producer_run(HttpTunnelProducer *p)
       if (read_start_pos > 0) {
         p->read_vio = ((CacheVC *)p->vc)->do_io_pread(this, producer_n, p->read_buffer, read_start_pos);
       } else {
+        Debug("http_tunnel", "Start read vio %ld bytes", producer_n);
         p->read_vio = p->vc->do_io_read(this, producer_n, p->read_buffer);
       }
     }
+  } else {
+    // If the producer is not alive (precomplete) make sure to kick the consumers
+    for (c = p->consumer_list.head; c; c = c->link.next) {
+      if (c->alive && c->write_vio) {
+        c->write_vio->reenable();
+      }
+    }
   }
 
   // Now that the tunnel has started, we must remove producer's reader so
@@ -1136,14 +1149,6 @@ HttpTunnel::producer_handler(int event, HttpTunnelProducer *p)
   // Handle chunking/dechunking/chunked-passthrough if necessary.
   if (p->do_chunking) {
     event = producer_handler_dechunked(event, p);
-
-    // If we were in PRECOMPLETE when this function was called
-    // and we are doing chunking, then we just wrote the last
-    // chunk in the function call above.  We are done with the
-    // tunnel.
-    if (event == HTTP_TUNNEL_EVENT_PRECOMPLETE) {
-      event = VC_EVENT_EOS;
-    }
   } else if (p->do_dechunking || p->do_chunked_passthru) {
     event = producer_handler_chunked(event, p);
   } else {
@@ -1186,6 +1191,7 @@ HttpTunnel::producer_handler(int event, HttpTunnelProducer *p)
     // Data read from producer, reenable consumers
     for (c = p->consumer_list.head; c; c = c->link.next) {
       if (c->alive && c->write_vio) {
+        Debug("http_redirect", "Read ready alive");
         c->write_vio->reenable();
       }
     }
@@ -1195,6 +1201,8 @@ HttpTunnel::producer_handler(int event, HttpTunnelProducer *p)
     // If the write completes on the stack (as it can for http2), then
     // consumer could have called back by this point.  Must treat this as
     // a regular read complete (falling through to the following cases).
+    p->bytes_read = p->init_bytes_done;
+    [[fallthrough]];
 
   case VC_EVENT_READ_COMPLETE:
   case VC_EVENT_EOS:
@@ -1208,7 +1216,6 @@ HttpTunnel::producer_handler(int event, HttpTunnelProducer *p)
       //   the message length being a property of the encoding)
       //   In that case, we won't have done a do_io so there
       //   will not be vio
-      p->bytes_read = 0;
     }
 
     // callback the SM to notify of completion
@@ -1223,9 +1230,12 @@ HttpTunnel::producer_handler(int event, HttpTunnelProducer *p)
     sm_callback = true;
     p->update_state_if_not_set(HTTP_SM_POST_SUCCESS);
 
-    // Data read from producer, reenable consumers
+    // Kick off the consumers if appropriate
     for (c = p->consumer_list.head; c; c = c->link.next) {
       if (c->alive && c->write_vio) {
+        if (c->write_vio->nbytes == INT64_MAX) {
+          c->write_vio->nbytes = p->bytes_read + p->init_bytes_done - c->skip_bytes;
+        }
         c->write_vio->reenable();
       }
     }
@@ -1361,6 +1371,9 @@ HttpTunnel::consumer_handler(int event, HttpTunnelConsumer *c)
   case VC_EVENT_INACTIVITY_TIMEOUT:
     ink_assert(c->alive);
     ink_assert(c->buffer_reader);
+    if (c->write_vio) {
+      c->write_vio->reenable();
+    }
     c->alive = false;
 
     c->bytes_written = c->write_vio ? c->write_vio->ndone : 0;
diff --git a/proxy/http/Makefile.am b/proxy/http/Makefile.am
index dab3678f01d..22cee4ac76a 100644
--- a/proxy/http/Makefile.am
+++ b/proxy/http/Makefile.am
@@ -41,6 +41,8 @@ noinst_HEADERS = HttpProxyServerMain.h
 noinst_LIBRARIES = libhttp.a
 
 libhttp_a_SOURCES = \
+	ConnectingEntry.cc \
+	ConnectingEntry.h \
 	HttpSessionAccept.cc \
 	HttpSessionAccept.h \
 	HttpBodyFactory.cc \
diff --git a/proxy/http2/HTTP2.cc b/proxy/http2/HTTP2.cc
index ab81a0484cc..6877d1abcef 100644
--- a/proxy/http2/HTTP2.cc
+++ b/proxy/http2/HTTP2.cc
@@ -49,11 +49,16 @@ static VersionConverter hvc;
 // Statistics
 RecRawStatBlock *http2_rsb;
 static const char *const HTTP2_STAT_CURRENT_CLIENT_CONNECTION_NAME        = "proxy.process.http2.current_client_connections";
+static const char *const HTTP2_STAT_CURRENT_SERVER_CONNECTION_NAME        = "proxy.process.http2.current_server_connections";
 static const char *const HTTP2_STAT_CURRENT_ACTIVE_CLIENT_CONNECTION_NAME = "proxy.process.http2.current_active_client_connections";
+static const char *const HTTP2_STAT_CURRENT_ACTIVE_SERVER_CONNECTION_NAME = "proxy.process.http2.current_active_server_connections";
 static const char *const HTTP2_STAT_CURRENT_CLIENT_STREAM_NAME            = "proxy.process.http2.current_client_streams";
+static const char *const HTTP2_STAT_CURRENT_SERVER_STREAM_NAME            = "proxy.process.http2.current_server_streams";
 static const char *const HTTP2_STAT_TOTAL_CLIENT_STREAM_NAME              = "proxy.process.http2.total_client_streams";
+static const char *const HTTP2_STAT_TOTAL_SERVER_STREAM_NAME              = "proxy.process.http2.total_server_streams";
 static const char *const HTTP2_STAT_TOTAL_TRANSACTIONS_TIME_NAME          = "proxy.process.http2.total_transactions_time";
 static const char *const HTTP2_STAT_TOTAL_CLIENT_CONNECTION_NAME          = "proxy.process.http2.total_client_connections";
+static const char *const HTTP2_STAT_TOTAL_SERVER_CONNECTION_NAME          = "proxy.process.http2.total_server_connections";
 static const char *const HTTP2_STAT_CONNECTION_ERRORS_NAME                = "proxy.process.http2.connection_errors";
 static const char *const HTTP2_STAT_STREAM_ERRORS_NAME                    = "proxy.process.http2.stream_errors";
 static const char *const HTTP2_STAT_SESSION_DIE_DEFAULT_NAME              = "proxy.process.http2.session_die_default";
@@ -463,14 +468,13 @@ http2_encode_header_blocks(HTTPHdr *in, uint8_t *out, uint32_t out_len, uint32_t
  */
 Http2ErrorCode
 http2_decode_header_blocks(HTTPHdr *hdr, const uint8_t *buf_start, const uint32_t buf_len, uint32_t *len_read, HpackHandle &handle,
-                           bool &trailing_header, uint32_t maximum_table_size)
+                           bool is_trailing_header, uint32_t maximum_table_size, bool is_outbound)
 {
-  const MIMEField *field  = nullptr;
-  const char *name        = nullptr;
-  int name_len            = 0;
-  const char *value       = nullptr;
-  int value_len           = 0;
-  bool is_trailing_header = trailing_header;
+  const MIMEField *field = nullptr;
+  const char *name       = nullptr;
+  int name_len           = 0;
+  const char *value      = nullptr;
+  int value_len          = 0;
   int64_t result = hpack_decode_header_block(handle, hdr, buf_start, buf_len, Http2::max_header_list_size, maximum_table_size);
 
   if (result < 0) {
@@ -487,7 +491,7 @@ http2_decode_header_blocks(HTTPHdr *hdr, const uint8_t *buf_start, const uint32_
   }
 
   MIMEFieldIter iter;
-  unsigned int expected_pseudo_header_count = 4;
+  unsigned int expected_pseudo_header_count = is_outbound ? 1 : 4;
   unsigned int pseudo_header_count          = 0;
 
   if (is_trailing_header) {
@@ -515,7 +519,6 @@ http2_decode_header_blocks(HTTPHdr *hdr, const uint8_t *buf_start, const uint32_
   if (hdr->field_find(MIME_FIELD_CONNECTION, MIME_LEN_CONNECTION) != nullptr ||
       hdr->field_find(MIME_FIELD_KEEP_ALIVE, MIME_LEN_KEEP_ALIVE) != nullptr ||
       hdr->field_find(MIME_FIELD_PROXY_CONNECTION, MIME_LEN_PROXY_CONNECTION) != nullptr ||
-      hdr->field_find(MIME_FIELD_TRANSFER_ENCODING, MIME_LEN_TRANSFER_ENCODING) != nullptr ||
       hdr->field_find(MIME_FIELD_UPGRADE, MIME_LEN_UPGRADE) != nullptr) {
     return Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR;
   }
@@ -529,13 +532,6 @@ http2_decode_header_blocks(HTTPHdr *hdr, const uint8_t *buf_start, const uint32_
     }
   }
 
-  // turn on that we have a trailer header
-  const char trailer_name[] = "trailer";
-  field                     = hdr->field_find(trailer_name, sizeof(trailer_name) - 1);
-  if (field) {
-    trailing_header = true;
-  }
-
   // when The TE header field is received, it MUST NOT contain any
   // value other than "trailers".
   field = hdr->field_find(MIME_FIELD_TE, MIME_LEN_TE);
@@ -548,18 +544,29 @@ http2_decode_header_blocks(HTTPHdr *hdr, const uint8_t *buf_start, const uint32_
 
   if (!is_trailing_header) {
     // Check pseudo headers
-    if (hdr->fields_count() >= 4) {
-      if (hdr->field_find(PSEUDO_HEADER_SCHEME.data(), PSEUDO_HEADER_SCHEME.size()) == nullptr ||
-          hdr->field_find(PSEUDO_HEADER_METHOD.data(), PSEUDO_HEADER_METHOD.size()) == nullptr ||
-          hdr->field_find(PSEUDO_HEADER_PATH.data(), PSEUDO_HEADER_PATH.size()) == nullptr ||
-          hdr->field_find(PSEUDO_HEADER_AUTHORITY.data(), PSEUDO_HEADER_AUTHORITY.size()) == nullptr ||
-          hdr->field_find(PSEUDO_HEADER_STATUS.data(), PSEUDO_HEADER_STATUS.size()) != nullptr) {
-        // Decoded header field is invalid
+    if (is_outbound) {
+      if (hdr->fields_count() >= 1) {
+        if (hdr->field_find(PSEUDO_HEADER_STATUS.data(), PSEUDO_HEADER_STATUS.size()) == nullptr) {
+          return Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR;
+        }
+      } else {
+        // There should at least be :status pseudo header.
         return Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR;
       }
     } else {
-      // Pseudo headers is insufficient
-      return Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR;
+      if (hdr->fields_count() >= 4) {
+        if (hdr->field_find(PSEUDO_HEADER_SCHEME.data(), PSEUDO_HEADER_SCHEME.size()) == nullptr ||
+            hdr->field_find(PSEUDO_HEADER_METHOD.data(), PSEUDO_HEADER_METHOD.size()) == nullptr ||
+            hdr->field_find(PSEUDO_HEADER_PATH.data(), PSEUDO_HEADER_PATH.size()) == nullptr ||
+            hdr->field_find(PSEUDO_HEADER_AUTHORITY.data(), PSEUDO_HEADER_AUTHORITY.size()) == nullptr ||
+            hdr->field_find(PSEUDO_HEADER_STATUS.data(), PSEUDO_HEADER_STATUS.size()) != nullptr) {
+          // Decoded header field is invalid
+          return Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR;
+        }
+      } else {
+        // Pseudo headers is insufficient
+        return Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR;
+      }
     }
   }
 
@@ -579,6 +586,7 @@ uint32_t Http2::header_table_size                    = 4096;
 uint32_t Http2::max_header_list_size                 = 4294967295;
 uint32_t Http2::accept_no_activity_timeout           = 120;
 uint32_t Http2::no_activity_timeout_in               = 120;
+uint32_t Http2::no_activity_timeout_out              = 120;
 uint32_t Http2::active_timeout_in                    = 0;
 uint32_t Http2::push_diary_size                      = 256;
 uint32_t Http2::zombie_timeout_in                    = 0;
@@ -620,6 +628,7 @@ Http2::init()
   REC_EstablishStaticConfigInt32U(max_header_list_size, "proxy.config.http2.max_header_list_size");
   REC_EstablishStaticConfigInt32U(accept_no_activity_timeout, "proxy.config.http2.accept_no_activity_timeout");
   REC_EstablishStaticConfigInt32U(no_activity_timeout_in, "proxy.config.http2.no_activity_timeout_in");
+  REC_EstablishStaticConfigInt32U(no_activity_timeout_out, "proxy.config.http2.no_activity_timeout_out");
   REC_EstablishStaticConfigInt32U(active_timeout_in, "proxy.config.http2.active_timeout_in");
   REC_EstablishStaticConfigInt32U(push_diary_size, "proxy.config.http2.push_diary_size");
   REC_EstablishStaticConfigInt32U(zombie_timeout_in, "proxy.config.http2.zombie_debug_timeout_in");
@@ -658,18 +667,31 @@ Http2::init()
   RecRegisterRawStat(http2_rsb, RECT_PROCESS, HTTP2_STAT_CURRENT_CLIENT_CONNECTION_NAME, RECD_INT, RECP_NON_PERSISTENT,
                      static_cast<int>(HTTP2_STAT_CURRENT_CLIENT_SESSION_COUNT), RecRawStatSyncSum);
   HTTP2_CLEAR_DYN_STAT(HTTP2_STAT_CURRENT_CLIENT_SESSION_COUNT);
+  RecRegisterRawStat(http2_rsb, RECT_PROCESS, HTTP2_STAT_CURRENT_SERVER_CONNECTION_NAME, RECD_INT, RECP_NON_PERSISTENT,
+                     static_cast<int>(HTTP2_STAT_CURRENT_SERVER_SESSION_COUNT), RecRawStatSyncSum);
+  HTTP2_CLEAR_DYN_STAT(HTTP2_STAT_CURRENT_SERVER_SESSION_COUNT);
   RecRegisterRawStat(http2_rsb, RECT_PROCESS, HTTP2_STAT_CURRENT_ACTIVE_CLIENT_CONNECTION_NAME, RECD_INT, RECP_NON_PERSISTENT,
                      static_cast<int>(HTTP2_STAT_CURRENT_ACTIVE_CLIENT_CONNECTION_COUNT), RecRawStatSyncSum);
   HTTP2_CLEAR_DYN_STAT(HTTP2_STAT_CURRENT_ACTIVE_CLIENT_CONNECTION_COUNT);
+  RecRegisterRawStat(http2_rsb, RECT_PROCESS, HTTP2_STAT_CURRENT_ACTIVE_SERVER_CONNECTION_NAME, RECD_INT, RECP_NON_PERSISTENT,
+                     static_cast<int>(HTTP2_STAT_CURRENT_ACTIVE_SERVER_CONNECTION_COUNT), RecRawStatSyncSum);
+  HTTP2_CLEAR_DYN_STAT(HTTP2_STAT_CURRENT_ACTIVE_SERVER_CONNECTION_COUNT);
   RecRegisterRawStat(http2_rsb, RECT_PROCESS, HTTP2_STAT_CURRENT_CLIENT_STREAM_NAME, RECD_INT, RECP_NON_PERSISTENT,
                      static_cast<int>(HTTP2_STAT_CURRENT_CLIENT_STREAM_COUNT), RecRawStatSyncSum);
   HTTP2_CLEAR_DYN_STAT(HTTP2_STAT_CURRENT_CLIENT_STREAM_COUNT);
+  RecRegisterRawStat(http2_rsb, RECT_PROCESS, HTTP2_STAT_CURRENT_SERVER_STREAM_NAME, RECD_INT, RECP_NON_PERSISTENT,
+                     static_cast<int>(HTTP2_STAT_CURRENT_SERVER_STREAM_COUNT), RecRawStatSyncSum);
+  HTTP2_CLEAR_DYN_STAT(HTTP2_STAT_CURRENT_SERVER_STREAM_COUNT);
   RecRegisterRawStat(http2_rsb, RECT_PROCESS, HTTP2_STAT_TOTAL_CLIENT_STREAM_NAME, RECD_INT, RECP_PERSISTENT,
                      static_cast<int>(HTTP2_STAT_TOTAL_CLIENT_STREAM_COUNT), RecRawStatSyncCount);
+  RecRegisterRawStat(http2_rsb, RECT_PROCESS, HTTP2_STAT_TOTAL_SERVER_STREAM_NAME, RECD_INT, RECP_PERSISTENT,
+                     static_cast<int>(HTTP2_STAT_TOTAL_SERVER_STREAM_COUNT), RecRawStatSyncCount);
   RecRegisterRawStat(http2_rsb, RECT_PROCESS, HTTP2_STAT_TOTAL_TRANSACTIONS_TIME_NAME, RECD_INT, RECP_PERSISTENT,
                      static_cast<int>(HTTP2_STAT_TOTAL_TRANSACTIONS_TIME), RecRawStatSyncSum);
   RecRegisterRawStat(http2_rsb, RECT_PROCESS, HTTP2_STAT_TOTAL_CLIENT_CONNECTION_NAME, RECD_INT, RECP_PERSISTENT,
                      static_cast<int>(HTTP2_STAT_TOTAL_CLIENT_CONNECTION_COUNT), RecRawStatSyncSum);
+  RecRegisterRawStat(http2_rsb, RECT_PROCESS, HTTP2_STAT_TOTAL_SERVER_CONNECTION_NAME, RECD_INT, RECP_PERSISTENT,
+                     static_cast<int>(HTTP2_STAT_TOTAL_SERVER_CONNECTION_COUNT), RecRawStatSyncSum);
   RecRegisterRawStat(http2_rsb, RECT_PROCESS, HTTP2_STAT_CONNECTION_ERRORS_NAME, RECD_INT, RECP_PERSISTENT,
                      static_cast<int>(HTTP2_STAT_CONNECTION_ERRORS_COUNT), RecRawStatSyncSum);
   RecRegisterRawStat(http2_rsb, RECT_PROCESS, HTTP2_STAT_STREAM_ERRORS_NAME, RECD_INT, RECP_PERSISTENT,
diff --git a/proxy/http2/HTTP2.h b/proxy/http2/HTTP2.h
index 3353888660b..aba1b61e774 100644
--- a/proxy/http2/HTTP2.h
+++ b/proxy/http2/HTTP2.h
@@ -73,12 +73,17 @@ const uint8_t HTTP2_PRIORITY_DEFAULT_WEIGHT             = 15;
 
 // Statistics
 enum {
-  HTTP2_STAT_CURRENT_CLIENT_SESSION_COUNT,           // Current # of HTTP2 connections
-  HTTP2_STAT_CURRENT_ACTIVE_CLIENT_CONNECTION_COUNT, // Current # of active HTTP2 connections
-  HTTP2_STAT_CURRENT_CLIENT_STREAM_COUNT,            // Current # of active HTTP2 streams
+  HTTP2_STAT_CURRENT_CLIENT_SESSION_COUNT,           // Current # of inbound HTTP2 connections
+  HTTP2_STAT_CURRENT_SERVER_SESSION_COUNT,           // Current # of outbound HTTP2 connections
+  HTTP2_STAT_CURRENT_ACTIVE_CLIENT_CONNECTION_COUNT, // Current # of active inbound HTTP2 connections
+  HTTP2_STAT_CURRENT_ACTIVE_SERVER_CONNECTION_COUNT, // Current # of active outbound HTTP2 connections
+  HTTP2_STAT_CURRENT_CLIENT_STREAM_COUNT,            // Current # of active inbound HTTP2 streams
+  HTTP2_STAT_CURRENT_SERVER_STREAM_COUNT,            // Current # of active outboundHTTP2 streams
   HTTP2_STAT_TOTAL_CLIENT_STREAM_COUNT,
+  HTTP2_STAT_TOTAL_SERVER_STREAM_COUNT,
   HTTP2_STAT_TOTAL_TRANSACTIONS_TIME,       // Total stream time and streams
-  HTTP2_STAT_TOTAL_CLIENT_CONNECTION_COUNT, // Total connections running http2
+  HTTP2_STAT_TOTAL_CLIENT_CONNECTION_COUNT, // Total inbound connections running http2
+  HTTP2_STAT_TOTAL_SERVER_CONNECTION_COUNT, // Total outbound connections running http2
   HTTP2_STAT_STREAM_ERRORS_COUNT,
   HTTP2_STAT_CONNECTION_ERRORS_COUNT,
   HTTP2_STAT_SESSION_DIE_DEFAULT,
@@ -236,8 +241,7 @@ enum Http2SettingsIdentifier {
   HTTP2_SETTINGS_INITIAL_WINDOW_SIZE    = 4,
   HTTP2_SETTINGS_MAX_FRAME_SIZE         = 5,
   HTTP2_SETTINGS_MAX_HEADER_LIST_SIZE   = 6,
-
-  HTTP2_SETTINGS_MAX
+  HTTP2_SETTINGS_MAX, // Really just the max of the "densely numbered" core id's
 };
 
 // [RFC 7540] 4.1. Frame Format
@@ -353,7 +357,8 @@ bool http2_parse_goaway(IOVec, Http2Goaway &);
 
 bool http2_parse_window_update(IOVec, uint32_t &);
 
-Http2ErrorCode http2_decode_header_blocks(HTTPHdr *, const uint8_t *, const uint32_t, uint32_t *, HpackHandle &, bool &, uint32_t);
+Http2ErrorCode http2_decode_header_blocks(HTTPHdr *, const uint8_t *, const uint32_t, uint32_t *, HpackHandle &, bool, uint32_t,
+                                          bool is_outbound = false);
 
 Http2ErrorCode http2_encode_header_blocks(HTTPHdr *, uint8_t *, uint32_t, uint32_t *, HpackHandle &, int32_t);
 
@@ -390,6 +395,7 @@ class Http2
   static uint32_t max_header_list_size;
   static uint32_t accept_no_activity_timeout;
   static uint32_t no_activity_timeout_in;
+  static uint32_t no_activity_timeout_out;
   static uint32_t active_timeout_in;
   static uint32_t push_diary_size;
   static uint32_t zombie_timeout_in;
diff --git a/proxy/http2/Http2ClientSession.cc b/proxy/http2/Http2ClientSession.cc
index 897e7a545db..42300aa2a68 100644
--- a/proxy/http2/Http2ClientSession.cc
+++ b/proxy/http2/Http2ClientSession.cc
@@ -46,6 +46,10 @@ Http2ClientSession::destroy()
     in_destroy = true;
     REMEMBER(NO_EVENT, this->recursion)
     Http2SsnDebug("session destroy");
+    if (_vc) {
+      _vc->do_io_close();
+      _vc = nullptr;
+    }
     // Let everyone know we are going down
     do_api_callout(TS_HTTP_SSN_CLOSE_HOOK);
   }
@@ -54,14 +58,10 @@ Http2ClientSession::destroy()
 void
 Http2ClientSession::free()
 {
-  if (_vc) {
-    _vc->do_io_close();
-    _vc = nullptr;
-  }
   auto mutex_thread = this->mutex->thread_holding;
   if (Http2CommonSession::common_free(this)) {
     HTTP2_DECREMENT_THREAD_DYN_STAT(HTTP2_STAT_CURRENT_CLIENT_SESSION_COUNT, mutex_thread);
-    THREAD_FREE(this, http2ClientSessionAllocator, this_ethread());
+    THREAD_FREE(this, http2ClientSessionAllocator, mutex_thread);
   }
 }
 
@@ -98,7 +98,6 @@ Http2ClientSession::new_connection(NetVConnection *new_vc, MIOBuffer *iobuf, IOB
   _vc->set_inactivity_timeout(HRTIME_SECONDS(Http2::accept_no_activity_timeout));
   this->schedule_event = nullptr;
   this->mutex          = new_vc->mutex;
-  this->in_destroy     = false;
 
   this->connection_state.mutex = this->mutex;
 
@@ -145,17 +144,20 @@ void
 Http2ClientSession::do_io_close(int alerrno)
 {
   REMEMBER(NO_EVENT, this->recursion)
-  Http2SsnDebug("session closed");
 
-  ink_assert(this->mutex->thread_holding == this_ethread());
-  send_connection_event(&this->connection_state, HTTP2_SESSION_EVENT_FINI, this);
+  if (!this->connection_state.is_state_closed()) {
+    Http2SsnDebug("session closed");
 
-  this->connection_state.release_stream();
+    ink_assert(this->mutex->thread_holding == this_ethread());
+    send_connection_event(&this->connection_state, HTTP2_SESSION_EVENT_FINI, this);
 
-  this->clear_session_active();
+    this->connection_state.release_stream();
 
-  // Clean up the write VIO in case of inactivity timeout
-  this->do_io_write(this, 0, nullptr);
+    this->clear_session_active();
+
+    // Clean up the write VIO in case of inactivity timeout
+    this->do_io_write(this, 0, nullptr);
+  }
 }
 
 int
@@ -163,6 +165,7 @@ Http2ClientSession::main_event_handler(int event, void *edata)
 {
   ink_assert(this->mutex->thread_holding == this_ethread());
   int retval;
+  bool set_closed = false;
 
   recursion++;
 
@@ -196,7 +199,8 @@ Http2ClientSession::main_event_handler(int event, void *edata)
     Http2SsnDebug("Closing event %d", event);
     this->set_dying_event(event);
     this->do_io_close();
-    retval = 0;
+    retval     = 0;
+    set_closed = true;
     break;
 
   case VC_EVENT_WRITE_READY:
@@ -238,7 +242,7 @@ Http2ClientSession::main_event_handler(int event, void *edata)
     }
   }
 
-  if (this->connection_state.get_shutdown_state() == HTTP2_SHUTDOWN_NOT_INITIATED) {
+  if (!set_closed && this->connection_state.get_shutdown_state() == HTTP2_SHUTDOWN_NOT_INITIATED) {
     send_connection_event(&this->connection_state, HTTP2_SESSION_EVENT_SHUTDOWN_INIT, this);
   }
 
@@ -279,17 +283,17 @@ Http2ClientSession::get_transact_count() const
   return connection_state.get_stream_requests();
 }
 
-void
-Http2ClientSession::release(ProxyTransaction *trans)
-{
-}
-
 const char *
 Http2ClientSession::get_protocol_string() const
 {
   return "http/2";
 }
 
+void
+Http2ClientSession::release(ProxyTransaction *trans)
+{
+}
+
 int
 Http2ClientSession::populate_protocol(std::string_view *result, int size) const
 {
@@ -322,6 +326,15 @@ Http2ClientSession::get_proxy_session()
   return this;
 }
 
+void
+Http2ClientSession::set_no_activity_timeout()
+{
+  // Only set if not previously set
+  if (this->_vc->get_inactivity_timeout() == 0) {
+    this->set_inactivity_timeout(HRTIME_SECONDS(Http2::no_activity_timeout_in));
+  }
+}
+
 HTTPVersion
 Http2ClientSession::get_version(HTTPHdr &hdr) const
 {
diff --git a/proxy/http2/Http2ClientSession.h b/proxy/http2/Http2ClientSession.h
index b839d78542c..893feb753a8 100644
--- a/proxy/http2/Http2ClientSession.h
+++ b/proxy/http2/Http2ClientSession.h
@@ -33,8 +33,7 @@
 class Http2ClientSession : public ProxySession, public Http2CommonSession
 {
 public:
-  using super          = ProxySession; ///< Parent type.
-  using SessionHandler = int (Http2ClientSession::*)(int, void *);
+  using super = ProxySession; ///< Parent type.
 
   Http2ClientSession();
 
@@ -63,6 +62,8 @@ class Http2ClientSession : public ProxySession, public Http2CommonSession
   void increment_current_active_connections_stat() override;
   void decrement_current_active_connections_stat() override;
 
+  void set_no_activity_timeout() override;
+
   ProxySession *get_proxy_session() override;
 
   // noncopyable
diff --git a/proxy/http2/Http2CommonSession.cc b/proxy/http2/Http2CommonSession.cc
index 11464420553..0484134d203 100644
--- a/proxy/http2/Http2CommonSession.cc
+++ b/proxy/http2/Http2CommonSession.cc
@@ -91,6 +91,7 @@ Http2CommonSession::common_free(ProxySession *ssn)
           ink_hrtime_to_msec(this->_milestones[Http2SsnMilestone::OPEN]),
           this->_milestones.difference_sec(Http2SsnMilestone::OPEN, Http2SsnMilestone::CLOSE));
   }
+
   // Update stats on how we died.  May want to eliminate this.  Was useful for
   // tracking down which cases we were having problems cleaning up.  But for general
   // use probably not worth the effort
@@ -152,7 +153,6 @@ Http2CommonSession::xmit(const Http2TxFrame &frame, bool flush)
 {
   int64_t len                      = frame.write_to(this->write_buffer);
   this->_pending_sending_data_size += len;
-  // Force flush for some cases
   if (!flush) {
     // Flush if we already use half of the buffer to avoid adding a new block to the chain.
     // A frame size can be 16MB at maximum so blocks can be added, but that's fine.
@@ -160,7 +160,6 @@ Http2CommonSession::xmit(const Http2TxFrame &frame, bool flush)
       flush = true;
     }
   }
-
   if (flush) {
     this->flush();
   }
@@ -341,6 +340,8 @@ Http2CommonSession::do_complete_frame_read()
 int
 Http2CommonSession::do_process_frame_read(int event, VIO *vio, bool inside_frame)
 {
+  Http2SsnDebug("do_process_frame_read %" PRId64 " bytes ready", this->_read_buffer_reader->read_avail());
+
   if (inside_frame) {
     do_complete_frame_read();
   }
@@ -354,7 +355,8 @@ Http2CommonSession::do_process_frame_read(int event, VIO *vio, bool inside_frame
     }
 
     Http2ErrorCode err = Http2ErrorCode::HTTP2_ERROR_NO_ERROR;
-    if (this->connection_state.get_stream_error_rate() > std::min(1.0, Http2::stream_error_rate_threshold * 2.0)) {
+    if (this->connection_state.get_stream_error_rate() > std::min(1.0, Http2::stream_error_rate_threshold * 2.0) &&
+        !this->is_outbound()) {
       ip_port_text_buffer ipb;
       const char *peer_ip = ats_ip_ntop(this->get_proxy_session()->get_remote_addr(), ipb, sizeof(ipb));
       SiteThrottledWarning("HTTP/2 session error peer_ip=%s session_id=%" PRId64
@@ -422,7 +424,12 @@ Http2CommonSession::is_write_high_water() const
 void
 Http2CommonSession::write_reenable()
 {
-  write_vio->reenable();
+  if (write_vio) {
+    // Grab the lock for the write_vio.  Holding the lock is
+    // checked eventually via the reenable logic
+    SCOPED_MUTEX_LOCK(lock, write_vio->mutex, this_ethread());
+    write_vio->reenable();
+  }
 }
 
 void
@@ -438,3 +445,14 @@ Http2CommonSession::add_url_to_pushed_table(const char *url, int url_len)
     _h2_pushed_urls->emplace(url);
   }
 }
+
+void
+Http2CommonSession::add_session()
+{
+}
+
+bool
+Http2CommonSession::is_outbound() const
+{
+  return false;
+}
diff --git a/proxy/http2/Http2CommonSession.h b/proxy/http2/Http2CommonSession.h
index 6e046469f47..6eb42c3dd02 100644
--- a/proxy/http2/Http2CommonSession.h
+++ b/proxy/http2/Http2CommonSession.h
@@ -109,6 +109,11 @@ class Http2CommonSession
 
   virtual ProxySession *get_proxy_session() = 0;
 
+  virtual void add_session();
+  virtual bool is_outbound() const;
+
+  virtual void set_no_activity_timeout() = 0;
+
   ///////////////////
   // Variables
   Http2ConnectionState connection_state;
@@ -203,7 +208,7 @@ Http2CommonSession::is_url_pushed(const char *url, int url_len)
     return false;
   }
 
-  return _h2_pushed_urls->find(url) != _h2_pushed_urls->end();
+  return _h2_pushed_urls->find(std::string{url, static_cast<size_t>(url_len)}) != _h2_pushed_urls->end();
 }
 
 inline int64_t
diff --git a/proxy/http2/Http2ConnectionState.cc b/proxy/http2/Http2ConnectionState.cc
index 01b8c9a55b0..6127945290f 100644
--- a/proxy/http2/Http2ConnectionState.cc
+++ b/proxy/http2/Http2ConnectionState.cc
@@ -25,6 +25,7 @@
 #include "HTTP2.h"
 #include "Http2ConnectionState.h"
 #include "Http2ClientSession.h"
+#include "Http2ServerSession.h"
 #include "Http2Stream.h"
 #include "Http2Frame.h"
 #include "Http2DebugNames.h"
@@ -44,12 +45,10 @@
     }                                                      \
   }
 
-#define Http2ConDebug(session, fmt, ...) \
-  SsnDebug(session->get_proxy_session(), "http2_con", "[%" PRId64 "] " fmt, session->get_connection_id(), ##__VA_ARGS__);
+#define Http2ConDebug(session, fmt, ...) Debug("http2_con", "[%" PRId64 "] " fmt, session->get_connection_id(), ##__VA_ARGS__);
 
-#define Http2StreamDebug(session, stream_id, fmt, ...)                                                                    \
-  SsnDebug(session->get_proxy_session(), "http2_con", "[%" PRId64 "] [%u] " fmt, session->get_connection_id(), stream_id, \
-           ##__VA_ARGS__);
+#define Http2StreamDebug(session, stream_id, fmt, ...) \
+  Debug("http2_con", "[%" PRId64 "] [%u] " fmt, session->get_connection_id(), stream_id, ##__VA_ARGS__);
 
 static const int buffer_size_index[HTTP2_FRAME_TYPE_MAX] = {
   BUFFER_SIZE_INDEX_16K, // HTTP2_FRAME_TYPE_DATA
@@ -105,13 +104,24 @@ Http2ConnectionState::rcv_data_frame(const Http2Frame &frame)
   if (stream == nullptr) {
     if (this->is_valid_streamid(id)) {
       // This error occurs fairly often, and is probably innocuous (SM initiates the shutdown)
-      return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, Http2ErrorCode::HTTP2_ERROR_STREAM_CLOSED, nullptr);
+      if (this->session->is_outbound()) {
+        this->send_rst_stream_frame(id, Http2ErrorCode::HTTP2_ERROR_NO_ERROR);
+        return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
+      } else {
+        return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, Http2ErrorCode::HTTP2_ERROR_STREAM_CLOSED, nullptr);
+      }
     } else {
       return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION, Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR,
                         "recv data stream freed with invalid id");
     }
   }
 
+  if (stream->get_state() == Http2StreamState::HTTP2_STREAM_STATE_CLOSED ||
+      stream->get_state() == Http2StreamState::HTTP2_STREAM_STATE_HALF_CLOSED_REMOTE) {
+    this->send_rst_stream_frame(id, Http2ErrorCode::HTTP2_ERROR_STREAM_CLOSED);
+    return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
+  }
+
   // If a DATA frame is received whose stream is not in "open" or "half closed
   // (local)" state,
   // the recipient MUST respond with a stream error of type STREAM_CLOSED.
@@ -147,24 +157,29 @@ Http2ConnectionState::rcv_data_frame(const Http2Frame &frame)
 
     // Pure END_STREAM
     if (payload_length == 0) {
-      stream->signal_read_event(VC_EVENT_READ_COMPLETE);
+      if (stream->read_enabled()) {
+        stream->signal_read_event(VC_EVENT_READ_COMPLETE);
+      }
       return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
     }
   } else {
-    // If payload length is 0 without END_STREAM flag, do nothing
-    if (payload_length == 0) {
-      return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
-    }
+    // Any headers that show up after we received data are by definition trailing headers
+    stream->set_trailing_header_is_possible();
+  }
+
+  // If payload length is 0 without END_STREAM flag, do nothing
+  if (payload_length == 0 && !stream->receive_end_stream) {
+    return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
   }
 
   // Check whether Window Size is acceptable
   if (!this->_local_rwnd_is_shrinking_in && this->get_local_rwnd_in() < payload_length) {
     return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION, Http2ErrorCode::HTTP2_ERROR_FLOW_CONTROL_ERROR,
-                      "recv data cstate.server_rwnd < payload_length");
+                      "recv data this->local_rwnd < payload_length");
   }
   if (stream->get_local_rwnd() < payload_length) {
     return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, Http2ErrorCode::HTTP2_ERROR_FLOW_CONTROL_ERROR,
-                      "recv data stream->server_rwnd < payload_length");
+                      "recv data stream->local_rwnd < payload_length");
   }
 
   // Update Window size
@@ -181,7 +196,7 @@ Http2ConnectionState::rcv_data_frame(const Http2Frame &frame)
   const uint32_t unpadded_length = payload_length - pad_length;
   MIOBuffer *writer              = stream->read_vio_writer();
   if (writer == nullptr) {
-    return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, Http2ErrorCode::HTTP2_ERROR_INTERNAL_ERROR);
+    return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, Http2ErrorCode::HTTP2_ERROR_INTERNAL_ERROR, "no writer");
   }
 
   // If we call write() multiple times, we must keep the same reader, so we can
@@ -201,17 +216,24 @@ Http2ConnectionState::rcv_data_frame(const Http2Frame &frame)
     unsigned int num_written = writer->write(myreader, read_len);
     if (num_written != read_len) {
       myreader->writer()->dealloc_reader(myreader);
-      return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, Http2ErrorCode::HTTP2_ERROR_INTERNAL_ERROR);
+      return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, Http2ErrorCode::HTTP2_ERROR_INTERNAL_ERROR, "Write mismatch");
     }
     myreader->consume(num_written);
+    stream->read_update(num_written);
   }
   myreader->writer()->dealloc_reader(myreader);
 
   if (frame.header().flags & HTTP2_FLAGS_DATA_END_STREAM) {
     // TODO: set total written size to read_vio.nbytes
-    stream->signal_read_event(VC_EVENT_READ_COMPLETE);
-  } else {
-    stream->signal_read_event(VC_EVENT_READ_READY);
+    stream->read_done();
+  }
+
+  if (stream->read_enabled()) {
+    if (frame.header().flags & HTTP2_FLAGS_DATA_END_STREAM) {
+      stream->signal_read_event(VC_EVENT_READ_COMPLETE);
+    } else {
+      stream->signal_read_event(VC_EVENT_READ_READY);
+    }
   }
 
   return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
@@ -239,28 +261,50 @@ Http2ConnectionState::rcv_headers_frame(const Http2Frame &frame)
                       "recv headers bad client id");
   }
 
-  Http2Stream *stream = nullptr;
-  bool new_stream     = false;
+  Http2Stream *stream              = nullptr;
+  bool new_stream                  = false;
+  bool reset_header_after_decoding = false;
+  bool free_stream_after_decoding  = false;
 
   if (this->is_valid_streamid(stream_id)) {
     stream = this->find_stream(stream_id);
-    if (stream == nullptr) {
-      return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION, Http2ErrorCode::HTTP2_ERROR_STREAM_CLOSED,
-                        "recv headers cannot find existing stream_id");
-    } else if (stream->get_state() == Http2StreamState::HTTP2_STREAM_STATE_CLOSED) {
+    if (!this->session->is_outbound() && (stream == nullptr || !stream->trailing_header_is_possible())) {
       return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION, Http2ErrorCode::HTTP2_ERROR_STREAM_CLOSED,
-                        "recv_header to closed stream");
-    } else if (!stream->has_trailing_header()) {
-      return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION, Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR,
                         "stream not expecting trailer header");
+    } else if (stream == nullptr || stream->get_state() == Http2StreamState::HTTP2_STREAM_STATE_CLOSED) {
+      if (this->session->is_outbound()) {
+        reset_header_after_decoding = true;
+        // return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
+        // return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, Http2ErrorCode::HTTP2_ERROR_STREAM_CLOSED,
+        //                  "recv_header to closed stream");
+      } else {
+        return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION, Http2ErrorCode::HTTP2_ERROR_STREAM_CLOSED,
+                          "recv_header to closed stream");
+      }
     }
-  } else {
-    // Create new stream
-    Http2Error error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
-    stream     = this->create_stream(stream_id, error);
-    new_stream = true;
-    if (!stream) {
-      return error;
+  }
+
+  if (!http2_is_client_streamid(stream_id)) {
+    return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION, Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR,
+                      "recv headers bad client id");
+  }
+
+  if (!stream) {
+    if (reset_header_after_decoding) {
+      free_stream_after_decoding                 = true;
+      uint32_t const initial_local_stream_window = this->acknowledged_local_settings.get(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE);
+      ink_assert(dynamic_cast<Http2CommonSession *>(this->session->get_proxy_session())->is_outbound() == true);
+      stream = THREAD_ALLOC_INIT(http2StreamAllocator, this_ethread(), this->session->get_proxy_session(), stream_id,
+                                 this->peer_settings.get(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE), initial_local_stream_window,
+                                 !STREAM_IS_REGISTERED);
+    } else {
+      // Create new stream
+      Http2Error error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
+      stream     = this->create_stream(stream_id, error);
+      new_stream = true;
+      if (!stream) {
+        return error;
+      }
     }
   }
 
@@ -352,28 +396,37 @@ Http2ConnectionState::rcv_headers_frame(const Http2Frame &frame)
 
   if (frame.header().flags & HTTP2_FLAGS_HEADERS_END_HEADERS) {
     // NOTE: If there are END_HEADERS flag, decode stored Header Blocks.
-    if (!stream->change_state(HTTP2_FRAME_TYPE_HEADERS, frame.header().flags) && stream->has_trailing_header() == false) {
+    if (!stream->change_state(HTTP2_FRAME_TYPE_HEADERS, frame.header().flags)) {
       return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION, Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR,
                         "recv headers end headers and not trailing header");
     }
 
-    bool empty_request = false;
-    if (stream->has_trailing_header()) {
+    if (stream->trailing_header_is_possible()) {
       if (!(frame.header().flags & HTTP2_FLAGS_HEADERS_END_STREAM)) {
         return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR,
                           "recv headers tailing header without endstream");
       }
-      // If the flag has already been set before decoding header blocks, this is the trailing header.
-      // Set a flag to avoid initializing fetcher for now.
-      // Decoding header blocks is still needed to maintain a HPACK dynamic table.
-      // TODO: TS-3812
-      empty_request = true;
     }
 
-    stream->mark_milestone(Http2StreamMilestone::START_DECODE_HEADERS);
+    if (stream->trailing_header_is_possible()) {
+      stream->reset_receive_headers();
+    } else {
+      stream->mark_milestone(Http2StreamMilestone::START_DECODE_HEADERS);
+    }
     Http2ErrorCode result = stream->decode_header_blocks(*this->local_hpack_handle,
                                                          this->acknowledged_local_settings.get(HTTP2_SETTINGS_HEADER_TABLE_SIZE));
 
+    // If this was an outbound connection and the state was already closed, just clear the
+    // headers after processing.  We just processed the heaer blocks to keep the dynamic table in
+    // sync with peer to avoid future HPACK compression errors
+    if (reset_header_after_decoding) {
+      stream->reset_receive_headers();
+      if (free_stream_after_decoding) {
+        THREAD_FREE(stream, http2StreamAllocator, this_ethread());
+      }
+      return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
+    }
+
     if (result != Http2ErrorCode::HTTP2_ERROR_NO_ERROR) {
       if (result == Http2ErrorCode::HTTP2_ERROR_COMPRESSION_ERROR) {
         return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION, Http2ErrorCode::HTTP2_ERROR_COMPRESSION_ERROR,
@@ -394,15 +447,22 @@ Http2ConnectionState::rcv_headers_frame(const Http2Frame &frame)
     }
 
     // Set up the State Machine
-    if (!empty_request) {
+    if (!stream->is_outbound_connection() && !stream->trailing_header_is_possible()) {
       SCOPED_MUTEX_LOCK(stream_lock, stream->mutex, this_ethread());
       stream->mark_milestone(Http2StreamMilestone::START_TXN);
       stream->new_transaction(frame.is_from_early_data());
       // Send request header to SM
       stream->send_request(*this);
     } else {
-      // Signal VC_EVENT_READ_COMPLETE because received trailing header fields with END_STREAM flag
-      stream->signal_read_event(VC_EVENT_READ_COMPLETE);
+      // If this is a trailer, first signal to the SM that the body is done
+      if (stream->trailing_header_is_possible()) {
+        stream->set_expect_receive_trailer();
+        // Propagate the  trailer header
+        stream->send_request(*this);
+      } else {
+        // Propagate the response
+        stream->send_request(*this);
+      }
     }
   } else {
     // NOTE: Expect CONTINUATION Frame. Do NOT change state of stream or decode
@@ -576,7 +636,7 @@ Http2ConnectionState::rcv_settings_frame(const Http2Frame &frame)
     Warning("Setting frame for zombied session %" PRId64, this->session->get_connection_id());
   }
 
-  // Update SETTIGNS frame count per minute
+  // Update SETTINGS frame count per minute
   this->increment_received_settings_frame_count();
   // Close this connection if its SETTINGS frame count exceeds a limit
   if (this->get_received_settings_frame_count() > Http2::max_settings_frames_per_minute) {
@@ -671,8 +731,8 @@ Http2ConnectionState::rcv_settings_frame(const Http2Frame &frame)
   // [RFC 7540] 6.5. Once all values have been applied, the recipient MUST
   // immediately emit a SETTINGS frame with the ACK flag set.
   Http2SettingsFrame ack_frame(HTTP2_CONNECTION_CONTROL_STREAM, HTTP2_FLAGS_SETTINGS_ACK);
+  Http2StreamDebug(this->session, stream_id, "Send SETTINGS ACK");
   this->session->xmit(ack_frame);
-
   return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
 }
 
@@ -821,7 +881,6 @@ Http2ConnectionState::rcv_window_update_frame(const Http2Frame &frame)
     if (error != Http2ErrorCode::HTTP2_ERROR_NO_ERROR) {
       return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION, error, "Erroneous client window update");
     }
-
     this->restart_streams();
   } else {
     // Stream level window update
@@ -853,11 +912,11 @@ Http2ConnectionState::rcv_window_update_frame(const Http2Frame &frame)
 
     auto error = stream->increment_peer_rwnd(size);
     if (error != Http2ErrorCode::HTTP2_ERROR_NO_ERROR) {
-      return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, error);
+      return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, error, "Bad stream rwnd");
     }
 
     ssize_t wnd = std::min(this->get_peer_rwnd_in(), stream->get_peer_rwnd());
-    if (!stream->is_closed() && stream->get_state() == Http2StreamState::HTTP2_STREAM_STATE_HALF_CLOSED_REMOTE && wnd > 0) {
+    if (wnd > 0) {
       SCOPED_MUTEX_LOCK(lock, stream->mutex, this_ethread());
       stream->restart_sending();
     }
@@ -1084,6 +1143,10 @@ Http2ConnectionState::send_connection_preface()
 
   Http2ConnectionSettings configured_settings;
   configured_settings.settings_from_configs();
+
+  // Communicate to the peer that we do not support PUSH_PROMISE
+  configured_settings.set(HTTP2_SETTINGS_ENABLE_PUSH, 0);
+
   configured_settings.set(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, _adjust_concurrent_stream());
 
   if (this->_has_dynamic_stream_window()) {
@@ -1283,7 +1346,6 @@ Http2ConnectionState::main_event_handler(int event, void *edata)
       }
     }
   }
-
   return 0;
 }
 
@@ -1303,6 +1365,101 @@ Http2ConnectionState::state_closed(int event, void *edata)
   return 0;
 }
 
+bool
+Http2ConnectionState::is_peer_concurrent_stream_ub() const
+{
+  return peer_streams_count_in >= (peer_settings.get(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS)) * 0.9;
+}
+
+bool
+Http2ConnectionState::is_peer_concurrent_stream_lb() const
+{
+  return peer_streams_count_in <= (peer_settings.get(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS)) / 2;
+}
+
+void
+Http2ConnectionState::set_stream_id(Http2Stream *stream)
+{
+  if (stream->get_transaction_id() < 0) {
+    Http2StreamId stream_id = (latest_streamid_in == 0) ? 3 : latest_streamid_in + 2;
+    stream->set_transaction_id(stream_id);
+    latest_streamid_in = stream_id;
+  }
+}
+
+Http2Stream *
+Http2ConnectionState::create_initiating_stream(Http2Error &error)
+{
+  // first check if we've hit the active connection limit
+  if (!session->get_netvc()->add_to_active_queue()) {
+    error = Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION, Http2ErrorCode::HTTP2_ERROR_NO_ERROR,
+                       "refused to create new stream, maxed out active connections");
+    return nullptr;
+  }
+
+  // In half_close state, TS doesn't create new stream. Because GOAWAY frame is sent to client
+  if (session->get_half_close_local_flag()) {
+    error = Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, Http2ErrorCode::HTTP2_ERROR_REFUSED_STREAM,
+                       "refused to create new stream, because session is in half_close state");
+    return nullptr;
+  }
+
+  // Endpoints MUST NOT exceed the limit set by their peer.  An endpoint
+  // that receives a HEADERS frame that causes their advertised concurrent
+  // stream limit to be exceeded MUST treat this as a stream error.
+  int check_max_concurrent_limit;
+  int check_count;
+  check_count = peer_streams_count_in;
+  // If this is an outbound client stream, must check against the peer's max_concurrent
+  if (session->is_outbound()) {
+    check_max_concurrent_limit = peer_settings.get(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS);
+  } else { // Inbound client streamm check against our own max_connecurent limits
+    check_max_concurrent_limit = local_settings.get(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS);
+  }
+  ink_release_assert(check_max_concurrent_limit != 0);
+
+  // If we haven't got the peers settings yet, just hope for the best
+  if (check_max_concurrent_limit >= 0) {
+    if (session->is_outbound() && Http2ConnectionState::is_peer_concurrent_stream_ub()) {
+      error = Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, Http2ErrorCode::HTTP2_ERROR_REFUSED_STREAM,
+                         "recv headers creating stream beyond max_concurrent limit");
+      return nullptr;
+    } else if (check_count >= check_max_concurrent_limit) {
+      error = Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, Http2ErrorCode::HTTP2_ERROR_REFUSED_STREAM,
+                         "recv headers creating stream beyond max_concurrent limit");
+      return nullptr;
+    }
+  }
+
+  ink_assert(dynamic_cast<Http2CommonSession *>(this->session->get_proxy_session())->is_outbound() == true);
+  uint32_t const initial_stream_window = this->acknowledged_local_settings.get(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE);
+  Http2Stream *new_stream =
+    THREAD_ALLOC_INIT(http2StreamAllocator, this_ethread(), session->get_proxy_session(), -1,
+                      peer_settings.get(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE), initial_stream_window, STREAM_IS_REGISTERED);
+
+  ink_assert(nullptr != new_stream);
+  ink_assert(!stream_list.in(new_stream));
+
+  stream_list.enqueue(new_stream);
+  ink_assert(peer_streams_count_in < UINT32_MAX);
+  ++peer_streams_count_in;
+  ++total_peer_streams_count;
+
+  if (zombie_event != nullptr) {
+    zombie_event->cancel();
+    zombie_event = nullptr;
+  }
+
+  new_stream->mutex                     = new_ProxyMutex();
+  new_stream->is_first_transaction_flag = get_stream_requests() == 0;
+  increment_stream_requests();
+
+  // Clear the session timeout.  Let the transaction timeouts reign
+  session->get_proxy_session()->cancel_inactivity_timeout();
+
+  return new_stream;
+}
+
 Http2Stream *
 Http2ConnectionState::create_stream(Http2StreamId new_id, Http2Error &error)
 {
@@ -1345,22 +1502,37 @@ Http2ConnectionState::create_stream(Http2StreamId new_id, Http2Error &error)
   // Endpoints MUST NOT exceed the limit set by their peer.  An endpoint
   // that receives a HEADERS frame that causes their advertised concurrent
   // stream limit to be exceeded MUST treat this as a stream error.
+  int check_max_concurrent_limit = 0;
+  int check_count                = 0;
+  int max_streams_stat           = 0;
   if (is_client_streamid) {
-    if (peer_streams_count_in >= acknowledged_local_settings.get(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS)) {
-      HTTP2_INCREMENT_THREAD_DYN_STAT(HTTP2_STAT_MAX_CONCURRENT_STREAMS_EXCEEDED_IN, this_ethread());
-      error = Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, Http2ErrorCode::HTTP2_ERROR_REFUSED_STREAM,
-                         "recv headers creating inbound stream beyond max_concurrent limit");
-      return nullptr;
-    }
-  } else {
-    if (peer_streams_count_out >= peer_settings.get(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS)) {
-      HTTP2_INCREMENT_THREAD_DYN_STAT(HTTP2_STAT_MAX_CONCURRENT_STREAMS_EXCEEDED_OUT, this_ethread());
-      error = Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, Http2ErrorCode::HTTP2_ERROR_REFUSED_STREAM,
-                         "recv headers creating outbound stream beyond max_concurrent limit");
-      return nullptr;
-    }
+    check_count      = peer_streams_count_in;
+    max_streams_stat = HTTP2_STAT_MAX_CONCURRENT_STREAMS_EXCEEDED_IN;
+    // If this is an outbound client stream, must check against the peer's max_concurrent
+    if (session->is_outbound()) {
+      check_max_concurrent_limit = peer_settings.get(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS);
+    } else { // Inbound client streamm check against our own max_connecurent limits
+      check_max_concurrent_limit = acknowledged_local_settings.get(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS);
+    }
+  } else { // Not a client stream (i.e. a push)
+    check_count      = peer_streams_count_out;
+    max_streams_stat = HTTP2_STAT_MAX_CONCURRENT_STREAMS_EXCEEDED_OUT;
+    // If this is an outbound non-client stream, must check against the local max_concurrent
+    if (session->is_outbound()) {
+      check_max_concurrent_limit = acknowledged_local_settings.get(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS);
+    } else { // Inbound non-client streamm check against the peer's max_connecurent limits
+      check_max_concurrent_limit = peer_settings.get(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS);
+    }
+  }
+  // If we haven't got the peers settings yet, just hope for the best
+  if (check_max_concurrent_limit >= 0 && check_count >= check_max_concurrent_limit) {
+    HTTP2_INCREMENT_THREAD_DYN_STAT(max_streams_stat, this_ethread());
+    error = Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, Http2ErrorCode::HTTP2_ERROR_REFUSED_STREAM,
+                       "recv headers creating stream beyond max_concurrent limit");
+    return nullptr;
   }
 
+  ink_assert(dynamic_cast<Http2CommonSession *>(this->session->get_proxy_session())->is_outbound() == false);
   uint32_t initial_stream_window        = this->acknowledged_local_settings.get(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE);
   uint32_t initial_stream_window_target = initial_stream_window;
   if (is_client_streamid && this->_has_dynamic_stream_window()) {
@@ -1377,8 +1549,9 @@ Http2ConnectionState::create_stream(Http2StreamId new_id, Http2Error &error)
     // 6.9.3.
     initial_stream_window_target = this->_get_configured_receive_session_window_size_in() / (peer_streams_count_in.load() + 1);
   }
-  Http2Stream *new_stream = THREAD_ALLOC_INIT(http2StreamAllocator, this_ethread(), session->get_proxy_session(), new_id,
-                                              peer_settings.get(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE), initial_stream_window);
+  Http2Stream *new_stream =
+    THREAD_ALLOC_INIT(http2StreamAllocator, this_ethread(), session->get_proxy_session(), new_id,
+                      peer_settings.get(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE), initial_stream_window, STREAM_IS_REGISTERED);
 
   ink_assert(nullptr != new_stream);
   ink_assert(!stream_list.in(new_stream));
@@ -1409,6 +1582,9 @@ Http2ConnectionState::create_stream(Http2StreamId new_id, Http2Error &error)
   }
   increment_stream_requests();
 
+  // Clear the session timeout.  Let the transaction timeouts reign
+  session->get_proxy_session()->cancel_inactivity_timeout();
+
   return new_stream;
 }
 
@@ -1424,6 +1600,17 @@ Http2ConnectionState::find_stream(Http2StreamId id) const
   return nullptr;
 }
 
+void
+Http2ConnectionState::start_streams()
+{
+  Http2Stream *s = stream_list.head;
+  while (s) {
+    Http2Stream *next = static_cast<Http2Stream *>(s->link.next);
+    s->reenable_write();
+    s = next;
+  }
+}
+
 void
 Http2ConnectionState::restart_streams()
 {
@@ -1435,7 +1622,6 @@ Http2ConnectionState::restart_streams()
     // It doesn't need to be initialized with rand() nor time(), and doesn't need to be accessed with a lock, because it doesn't
     // need that randomness and accuracy.
     static uint16_t starting_point = 0;
-
     // Change the start point randomly
     for (int i = starting_point % total_peer_streams_count; i >= 0; --i) {
       end = static_cast<Http2Stream *>(end->link.next ? end->link.next : stream_list.head);
@@ -1445,16 +1631,14 @@ Http2ConnectionState::restart_streams()
     // Call send_response_body() for each streams
     while (s != end) {
       Http2Stream *next = static_cast<Http2Stream *>(s->link.next ? s->link.next : stream_list.head);
-      if (!s->is_closed() && s->get_state() == Http2StreamState::HTTP2_STREAM_STATE_HALF_CLOSED_REMOTE &&
-          std::min(this->get_peer_rwnd_in(), s->get_peer_rwnd()) > 0) {
+      if (std::min(this->get_peer_rwnd_in(), s->get_peer_rwnd()) > 0) {
         SCOPED_MUTEX_LOCK(lock, s->mutex, this_ethread());
         s->restart_sending();
       }
       ink_assert(s != next);
       s = next;
     }
-    if (!s->is_closed() && s->get_state() == Http2StreamState::HTTP2_STREAM_STATE_HALF_CLOSED_REMOTE &&
-        std::min(this->get_peer_rwnd_in(), s->get_peer_rwnd()) > 0) {
+    if (std::min(this->get_peer_rwnd_in(), s->get_peer_rwnd()) > 0) {
       SCOPED_MUTEX_LOCK(lock, s->mutex, this_ethread());
       s->restart_sending();
     }
@@ -1555,7 +1739,9 @@ Http2ConnectionState::delete_stream(Http2Stream *stream)
   REMEMBER(NO_EVENT, this->recursion);
 
   if (Http2::stream_priority_enabled) {
-    Http2DependencyTree::Node *node = stream->priority_node;
+    Http2DependencyTree::Node *node       = stream->priority_node;
+    Http2DependencyTree::Node *node_by_id = this->dependency_tree->find(stream->get_id());
+    ink_assert(node == node_by_id);
     if (node != nullptr) {
       if (node->active) {
         dependency_tree->deactivate(node, 0);
@@ -1577,13 +1763,16 @@ Http2ConnectionState::delete_stream(Http2Stream *stream)
 
   stream_list.remove(stream);
   if (http2_is_client_streamid(stream->get_id())) {
-    ink_assert(peer_streams_count_in > 0);
+    ink_release_assert(peer_streams_count_in > 0);
     --peer_streams_count_in;
+    if (!fini_received && is_peer_concurrent_stream_lb()) {
+      session->add_session();
+    }
   } else {
     ink_assert(peer_streams_count_out > 0);
     --peer_streams_count_out;
   }
-  // total_client_streams_count will be decremented in release_stream(), because it's a counter include streams in the process of
+  // total_peer_streams_count will be decremented in release_stream(), because it's a counter include streams in the process of
   // shutting down.
 
   stream->initiating_close();
@@ -1616,6 +1805,7 @@ Http2ConnectionState::release_stream()
         // If the number of clients is 0, HTTP2_SESSION_EVENT_FINI is not received or sent, and session is active,
         // then mark the connection as inactive
         session->do_clear_session_active();
+        session->set_no_activity_timeout();
         UnixNetVConnection *vc = static_cast<UnixNetVConnection *>(session->get_netvc());
         if (vc && vc->active_timeout_in == 0) {
           // With heavy traffic, session could be destroyed. Do not touch session after this.
@@ -1703,10 +1893,12 @@ Http2ConnectionState::send_data_frames_depends_on_priority()
 
   Http2Stream *stream = static_cast<Http2Stream *>(node->t);
   ink_release_assert(stream != nullptr);
+  ink_release_assert(stream->priority_node == node);
   Http2StreamDebug(session, stream->get_id(), "top node, point=%d", node->point);
 
   size_t len                      = 0;
   Http2SendDataFrameResult result = send_a_data_frame(stream, len);
+  ink_release_assert(stream->priority_node != nullptr);
 
   switch (result) {
   case Http2SendDataFrameResult::NO_ERROR: {
@@ -1715,9 +1907,8 @@ Http2ConnectionState::send_data_frames_depends_on_priority()
       dependency_tree->deactivate(node, len);
     } else {
       dependency_tree->update(node, len);
-
       SCOPED_MUTEX_LOCK(stream_lock, stream->mutex, this_ethread());
-      stream->signal_write_event(Http2Stream::CALL_UPDATE);
+      stream->signal_write_event(stream->is_write_vio_done() ? VC_EVENT_WRITE_COMPLETE : VC_EVENT_WRITE_READY);
     }
     break;
   }
@@ -1758,6 +1949,12 @@ Http2ConnectionState::send_a_data_frame(Http2Stream *stream, size_t &payload_len
   if (resp_reader->is_read_avail_more_than(0)) {
     // We only need to check for window size when there is a payload
     if (window_size <= 0) {
+      if (session->is_outbound()) {
+        ip_port_text_buffer ipb;
+        const char *client_ip = ats_ip_ntop(session->get_proxy_session()->get_remote_addr(), ipb, sizeof(ipb));
+        Warning("No window server_ip=%s session_wnd=%zd stream_wnd=%zd peer_initial_window=%u", client_ip, get_peer_rwnd_in(),
+                stream->get_peer_rwnd(), this->peer_settings.get(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE));
+      }
       Http2StreamDebug(this->session, stream->get_id(), "No window");
       this->session->flush();
       return Http2SendDataFrameResult::NO_WINDOW;
@@ -1790,6 +1987,7 @@ Http2ConnectionState::send_a_data_frame(Http2Stream *stream, size_t &payload_len
   }
 
   if (stream->is_write_vio_done()) {
+    Http2StreamDebug(this->session, stream->get_id(), "End of Data Frame");
     flags |= HTTP2_FLAGS_DATA_END_STREAM;
   }
 
@@ -1798,8 +1996,8 @@ Http2ConnectionState::send_a_data_frame(Http2Stream *stream, size_t &payload_len
   stream->decrement_peer_rwnd(payload_length);
 
   // Create frame
-  Http2StreamDebug(session, stream->get_id(), "Send a DATA frame - client window con: %5zd stream: %5zd payload: %5zd",
-                   _peer_rwnd_in, stream->get_peer_rwnd(), payload_length);
+  Http2StreamDebug(session, stream->get_id(), "Send a DATA frame - client window con: %5zd stream: %5zd payload: %5zd flags: 0x%x",
+                   _peer_rwnd_in, stream->get_peer_rwnd(), payload_length, flags);
 
   Http2DataFrame data(stream->get_id(), flags, resp_reader, payload_length);
   this->session->xmit(data, flags & HTTP2_FLAGS_DATA_END_STREAM);
@@ -1828,20 +2026,38 @@ Http2ConnectionState::send_data_frames(Http2Stream *stream)
     return;
   }
 
+  if (zombie_event != nullptr) {
+    zombie_event->cancel();
+    zombie_event = nullptr;
+  }
+
   size_t len                      = 0;
   Http2SendDataFrameResult result = Http2SendDataFrameResult::NO_ERROR;
-  while (result == Http2SendDataFrameResult::NO_ERROR) {
-    result = send_a_data_frame(stream, len);
+  bool more_data                  = true;
+  IOBufferReader *resp_reader     = stream->get_data_reader_for_send();
+  while (more_data && result == Http2SendDataFrameResult::NO_ERROR) {
+    result    = send_a_data_frame(stream, len);
+    more_data = resp_reader->is_read_avail_more_than(0);
 
     if (result == Http2SendDataFrameResult::DONE) {
-      // Delete a stream immediately
-      // TODO its should not be deleted for a several time to handling
-      // RST_STREAM and WINDOW_UPDATE.
-      // See 'closed' state written at [RFC 7540] 5.1.
-      Http2StreamDebug(this->session, stream->get_id(), "Shutdown stream");
-      stream->initiating_close();
+      if (!stream->is_outbound_connection()) {
+        // Delete a stream immediately
+        // TODO its should not be deleted for a several time to handling
+        // RST_STREAM and WINDOW_UPDATE.
+        // See 'closed' state written at [RFC 7540] 5.1.
+        Http2StreamDebug(this->session, stream->get_id(), "Shutdown stream");
+        stream->signal_write_event(VC_EVENT_WRITE_COMPLETE);
+        stream->do_io_close();
+      } else if (stream->is_outbound_connection() && stream->is_write_vio_done()) {
+        stream->signal_write_event(VC_EVENT_WRITE_COMPLETE);
+      } else {
+        ink_release_assert(!"What case is this?");
+      }
     }
   }
+  if (!more_data && result != Http2SendDataFrameResult::DONE) {
+    stream->signal_write_event(VC_EVENT_WRITE_READY);
+  }
 
   return;
 }
@@ -1855,15 +2071,25 @@ Http2ConnectionState::send_headers_frame(Http2Stream *stream)
 
   Http2StreamDebug(session, stream->get_id(), "Send HEADERS frame");
 
-  HTTPHdr *resp_hdr = &stream->_send_header;
-  http2_convert_header_from_1_1_to_2(resp_hdr);
+  // For outbound streams, set the ID if it has not yet already been set
+  // Need to defer setting the stream ID to avoid another later created stream
+  // sending out first.  This may cause the peer to issue a stream or connection
+  // error (new stream less that the greatest we have seen so far)
+  this->set_stream_id(stream);
+
+  HTTPHdr *send_hdr = stream->get_send_header();
+  if (stream->expect_send_trailer()) {
+    // Which is a no-op conversion
+  } else {
+    http2_convert_header_from_1_1_to_2(send_hdr);
+  }
 
-  uint32_t buf_len = resp_hdr->length_get() * 2; // Make it double just in case
+  uint32_t buf_len = send_hdr->length_get() * 2; // Make it double just in case
   ts::LocalBuffer local_buffer(buf_len);
   uint8_t *buf = local_buffer.data();
 
   stream->mark_milestone(Http2StreamMilestone::START_ENCODE_HEADERS);
-  Http2ErrorCode result = http2_encode_header_blocks(resp_hdr, buf, buf_len, &header_blocks_size, *(this->peer_hpack_handle),
+  Http2ErrorCode result = http2_encode_header_blocks(send_hdr, buf, buf_len, &header_blocks_size, *(this->peer_hpack_handle),
                                                      peer_settings.get(HTTP2_SETTINGS_HEADER_TABLE_SIZE));
   if (result != Http2ErrorCode::HTTP2_ERROR_NO_ERROR) {
     return;
@@ -1873,11 +2099,37 @@ Http2ConnectionState::send_headers_frame(Http2Stream *stream)
   if (header_blocks_size <= static_cast<uint32_t>(BUFFER_SIZE_FOR_INDEX(buffer_size_index[HTTP2_FRAME_TYPE_HEADERS]))) {
     payload_length = header_blocks_size;
     flags          |= HTTP2_FLAGS_HEADERS_END_HEADERS;
-    if ((resp_hdr->presence(MIME_PRESENCE_CONTENT_LENGTH) && resp_hdr->get_content_length() == 0) ||
-        (!resp_hdr->expect_final_response() && stream->is_write_vio_done())) {
-      Http2StreamDebug(session, stream->get_id(), "END_STREAM");
-      flags                   |= HTTP2_FLAGS_HEADERS_END_STREAM;
-      stream->send_end_stream = true;
+    if (stream->is_outbound_connection()) { // Will be sending a request_header
+      int method = send_hdr->method_get_wksidx();
+
+      // Set END_STREAM on request headers for POST, etc. methods combined with
+      // an explicit length 0. Some origins RST on request headers with
+      // explicit zero length and no end stream flag, causing the request to
+      // fail. We emulate chromium behaviour here prevent such RSTs.
+      bool content_method       = method == HTTP_WKSIDX_POST || method == HTTP_WKSIDX_PUSH || method == HTTP_WKSIDX_PUT;
+      bool is_transfer_encoded  = send_hdr->presence(MIME_PRESENCE_TRANSFER_ENCODING);
+      bool has_content_header   = send_hdr->presence(MIME_PRESENCE_CONTENT_LENGTH);
+      bool explicit_zero_length = has_content_header && send_hdr->get_content_length() == 0;
+
+      bool expect_content_stream =
+        is_transfer_encoded ||                                              // transfer encoded content length is unknown
+        (!content_method && has_content_header && !explicit_zero_length) || // non zero content with GET,etc
+        (content_method && !explicit_zero_length);                          // content-length >0 or empty with POST etc
+
+      // send END_STREAM if we don't expect any content
+      if (!expect_content_stream) {
+        // TODO deal with the chunked encoding case
+        Http2StreamDebug(session, stream->get_id(), "request END_STREAM");
+        flags                   |= HTTP2_FLAGS_HEADERS_END_STREAM;
+        stream->send_end_stream = true;
+      }
+    } else {
+      if ((send_hdr->presence(MIME_PRESENCE_CONTENT_LENGTH) && send_hdr->get_content_length() == 0) ||
+          (!send_hdr->expect_final_response() && stream->is_write_vio_done())) {
+        Http2StreamDebug(session, stream->get_id(), "response END_STREAM");
+        flags                   |= HTTP2_FLAGS_HEADERS_END_STREAM;
+        stream->send_end_stream = true;
+      }
     }
     stream->mark_milestone(Http2StreamMilestone::START_TX_HEADERS_FRAMES);
   } else {
@@ -1895,6 +2147,7 @@ Http2ConnectionState::send_headers_frame(Http2Stream *stream)
     return;
   }
 
+  Http2StreamDebug(session, stream->get_id(), "Send HEADERS frame flags: 0x%x length: %d", flags, payload_length);
   Http2HeadersFrame headers(stream->get_id(), flags, buf, payload_length);
   this->session->xmit(headers);
   uint64_t sent = payload_length;
@@ -2079,7 +2332,7 @@ Http2ConnectionState::send_settings_frame(const Http2ConnectionSettings &new_set
   Http2SettingsFrame settings(stream_id, HTTP2_FRAME_NO_FLAG, params, params_size);
 
   this->_outstanding_settings_frames_in.emplace(new_settings);
-  this->session->xmit(settings);
+  this->session->xmit(settings, true);
 }
 
 void
@@ -2090,7 +2343,7 @@ Http2ConnectionState::_process_incoming_settings_ack_frame()
                    this->_outstanding_settings_frames_in.size());
 
   // Do not update this->acknowledged_local_settings yet as
-  // update_initial_server_rwnd relies upon it still pointing to the old value.
+  // update_initial_local_rwnd_in relies upon it still pointing to the old value.
   Http2ConnectionSettings const &old_settings = this->acknowledged_local_settings;
   Http2ConnectionSettings const &new_settings = this->_outstanding_settings_frames_in.front().get_outstanding_settings();
 
@@ -2285,12 +2538,13 @@ Http2ConnectionState::increment_peer_rwnd_in(size_t amount)
   this->_recent_rwnd_increment[this->_recent_rwnd_increment_index] = amount;
   ++this->_recent_rwnd_increment_index;
   this->_recent_rwnd_increment_index %= this->_recent_rwnd_increment.size();
-  double sum = std::accumulate(this->_recent_rwnd_increment.begin(), this->_recent_rwnd_increment.end(), 0.0);
-  double avg = sum / this->_recent_rwnd_increment.size();
-  if (avg < Http2::min_avg_window_update) {
-    HTTP2_INCREMENT_THREAD_DYN_STAT(HTTP2_STAT_INSUFFICIENT_AVG_WINDOW_UPDATE, this_ethread());
-    return Http2ErrorCode::HTTP2_ERROR_ENHANCE_YOUR_CALM;
-  }
+  // SKH Causing problems with gRPC processing.  Python example resulted in amount 8
+  // double sum = std::accumulate(this->_recent_rwnd_increment.begin(), this->_recent_rwnd_increment.end(), 0.0);
+  // double avg = sum / this->_recent_rwnd_increment.size();
+  // if (avg < Http2::min_avg_window_update) {
+  //  HTTP2_INCREMENT_THREAD_DYN_STAT(HTTP2_STAT_INSUFFICIENT_AVG_WINDOW_UPDATE, this_ethread());
+  //  return Http2ErrorCode::HTTP2_ERROR_ENHANCE_YOUR_CALM;
+  //}
   return Http2ErrorCode::HTTP2_ERROR_NO_ERROR;
 }
 
diff --git a/proxy/http2/Http2ConnectionState.h b/proxy/http2/Http2ConnectionState.h
index 1ab2f74b561..9a44aea4582 100644
--- a/proxy/http2/Http2ConnectionState.h
+++ b/proxy/http2/Http2ConnectionState.h
@@ -122,8 +122,11 @@ class Http2ConnectionState : public Continuation
 
   // Stream control interfaces
   Http2Stream *create_stream(Http2StreamId new_id, Http2Error &error);
+  Http2Stream *create_initiating_stream(Http2Error &error);
+  void set_stream_id(Http2Stream *stream);
   Http2Stream *find_stream(Http2StreamId id) const;
   void restart_streams();
+  void start_streams();
   bool delete_stream(Http2Stream *stream);
   void release_stream();
   void cleanup_streams();
@@ -139,6 +142,8 @@ class Http2ConnectionState : public Continuation
   Http2StreamId get_latest_stream_id_out() const;
   int get_stream_requests() const;
   void increment_stream_requests();
+  bool is_peer_concurrent_stream_ub() const;
+  bool is_peer_concurrent_stream_lb() const;
 
   // Continuated header decoding
   Http2StreamId get_continued_stream_id() const;
@@ -198,6 +203,9 @@ class Http2ConnectionState : public Continuation
   Http2ErrorCode increment_local_rwnd_in(size_t amount);
   Http2ErrorCode decrement_local_rwnd_in(size_t amount);
 
+  bool no_streams() const;
+  bool single_stream() const;
+
 private:
   Http2Error rcv_data_frame(const Http2Frame &);
   Http2Error rcv_headers_frame(const Http2Frame &);
diff --git a/proxy/http2/Http2ServerSession.cc b/proxy/http2/Http2ServerSession.cc
new file mode 100644
index 00000000000..42bb4e8e1e9
--- /dev/null
+++ b/proxy/http2/Http2ServerSession.cc
@@ -0,0 +1,418 @@
+/** @file
+
+  Http2ServerSession.
+
+  @section license License
+
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+ */
+
+#include "Http2ServerSession.h"
+#include "HttpDebugNames.h"
+#include "tscore/ink_base64.h"
+#include "Http2CommonSessionInternal.h"
+#include "HttpSessionManager.h"
+
+ClassAllocator<Http2ServerSession> http2ServerSessionAllocator("http2ServerSessionAllocator");
+
+static int
+send_connection_event(Continuation *cont, int event, void *edata)
+{
+  SCOPED_MUTEX_LOCK(lock, cont->mutex, this_ethread());
+  return cont->handleEvent(event, edata);
+}
+
+Http2ServerSession::Http2ServerSession() = default;
+
+void
+Http2ServerSession::destroy()
+{
+  if (!in_destroy) {
+    in_destroy = true;
+    write_vio  = nullptr;
+    this->remove_session();
+    this->release_outbound_connection_tracking();
+    REMEMBER(NO_EVENT, this->recursion)
+    Http2SsnDebug("session destroy");
+    if (_vc) {
+      _vc->do_io_close();
+      _vc = nullptr;
+    }
+    free();
+  }
+}
+
+void
+Http2ServerSession::free()
+{
+  auto mutex_thread = this->mutex->thread_holding;
+  if (Http2CommonSession::common_free(this)) {
+    HTTP2_DECREMENT_THREAD_DYN_STAT(HTTP2_STAT_CURRENT_SERVER_SESSION_COUNT, mutex_thread);
+    THREAD_FREE(this, http2ServerSessionAllocator, mutex_thread);
+  }
+}
+
+void
+Http2ServerSession::start()
+{
+  SCOPED_MUTEX_LOCK(lock, this->mutex, this_ethread());
+
+  SET_HANDLER(&Http2ServerSession::main_event_handler);
+  HTTP2_SET_SESSION_HANDLER(&Http2ServerSession::state_start_frame_read);
+
+  VIO *read_vio = this->do_io_read(this, INT64_MAX, this->read_buffer);
+  write_vio     = this->do_io_write(this, INT64_MAX, this->_write_buffer_reader);
+
+  this->connection_state.init(this);
+
+  // 3.5 HTTP/2 Connection Preface. Upon establishment of a TCP connection and
+  // determination that HTTP/2 will be used by both peers, each endpoint MUST
+  // send a connection preface as a final confirmation ...
+  // This is the preface string sent by the client
+  this->write_buffer->write(HTTP2_CONNECTION_PREFACE, HTTP2_CONNECTION_PREFACE_LEN);
+  write_reenable();
+  this->connection_state.send_connection_preface();
+  Http2SsnDebug("Sent Connection Preface");
+
+  this->handleEvent(VC_EVENT_READ_READY, read_vio);
+}
+
+void
+Http2ServerSession::new_connection(NetVConnection *new_vc, MIOBuffer *iobuf, IOBufferReader *reader)
+{
+  ink_assert(new_vc->mutex->thread_holding == this_ethread());
+  HTTP2_INCREMENT_THREAD_DYN_STAT(HTTP2_STAT_CURRENT_SERVER_SESSION_COUNT, new_vc->mutex->thread_holding);
+  HTTP2_INCREMENT_THREAD_DYN_STAT(HTTP2_STAT_TOTAL_SERVER_CONNECTION_COUNT, new_vc->mutex->thread_holding);
+  this->_milestones.mark(Http2SsnMilestone::OPEN);
+
+  // Unique client session identifier.
+  this->con_id = ProxySession::next_connection_id();
+  this->_vc    = new_vc;
+  _vc->set_inactivity_timeout(HRTIME_SECONDS(Http2::accept_no_activity_timeout));
+  this->schedule_event = nullptr;
+  this->mutex          = new_vc->mutex;
+
+  this->connection_state.mutex = this->mutex;
+
+  // Since we're functioning as a client, we do not need to worry about
+  // TLSEarlyDataSupport.
+
+  Http2SsnDebug("session born, netvc %p", this->_vc);
+
+  this->_vc->set_tcp_congestion_control(CLIENT_SIDE);
+
+  this->read_buffer             = iobuf ? iobuf : new_MIOBuffer(HTTP2_HEADER_BUFFER_SIZE_INDEX);
+  this->read_buffer->water_mark = connection_state.local_settings.get(HTTP2_SETTINGS_MAX_FRAME_SIZE);
+  this->_read_buffer_reader     = reader ? reader : this->read_buffer->alloc_reader();
+
+  // Set write buffer size to max size of TLS record (16KB)
+  // This block size is the buffer size that we pass to SSLWriteBuffer
+  auto buffer_block_size_index = iobuffer_size_to_index(Http2::write_buffer_block_size, MAX_BUFFER_SIZE_INDEX);
+  this->write_buffer           = new_MIOBuffer(buffer_block_size_index);
+  this->_write_buffer_reader   = this->write_buffer->alloc_reader();
+  this->_write_size_threshold  = index_to_buffer_size(buffer_block_size_index) * Http2::write_size_threshold;
+
+  this->_handle_if_ssl(new_vc);
+
+  do_api_callout(TS_HTTP_SSN_START_HOOK);
+
+  this->add_session();
+}
+
+// implement that. After we send a GOAWAY, there
+// are scenarios where we would like to complete the outstanding streams.
+
+void
+Http2ServerSession::do_io_close(int alerrno)
+{
+  REMEMBER(NO_EVENT, this->recursion)
+
+  if (!this->connection_state.is_state_closed()) {
+    Http2SsnDebug("session closed");
+    this->remove_session();
+
+    ink_assert(this->mutex->thread_holding == this_ethread());
+    send_connection_event(&this->connection_state, HTTP2_SESSION_EVENT_FINI, this);
+
+    // Destroy will be called from connection_state.release_stream() once the number of active streams goes to 0
+  }
+}
+
+int
+Http2ServerSession::main_event_handler(int event, void *edata)
+{
+  ink_assert(this->mutex->thread_holding == this_ethread());
+  int retval;
+
+  recursion++;
+
+  Event *e = static_cast<Event *>(edata);
+  if (e == schedule_event) {
+    schedule_event = nullptr;
+  }
+
+  Http2SsnDebug("main_event_handler=%d edata=%p", event, edata);
+
+  switch (event) {
+  case VC_EVENT_READ_COMPLETE:
+  case VC_EVENT_READ_READY: {
+    bool is_zombie = connection_state.get_zombie_event() != nullptr;
+    retval         = (this->*session_handler)(event, edata);
+    if (is_zombie && connection_state.get_zombie_event() != nullptr) {
+      Warning("Processed read event for zombie session %" PRId64, connection_id());
+    }
+    break;
+  }
+
+  case HTTP2_SESSION_EVENT_REENABLE:
+    // VIO will be reenableed in this handler
+    retval = (this->*session_handler)(VC_EVENT_READ_READY, static_cast<VIO *>(e->cookie));
+    // Clear the event after calling session_handler to not reschedule REENABLE in it
+    this->_reenable_event = nullptr;
+    break;
+
+  case VC_EVENT_ACTIVE_TIMEOUT:
+  case VC_EVENT_INACTIVITY_TIMEOUT:
+  case VC_EVENT_ERROR:
+  case VC_EVENT_EOS:
+    this->set_dying_event(event);
+    this->do_io_close();
+    retval = 0;
+    break;
+
+  case VC_EVENT_WRITE_READY:
+  case VC_EVENT_WRITE_COMPLETE:
+    this->connection_state.restart_streams();
+    if ((Thread::get_hrtime() >= this->_write_buffer_last_flush + HRTIME_MSECONDS(this->_write_time_threshold))) {
+      this->flush();
+    }
+
+    retval = 0;
+    break;
+
+  case HTTP2_SESSION_EVENT_XMIT:
+  default:
+    Http2SsnDebug("unexpected event=%d edata=%p", event, edata);
+    ink_release_assert(0);
+    retval = 0;
+    break;
+  }
+
+  if (!this->is_draining() && this->connection_state.get_shutdown_reason() == Http2ErrorCode::HTTP2_ERROR_MAX) {
+    this->connection_state.set_shutdown_state(HTTP2_SHUTDOWN_NONE);
+  }
+
+  if (this->connection_state.get_shutdown_state() == HTTP2_SHUTDOWN_NONE) {
+    if (this->is_draining()) { // For a case we already checked Connection header and it didn't exist
+      Http2SsnDebug("Preparing for graceful shutdown because of draining state");
+      this->connection_state.set_shutdown_state(HTTP2_SHUTDOWN_NOT_INITIATED);
+    } /*else if (this->connection_state.get_stream_error_rate() >
+               Http2::stream_error_rate_threshold) { // For a case many stream errors happened
+      ip_port_text_buffer ipb;
+      const char *client_ip = ats_ip_ntop(get_remote_addr(), ipb, sizeof(ipb));
+      SiteThrottledWarning("HTTP/2 session error origin_ip=%s session_id=%" PRId64
+              " closing a connection, because its stream error rate (%f) exceeded the threshold (%f)",
+              client_ip, connection_id(), this->connection_state.get_stream_error_rate(), Http2::stream_error_rate_threshold);
+      Http2SsnDebug("Preparing for graceful shutdown because of a high stream error rate");
+      cause_of_death = Http2SessionCod::HIGH_ERROR_RATE;
+      this->connection_state.set_shutdown_state(HTTP2_SHUTDOWN_NOT_INITIATED, Http2ErrorCode::HTTP2_ERROR_ENHANCE_YOUR_CALM);
+    } */
+  }
+
+  if (this->connection_state.get_shutdown_state() == HTTP2_SHUTDOWN_NOT_INITIATED) {
+    send_connection_event(&this->connection_state, HTTP2_SESSION_EVENT_SHUTDOWN_INIT, this);
+  }
+
+  recursion--;
+  if (!connection_state.is_recursing() && this->recursion == 0 && kill_me) {
+    this->free();
+  }
+  return retval;
+}
+
+void
+Http2ServerSession::increment_current_active_connections_stat()
+{
+  HTTP2_INCREMENT_THREAD_DYN_STAT(HTTP2_STAT_CURRENT_ACTIVE_SERVER_CONNECTION_COUNT, this_ethread());
+}
+
+void
+Http2ServerSession::decrement_current_active_connections_stat()
+{
+  HTTP2_DECREMENT_THREAD_DYN_STAT(HTTP2_STAT_CURRENT_ACTIVE_SERVER_CONNECTION_COUNT, this_ethread());
+}
+
+sockaddr const *
+Http2ServerSession::get_remote_addr() const
+{
+  return _vc ? _vc->get_remote_addr() : &cached_client_addr.sa;
+}
+
+sockaddr const *
+Http2ServerSession::get_local_addr()
+{
+  return _vc ? _vc->get_local_addr() : &cached_local_addr.sa;
+}
+
+int
+Http2ServerSession::get_transact_count() const
+{
+  return connection_state.get_stream_requests();
+}
+
+const char *
+Http2ServerSession::get_protocol_string() const
+{
+  return "http/2";
+}
+
+void
+Http2ServerSession::release(ProxyTransaction *trans)
+{
+}
+
+int
+Http2ServerSession::populate_protocol(std::string_view *result, int size) const
+{
+  int retval = 0;
+  if (size > retval) {
+    result[retval++] = IP_PROTO_TAG_HTTP_2_0;
+    if (size > retval) {
+      retval += super::populate_protocol(result + retval, size - retval);
+    }
+  }
+  return retval;
+}
+
+const char *
+Http2ServerSession::protocol_contains(std::string_view prefix) const
+{
+  const char *retval = nullptr;
+
+  if (prefix.size() <= IP_PROTO_TAG_HTTP_2_0.size() && strncmp(IP_PROTO_TAG_HTTP_2_0.data(), prefix.data(), prefix.size()) == 0) {
+    retval = IP_PROTO_TAG_HTTP_2_0.data();
+  } else {
+    retval = super::protocol_contains(prefix);
+  }
+  return retval;
+}
+
+ProxySession *
+Http2ServerSession::get_proxy_session()
+{
+  return this;
+}
+
+ProxyTransaction *
+Http2ServerSession::new_transaction()
+{
+  this->set_session_active();
+
+  // Create a new stream/transaction
+  Http2Error error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
+  Http2Stream *stream = connection_state.create_initiating_stream(error);
+
+  if (!stream || connection_state.is_peer_concurrent_stream_ub()) {
+    if (error.cls != Http2ErrorClass::HTTP2_ERROR_CLASS_NONE) {
+      Error("HTTP/2 stream error code=0x%02x %s", static_cast<int>(error.code), error.msg);
+    }
+
+    remove_session();
+  }
+
+  return stream;
+}
+
+void
+Http2ServerSession::add_session()
+{
+  if (this->in_session_table) {
+    return;
+  }
+  Http2SsnDebug("Add session to pool");
+  EThread *ethread        = this_ethread();
+  ServerSessionPool *pool = ethread->server_session_pool;
+  MUTEX_TRY_LOCK(lock, pool->mutex, ethread);
+  if (lock.is_locked()) {
+    pool->addSession(this);
+    this->in_session_table = true;
+  }
+}
+
+void
+Http2ServerSession::remove_session()
+{
+  if (!this->in_session_table) {
+    return;
+  }
+  Http2SsnDebug("Remove session from pool");
+  EThread *ethread        = this_ethread();
+  ServerSessionPool *pool = ethread->server_session_pool;
+  MUTEX_TRY_LOCK(lock, pool->mutex, ethread);
+  if (lock.is_locked()) {
+    pool->removeSession(this);
+    in_session_table = false;
+  } else {
+    ink_release_assert(!"How did we not get the pool lock?");
+  }
+}
+
+bool
+Http2ServerSession::is_multiplexing() const
+{
+  return true;
+}
+
+bool
+Http2ServerSession::is_outbound() const
+{
+  return true;
+}
+
+void
+Http2ServerSession::set_netvc(NetVConnection *netvc)
+{
+  super::set_netvc(netvc);
+  if (netvc == nullptr) {
+    write_vio = nullptr;
+  }
+}
+
+void
+Http2ServerSession::set_no_activity_timeout()
+{
+  // Only set if not previously set
+  if (this->_vc->get_inactivity_timeout() == 0) {
+    this->set_inactivity_timeout(HRTIME_SECONDS(Http2::no_activity_timeout_out));
+  }
+}
+
+HTTPVersion
+Http2ServerSession::get_version(HTTPHdr &hdr) const
+{
+  return HTTP_2_0;
+}
+
+IOBufferReader *
+Http2ServerSession::get_remote_reader()
+{
+  return _read_buffer_reader;
+}
+
+std::function<PoolableSession *()> create_h2_server_session = []() -> PoolableSession * {
+  return http2ServerSessionAllocator.alloc();
+};
diff --git a/proxy/http2/Http2ServerSession.h b/proxy/http2/Http2ServerSession.h
new file mode 100644
index 00000000000..93d8f9fbf2f
--- /dev/null
+++ b/proxy/http2/Http2ServerSession.h
@@ -0,0 +1,94 @@
+/** @file
+
+  Http2ServerSession.
+
+  @section license License
+
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+ */
+
+#pragma once
+
+#include "Plugin.h"
+#include "Http2CommonSession.h"
+#include <string_view>
+#include "tscore/ink_inet.h"
+#include "tscore/History.h"
+#include "Milestones.h"
+#include "PoolableSession.h"
+
+class Http2ServerSession : public PoolableSession, public Http2CommonSession
+{
+public:
+  using super          = PoolableSession; ///< Parent type.
+  using SessionHandler = int (Http2ServerSession::*)(int, void *);
+
+  Http2ServerSession();
+
+  /////////////////////
+  // Methods
+
+  // Implement VConnection interface
+  void do_io_close(int lerrno = -1) override;
+
+  // Implement ProxySession interface
+  void new_connection(NetVConnection *new_vc, MIOBuffer *iobuf, IOBufferReader *reader) override;
+  void start() override;
+  void destroy() override;
+  void release(ProxyTransaction *trans) override;
+  void free() override;
+  ProxyTransaction *new_transaction() override;
+
+  void add_session() override;
+  void remove_session();
+
+  ////////////////////
+  // Accessors
+  sockaddr const *get_remote_addr() const override;
+  sockaddr const *get_local_addr() override;
+  int get_transact_count() const override;
+  const char *get_protocol_string() const override;
+  int populate_protocol(std::string_view *result, int size) const override;
+  const char *protocol_contains(std::string_view prefix) const override;
+  HTTPVersion get_version(HTTPHdr &hdr) const override;
+  void increment_current_active_connections_stat() override;
+  void decrement_current_active_connections_stat() override;
+  IOBufferReader *get_remote_reader() override;
+
+  ProxySession *get_proxy_session() override;
+
+  // noncopyable
+  Http2ServerSession(Http2ServerSession &)                  = delete;
+  Http2ServerSession &operator=(const Http2ServerSession &) = delete;
+
+  bool is_multiplexing() const override;
+  bool is_outbound() const override;
+
+  void set_netvc(NetVConnection *netvc) override;
+
+  void set_no_activity_timeout() override;
+
+private:
+  int main_event_handler(int, void *);
+
+  IpEndpoint cached_client_addr;
+  IpEndpoint cached_local_addr;
+
+  bool in_session_table = false;
+};
+
+extern ClassAllocator<Http2ServerSession> http2ServerSessionAllocator;
diff --git a/proxy/http2/Http2Stream.cc b/proxy/http2/Http2Stream.cc
index 33c96fbb643..c620b70b6d2 100644
--- a/proxy/http2/Http2Stream.cc
+++ b/proxy/http2/Http2Stream.cc
@@ -25,8 +25,10 @@
 
 #include "HTTP2.h"
 #include "Http2ClientSession.h"
+#include "Http2ServerSession.h"
 #include "HttpDebugNames.h"
 #include "HttpSM.h"
+#include "tscore/HTTPVersion.h"
 
 #include <numeric>
 
@@ -40,21 +42,34 @@
 
 ClassAllocator<Http2Stream, true> http2StreamAllocator("http2StreamAllocator");
 
-Http2Stream::Http2Stream(ProxySession *session, Http2StreamId sid, ssize_t initial_peer_rwnd, ssize_t initial_local_rwnd)
-  : super(session), _id(sid), _peer_rwnd(initial_peer_rwnd), _local_rwnd(initial_local_rwnd)
+Http2Stream::Http2Stream(ProxySession *session, Http2StreamId sid, ssize_t initial_peer_rwnd, ssize_t initial_local_rwnd,
+                         bool registered_stream)
+  : super(session), _id(sid), _registered_stream(registered_stream), _peer_rwnd(initial_peer_rwnd), _local_rwnd(initial_local_rwnd)
 {
   SET_HANDLER(&Http2Stream::main_event_handler);
 
   this->mark_milestone(Http2StreamMilestone::OPEN);
 
-  this->_sm                       = nullptr;
-  this->_thread                   = this_ethread();
-  this->upstream_outbound_options = *(session->accept_options);
+  this->_sm     = nullptr;
+  this->_thread = this_ethread();
+  this->_state  = Http2StreamState::HTTP2_STREAM_STATE_IDLE;
+
+  auto const *proxy_session = get_proxy_ssn();
+  ink_assert(proxy_session != nullptr);
+  auto const *h2_session = dynamic_cast<Http2CommonSession const *>(proxy_session);
+  ink_assert(h2_session != nullptr);
+  this->_is_outbound = h2_session->is_outbound();
 
   this->_reader = this->_receive_buffer.alloc_reader();
 
-  _receive_header.create(HTTP_TYPE_REQUEST);
-  _send_header.create(HTTP_TYPE_RESPONSE, HTTP_2_0);
+  if (this->is_outbound_connection()) { // Flip the sense of the expected headers.  Fix naming later
+    _receive_header.create(HTTP_TYPE_RESPONSE);
+    _send_header.create(HTTP_TYPE_REQUEST, HTTP_2_0);
+  } else {
+    this->upstream_outbound_options = *(session->accept_options);
+    _receive_header.create(HTTP_TYPE_REQUEST);
+    _send_header.create(HTTP_TYPE_RESPONSE, HTTP_2_0);
+  }
 
   http_parser_init(&http_parser);
 }
@@ -62,7 +77,16 @@ Http2Stream::Http2Stream(ProxySession *session, Http2StreamId sid, ssize_t initi
 Http2Stream::~Http2Stream()
 {
   REMEMBER(NO_EVENT, this->reentrancy_count);
-  Http2StreamDebug("Destroy stream, sent %" PRIu64 " bytes", this->bytes_sent);
+  Http2StreamDebug("Destroy stream, sent %" PRIu64 " bytes, registered: %s", this->bytes_sent,
+                   (_registered_stream ? "true" : "false"));
+
+  // In the case of a temporary stream used to parse the header to keep the HPACK
+  // up to date, there may not be a mutex.  Nothing was set up, so nothing to
+  // clean up in the destructor
+  if (this->mutex == nullptr) {
+    return;
+  }
+
   SCOPED_MUTEX_LOCK(lock, this->mutex, this_ethread());
   // Clean up after yourself if this was an EOS
   ink_release_assert(this->closed);
@@ -70,23 +94,26 @@ Http2Stream::~Http2Stream()
 
   uint64_t cid = 0;
 
-  // Safe to initiate SSN_CLOSE if this is the last stream
-  if (_proxy_ssn) {
-    cid = _proxy_ssn->connection_id();
+  if (_registered_stream) {
+    // Safe to initiate SSN_CLOSE if this is the last stream
+    if (_proxy_ssn) {
+      cid = _proxy_ssn->connection_id();
 
-    Http2ClientSession *h2_proxy_ssn = static_cast<Http2ClientSession *>(_proxy_ssn);
-    SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->mutex, this_ethread());
-    // Make sure the stream is removed from the stream list and priority tree
-    // In many cases, this has been called earlier, so this call is a no-op
-    h2_proxy_ssn->connection_state.delete_stream(this);
+      SCOPED_MUTEX_LOCK(lock, _proxy_ssn->mutex, this_ethread());
+      Http2ConnectionState &connection_state = this->get_connection_state();
 
-    h2_proxy_ssn->connection_state.decrement_peer_stream_count();
+      // Make sure the stream is removed from the stream list and priority tree
+      // In many cases, this has been called earlier, so this call is a no-op
+      connection_state.delete_stream(this);
 
-    // Update session's stream counts, so it accurately goes into keep-alive state
-    h2_proxy_ssn->connection_state.release_stream();
+      connection_state.decrement_peer_stream_count();
 
-    // Do not access `_proxy_ssn` in below. It might be freed by `release_stream`.
-  }
+      // Update session's stream counts, so it accurately goes into keep-alive state
+      connection_state.release_stream();
+
+      // Do not access `_proxy_ssn` in below. It might be freed by `release_stream`.
+    }
+  } // Otherwise, not registered with the connection_state (i.e. a temporary stream used for HPACK header processing)
 
   // Clean up the write VIO in case of inactivity timeout
   this->do_io_write(nullptr, 0, nullptr);
@@ -182,15 +209,17 @@ Http2Stream::main_event_handler(int event, void *edata)
         this->signal_write_event(event);
       }
     } else {
-      update_write_request(true);
+      this->update_write_request(true);
     }
     break;
   case VC_EVENT_READ_COMPLETE:
+    read_vio.nbytes = read_vio.ndone;
+    /* fall through */
   case VC_EVENT_READ_READY:
     _timeout.update_inactivity();
     if (e->cookie == &read_vio) {
       if (read_vio.mutex && read_vio.cont && this->_sm) {
-        signal_read_event(event);
+        this->signal_read_event(event);
       }
     } else {
       this->update_read_request(true);
@@ -199,10 +228,14 @@ Http2Stream::main_event_handler(int event, void *edata)
   case VC_EVENT_EOS:
     if (e->cookie == &read_vio) {
       SCOPED_MUTEX_LOCK(lock, read_vio.mutex, this_ethread());
-      read_vio.cont->handleEvent(VC_EVENT_EOS, &read_vio);
+      if (read_vio.cont) {
+        read_vio.cont->handleEvent(VC_EVENT_EOS, &read_vio);
+      }
     } else if (e->cookie == &write_vio) {
       SCOPED_MUTEX_LOCK(lock, write_vio.mutex, this_ethread());
-      write_vio.cont->handleEvent(VC_EVENT_EOS, &write_vio);
+      if (write_vio.cont) {
+        write_vio.cont->handleEvent(VC_EVENT_EOS, &write_vio);
+      }
     }
     break;
   }
@@ -216,8 +249,9 @@ Http2Stream::main_event_handler(int event, void *edata)
 Http2ErrorCode
 Http2Stream::decode_header_blocks(HpackHandle &hpack_handle, uint32_t maximum_table_size)
 {
-  Http2ErrorCode error = http2_decode_header_blocks(&_receive_header, header_blocks, header_blocks_length, nullptr, hpack_handle,
-                                                    is_trailing_header, maximum_table_size);
+  Http2ErrorCode error =
+    http2_decode_header_blocks(&_receive_header, (const uint8_t *)header_blocks, header_blocks_length, nullptr, hpack_handle,
+                               _trailing_header_is_possible, maximum_table_size, this->is_outbound_connection());
   if (error != Http2ErrorCode::HTTP2_ERROR_NO_ERROR) {
     Http2StreamDebug("Error decoding header blocks: %u", static_cast<uint32_t>(error));
   }
@@ -227,16 +261,30 @@ Http2Stream::decode_header_blocks(HpackHandle &hpack_handle, uint32_t maximum_ta
 void
 Http2Stream::send_request(Http2ConnectionState &cstate)
 {
-  ink_release_assert(this->_sm != nullptr);
-  this->_http_sm_id = this->_sm->sm_id;
+  if (closed) {
+    return;
+  }
+  REMEMBER(NO_EVENT, this->reentrancy_count);
 
   // Convert header to HTTP/1.1 format
   if (http2_convert_header_from_2_to_1_1(&_receive_header) == PARSE_RESULT_ERROR) {
-    // There's no way to cause Bad Request directly at this time.
-    // Set an invalid method so it causes an error later.
-    _receive_header.method_set("\xffVOID", 1);
+    Http2StreamDebug("Error converting HTTP/2 headers to HTTP/1.1.");
+    if (_receive_header.type_get() == HTTP_TYPE_REQUEST) {
+      // There's no way to cause Bad Request directly at this time.
+      // Set an invalid method so it causes an error later.
+      _receive_header.method_set("\xffVOID", 1);
+    }
   }
 
+  if (this->expect_send_trailer()) {
+    // Send read complete to terminate previous data tunnel
+    this->read_vio.nbytes = this->read_vio.ndone;
+    this->signal_read_event(VC_EVENT_READ_COMPLETE);
+  }
+
+  ink_release_assert(this->_sm != nullptr);
+  this->_http_sm_id = this->_sm->sm_id;
+
   // Write header to a buffer.  Borrowing logic from HttpSM::write_header_into_buffer.
   // Seems like a function like this ought to be in HTTPHdr directly
   int bufindex;
@@ -250,7 +298,7 @@ Http2Stream::send_request(Http2ConnectionState &cstate)
       this->_receive_buffer.add_block();
       block = this->_receive_buffer.get_current_block();
     }
-    done       = _receive_header.print(block->start(), block->write_avail(), &bufindex, &tmp);
+    done       = _receive_header.print(block->end(), block->write_avail(), &bufindex, &tmp);
     dumpoffset += bufindex;
     this->_receive_buffer.fill(bufindex);
     if (!done) {
@@ -267,7 +315,12 @@ Http2Stream::send_request(Http2ConnectionState &cstate)
   if (this->read_vio.nbytes > 0) {
     if (this->receive_end_stream) {
       this->read_vio.nbytes = bufindex;
-      this->signal_read_event(VC_EVENT_READ_COMPLETE);
+      this->read_vio.ndone  = bufindex;
+      if (this->is_outbound_connection()) {
+        this->signal_read_event(VC_EVENT_EOS);
+      } else {
+        this->signal_read_event(VC_EVENT_READ_COMPLETE);
+      }
     } else {
       // End of header but not end of stream, must have some body frames coming
       this->has_body = true;
@@ -300,6 +353,8 @@ Http2Stream::change_state(uint8_t type, uint8_t flags)
       }
     } else if (type == HTTP2_FRAME_TYPE_PUSH_PROMISE) {
       _state = Http2StreamState::HTTP2_STREAM_STATE_RESERVED_LOCAL;
+    } else if (type == HTTP2_FRAME_TYPE_RST_STREAM) {
+      _state = Http2StreamState::HTTP2_STREAM_STATE_CLOSED;
     } else {
       return false;
     }
@@ -310,7 +365,11 @@ Http2Stream::change_state(uint8_t type, uint8_t flags)
       _state = Http2StreamState::HTTP2_STREAM_STATE_CLOSED;
     } else if (type == HTTP2_FRAME_TYPE_HEADERS || type == HTTP2_FRAME_TYPE_DATA) {
       if (receive_end_stream) {
-        _state = Http2StreamState::HTTP2_STREAM_STATE_HALF_CLOSED_REMOTE;
+        if (send_end_stream) {
+          _state = Http2StreamState::HTTP2_STREAM_STATE_CLOSED;
+        } else {
+          _state = Http2StreamState::HTTP2_STREAM_STATE_HALF_CLOSED_REMOTE;
+        }
       } else if (send_end_stream) {
         _state = Http2StreamState::HTTP2_STREAM_STATE_HALF_CLOSED_LOCAL;
       } else {
@@ -343,10 +402,6 @@ Http2Stream::change_state(uint8_t type, uint8_t flags)
   case Http2StreamState::HTTP2_STREAM_STATE_HALF_CLOSED_LOCAL:
     if (type == HTTP2_FRAME_TYPE_RST_STREAM || receive_end_stream) {
       _state = Http2StreamState::HTTP2_STREAM_STATE_CLOSED;
-    } else {
-      // Error, set state closed
-      _state = Http2StreamState::HTTP2_STREAM_STATE_CLOSED;
-      return false;
     }
     break;
 
@@ -359,10 +414,6 @@ Http2Stream::change_state(uint8_t type, uint8_t flags)
     } else if (type == HTTP2_FRAME_TYPE_CONTINUATION) { // w/o END_STREAM flag
       // No state change here. Expect a following DATA frame with END_STREAM flag.
       return true;
-    } else {
-      // Error, set state closed
-      _state = Http2StreamState::HTTP2_STREAM_STATE_CLOSED;
-      return false;
     }
     break;
 
@@ -414,6 +465,7 @@ Http2Stream::do_io_write(Continuation *c, int64_t nbytes, IOBufferReader *abuffe
   write_vio.ndone     = 0;
   write_vio.vc_server = this;
   write_vio.op        = VIO::WRITE;
+  _send_reader        = abuffer;
 
   if (c != nullptr && nbytes > 0 && this->is_state_writeable()) {
     update_write_request(false);
@@ -434,23 +486,22 @@ Http2Stream::do_io_close(int /* flags */)
     REMEMBER(NO_EVENT, this->reentrancy_count);
     Http2StreamDebug("do_io_close");
 
+    // if (this->is_state_writeable()) { // Let the other end know we are going away
+    //  this->get_connection_state().send_rst_stream_frame(_id, Http2ErrorCode::HTTP2_ERROR_NO_ERROR);
+    //}
+
     // When we get here, the SM has initiated the shutdown.  Either it received a WRITE_COMPLETE, or it is shutting down.  Any
     // remaining IO operations back to client should be abandoned.  The SM-side buffers backing these operations will be deleted
     // by the time this is called from transaction_done.
     closed = true;
 
-    if (_proxy_ssn && this->is_state_writeable()) {
-      // Make sure any trailing end of stream frames are sent
-      // We will be removed at send_data_frames or closing connection phase
-      Http2ClientSession *h2_proxy_ssn = static_cast<Http2ClientSession *>(this->_proxy_ssn);
-      SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->mutex, this_ethread());
-      h2_proxy_ssn->connection_state.send_data_frames(this);
-    }
+    // Adjust state, so we don't process any more data
+    _state = Http2StreamState::HTTP2_STREAM_STATE_CLOSED;
 
     _clear_timers();
     clear_io_events();
 
-    // Wait until transaction_done is called from HttpSM to signal that the TXN_CLOSE hook has been executed
+    // Otherwise, Wait until transaction_done is called from HttpSM to signal that the TXN_CLOSE hook has been executed
   }
 }
 
@@ -466,7 +517,8 @@ Http2Stream::transaction_done()
   if (!closed) {
     do_io_close(); // Make sure we've been closed.  If we didn't close the _proxy_ssn session better still be open
   }
-  ink_release_assert(closed || !static_cast<Http2ClientSession *>(_proxy_ssn)->connection_state.is_state_closed());
+  Http2ConnectionState &state = this->get_connection_state();
+  ink_release_assert(closed || !state.is_state_closed());
   _sm = nullptr;
 
   if (closed) {
@@ -481,11 +533,11 @@ Http2Stream::transaction_done()
 void
 Http2Stream::terminate_if_possible()
 {
-  if (terminate_stream && reentrancy_count == 0) {
+  // if (terminate_stream && reentrancy_count == 0) {
+  if (reentrancy_count == 0 && closed && terminate_stream) {
     REMEMBER(NO_EVENT, this->reentrancy_count);
 
-    Http2ClientSession *h2_proxy_ssn = static_cast<Http2ClientSession *>(this->_proxy_ssn);
-    SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->mutex, this_ethread());
+    SCOPED_MUTEX_LOCK(lock, _proxy_ssn->mutex, this_ethread());
     THREAD_FREE(this, http2StreamAllocator, this_ethread());
   }
 }
@@ -497,7 +549,8 @@ Http2Stream::initiating_close()
   if (!closed) {
     SCOPED_MUTEX_LOCK(lock, this->mutex, this_ethread());
     REMEMBER(NO_EVENT, this->reentrancy_count);
-    Http2StreamDebug("initiating_close");
+    Http2StreamDebug("initiating_close client_window=%" PRId64 " session_window=%" PRId64, _peer_rwnd,
+                     this->get_connection_state().get_peer_rwnd_in());
 
     // Set the state of the connection to closed
     // TODO - these states should be combined
@@ -520,28 +573,34 @@ Http2Stream::initiating_close()
     bool sent_write_complete = false;
     if (_sm) {
       // Push out any last IO events
-      if (write_vio.cont) {
+      // First look for active write or read
+      if (write_vio.cont && write_vio.nbytes > 0 && write_vio.ndone == write_vio.nbytes &&
+          (!is_outbound_connection() || get_state() == Http2StreamState::HTTP2_STREAM_STATE_OPEN)) {
         SCOPED_MUTEX_LOCK(lock, write_vio.mutex, this_ethread());
-        // Are we done?
-        if (write_vio.nbytes > 0 && write_vio.nbytes == write_vio.ndone) {
-          Http2StreamDebug("handle write from destroy (event=%d)", VC_EVENT_WRITE_COMPLETE);
-          write_event = send_tracked_event(write_event, VC_EVENT_WRITE_COMPLETE, &write_vio);
-        } else {
-          write_event = send_tracked_event(write_event, VC_EVENT_EOS, &write_vio);
-          Http2StreamDebug("handle write from destroy (event=%d)", VC_EVENT_EOS);
-        }
+        Http2StreamDebug("Send tracked event VC_EVENT_WRITE_COMPLETE on write_vio. sm_id: %" PRId64, _sm->sm_id);
+        write_event         = send_tracked_event(write_event, VC_EVENT_WRITE_COMPLETE, &write_vio);
         sent_write_complete = true;
       }
-    }
-    // Send EOS to let SM know that we aren't sticking around
-    if (_sm && read_vio.cont) {
-      // Only bother with the EOS if we haven't sent the write complete
+
       if (!sent_write_complete) {
-        SCOPED_MUTEX_LOCK(lock, read_vio.mutex, this_ethread());
-        Http2StreamDebug("send EOS to read cont");
-        read_event = send_tracked_event(read_event, VC_EVENT_EOS, &read_vio);
+        if (write_vio.cont && write_vio.buffer.writer() &&
+            (!is_outbound_connection() || get_state() == Http2StreamState::HTTP2_STREAM_STATE_OPEN ||
+             get_state() == Http2StreamState::HTTP2_STREAM_STATE_HALF_CLOSED_LOCAL)) {
+          SCOPED_MUTEX_LOCK(lock, write_vio.mutex, this_ethread());
+          Http2StreamDebug("Send tracked event VC_EVENT_EOS on write_vio. sm_id: %" PRId64, _sm->sm_id);
+          write_event = send_tracked_event(write_event, VC_EVENT_EOS, &write_vio);
+        } else if (read_vio.cont && read_vio.buffer.writer()) {
+          SCOPED_MUTEX_LOCK(lock, read_vio.mutex, this_ethread());
+          Http2StreamDebug("Send tracked event VC_EVENT_EOS on read_vio. sm_id: %" PRId64, _sm->sm_id);
+          read_event = send_tracked_event(read_event, VC_EVENT_EOS, &read_vio);
+        } else {
+          Http2StreamDebug("send EOS to SM");
+          // Just send EOS to the _sm
+          _sm->handleEvent(VC_EVENT_EOS, nullptr);
+        }
       }
-    } else if (!sent_write_complete) {
+    } else {
+      Http2StreamDebug("No SM to signal");
       // Transaction is already gone or not started. Kill yourself
       terminate_stream = true;
       terminate_if_possible();
@@ -549,6 +608,12 @@ Http2Stream::initiating_close()
   }
 }
 
+bool
+Http2Stream::is_outbound_connection() const
+{
+  return _is_outbound;
+}
+
 /* Replace existing event only if the new event is different than the inprogress event */
 Event *
 Http2Stream::send_tracked_event(Event *event, int send_event, VIO *vio)
@@ -582,7 +647,7 @@ Http2Stream::update_read_request(bool call_update)
   ink_release_assert(this->_thread == this_ethread());
 
   SCOPED_MUTEX_LOCK(lock, read_vio.mutex, this_ethread());
-  if (read_vio.nbytes == 0) {
+  if (read_vio.nbytes == 0 || read_vio.is_disabled()) {
     return;
   }
 
@@ -609,9 +674,23 @@ Http2Stream::update_read_request(bool call_update)
 void
 Http2Stream::restart_sending()
 {
+  // Make sure the stream is in a good state to be sending
+  if (this->is_closed()) {
+    return;
+  }
   if (!this->parsing_header_done) {
+    this->update_write_request(true);
     return;
   }
+  if (this->is_outbound_connection()) {
+    if (this->get_state() != Http2StreamState::HTTP2_STREAM_STATE_OPEN || write_vio.ntodo() == 0) {
+      return;
+    }
+  } else {
+    if (this->get_state() != Http2StreamState::HTTP2_STREAM_STATE_HALF_CLOSED_REMOTE) {
+      return;
+    }
+  }
 
   IOBufferReader *reader = this->get_data_reader_for_send();
   if (reader && !reader->is_read_avail_more_than(0)) {
@@ -629,7 +708,7 @@ void
 Http2Stream::update_write_request(bool call_update)
 {
   if (!this->is_state_writeable() || closed || _proxy_ssn == nullptr || write_vio.mutex == nullptr ||
-      write_vio.get_reader() == nullptr) {
+      write_vio.get_reader() == nullptr || this->_send_reader == nullptr) {
     return;
   }
 
@@ -639,26 +718,40 @@ Http2Stream::update_write_request(bool call_update)
   }
   ink_release_assert(this->_thread == this_ethread());
 
-  Http2ClientSession *h2_proxy_ssn = static_cast<Http2ClientSession *>(this->_proxy_ssn);
+  Http2StreamDebug("update_write_request parse_done=%d", parsing_header_done);
+
+  Http2ConnectionState &connection_state = this->get_connection_state();
 
   SCOPED_MUTEX_LOCK(lock, write_vio.mutex, this_ethread());
 
   IOBufferReader *vio_reader = write_vio.get_reader();
-  if (write_vio.ntodo() == 0 || !vio_reader->is_read_avail_more_than(0)) {
+  if (write_vio.ntodo() > 0 && (!vio_reader->is_read_avail_more_than(0) ||
+                                // If there is no window left, just give up now too
+                                std::min(_peer_rwnd, this->get_connection_state().get_peer_rwnd_in()) == 0)) {
+    Http2StreamDebug("update_write_request give up without doing anything ntodo=%" PRId64 " is_read_avail=%d client_window=%" PRId64
+                     " session_window=%" PRId64,
+                     write_vio.ntodo(), vio_reader->is_read_avail_more_than(0), _peer_rwnd,
+                     this->get_connection_state().get_peer_rwnd_in());
     return;
   }
 
   // Process the new data
   if (!this->parsing_header_done) {
-    // Still parsing the response_header
+    // Still parsing the request or response header
     int bytes_used = 0;
-    int state      = this->_send_header.parse_resp(&http_parser, vio_reader, &bytes_used, false);
-    // HTTPHdr::parse_resp() consumed the vio_reader in above (consumed size is `bytes_used`)
+    int state;
+    if (this->is_outbound_connection()) {
+      state = this->_send_header.parse_req(&http_parser, this->_send_reader, &bytes_used, false);
+    } else {
+      state = this->_send_header.parse_resp(&http_parser, this->_send_reader, &bytes_used, false);
+    }
+    // HTTPHdr::parse_resp() consumed the send_reader in above
     write_vio.ndone += bytes_used;
 
     switch (state) {
     case PARSE_RESULT_DONE: {
       this->parsing_header_done = true;
+      Http2StreamDebug("update_write_request parsing done, read %d bytes", bytes_used);
 
       // Schedule session shutdown if response header has "Connection: close"
       MIMEField *field = this->_send_header.field_find(MIME_FIELD_CONNECTION, MIME_LEN_CONNECTION);
@@ -666,31 +759,36 @@ Http2Stream::update_write_request(bool call_update)
         int len;
         const char *value = field->value_get(&len);
         if (memcmp(HTTP_VALUE_CLOSE, value, HTTP_LEN_CLOSE) == 0) {
-          SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->mutex, this_ethread());
-          if (h2_proxy_ssn->connection_state.get_shutdown_state() == HTTP2_SHUTDOWN_NONE) {
-            h2_proxy_ssn->connection_state.set_shutdown_state(HTTP2_SHUTDOWN_NOT_INITIATED, Http2ErrorCode::HTTP2_ERROR_NO_ERROR);
+          SCOPED_MUTEX_LOCK(lock, _proxy_ssn->mutex, this_ethread());
+          if (connection_state.get_shutdown_state() == HTTP2_SHUTDOWN_NONE) {
+            connection_state.set_shutdown_state(HTTP2_SHUTDOWN_NOT_INITIATED, Http2ErrorCode::HTTP2_ERROR_NO_ERROR);
           }
         }
       }
 
       {
-        SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->mutex, this_ethread());
+        SCOPED_MUTEX_LOCK(lock, _proxy_ssn->mutex, this_ethread());
         // Send the response header back
-        h2_proxy_ssn->connection_state.send_headers_frame(this);
+        connection_state.send_headers_frame(this);
       }
 
       // Roll back states of response header to read final response
-      if (this->_send_header.expect_final_response()) {
+      if (!this->is_outbound_connection() && this->_send_header.expect_final_response()) {
         this->parsing_header_done = false;
+      }
+      if (this->is_outbound_connection() || this->_send_header.expect_final_response()) {
         _send_header.destroy();
-        _send_header.create(HTTP_TYPE_RESPONSE, HTTP_2_0);
+        _send_header.create(this->is_outbound_connection() ? HTTP_TYPE_REQUEST : HTTP_TYPE_RESPONSE, HTTP_2_0);
         http_parser_clear(&http_parser);
         http_parser_init(&http_parser);
       }
+      bool final_write = this->write_vio.ntodo() == 0;
+      if (final_write) {
+        this->signal_write_event(VC_EVENT_WRITE_COMPLETE, !CALL_UPDATE);
+      }
 
-      this->signal_write_event(call_update);
-
-      if (vio_reader->is_read_avail_more_than(0)) {
+      if (!final_write && this->_send_reader->is_read_avail_more_than(0)) {
+        Http2StreamDebug("update_write_request done parsing, still more to send");
         this->_milestones.mark(Http2StreamMilestone::START_TX_DATA_FRAMES);
         this->send_body(call_update);
       }
@@ -698,8 +796,10 @@ Http2Stream::update_write_request(bool call_update)
     }
     case PARSE_RESULT_CONT:
       // Let it ride for next time
+      Http2StreamDebug("update_write_request still parsing, read %d bytes", bytes_used);
       break;
     default:
+      Http2StreamDebug("update_write_request  state %d, read %d bytes", state, bytes_used);
       break;
     }
   } else {
@@ -713,12 +813,18 @@ Http2Stream::update_write_request(bool call_update)
 void
 Http2Stream::signal_read_event(int event)
 {
-  if (this->read_vio.cont == nullptr || this->read_vio.cont->mutex == nullptr || this->read_vio.op == VIO::NONE) {
+  if (this->read_vio.cont == nullptr || this->read_vio.cont->mutex == nullptr || this->read_vio.op == VIO::NONE ||
+      this->terminate_stream) {
     return;
   }
 
+  reentrancy_count++;
   MUTEX_TRY_LOCK(lock, read_vio.cont->mutex, this_ethread());
   if (lock.is_locked()) {
+    if (read_event) {
+      read_event->cancel();
+      read_event = nullptr;
+    }
     _timeout.update_inactivity();
     this->read_vio.cont->handleEvent(event, &this->read_vio);
   } else {
@@ -727,79 +833,82 @@ Http2Stream::signal_read_event(int event)
     }
     this->_read_vio_event = this_ethread()->schedule_in(this, retry_delay, event, &read_vio);
   }
+  reentrancy_count--;
+  // Clean stream up if the terminate flag is set and we are at the bottom of the handler stack
+  terminate_if_possible();
 }
 
 void
-Http2Stream::signal_write_event(int event)
+Http2Stream::signal_write_event(int event, bool call_update)
 {
   // Don't signal a write event if in fact nothing was written
   if (this->write_vio.cont == nullptr || this->write_vio.cont->mutex == nullptr || this->write_vio.op == VIO::NONE ||
-      this->write_vio.nbytes == 0) {
-    return;
-  }
-
-  MUTEX_TRY_LOCK(lock, write_vio.cont->mutex, this_ethread());
-  if (lock.is_locked()) {
-    _timeout.update_inactivity();
-    this->write_vio.cont->handleEvent(event, &this->write_vio);
-  } else {
-    if (this->_write_vio_event) {
-      this->_write_vio_event->cancel();
-    }
-    this->_write_vio_event = this_ethread()->schedule_in(this, retry_delay, event, &write_vio);
-  }
-}
-
-void
-Http2Stream::signal_write_event(bool call_update)
-{
-  if (this->write_vio.cont == nullptr || this->write_vio.op == VIO::NONE) {
-    return;
-  }
-
-  if (this->write_vio.get_writer()->write_avail() == 0) {
+      this->terminate_stream) {
     return;
   }
 
-  int send_event = this->write_vio.ntodo() == 0 ? VC_EVENT_WRITE_COMPLETE : VC_EVENT_WRITE_READY;
-
+  reentrancy_count++;
   if (call_update) {
-    // Coming from reenable.  Safe to call the handler directly
-    if (write_vio.cont && this->_sm) {
-      write_vio.cont->handleEvent(send_event, &write_vio);
+    MUTEX_TRY_LOCK(lock, write_vio.cont->mutex, this_ethread());
+    if (lock.is_locked()) {
+      if (write_event) {
+        write_event->cancel();
+        write_event = nullptr;
+      }
+      _timeout.update_inactivity();
+      this->write_vio.cont->handleEvent(event, &this->write_vio);
+    } else {
+      if (this->_write_vio_event) {
+        this->_write_vio_event->cancel();
+      }
+      this->_write_vio_event = this_ethread()->schedule_in(this, retry_delay, event, &write_vio);
     }
   } else {
     // Called from do_io_write. Might still be setting up state. Send an event to let the dust settle
-    write_event = send_tracked_event(write_event, send_event, &write_vio);
+    write_event = send_tracked_event(write_event, event, &write_vio);
   }
+  reentrancy_count--;
+  // Clean stream up if the terminate flag is set and we are at the bottom of the handler stack
+  terminate_if_possible();
 }
 
 bool
 Http2Stream::push_promise(URL &url, const MIMEField *accept_encoding)
 {
-  Http2ClientSession *h2_proxy_ssn = static_cast<Http2ClientSession *>(this->_proxy_ssn);
-  SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->mutex, this_ethread());
-  return h2_proxy_ssn->connection_state.send_push_promise_frame(this, url, accept_encoding);
+  SCOPED_MUTEX_LOCK(lock, _proxy_ssn->mutex, this_ethread());
+  return this->get_connection_state().send_push_promise_frame(this, url, accept_encoding);
 }
 
 void
 Http2Stream::send_body(bool call_update)
 {
-  Http2ClientSession *h2_proxy_ssn = static_cast<Http2ClientSession *>(this->_proxy_ssn);
+  Http2ConnectionState &connection_state = this->get_connection_state();
   _timeout.update_inactivity();
 
+  reentrancy_count++;
+
+  SCOPED_MUTEX_LOCK(lock, _proxy_ssn->mutex, this_ethread());
   if (Http2::stream_priority_enabled) {
-    SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->mutex, this_ethread());
-    h2_proxy_ssn->connection_state.schedule_stream(this);
+    connection_state.schedule_stream(this);
     // signal_write_event() will be called from `Http2ConnectionState::send_data_frames_depends_on_priority()`
     // when write_vio is consumed
   } else {
-    SCOPED_MUTEX_LOCK(lock, h2_proxy_ssn->mutex, this_ethread());
-    h2_proxy_ssn->connection_state.send_data_frames(this);
-    this->signal_write_event(call_update);
+    connection_state.send_data_frames(this);
     // XXX The call to signal_write_event can destroy/free the Http2Stream.
     // Don't modify the Http2Stream after calling this method.
   }
+
+  reentrancy_count--;
+  terminate_if_possible();
+}
+
+void
+Http2Stream::reenable_write()
+{
+  if (this->_proxy_ssn) {
+    SCOPED_MUTEX_LOCK(lock, this->mutex, this_ethread());
+    update_write_request(true);
+  }
 }
 
 void
@@ -810,14 +919,9 @@ Http2Stream::reenable(VIO *vio)
       SCOPED_MUTEX_LOCK(lock, this->mutex, this_ethread());
       update_write_request(true);
     } else if (vio->op == VIO::READ) {
-      Http2ClientSession *h2_proxy_ssn = static_cast<Http2ClientSession *>(this->_proxy_ssn);
-      {
-        SCOPED_MUTEX_LOCK(ssn_lock, h2_proxy_ssn->mutex, this_ethread());
-        h2_proxy_ssn->connection_state.restart_receiving(this);
-      }
-
-      SCOPED_MUTEX_LOCK(lock, this->mutex, this_ethread());
-      update_read_request(true);
+      SCOPED_MUTEX_LOCK(ssn_lock, _proxy_ssn->mutex, this_ethread());
+      Http2ConnectionState &connection_state = this->get_connection_state();
+      connection_state.restart_receiving(this);
     }
   }
 }
@@ -825,7 +929,7 @@ Http2Stream::reenable(VIO *vio)
 IOBufferReader *
 Http2Stream::get_data_reader_for_send() const
 {
-  return write_vio.get_reader();
+  return this->_send_reader;
 }
 
 void
@@ -903,14 +1007,23 @@ Http2Stream::release()
 void
 Http2Stream::increment_transactions_stat()
 {
-  HTTP2_INCREMENT_THREAD_DYN_STAT(HTTP2_STAT_CURRENT_CLIENT_STREAM_COUNT, _thread);
-  HTTP2_INCREMENT_THREAD_DYN_STAT(HTTP2_STAT_TOTAL_CLIENT_STREAM_COUNT, _thread);
+  if (this->is_outbound_connection()) {
+    HTTP2_INCREMENT_THREAD_DYN_STAT(HTTP2_STAT_CURRENT_SERVER_STREAM_COUNT, _thread);
+    HTTP2_INCREMENT_THREAD_DYN_STAT(HTTP2_STAT_TOTAL_SERVER_STREAM_COUNT, _thread);
+  } else {
+    HTTP2_INCREMENT_THREAD_DYN_STAT(HTTP2_STAT_CURRENT_CLIENT_STREAM_COUNT, _thread);
+    HTTP2_INCREMENT_THREAD_DYN_STAT(HTTP2_STAT_TOTAL_CLIENT_STREAM_COUNT, _thread);
+  }
 }
 
 void
 Http2Stream::decrement_transactions_stat()
 {
-  HTTP2_DECREMENT_THREAD_DYN_STAT(HTTP2_STAT_CURRENT_CLIENT_STREAM_COUNT, _thread);
+  if (this->is_outbound_connection()) {
+    HTTP2_DECREMENT_THREAD_DYN_STAT(HTTP2_STAT_CURRENT_SERVER_STREAM_COUNT, _thread);
+  } else {
+    HTTP2_DECREMENT_THREAD_DYN_STAT(HTTP2_STAT_CURRENT_CLIENT_STREAM_COUNT, _thread);
+  }
 }
 
 ssize_t
@@ -1016,3 +1129,68 @@ Http2Stream::has_request_body(int64_t content_length, bool is_chunked_set) const
 {
   return has_body;
 }
+
+Http2ConnectionState &
+Http2Stream::get_connection_state()
+{
+  if (this->is_outbound_connection()) {
+    Http2ServerSession *session = static_cast<Http2ServerSession *>(_proxy_ssn);
+    return session->connection_state;
+  } else {
+    Http2ClientSession *session = static_cast<Http2ClientSession *>(_proxy_ssn);
+    return session->connection_state;
+  }
+}
+
+bool
+Http2Stream::is_read_closed() const
+{
+  return this->receive_end_stream;
+}
+
+bool
+Http2Stream::expect_send_trailer() const
+{
+  return this->_expect_send_trailer;
+}
+
+void
+Http2Stream::set_expect_send_trailer()
+{
+  _expect_send_trailer = true;
+  parsing_header_done  = false;
+  reset_send_headers();
+}
+bool
+Http2Stream::expect_receive_trailer() const
+{
+  return this->_expect_receive_trailer;
+}
+
+void
+Http2Stream::set_expect_receive_trailer()
+{
+  _expect_receive_trailer = true;
+}
+
+void
+Http2Stream::set_rx_error_code(ProxyError e)
+{
+  if (!this->is_outbound_connection() && this->_sm) {
+    this->_sm->t_state.client_info.rx_error_code = e;
+  }
+}
+
+void
+Http2Stream::set_tx_error_code(ProxyError e)
+{
+  if (!this->is_outbound_connection() && this->_sm) {
+    this->_sm->t_state.client_info.tx_error_code = e;
+  }
+}
+
+HTTPVersion
+Http2Stream::get_version(HTTPHdr &hdr) const
+{
+  return HTTP_2_0;
+}
diff --git a/proxy/http2/Http2Stream.h b/proxy/http2/Http2Stream.h
index ead1d60f733..87a0d95059e 100644
--- a/proxy/http2/Http2Stream.h
+++ b/proxy/http2/Http2Stream.h
@@ -35,7 +35,7 @@
 class Http2Stream;
 class Http2ConnectionState;
 
-typedef Http2DependencyTree::Tree<Http2Stream *> DependencyTree;
+using DependencyTree = Http2DependencyTree::Tree<Http2Stream *>;
 
 enum class Http2StreamMilestone {
   OPEN = 0,
@@ -48,6 +48,8 @@ enum class Http2StreamMilestone {
   LAST_ENTRY,
 };
 
+constexpr bool STREAM_IS_REGISTERED = true;
+
 class Http2Stream : public ProxyTransaction
 {
 public:
@@ -55,13 +57,15 @@ class Http2Stream : public ProxyTransaction
   using super           = ProxyTransaction; ///< Parent type.
 
   Http2Stream() {} // Just to satisfy ClassAllocator
-  Http2Stream(ProxySession *session, Http2StreamId sid, ssize_t initial_peer_rwnd, ssize_t initial_local_rwnd);
-  ~Http2Stream();
+  Http2Stream(ProxySession *session, Http2StreamId sid, ssize_t initial_peer_rwnd, ssize_t initial_local_rwnd,
+              bool registered_stream);
+  ~Http2Stream() override;
 
   int main_event_handler(int event, void *edata);
 
   void release() override;
   void reenable(VIO *vio) override;
+  void reenable_write();
   void transaction_done() override;
 
   void
@@ -72,17 +76,22 @@ class Http2Stream : public ProxyTransaction
   VIO *do_io_write(Continuation *c, int64_t nbytes, IOBufferReader *abuffer, bool owner = false) override;
   void do_io_close(int lerrno = -1) override;
 
+  bool expect_send_trailer() const override;
+  void set_expect_send_trailer() override;
+  bool expect_receive_trailer() const override;
+  void set_expect_receive_trailer() override;
+
   Http2ErrorCode decode_header_blocks(HpackHandle &hpack_handle, uint32_t maximum_table_size);
   void send_request(Http2ConnectionState &cstate);
   void initiating_close();
+  bool is_outbound_connection() const;
   void terminate_if_possible();
   void update_read_request(bool send_update);
   void update_write_request(bool send_update);
 
   void signal_read_event(int event);
-  void signal_write_event(int event);
   static constexpr auto CALL_UPDATE = true;
-  void signal_write_event(bool call_update = CALL_UPDATE);
+  void signal_write_event(int event, bool call_update = CALL_UPDATE);
 
   void restart_sending();
   bool push_promise(URL &url, const MIMEField *accept_encoding);
@@ -116,17 +125,31 @@ class Http2Stream : public ProxyTransaction
   bool is_first_transaction() const override;
   void increment_transactions_stat() override;
   void decrement_transactions_stat() override;
+  void set_transaction_id(int new_id);
   int get_transaction_id() const override;
   int get_transaction_priority_weight() const override;
   int get_transaction_priority_dependence() const override;
+  bool is_read_closed() const override;
+
+  HTTPHdr *
+  get_send_header()
+  {
+    return &_send_header;
+  }
+
+  void read_update(int count);
+  void read_done();
 
   void clear_io_events();
 
   bool is_state_writeable() const;
   bool is_closed() const;
   IOBufferReader *get_data_reader_for_send() const;
+  void set_rx_error_code(ProxyError e) override;
+  void set_tx_error_code(ProxyError e) override;
 
   bool has_request_body(int64_t content_length, bool is_chunked_set) const override;
+  HTTPVersion get_version(HTTPHdr &hdr) const override;
 
   void mark_milestone(Http2StreamMilestone type);
 
@@ -139,15 +162,20 @@ class Http2Stream : public ProxyTransaction
   bool change_state(uint8_t type, uint8_t flags);
   void set_peer_rwnd(Http2WindowSize new_size);
   void set_local_rwnd(Http2WindowSize new_size);
-  bool has_trailing_header() const;
+  bool trailing_header_is_possible() const;
+  void set_trailing_header_is_possible();
   void set_receive_headers(HTTPHdr &h2_headers);
+  void reset_receive_headers();
+  void reset_send_headers();
   MIOBuffer *read_vio_writer() const;
   int64_t read_vio_read_avail();
+  bool read_enabled() const;
 
   //////////////////
   // Variables
   uint8_t *header_blocks        = nullptr;
-  uint32_t header_blocks_length = 0; // total length of header blocks (not include Padding or other fields)
+  uint32_t header_blocks_length = 0; // total length of header blocks (not include
+                                     // Padding or other fields)
 
   bool receive_end_stream = false;
   bool send_end_stream    = false;
@@ -156,10 +184,12 @@ class Http2Stream : public ProxyTransaction
   bool is_first_transaction_flag = false;
 
   HTTPHdr _send_header;
+  IOBufferReader *_send_reader             = nullptr;
   Http2DependencyTree::Node *priority_node = nullptr;
 
+  Http2ConnectionState &get_connection_state();
+
 private:
-  bool response_is_data_available() const;
   Event *send_tracked_event(Event *event, int send_event, VIO *vio);
   void send_body(bool call_update);
   void _clear_timers();
@@ -180,15 +210,28 @@ class Http2Stream : public ProxyTransaction
 
   HTTPHdr _receive_header;
   MIOBuffer _receive_buffer = CLIENT_CONNECTION_FIRST_READ_BUFFER_SIZE_INDEX;
-  int64_t read_vio_nbytes;
   VIO read_vio;
   VIO write_vio;
 
   History<HISTORY_DEFAULT_SIZE> _history;
   Milestones<Http2StreamMilestone, static_cast<size_t>(Http2StreamMilestone::LAST_ENTRY)> _milestones;
 
-  bool is_trailing_header = false;
-  bool has_body           = false;
+  bool _trailing_header_is_possible = false;
+  bool _expect_send_trailer         = false;
+  bool _expect_receive_trailer      = false;
+
+  bool has_body = false;
+
+  /** Whether this is an outbound (toward the origin) connection.
+   *
+   * We store this upon construction as a cached version of the session's
+   * is_outbound() call. In some circumstances we need this value after a
+   * session close in which is_outbound is not accessible.
+   */
+  bool _is_outbound = false;
+
+  /** Whether the stream has been registered with the connection state. */
+  bool _registered_stream = true;
 
   // A brief discussion of similar flags and state variables:  _state, closed, terminate_stream
   //
@@ -265,6 +308,12 @@ Http2Stream::get_transaction_id() const
   return _id;
 }
 
+inline void
+Http2Stream::set_transaction_id(int new_id)
+{
+  _id = new_id;
+}
+
 inline Http2StreamState
 Http2Stream::get_state() const
 {
@@ -284,9 +333,15 @@ Http2Stream::set_local_rwnd(Http2WindowSize new_size)
 }
 
 inline bool
-Http2Stream::has_trailing_header() const
+Http2Stream::trailing_header_is_possible() const
 {
-  return is_trailing_header;
+  return _trailing_header_is_possible;
+}
+
+inline void
+Http2Stream::set_trailing_header_is_possible()
+{
+  _trailing_header_is_possible = true;
 }
 
 inline void
@@ -295,6 +350,20 @@ Http2Stream::set_receive_headers(HTTPHdr &h2_headers)
   _receive_header.copy(&h2_headers);
 }
 
+inline void
+Http2Stream::reset_receive_headers()
+{
+  this->_receive_header.destroy();
+  this->_receive_header.create(HTTP_TYPE_RESPONSE);
+}
+
+inline void
+Http2Stream::reset_send_headers()
+{
+  this->_send_header.destroy();
+  this->_send_header.create(HTTP_TYPE_RESPONSE);
+}
+
 // Check entire DATA payload length if content-length: header is exist
 inline void
 Http2Stream::increment_data_length(uint64_t length)
@@ -306,6 +375,10 @@ inline bool
 Http2Stream::payload_length_is_valid() const
 {
   uint32_t content_length = _receive_header.get_content_length();
+  if (content_length != 0 && content_length != data_length) {
+    Warning("Bad payload length content_length=%d data_legnth=%d session_id=%" PRId64, content_length,
+            static_cast<int>(data_length), _proxy_ssn->connection_id());
+  }
   return content_length == 0 || content_length == data_length;
 }
 
@@ -313,7 +386,8 @@ inline bool
 Http2Stream::is_state_writeable() const
 {
   return _state == Http2StreamState::HTTP2_STREAM_STATE_OPEN || _state == Http2StreamState::HTTP2_STREAM_STATE_HALF_CLOSED_REMOTE ||
-         _state == Http2StreamState::HTTP2_STREAM_STATE_RESERVED_LOCAL;
+         _state == Http2StreamState::HTTP2_STREAM_STATE_RESERVED_LOCAL ||
+         (this->is_outbound_connection() && _state == Http2StreamState::HTTP2_STREAM_STATE_IDLE);
 }
 
 inline bool
@@ -334,9 +408,27 @@ Http2Stream::read_vio_writer() const
   return this->read_vio.get_writer();
 }
 
+inline bool
+Http2Stream::read_enabled() const
+{
+  return !this->read_vio.is_disabled();
+}
+
 inline void
 Http2Stream::_clear_timers()
 {
   _timeout.cancel_active_timeout();
   _timeout.cancel_inactive_timeout();
 }
+
+inline void
+Http2Stream::read_update(int count)
+{
+  read_vio.ndone += count;
+}
+
+inline void
+Http2Stream::read_done()
+{
+  read_vio.nbytes = read_vio.ndone;
+}
diff --git a/proxy/http2/Makefile.am b/proxy/http2/Makefile.am
index c0444d01020..ea3783e1a71 100644
--- a/proxy/http2/Makefile.am
+++ b/proxy/http2/Makefile.am
@@ -45,6 +45,8 @@ libhttp2_a_SOURCES = \
 	Http2ClientSession.h \
 	Http2CommonSession.cc \
 	Http2CommonSession.h \
+	Http2ServerSession.cc \
+	Http2ServerSession.h \
 	Http2ConnectionState.cc \
 	Http2ConnectionState.h \
 	Http2DebugNames.cc \
diff --git a/proxy/http2/unit_tests/test_HTTP2.cc b/proxy/http2/unit_tests/test_HTTP2.cc
index 5ec532031e1..cb4dcf2e8a2 100644
--- a/proxy/http2/unit_tests/test_HTTP2.cc
+++ b/proxy/http2/unit_tests/test_HTTP2.cc
@@ -107,8 +107,8 @@ TEST_CASE("Convert HTTPHdr", "[HTTP2]")
 
     // check
     CHECK_THAT(buf, Catch::StartsWith("GET https://trafficserver.apache.org/index.html HTTP/1.1\r\n"
-                                      "Host: trafficserver.apache.org\r\n"
                                       "User-Agent: foobar\r\n"
+                                      "Host: trafficserver.apache.org\r\n"
                                       "\r\n"));
   }
 
diff --git a/src/records/RecHttp.cc b/src/records/RecHttp.cc
index 4d64f85b135..524d376b790 100644
--- a/src/records/RecHttp.cc
+++ b/src/records/RecHttp.cc
@@ -886,16 +886,10 @@ convert_alpn_to_wire_format(std::string_view protocols_sv, unsigned char *wire_f
       Error("Unknown protocol name in configured ALPN list: \"%.*s\"", static_cast<int>(protocol.size()), protocol.data());
       return false;
     }
-    // We currently only support HTTP/1.x protocols toward the origin.
-    if (!HTTP_PROTOCOL_SET.contains(protocol_index)) {
-      Error("Unsupported non-HTTP/1.x protocol name in configured ALPN list: \"%.*s\"", static_cast<int>(protocol.size()),
-            protocol.data());
-      return false;
-    }
-    // But not HTTP/0.9.
-    if (protocol_index == TS_ALPN_PROTOCOL_INDEX_HTTP_0_9) {
-      Error("Unsupported \"http/0.9\" protocol name in configured ALPN list: \"%.*s\"", static_cast<int>(protocol.size()),
-            protocol.data());
+    // Make sure the protocol is one of our supported protocols.
+    if (protocol_index == TS_ALPN_PROTOCOL_INDEX_HTTP_0_9 ||
+        (!HTTP_PROTOCOL_SET.contains(protocol_index) && !HTTP2_PROTOCOL_SET.contains(protocol_index))) {
+      Error("Unsupported protocol name in configured ALPN list: %.*s", static_cast<int>(protocol.size()), protocol.data());
       return false;
     }
 
diff --git a/src/records/unit_tests/test_RecHttp.cc b/src/records/unit_tests/test_RecHttp.cc
index 6dcf4f0e0f5..ce4158b8952 100644
--- a/src/records/unit_tests/test_RecHttp.cc
+++ b/src/records/unit_tests/test_RecHttp.cc
@@ -165,13 +165,6 @@ std::vector<ConvertAlpnToWireFormatTestCase> convertAlpnToWireFormatTestCases =
     0,
     false
   },
-  {
-    "Single protocol: HTTP/2 (currently unsupported)",
-    "h2",
-    { 0 },
-    0,
-    false
-  },
   {
     "Single protocol: HTTP/3 (currently unsupported)",
     "h3",
@@ -179,13 +172,6 @@ std::vector<ConvertAlpnToWireFormatTestCase> convertAlpnToWireFormatTestCases =
     0,
     false
   },
-  {
-    "Both HTTP/1.1 and HTTP/2 (HTTP/2 is currently unsupported)",
-    "h2,http/1.1",
-    { 0 },
-    0,
-    false
-  },
   // --------------------------------------------------------------------------
   // Happy cases.
   // --------------------------------------------------------------------------
@@ -197,7 +183,14 @@ std::vector<ConvertAlpnToWireFormatTestCase> convertAlpnToWireFormatTestCases =
     true
   },
   {
-    "Multiple protocols: HTTP/1.0, HTTP/1.1",
+    "Single protocol: HTTP/2",
+    "h2",
+    {0x02, 'h', '2'},
+    3,
+    true
+  },
+  {
+    "Multiple protocols: HTTP/1.1, HTTP/1.0",
     "http/1.1,http/1.0",
     {0x08, 'h', 't', 't', 'p', '/', '1', '.', '1', 0x08, 'h', 't', 't', 'p', '/', '1', '.', '0'},
     18,
@@ -210,6 +203,13 @@ std::vector<ConvertAlpnToWireFormatTestCase> convertAlpnToWireFormatTestCases =
     18,
     true
   },
+  {
+    "Both HTTP/2 and HTTP/1.1",
+    "h2,http/1.1",
+    {0x02, 'h', '2', 0x08, 'h', 't', 't', 'p', '/', '1', '.', '1'},
+    12,
+    true
+  },
 };
 // clang-format on
 
diff --git a/src/traffic_server/InkAPI.cc b/src/traffic_server/InkAPI.cc
index 45b6f73f900..c9a0ac76e06 100644
--- a/src/traffic_server/InkAPI.cc
+++ b/src/traffic_server/InkAPI.cc
@@ -41,7 +41,7 @@
 #include "HTTP.h"
 #include "ProxySession.h"
 #include "Http2ClientSession.h"
-#include "Http1ServerSession.h"
+#include "PoolableSession.h"
 #include "HttpSM.h"
 #include "HttpConfig.h"
 #include "P_Net.h"
@@ -4948,12 +4948,11 @@ TSHttpSsnClientVConnGet(TSHttpSsn ssnp)
 TSVConn
 TSHttpSsnServerVConnGet(TSHttpSsn ssnp)
 {
-  TSVConn vconn       = nullptr;
   PoolableSession *ss = reinterpret_cast<PoolableSession *>(ssnp);
   if (ss != nullptr) {
-    vconn = reinterpret_cast<TSVConn>(ss->get_netvc());
+    return reinterpret_cast<TSVConn>(ss->get_netvc());
   }
-  return vconn;
+  return nullptr;
 }
 
 TSVConn
@@ -7851,9 +7850,8 @@ TSHttpTxnServerFdGet(TSHttpTxn txnp, int *fdp)
   sdk_assert(sdk_sanity_check_txn(txnp) == TS_SUCCESS);
   sdk_assert(sdk_sanity_check_null_ptr((void *)fdp) == TS_SUCCESS);
 
-  HttpSM *sm = reinterpret_cast<HttpSM *>(txnp);
-  *fdp       = -1;
-
+  HttpSM *sm           = reinterpret_cast<HttpSM *>(txnp);
+  *fdp                 = -1;
   TSReturnCode retval  = TS_ERROR;
   ProxyTransaction *ss = sm->get_server_txn();
   if (ss != nullptr) {
diff --git a/tests/gold_tests/chunked_encoding/chunked_encoding.test.py b/tests/gold_tests/chunked_encoding/chunked_encoding.test.py
index 78410d90536..6aff817da5f 100644
--- a/tests/gold_tests/chunked_encoding/chunked_encoding.test.py
+++ b/tests/gold_tests/chunked_encoding/chunked_encoding.test.py
@@ -50,7 +50,7 @@
     "body": "knock knock"}
 response_header2 = {"headers": "HTTP/1.1 200 OK\r\nServer: uServer\r\nConnection: close\r\nTransfer-Encoding: chunked\r\n\r\n",
                     "timestamp": "1415926535.898",
-                    "body": ""}
+                    "body": "12345678901234567890"}
 
 request_header3 = {
     "headers": "POST / HTTP/1.1\r\nHost: www.yetanotherexample.com\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 11\r\n\r\n",
diff --git a/tests/gold_tests/h2/gold/nghttp_0_stdout.gold b/tests/gold_tests/h2/gold/nghttp_0_stdout.gold
index e8e9acabd41..f19a43516d3 100644
--- a/tests/gold_tests/h2/gold/nghttp_0_stdout.gold
+++ b/tests/gold_tests/h2/gold/nghttp_0_stdout.gold
@@ -12,5 +12,3 @@
 ``
 [``] recv (stream_id=1) :status: 200
 ``
-``; END_STREAM
-``
diff --git a/tests/gold_tests/h2/h2origin.test.py b/tests/gold_tests/h2/h2origin.test.py
new file mode 100644
index 00000000000..e4d3de67d85
--- /dev/null
+++ b/tests/gold_tests/h2/h2origin.test.py
@@ -0,0 +1,94 @@
+'''
+Test communication to origin with H2
+'''
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+Test.Summary = '''
+Test communication to origin with H2
+'''
+
+Test.ContinueOnFail = True
+
+#
+# Communicate to origin with HTTP/2
+#
+ts = Test.MakeATSProcess("ts", enable_tls="true")
+
+# add ssl materials like key, certificates for the server
+ts.addDefaultSSLFiles()
+replay_file = "replay/"
+server = Test.MakeVerifierServerProcess("h2-origin", replay_file)
+ts.Disk.records_config.update({
+    'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
+    'proxy.config.ssl.server.private_key.path': '{0}'.format(ts.Variables.SSLDir),
+    'proxy.config.diags.debug.enabled': 1,
+    'proxy.config.diags.debug.tags': 'http',
+    'proxy.config.exec_thread.autoconfig': 0,
+    # Allow for more parallelism
+    'proxy.config.exec_thread.limit': 4,
+    'proxy.config.ssl.client.alpn_protocols': 'h2,http/1.1',
+    # Sticking with thread pool because global pool does not work with h2
+    'proxy.config.http.server_session_sharing.pool': 'thread',
+    'proxy.config.http.server_session_sharing.match': 'ip,sni,cert',
+    'proxy.config.ssl.client.verify.server.policy': 'PERMISSIVE',
+})
+
+ts.Disk.remap_config.AddLine(
+    'map / https://127.0.0.1:{0}'.format(server.Variables.https_port)
+)
+ts.Disk.ssl_multicert_config.AddLine(
+    'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
+)
+
+ts.Disk.logging_yaml.AddLines(
+    '''
+logging:
+  formats:
+    - name: testformat
+      format: '%<cqtq> %<ttms> %<crc> %<pssc> %<{uuid}cqh> %<cqpv> %<sqpv> %<cqssl> %<cqtr> %<pqssl> %<sstc>'
+  logs:
+    - mode: ascii
+      format: testformat
+      filename: squid
+'''.split("\n")
+)
+
+tr = Test.AddTestRun("Test traffic to origin using HTTP/2")
+tr.Processes.Default.StartBefore(server)
+tr.Processes.Default.StartBefore(ts)
+tr.AddVerifierClientProcess("client", replay_file, http_ports=[ts.Variables.port], https_ports=[ts.Variables.ssl_port])
+tr.StillRunningAfter = ts
+tr.TimeOut = 60
+
+# Just a check to flush out the traffic log until we have a clean shutdown for traffic_server
+tr = Test.AddTestRun("Wait for the access log to write out")
+tr.DelayStart = 10
+tr.StillRunningAfter = ts
+tr.StillRunningAfter = server
+tr.Processes.Default.Command = 'ls'
+tr.Processes.Default.ReturnCode = 0
+
+# UUIDs 1-4 should be http/1.1 clients and H2 origin
+# UUIDs 5-9 should be http/2 clients and H2 origins
+ts.Disk.squid_log.Content = Testers.ContainsExpression(" [1-4] http/1.1 http/2", "cases 1-4 request http/1.1")
+ts.Disk.squid_log.Content += Testers.ExcludesExpression(" [1-4] http/2 http/2", "cases 1-4 request http/1.1")
+ts.Disk.squid_log.Content += Testers.ContainsExpression(" 1[1-4] http/1.1 http/2", "cases 12-14 request http/1.1")
+ts.Disk.squid_log.Content += Testers.ExcludesExpression(" 1[2-4] http/2 http/2", "cases 12-14 request http/1.1")
+ts.Disk.squid_log.Content += Testers.ContainsExpression(" [5-9] http/2 http/2", "cases 5-11 request http/2")
+ts.Disk.squid_log.Content += Testers.ExcludesExpression(" [5-9] http/1.1 http/2", "cases 5-11 request http/2")
+ts.Disk.squid_log.Content += Testers.ContainsExpression(" 1[0-1] http/2 http/2", "cases 5-11 request http/2")
+ts.Disk.squid_log.Content += Testers.ExcludesExpression(" 1[0-1] http/1.1 http/2", "cases 5-11 request http/2")
diff --git a/tests/gold_tests/h2/h2origin_single_thread.test.py b/tests/gold_tests/h2/h2origin_single_thread.test.py
new file mode 100644
index 00000000000..a1f80cb74ce
--- /dev/null
+++ b/tests/gold_tests/h2/h2origin_single_thread.test.py
@@ -0,0 +1,90 @@
+'''
+Test communication to origin with H2
+'''
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+Test.Summary = '''
+Test communication to origin with H2
+'''
+
+Test.ContinueOnFail = True
+
+#
+# Communicate to origin with HTTP/2
+#
+ts = Test.MakeATSProcess("ts", enable_tls="true")
+
+# add ssl materials like key, certificates for the server
+ts.addDefaultSSLFiles()
+replay_file = "replay"
+server = Test.MakeVerifierServerProcess("h2-origin", replay_file)
+ts.Disk.records_config.update({
+    'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
+    'proxy.config.ssl.server.private_key.path': '{0}'.format(ts.Variables.SSLDir),
+    'proxy.config.diags.debug.enabled': 1,
+    'proxy.config.diags.debug.tags': 'http',
+    'proxy.config.exec_thread.autoconfig': 0,
+    # Limiting ourselves to 1 thread to exercise origin reuse
+    'proxy.config.exec_thread.limit': 1,
+    'proxy.config.ssl.client.alpn_protocols': 'h2,http/1.1',
+    # Sticking with hybrid pool because global pool does not work with h2
+    'proxy.config.http.server_session_sharing.pool': 'hybrid',
+    'proxy.config.http.server_session_sharing.match': 'hostonly',
+    'proxy.config.ssl.client.verify.server.policy': 'PERMISSIVE',
+})
+
+ts.Disk.remap_config.AddLine(
+    'map / https://127.0.0.1:{0}'.format(server.Variables.https_port)
+)
+ts.Disk.ssl_multicert_config.AddLine(
+    'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
+)
+
+ts.Disk.logging_yaml.AddLines(
+    '''
+logging:
+  formats:
+    - name: testformat
+      format: '%<cqtq> %<ttms> %<crc> %<pssc> %<{uuid}cqh> %<cqpv> %<sqpv> %<cqssl> %<cqtr> %<pqssl> %<sstc>'
+  logs:
+    - mode: ascii
+      format: testformat
+      filename: squid
+'''.split("\n")
+)
+
+tr = Test.AddTestRun("Test traffic to origin using HTTP/2")
+tr.Processes.Default.StartBefore(server)
+tr.Processes.Default.StartBefore(ts)
+tr.AddVerifierClientProcess("client", replay_file, http_ports=[ts.Variables.port], https_ports=[ts.Variables.ssl_port])
+tr.StillRunningAfter = ts
+
+# Just a check to flush out the traffic log until we have a clean shutdown for traffic_server
+tr = Test.AddTestRun("Wait for the access log to write out")
+tr.DelayStart = 10
+tr.StillRunningAfter = ts
+tr.StillRunningAfter = server
+tr.Processes.Default.Command = 'ls'
+tr.Processes.Default.ReturnCode = 0
+
+# UUIDs 1-4 should be http/1.1 clients and H2 origin
+# UUIDs 5-9 should be http/2 clients and H2 origins
+ts.Disk.squid_log.Content = Testers.ContainsExpression(" [1-4] http/1.1 http/2", "cases 1-4 request http/1.1")
+ts.Disk.squid_log.Content += Testers.ExcludesExpression(" [1-4] http/2 http/2", "cases 1-4 request http/1.1")
+ts.Disk.squid_log.Content += Testers.ContainsExpression(" [5-9] http/2 http/2", "cases 5-9 request http/2")
+ts.Disk.squid_log.Content += Testers.ExcludesExpression(" [5-9] http/1.1 http/2", "cases 5-9 request http/2")
+ts.Disk.squid_log.Content += Testers.ContainsExpression(" http/2 1 1 1 [2-9]", "At least one case of origin reuse")
diff --git a/tests/gold_tests/h2/h2spec.test.py b/tests/gold_tests/h2/h2spec.test.py
index 37740dd7c96..31a274496ac 100644
--- a/tests/gold_tests/h2/h2spec.test.py
+++ b/tests/gold_tests/h2/h2spec.test.py
@@ -50,7 +50,7 @@
     'proxy.config.http.insert_response_via_str': 1,
     'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
     'proxy.config.ssl.server.private_key.path': '{0}'.format(ts.Variables.SSLDir),
-    'proxy.config.diags.debug.enabled': 0,
+    'proxy.config.diags.debug.enabled': 1,
     'proxy.config.diags.debug.tags': 'http',
 })
 
diff --git a/tests/gold_tests/h2/http2.test.py b/tests/gold_tests/h2/http2.test.py
index 11e6fb109b7..3d203970228 100644
--- a/tests/gold_tests/h2/http2.test.py
+++ b/tests/gold_tests/h2/http2.test.py
@@ -26,7 +26,7 @@
 Test.SkipUnless(
     Condition.HasCurlFeature('http2')
 )
-Test.ContinueOnFail = True
+#Test.ContinueOnFail = True
 
 # ----
 # Setup Origin Server
@@ -192,6 +192,7 @@
     post_body, ts.Variables.ssl_port)
 tr.Processes.Default.ReturnCode = 0
 tr.Processes.Default.Streams.All = "gold/post_chunked.gold"
+tr.TimeOut = 60
 tr.StillRunningAfter = server
 
 # Test Case 7: Post with big chunked body
@@ -202,6 +203,7 @@
     ts.Variables.ssl_port)
 tr.Processes.Default.ReturnCode = 0
 tr.Processes.Default.Streams.All = "gold/post_chunked.gold"
+tr.TimeOut = 60
 tr.StillRunningAfter = server
 
 # Test Case 8: Huge response header
@@ -211,6 +213,7 @@
 tr.Processes.Default.Streams.stdout = "gold/http2_8_stdout.gold"
 # Different versions of curl will have different cases for HTTP/2 field names.
 tr.Processes.Default.Streams.stderr = Testers.GoldFile("gold/http2_8_stderr.gold", case_insensitive=True)
+tr.TimeOut = 60
 tr.StillRunningAfter = server
 
 # Test Case 9: Header Only Response - e.g. 204
@@ -220,4 +223,5 @@
 tr.Processes.Default.Streams.stdout = "gold/http2_9_stdout.gold"
 # Different versions of curl will have different cases for HTTP/2 field names.
 tr.Processes.Default.Streams.stderr = Testers.GoldFile("gold/http2_9_stderr.gold", case_insensitive=True)
+tr.TimeOut = 60
 tr.StillRunningAfter = server
diff --git a/tests/gold_tests/h2/httpbin.test.py b/tests/gold_tests/h2/httpbin.test.py
index 7af2673d475..258d7d91ae0 100644
--- a/tests/gold_tests/h2/httpbin.test.py
+++ b/tests/gold_tests/h2/httpbin.test.py
@@ -30,7 +30,7 @@
     Condition.HasCurlFeature('http2'),
     Condition.HasProgram("shasum", "shasum need to be installed on system for this test to work"),
 )
-Test.ContinueOnFail = True
+#Test.ContinueOnFail = True
 
 # ----
 # Setup httpbin Origin Server
@@ -57,7 +57,7 @@
     'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
     'proxy.config.ssl.server.private_key.path': '{0}'.format(ts.Variables.SSLDir),
     'proxy.config.diags.debug.enabled': 1,
-    'proxy.config.diags.debug.tags': 'http2',
+    'proxy.config.diags.debug.tags': 'http',
 
 })
 ts.Disk.logging_yaml.AddLines(
diff --git a/tests/gold_tests/h2/replay/h1-client-h2-origin.yaml b/tests/gold_tests/h2/replay/h1-client-h2-origin.yaml
new file mode 100644
index 00000000000..93fa1cff5df
--- /dev/null
+++ b/tests/gold_tests/h2/replay/h1-client-h2-origin.yaml
@@ -0,0 +1,596 @@
+meta:
+  version: '1.0'
+
+sessions:
+  - protocol:
+      - name: http
+        version: '1.1'
+      - name: tls
+        version: TLSv1.3
+        sni: data.brian.example.com
+        proxy-verify-mode: 0
+        proxy-provided-cert: true
+      - name: tcp
+      - name: ip
+        version: '4'
+
+    transactions:
+      #
+      # Test 1: Zero length response.
+      #
+      - all: { headers: { fields: [[ uuid, 1 ]]}}
+
+        client-request:
+          protocol:
+            - name: http
+              version: '1.1'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '1.1'
+          scheme: https
+          method: GET
+          url: /some/path
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 0 ]
+          content:
+            encoding: plain
+            size: 0
+
+        proxy-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: GET
+          url: /some/path
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 0 ]
+          content:
+            encoding: plain
+            size: 0
+
+        server-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 0 ]
+          content:
+            encoding: plain
+            size: 0
+
+        proxy-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 0 ]
+          content:
+            encoding: plain
+            size: 0
+
+
+      #
+      # Test 2: Non-zero length response.
+      #
+      - all: { headers: { fields: [[ uuid, 2 ]]}}
+
+        client-request:
+          protocol:
+            - name: http
+              version: '1.1'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '1.1'
+          scheme: https
+          method: GET
+          url: /some/path2
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 0 ]
+          content:
+            encoding: plain
+            size: 0
+
+        proxy-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: GET
+          url: /some/path2
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 0 ]
+          content:
+            encoding: plain
+            size: 0
+
+        server-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 16 ]
+          content:
+            encoding: plain
+            size: 16
+
+        proxy-response:
+          version: '1.1'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 16 ]
+          content:
+            encoding: plain
+            size: 16
+
+  - protocol:
+      - name: http
+        version: '1.1'
+      - name: tls
+        version: TLSv1.3
+        sni: data.brian.example.com
+        proxy-verify-mode: 0
+        proxy-provided-cert: true
+      - name: tcp
+      - name: ip
+        version: '4'
+
+    transactions:
+      #
+      # Test 3: 8 byte post with a 404 response.
+      #
+      - all: { headers: { fields: [[ uuid, 3 ]]}}
+
+        client-request:
+          protocol:
+            - name: http
+              version: '1.1'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '1.1'
+          scheme: https
+          method: POST
+          url: /some/path3
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 8 ]
+          content:
+            encoding: plain
+            size: 8
+
+        proxy-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: POST
+          url: /some/path3
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 8 ]
+          content:
+            encoding: plain
+            size: 8
+
+        server-response:
+          version: '2'
+          status: 404
+          reason: "Not Found"
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 0 ]
+          content:
+            encoding: plain
+            size: 0
+
+        proxy-response:
+          version: '2'
+          status: 404
+          reason: "Not Found"
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 0 ]
+          content:
+            encoding: plain
+            size: 0
+      #
+      # Test 4: 32 byte POST with a 200 response.
+      #
+      - all: { headers: { fields: [[ uuid, 4 ]]}}
+
+        client-request:
+          protocol:
+            - name: http
+              version: '1.1'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '1.1'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 32 ]
+          content:
+            encoding: plain
+            size: 32
+
+        proxy-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 32 ]
+          content:
+            encoding: plain
+            size: 32
+
+        server-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 32 ]
+          content:
+            encoding: plain
+            size: 32
+
+        proxy-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 32 ]
+          content:
+            encoding: plain
+            size: 32
+
+      #
+      # Test 5: 3200 byte POST with a 200 response.
+      #
+      - all: { headers: { fields: [[ uuid, 12 ]]}}
+
+        client-request:
+          protocol:
+            - name: http
+              version: '1.1'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '1.1'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 3200 ]
+          content:
+            encoding: plain
+            size: 3200
+
+        proxy-request:
+          protocol:
+            - name: http
+              version: '1.1'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 3200 ]
+          content:
+            encoding: plain
+            size: 3200
+
+        server-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 1600 ]
+          content:
+            encoding: plain
+            size: 1600
+
+        proxy-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 1600 ]
+          content:
+            encoding: plain
+            size: 1600
+
+      #
+      # Test 6: large post body small response
+      #
+      - all: { headers: { fields: [[ uuid, 13 ]]}}
+
+        client-request:
+          protocol:
+            - name: http
+              version: '1.1'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '1.1'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 3200 ]
+          content:
+            encoding: plain
+            size: 3200
+
+        proxy-request:
+          protocol:
+            - name: http
+              version: '1.1'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '1.1'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 3200 ]
+          content:
+            encoding: plain
+            size: 3200
+
+        server-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 16 ]
+          content:
+            encoding: plain
+            size: 16
+
+        proxy-response:
+          version: '1.1'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 16 ]
+          content:
+            encoding: plain
+            size: 16
+
+      #
+      # Test 7: small post body large response
+      #
+      - all: { headers: { fields: [[ uuid, 14 ]]}}
+
+        client-request:
+          protocol:
+            - name: http
+              version: '1.1'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '1.1'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 32 ]
+          content:
+            encoding: plain
+            size: 32
+
+        proxy-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 32 ]
+          content:
+            encoding: plain
+            size: 32
+
+        server-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 3200 ]
+          content:
+            encoding: plain
+            size: 3200
+
+        proxy-response:
+          version: '1.1'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 3200 ]
+          content:
+            encoding: plain
+            size: 3200
diff --git a/tests/gold_tests/h2/replay/h2-origin.yaml b/tests/gold_tests/h2/replay/h2-origin.yaml
new file mode 100644
index 00000000000..65b133375a4
--- /dev/null
+++ b/tests/gold_tests/h2/replay/h2-origin.yaml
@@ -0,0 +1,624 @@
+meta:
+  version: '1.0'
+
+sessions:
+  - protocol:
+      - name: http
+        version: '2'
+      - name: tls
+        version: TLSv1.3
+        sni: data.brian.example.com
+        proxy-verify-mode: 0
+        proxy-provided-cert: true
+      - name: tcp
+      - name: ip
+        version: '4'
+
+    transactions:
+      #
+      # Test 1: Zero length response.
+      #
+      - all: { headers: { fields: [[ uuid, 5 ]]}}
+
+        client-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: GET
+          url: /some/path;arg=1;arg=2?foo
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+          content:
+            encoding: plain
+            size: 0
+
+        proxy-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: GET
+          url:
+            - [ path, { value: /some/path;arg=1;arg=2, as: equal } ]
+            - [ query, { value: foo, as: equal } ]
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 0 ]
+          content:
+            encoding: plain
+            size: 0
+
+        server-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 0 ]
+          content:
+            encoding: plain
+            size: 0
+
+        proxy-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 0 ]
+          content:
+            encoding: plain
+            size: 0
+
+
+      #
+      # Test 2: Non-zero length response.
+      #
+      - all: { headers: { fields: [[ uuid, 6 ]]}}
+
+        client-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: GET
+          url: /some/path2
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 0 ]
+          content:
+            encoding: plain
+            size: 0
+
+        proxy-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: GET
+          url:
+            - [ path, { value: /some/path2, as: equal } ]
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 0 ]
+          content:
+            encoding: plain
+            size: 0
+
+        server-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 16 ]
+          content:
+            encoding: plain
+            size: 16
+
+        proxy-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 16 ]
+          content:
+            encoding: plain
+            size: 16
+
+  - protocol:
+      - name: http
+        version: '2'
+      - name: tls
+        version: TLSv1.3
+        sni: data.brian.example.com
+        proxy-verify-mode: 0
+        proxy-provided-cert: true
+      - name: tcp
+      - name: ip
+        version: '4'
+
+    transactions:
+      #
+      # Test 3: 8 byte post with a 404 response.
+      #
+      - all: { headers: { fields: [[ uuid, 7 ]]}}
+
+        client-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: POST
+          url: /some/path3?foo=bar
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 8 ]
+          content:
+            encoding: plain
+            size: 8
+
+        proxy-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: POST
+          url:
+            - [ path, { value: /some/path3, as: equal }]
+            - [ query, { value: foo=bar, as: equal }]
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 8 ]
+          content:
+            encoding: plain
+            size: 8
+
+        server-response:
+          version: '2'
+          status: 404
+          reason: "Not Found"
+          headers:
+            encoding: esc_json
+            fields:
+              - [ bob, 0 ]
+          content:
+            encoding: plain
+            size: 0
+
+        proxy-response:
+          version: '2'
+          status: 404
+          reason: "Not Found"
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 0 ]
+          content:
+            encoding: plain
+            size: 0
+
+        proxy-response:
+          version: '2'
+          status: 404
+          reason: "Not Found"
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 0 ]
+          content:
+            encoding: plain
+            size: 0
+
+      #
+      # Test 4: 32 byte POST with a 200 response.
+      #
+      - all: { headers: { fields: [[ uuid, 8 ]]}}
+
+        client-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 32 ]
+          content:
+            encoding: plain
+            size: 32
+
+        proxy-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 32 ]
+          content:
+            encoding: plain
+            size: 32
+
+        server-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 32 ]
+          content:
+            encoding: plain
+            size: 32
+
+        proxy-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 32 ]
+          content:
+            encoding: plain
+            size: 32
+
+      #
+      # Test 5: 3200 byte POST with a 200 response.
+      #
+      - all: { headers: { fields: [[ uuid, 9 ]]}}
+
+        client-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 3200 ]
+          content:
+            encoding: plain
+            size: 3200
+
+        proxy-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 3200 ]
+          content:
+            encoding: plain
+            size: 3200
+
+        server-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ bob, 1600 ]
+          content:
+            encoding: plain
+            size: 1600
+
+        proxy-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 1600 ]
+          content:
+            encoding: plain
+            size: 1600
+
+        proxy-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 1600 ]
+          content:
+            encoding: plain
+            size: 1600
+
+      #
+      # Test 6: large post body small response
+      #
+      - all: { headers: { fields: [[ uuid, 10 ]]}}
+
+        client-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+          content:
+            encoding: plain
+            size: 3200
+
+        proxy-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 3200 ]
+          content:
+            encoding: plain
+            size: 3200
+
+        server-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 16 ]
+          content:
+            encoding: plain
+            size: 16
+
+        proxy-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 16 ]
+          content:
+            encoding: plain
+            size: 16
+
+      #
+      # Test 7: small post body large response
+      #
+      - all: { headers: { fields: [[ uuid, 11 ]]}}
+
+        client-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 32 ]
+          content:
+            encoding: plain
+            size: 32
+
+        proxy-request:
+          protocol:
+            - name: http
+              version: '2'
+            - name: tls
+              version: TLSv1.2
+              sni: data.brian.example.com
+              proxy-verify-mode: 1
+              proxy-provided-cert: false
+            - name: tcp
+            - name: ip
+              version: '4'
+
+          version: '2'
+          scheme: https
+          method: POST
+          url: /some/path4
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Host, data.brian.example.com ]
+              - [ Content-Length, 32 ]
+          content:
+            encoding: plain
+            size: 32
+
+        server-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 3200 ]
+          content:
+            encoding: plain
+            size: 3200
+
+        proxy-response:
+          version: '2'
+          status: 200
+          reason: OK
+          headers:
+            encoding: esc_json
+            fields:
+              - [ Content-Length, 3200 ]
+          content:
+            encoding: plain
+            size: 3200
diff --git a/tests/gold_tests/post_slow_server/gold/post_slow_server_max_requests_in_0_stderr.gold b/tests/gold_tests/post_slow_server/gold/post_slow_server_max_requests_in_0_stderr.gold
index 0d5e92cc8ed..3c0d989168e 100644
--- a/tests/gold_tests/post_slow_server/gold/post_slow_server_max_requests_in_0_stderr.gold
+++ b/tests/gold_tests/post_slow_server/gold/post_slow_server_max_requests_in_0_stderr.gold
@@ -1,5 +1,5 @@
 ``
 > POST / HTTP/1.1
 ``
-< HTTP/1.1 502 Broken pipe
+< HTTP/1.1 502 Connection refused
 ``
diff --git a/tests/gold_tests/redirect/redirect_post.test.py b/tests/gold_tests/redirect/redirect_post.test.py
index 21182feed14..852590e3e4e 100644
--- a/tests/gold_tests/redirect/redirect_post.test.py
+++ b/tests/gold_tests/redirect/redirect_post.test.py
@@ -38,7 +38,8 @@
     'proxy.config.http.number_of_redirections': MAX_REDIRECT,
     'proxy.config.http.post_copy_size': 919430601,
     'proxy.config.http.redirect.actions': 'self:follow',  # redirects to self are not followed by default
-    # 'proxy.config.diags.debug.enabled': 1,
+    'proxy.config.diags.debug.enabled': 1,
+    'proxy.config.diags.debug.tags': 'http',
 })
 
 redirect_request_header = {
diff --git a/tests/gold_tests/timeout/tls_conn_timeout.test.py b/tests/gold_tests/timeout/tls_conn_timeout.test.py
index 86da7ecc4ee..8187220c6cf 100644
--- a/tests/gold_tests/timeout/tls_conn_timeout.test.py
+++ b/tests/gold_tests/timeout/tls_conn_timeout.test.py
@@ -69,7 +69,7 @@
 tr.Processes.Default.Command = 'curl -H"Connection:close" -d "bob" -i http://127.0.0.1:{0}/connect_blocked --tlsv1.2'.format(
     ts.Variables.port)
 tr.Processes.Default.Streams.All = Testers.ContainsExpression(
-    "HTTP/1.1 502 connect failed", "Connect failed")
+    "HTTP/1.1 502 Connection timed out", "Connect failed")
 tr.Processes.Default.ReturnCode = 0
 tr.StillRunningAfter = delay_post_connect
 tr.StillRunningAfter = Test.Processes.ts
@@ -93,7 +93,7 @@
 tr.Processes.Default.Command = 'curl -H"Connection:close" -i http://127.0.0.1:{0}/get_connect_blocked --tlsv1.2'.format(
     ts.Variables.port)
 tr.Processes.Default.Streams.All = Testers.ContainsExpression(
-    "HTTP/1.1 502 connect failed", "Connect failed")
+    "HTTP/1.1 502 Connection timed out", "Connect failed")
 tr.Processes.Default.ReturnCode = 0
 tr.StillRunningAfter = delay_get_connect
 
diff --git a/tests/gold_tests/tls/tls_client_alpn_configuration.replay.yaml b/tests/gold_tests/tls/tls_client_alpn_configuration.replay.yaml
index 9ebb7adf294..ba9fbef1a73 100644
--- a/tests/gold_tests/tls/tls_client_alpn_configuration.replay.yaml
+++ b/tests/gold_tests/tls/tls_client_alpn_configuration.replay.yaml
@@ -44,13 +44,13 @@ sessions:
         fields:
         - [ Host, www.example.com ]
         - [ Content-Length, 0 ]
-        - [ X-Request, alpn_request ]
+        - [ X-Request, alpn_http1_request ]
         - [ uuid, first-request ]
 
     proxy-request:
       headers:
         fields:
-        - [ X-Request, {value: 'alpn_request', as: equal } ]
+        - [ X-Request, {value: 'alpn_http1_request', as: equal } ]
 
     server-response:
         status: 200
@@ -59,13 +59,12 @@ sessions:
           fields:
           - [ Date, "Sat, 16 Mar 2019 03:11:36 GMT" ]
           - [ Content-Length, 36 ]
-          - [ Connection, keep-alive ]
-          - [ X-Response, alpn_response ]
+          - [ X-Response, alpn_http1_response ]
 
     proxy-response:
       headers:
         fields:
-        - [ X-Response, {value: 'alpn_response', as: equal } ]
+        - [ X-Response, {value: 'alpn_http1_response', as: equal } ]
 
 # HTTP/2 over TLS.
 - protocol:
@@ -81,32 +80,36 @@ sessions:
   # This test has more to do with ALPN configuration than the transactions. The
   # following generates a simple request and response.
   - client-request:
-      method: GET
-      url: /some/path/2
-      version: '1.1'
       headers:
         fields:
-        - [ Host, www.example.com ]
+        - [ :method, GET ]
+        - [ :scheme, https ]
+        - [ :authority, www.example.com ]
+        - [ :path, /some/path/2 ]
         - [ Content-Length, 0 ]
-        - [ X-Request, alpn_request ]
-        - [ uuid, first-request ]
+        - [ X-Request, alpn_http2_request ]
+        - [ uuid, second-request ]
+      content:
+        encoding: plain
+        size: 0
 
     proxy-request:
       headers:
         fields:
-        - [ X-Request, {value: 'alpn_request', as: equal } ]
+        - [ X-Request, {value: 'alpn_http2_request', as: equal } ]
 
     server-response:
-        status: 200
-        reason: OK
-        headers:
-          fields:
-          - [ Date, "Sat, 16 Mar 2019 03:11:36 GMT" ]
-          - [ Content-Length, 36 ]
-          - [ Connection, keep-alive ]
-          - [ X-Response, alpn_response ]
+      headers:
+        fields:
+        - [ :status, 200 ]
+        - [ Date, "Sat, 16 Mar 2019 03:11:36 GMT" ]
+        - [ Content-Length, 0 ]
+        - [ X-Response, alpn_http2_response ]
+      content:
+        encoding: plain
+        size: 0
 
     proxy-response:
       headers:
         fields:
-        - [ X-Response, {value: 'alpn_response', as equal } ]
+        - [ X-Response, {value: 'alpn_http2_response', as equal } ]
diff --git a/tests/gold_tests/tls/tls_client_alpn_configuration.test.py b/tests/gold_tests/tls/tls_client_alpn_configuration.test.py
index 1e4fac50817..61cd30847bd 100644
--- a/tests/gold_tests/tls/tls_client_alpn_configuration.test.py
+++ b/tests/gold_tests/tls/tls_client_alpn_configuration.test.py
@@ -111,7 +111,7 @@ def _configure_trafficserver(
             "proxy.config.ssl.client.verify.server.policy": 'PERMISSIVE',
 
             'proxy.config.diags.debug.enabled': 3,
-            'proxy.config.diags.debug.tags': 'ssl',
+            'proxy.config.diags.debug.tags': 'ssl|http',
         })
 
         if records_config_alpn is not None:
@@ -158,7 +158,14 @@ def run(self):
         TestAlpnFunctionality._client_counter += 1
 
 
+#
+# Test default configuration.
+#
 TestAlpnFunctionality().run()
+
+#
+# Test various valid ALPN configurations.
+#
 TestAlpnFunctionality(
     records_config_alpn='http/1.1').run()
 TestAlpnFunctionality(
@@ -166,18 +173,18 @@ def run(self):
 TestAlpnFunctionality(
     records_config_alpn='http/1.1',
     conf_remap_alpn='http/1.1,http/1.0').run()
+TestAlpnFunctionality(
+    records_config_alpn='h2,http/1.1').run()
+TestAlpnFunctionality(
+    records_config_alpn='h2').run()
 
-# TODO: HTTP/2 to origin comes later.
-# TestAlpnFunctionality(
-#   records_config_alpn='h2,http1.1').run()
-
+#
+# Test malformed ALPN configurations.
+#
 TestAlpnFunctionality(
     records_config_alpn='not_a_protocol',
     alpn_is_malformed=True).run()
-
-# Since we do not currently support ALPN with HTTP/2, this will be considered a
-# malformed ALPN protocol.
-# TODO: remove this when we support HTTP/2 to origin.
+# Note that HTTP/3 to origin is not currently supported.
 TestAlpnFunctionality(
-    records_config_alpn='h2',
+    records_config_alpn='h3',
     alpn_is_malformed=True).run()

From f12197909a7c7d6e577cb80b45ec14c7d53d767f Mon Sep 17 00:00:00 2001
From: Brian Neradt <brian.neradt@gmail.com>
Date: Fri, 11 Nov 2022 22:51:46 +0000
Subject: [PATCH 10/14] Adding window size and flow control out parameters.

---
 doc/admin-guide/files/records.config.en.rst   |  43 +++
 mgmt/RecordsConfig.cc                         |  10 +
 proxy/http/HttpTunnel.cc                      |   1 +
 proxy/http2/HTTP2.cc                          |  55 ++--
 proxy/http2/HTTP2.h                           |   9 +-
 proxy/http2/Http2ConnectionState.cc           | 250 ++++++++++++------
 proxy/http2/Http2ConnectionState.h            |  48 ++--
 proxy/http2/Http2Stream.cc                    |   8 +-
 .../h2/http2_flow_control.replay.yaml         |  20 +-
 .../gold_tests/h2/http2_flow_control.test.py  | 191 ++++++++-----
 10 files changed, 436 insertions(+), 199 deletions(-)

diff --git a/doc/admin-guide/files/records.config.en.rst b/doc/admin-guide/files/records.config.en.rst
index 811ebed7811..52b9bec04ad 100644
--- a/doc/admin-guide/files/records.config.en.rst
+++ b/doc/admin-guide/files/records.config.en.rst
@@ -4148,6 +4148,16 @@ HTTP/2 Configuration
    Reloading this value affects only new HTTP/2 connections, not the
    ones already established.
 
+.. ts:cv:: CONFIG proxy.config.http2.max_concurrent_streams_out INT 100
+   :reloadable:
+
+   The maximum number of concurrent streams per outbound connection.
+
+.. note::
+
+   Reloading this value affects only new HTTP/2 connections, not the
+   ones already established.
+
 .. ts:cv:: CONFIG proxy.config.http2.min_concurrent_streams_in INT 10
    :reloadable:
 
@@ -4155,6 +4165,13 @@ HTTP/2 Configuration
    This is used when :ts:cv:`proxy.config.http2.max_active_streams_in` is set
    larger than ``0``.
 
+.. ts:cv:: CONFIG proxy.config.http2.min_concurrent_streams_out INT 10
+   :reloadable:
+
+   The minimum number of concurrent streams per outbound connection.
+   This is used when :ts:cv:`proxy.config.http2.max_active_streams_out` is set
+   larger than ``0``.
+
 .. ts:cv:: CONFIG proxy.config.http2.max_active_streams_in INT 0
    :reloadable:
 
@@ -4164,6 +4181,15 @@ HTTP/2 Configuration
    :ts:cv:`proxy.config.http2.min_concurrent_streams_in`.
    To disable, set to zero (``0``).
 
+.. ts:cv:: CONFIG proxy.config.http2.max_active_streams_out INT 0
+   :reloadable:
+
+   Limits the maximum number of connection wide active streams.
+   When connection wide active streams are larger than this value,
+   SETTINGS_MAX_CONCURRENT_STREAMS will be reduced to
+   :ts:cv:`proxy.config.http2.min_concurrent_streams_out`.
+   To disable, set to zero (``0``).
+
 .. ts:cv:: CONFIG proxy.config.http2.initial_window_size_in INT 65535
    :reloadable:
    :units: bytes
@@ -4174,6 +4200,16 @@ HTTP/2 Configuration
    :ts:cv:`proxy.config.http2.flow_control.policy_in` for how HTTP/2 stream and
    session windows are maintained over the lifetime of HTTP/2 sessions.
 
+.. ts:cv:: CONFIG proxy.config.http2.initial_window_size_out INT 65535
+   :reloadable:
+   :units: bytes
+
+   The initial HTTP/2 stream window size for outbound connections that |TS| as a
+   client advertises to the peer. See IETF RFC 9113 section 5.2 for details
+   concerning HTTP/2 flow control. See
+   :ts:cv:`proxy.config.http2.flow_control.policy_out` for how HTTP/2 stream and
+   session windows are maintained over the lifetime of HTTP/2 sessions.
+
 .. ts:cv:: CONFIG proxy.config.http2.flow_control.policy_in INT 0
    :reloadable:
 
@@ -4203,6 +4239,13 @@ HTTP/2 Configuration
          a way that shares the window equally among all concurrent streams.
    ===== ===========================================================================================
 
+.. ts:cv:: CONFIG proxy.config.http2.flow_control.policy_out INT 0
+   :reloadable:
+
+   Specifies the mechanism |TS| uses to maintian flow control via the HTTP/2
+   stream and session windows for outbound connections. See the corresponding :ts:cv:`proxy.config.http2.flow_control.policy_in`
+   configuration for details concerning how this configuration variable is used.
+
 .. ts:cv:: CONFIG proxy.config.http2.max_frame_size INT 16384
    :reloadable:
    :units: bytes
diff --git a/mgmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc
index 1c3814e10e3..1b9c621a6b3 100644
--- a/mgmt/RecordsConfig.cc
+++ b/mgmt/RecordsConfig.cc
@@ -1299,14 +1299,24 @@ static const RecordElement RecordsConfig[] =
   ,
   {RECT_CONFIG, "proxy.config.http2.max_concurrent_streams_in", RECD_INT, "100", RECU_DYNAMIC, RR_NULL, RECC_STR, "^[0-9]+$", RECA_NULL}
   ,
+  {RECT_CONFIG, "proxy.config.http2.max_concurrent_streams_out", RECD_INT, "100", RECU_DYNAMIC, RR_NULL, RECC_STR, "^[0-9]+$", RECA_NULL}
+  ,
   {RECT_CONFIG, "proxy.config.http2.min_concurrent_streams_in", RECD_INT, "10", RECU_DYNAMIC, RR_NULL, RECC_STR, "^[0-9]+$", RECA_NULL}
   ,
+  {RECT_CONFIG, "proxy.config.http2.min_concurrent_streams_out", RECD_INT, "10", RECU_DYNAMIC, RR_NULL, RECC_STR, "^[0-9]+$", RECA_NULL}
+  ,
   {RECT_CONFIG, "proxy.config.http2.max_active_streams_in", RECD_INT, "0", RECU_DYNAMIC, RR_NULL, RECC_STR, "^[0-9]+$", RECA_NULL}
   ,
+  {RECT_CONFIG, "proxy.config.http2.max_active_streams_out", RECD_INT, "0", RECU_DYNAMIC, RR_NULL, RECC_STR, "^[0-9]+$", RECA_NULL}
+  ,
   {RECT_CONFIG, "proxy.config.http2.initial_window_size_in", RECD_INT, "65535", RECU_DYNAMIC, RR_NULL, RECC_STR, "^[0-9]+$", RECA_NULL}
   ,
+  {RECT_CONFIG, "proxy.config.http2.initial_window_size_out", RECD_INT, "65535", RECU_DYNAMIC, RR_NULL, RECC_STR, "^[0-9]+$", RECA_NULL}
+  ,
   {RECT_CONFIG, "proxy.config.http2.flow_control.policy_in", RECD_INT, "0", RECU_DYNAMIC, RR_NULL, RECC_STR, "[0-2]", RECA_NULL}
   ,
+  {RECT_CONFIG, "proxy.config.http2.flow_control.policy_out", RECD_INT, "0", RECU_DYNAMIC, RR_NULL, RECC_STR, "[0-2]", RECA_NULL}
+  ,
   {RECT_CONFIG, "proxy.config.http2.max_frame_size", RECD_INT, "16384", RECU_DYNAMIC, RR_NULL, RECC_STR, "^[0-9]+$", RECA_NULL}
   ,
   {RECT_CONFIG, "proxy.config.http2.header_table_size", RECD_INT, "4096", RECU_DYNAMIC, RR_NULL, RECC_STR, "^[0-9]+$", RECA_NULL}
diff --git a/proxy/http/HttpTunnel.cc b/proxy/http/HttpTunnel.cc
index 1c1c515670b..9d6a6b32fd7 100644
--- a/proxy/http/HttpTunnel.cc
+++ b/proxy/http/HttpTunnel.cc
@@ -1015,6 +1015,7 @@ HttpTunnel::producer_run(HttpTunnelProducer *p)
       } else {
         Debug("http_tunnel", "Start read vio %ld bytes", producer_n);
         p->read_vio = p->vc->do_io_read(this, producer_n, p->read_buffer);
+        p->read_vio->reenable();
       }
     }
   } else {
diff --git a/proxy/http2/HTTP2.cc b/proxy/http2/HTTP2.cc
index 6877d1abcef..e3a5a1b806d 100644
--- a/proxy/http2/HTTP2.cc
+++ b/proxy/http2/HTTP2.cc
@@ -586,35 +586,45 @@ uint32_t Http2::header_table_size                    = 4096;
 uint32_t Http2::max_header_list_size                 = 4294967295;
 uint32_t Http2::accept_no_activity_timeout           = 120;
 uint32_t Http2::no_activity_timeout_in               = 120;
-uint32_t Http2::no_activity_timeout_out              = 120;
 uint32_t Http2::active_timeout_in                    = 0;
 uint32_t Http2::push_diary_size                      = 256;
 uint32_t Http2::zombie_timeout_in                    = 0;
-float Http2::stream_error_rate_threshold             = 0.1;
-uint32_t Http2::stream_error_sampling_threshold      = 10;
-uint32_t Http2::max_settings_per_frame               = 7;
-uint32_t Http2::max_settings_per_minute              = 14;
-uint32_t Http2::max_settings_frames_per_minute       = 14;
-uint32_t Http2::max_ping_frames_per_minute           = 60;
-uint32_t Http2::max_priority_frames_per_minute       = 120;
-float Http2::min_avg_window_update                   = 2560.0;
-uint32_t Http2::con_slow_log_threshold               = 0;
-uint32_t Http2::stream_slow_log_threshold            = 0;
-uint32_t Http2::header_table_size_limit              = 65536;
-uint32_t Http2::write_buffer_block_size              = 262144;
-float Http2::write_size_threshold                    = 0.5;
-uint32_t Http2::write_time_threshold                 = 100;
-uint32_t Http2::buffer_water_mark                    = 0;
+
+uint32_t Http2::max_concurrent_streams_out            = 100;
+uint32_t Http2::min_concurrent_streams_out            = 10;
+uint32_t Http2::max_active_streams_out                = 0;
+uint32_t Http2::initial_window_size_out               = 65535;
+Http2FlowControlPolicy Http2::flow_control_policy_out = Http2FlowControlPolicy::STATIC_SESSION_AND_STATIC_STREAM;
+uint32_t Http2::no_activity_timeout_out               = 120;
+
+float Http2::stream_error_rate_threshold        = 0.1;
+uint32_t Http2::stream_error_sampling_threshold = 10;
+uint32_t Http2::max_settings_per_frame          = 7;
+uint32_t Http2::max_settings_per_minute         = 14;
+uint32_t Http2::max_settings_frames_per_minute  = 14;
+uint32_t Http2::max_ping_frames_per_minute      = 60;
+uint32_t Http2::max_priority_frames_per_minute  = 120;
+float Http2::min_avg_window_update              = 2560.0;
+uint32_t Http2::con_slow_log_threshold          = 0;
+uint32_t Http2::stream_slow_log_threshold       = 0;
+uint32_t Http2::header_table_size_limit         = 65536;
+uint32_t Http2::write_buffer_block_size         = 262144;
+float Http2::write_size_threshold               = 0.5;
+uint32_t Http2::write_time_threshold            = 100;
+uint32_t Http2::buffer_water_mark               = 0;
 
 void
 Http2::init()
 {
   REC_EstablishStaticConfigInt32U(max_concurrent_streams_in, "proxy.config.http2.max_concurrent_streams_in");
   REC_EstablishStaticConfigInt32U(min_concurrent_streams_in, "proxy.config.http2.min_concurrent_streams_in");
+  REC_EstablishStaticConfigInt32U(max_concurrent_streams_out, "proxy.config.http2.max_concurrent_streams_out");
+  REC_EstablishStaticConfigInt32U(min_concurrent_streams_out, "proxy.config.http2.min_concurrent_streams_out");
+
   REC_EstablishStaticConfigInt32U(max_active_streams_in, "proxy.config.http2.max_active_streams_in");
   REC_EstablishStaticConfigInt32U(stream_priority_enabled, "proxy.config.http2.stream_priority_enabled");
-  REC_EstablishStaticConfigInt32U(initial_window_size_in, "proxy.config.http2.initial_window_size_in");
 
+  REC_EstablishStaticConfigInt32U(initial_window_size_in, "proxy.config.http2.initial_window_size_in");
   uint32_t flow_control_policy_in_int = 0;
   REC_EstablishStaticConfigInt32U(flow_control_policy_in_int, "proxy.config.http2.flow_control.policy_in");
   if (flow_control_policy_in_int > 2) {
@@ -623,6 +633,15 @@ Http2::init()
   }
   flow_control_policy_in = static_cast<Http2FlowControlPolicy>(flow_control_policy_in_int);
 
+  REC_EstablishStaticConfigInt32U(initial_window_size_out, "proxy.config.http2.initial_window_size_out");
+  uint32_t flow_control_policy_out_int = 0;
+  REC_EstablishStaticConfigInt32U(flow_control_policy_out_int, "proxy.config.http2.flow_control.policy_out");
+  if (flow_control_policy_out_int > 2) {
+    Error("Invalid value for proxy.config.http2.flow_control.policy_out: %d", flow_control_policy_out_int);
+    flow_control_policy_out_int = 0;
+  }
+  flow_control_policy_out = static_cast<Http2FlowControlPolicy>(flow_control_policy_out_int);
+
   REC_EstablishStaticConfigInt32U(max_frame_size, "proxy.config.http2.max_frame_size");
   REC_EstablishStaticConfigInt32U(header_table_size, "proxy.config.http2.header_table_size");
   REC_EstablishStaticConfigInt32U(max_header_list_size, "proxy.config.http2.max_header_list_size");
@@ -651,6 +670,8 @@ Http2::init()
   // If any settings is broken, ATS should not start
   ink_release_assert(http2_settings_parameter_is_valid({HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, max_concurrent_streams_in}));
   ink_release_assert(http2_settings_parameter_is_valid({HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, min_concurrent_streams_in}));
+  ink_release_assert(http2_settings_parameter_is_valid({HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, max_concurrent_streams_out}));
+  ink_release_assert(http2_settings_parameter_is_valid({HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, min_concurrent_streams_out}));
   ink_release_assert(http2_settings_parameter_is_valid({HTTP2_SETTINGS_INITIAL_WINDOW_SIZE, initial_window_size_in}));
   ink_release_assert(http2_settings_parameter_is_valid({HTTP2_SETTINGS_MAX_FRAME_SIZE, max_frame_size}));
   ink_release_assert(http2_settings_parameter_is_valid({HTTP2_SETTINGS_HEADER_TABLE_SIZE, header_table_size}));
diff --git a/proxy/http2/HTTP2.h b/proxy/http2/HTTP2.h
index aba1b61e774..7c092adb51b 100644
--- a/proxy/http2/HTTP2.h
+++ b/proxy/http2/HTTP2.h
@@ -395,10 +395,17 @@ class Http2
   static uint32_t max_header_list_size;
   static uint32_t accept_no_activity_timeout;
   static uint32_t no_activity_timeout_in;
-  static uint32_t no_activity_timeout_out;
   static uint32_t active_timeout_in;
   static uint32_t push_diary_size;
   static uint32_t zombie_timeout_in;
+
+  static uint32_t max_concurrent_streams_out;
+  static uint32_t min_concurrent_streams_out;
+  static uint32_t max_active_streams_out;
+  static uint32_t no_activity_timeout_out;
+  static uint32_t initial_window_size_out;
+  static Http2FlowControlPolicy flow_control_policy_out;
+
   static float stream_error_rate_threshold;
   static uint32_t stream_error_sampling_threshold;
   static uint32_t max_settings_per_frame;
diff --git a/proxy/http2/Http2ConnectionState.cc b/proxy/http2/Http2ConnectionState.cc
index 6127945290f..1309cb3087b 100644
--- a/proxy/http2/Http2ConnectionState.cc
+++ b/proxy/http2/Http2ConnectionState.cc
@@ -35,6 +35,7 @@
 #include "tscpp/util/PostScript.h"
 #include "tscpp/util/LocalBuffer.h"
 
+#include <cstdint>
 #include <sstream>
 #include <numeric>
 
@@ -173,7 +174,7 @@ Http2ConnectionState::rcv_data_frame(const Http2Frame &frame)
   }
 
   // Check whether Window Size is acceptable
-  if (!this->_local_rwnd_is_shrinking_in && this->get_local_rwnd_in() < payload_length) {
+  if (!this->_local_rwnd_is_shrinking && this->get_local_rwnd() < payload_length) {
     return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION, Http2ErrorCode::HTTP2_ERROR_FLOW_CONTROL_ERROR,
                       "recv data this->local_rwnd < payload_length");
   }
@@ -183,14 +184,15 @@ Http2ConnectionState::rcv_data_frame(const Http2Frame &frame)
   }
 
   // Update Window size
-  this->decrement_local_rwnd_in(payload_length);
+  this->decrement_local_rwnd(payload_length);
   stream->decrement_local_rwnd(payload_length);
 
   if (is_debug_tag_set("http2_con")) {
     uint32_t const stream_window  = this->acknowledged_local_settings.get(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE);
-    uint32_t const session_window = this->_get_configured_receive_session_window_size_in();
-    Http2StreamDebug(this->session, id, "Received DATA frame: rwnd con=%zd/%" PRId32 " stream=%zd/%" PRId32,
-                     this->get_local_rwnd_in(), session_window, stream->get_local_rwnd(), stream_window);
+    uint32_t const session_window = this->_get_configured_receive_session_window_size();
+    Http2StreamDebug(this->session, id,
+                     "Received DATA frame: payload_length=%" PRId32 " rwnd con=%zd/%" PRId32 " stream=%zd/%" PRId32, payload_length,
+                     this->get_local_rwnd(), session_window, stream->get_local_rwnd(), stream_window);
   }
 
   const uint32_t unpadded_length = payload_length - pad_length;
@@ -554,7 +556,7 @@ Http2ConnectionState::rcv_priority_frame(const Http2Frame &frame)
 
     // Restrict number of inactive node in dependency tree smaller than max_concurrent_streams.
     // Current number of inactive node is size of tree minus active node count.
-    if (Http2::max_concurrent_streams_in > this->dependency_tree->size() - this->get_peer_stream_count() + 1) {
+    if (this->_get_configured_max_concurrent_streams() > this->dependency_tree->size() - this->get_peer_stream_count() + 1) {
       this->dependency_tree->add(priority.stream_dependency, stream_id, priority.weight, priority.exclusive_flag, nullptr);
     }
   }
@@ -710,7 +712,7 @@ Http2ConnectionState::rcv_settings_frame(const Http2Frame &frame)
     // windows that it maintains by the difference between the new value and
     // the old value.
     if (param.id == HTTP2_SETTINGS_INITIAL_WINDOW_SIZE) {
-      this->update_initial_peer_rwnd_in(param.value);
+      this->update_initial_peer_rwnd(param.value);
     }
 
     this->peer_settings.set(static_cast<Http2SettingsIdentifier>(param.id), param.value);
@@ -863,7 +865,7 @@ Http2ConnectionState::rcv_window_update_frame(const Http2Frame &frame)
   if (stream_id == HTTP2_CONNECTION_CONTROL_STREAM) {
     // Connection level window update
     Http2StreamDebug(this->session, stream_id, "Received WINDOW_UPDATE frame - updated to: %zd delta: %u",
-                     (this->get_peer_rwnd_in() + size), size);
+                     (this->get_peer_rwnd() + size), size);
 
     // A sender MUST NOT allow a flow-control window to exceed 2^31-1
     // octets.  If a sender receives a WINDOW_UPDATE that causes a flow-
@@ -872,12 +874,12 @@ Http2ConnectionState::rcv_window_update_frame(const Http2Frame &frame)
     // sends a RST_STREAM with an error code of FLOW_CONTROL_ERROR; for the
     // connection, a GOAWAY frame with an error code of FLOW_CONTROL_ERROR
     // is sent.
-    if (size > HTTP2_MAX_WINDOW_SIZE - this->get_peer_rwnd_in()) {
+    if (size > HTTP2_MAX_WINDOW_SIZE - this->get_peer_rwnd()) {
       return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION, Http2ErrorCode::HTTP2_ERROR_FLOW_CONTROL_ERROR,
                         "window update too big");
     }
 
-    auto error = this->increment_peer_rwnd_in(size);
+    auto error = this->increment_peer_rwnd(size);
     if (error != Http2ErrorCode::HTTP2_ERROR_NO_ERROR) {
       return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_CONNECTION, error, "Erroneous client window update");
     }
@@ -915,7 +917,7 @@ Http2ConnectionState::rcv_window_update_frame(const Http2Frame &frame)
       return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_STREAM, error, "Bad stream rwnd");
     }
 
-    ssize_t wnd = std::min(this->get_peer_rwnd_in(), stream->get_peer_rwnd());
+    ssize_t wnd = std::min(this->get_peer_rwnd(), stream->get_peer_rwnd());
     if (wnd > 0) {
       SCOPED_MUTEX_LOCK(lock, stream->mutex, this_ethread());
       stream->restart_sending();
@@ -1033,6 +1035,64 @@ Http2ConnectionState::rcv_continuation_frame(const Http2Frame &frame)
   return Http2Error(Http2ErrorClass::HTTP2_ERROR_CLASS_NONE);
 }
 
+////////
+// Configuration Getters.
+//
+uint32_t
+Http2ConnectionState::_get_configured_max_concurrent_streams() const
+{
+  ink_assert(this->session != nullptr);
+  if (this->session->is_outbound()) {
+    return Http2::max_concurrent_streams_out;
+  } else {
+    return Http2::max_concurrent_streams_in;
+  }
+}
+
+uint32_t
+Http2ConnectionState::_get_configured_min_concurrent_streams() const
+{
+  ink_assert(this->session != nullptr);
+  if (this->session->is_outbound()) {
+    return Http2::min_concurrent_streams_out;
+  } else {
+    return Http2::min_concurrent_streams_in;
+  }
+}
+
+uint32_t
+Http2ConnectionState::_get_configured_max_active_streams() const
+{
+  ink_assert(this->session != nullptr);
+  if (this->session->is_outbound()) {
+    return Http2::max_active_streams_out;
+  } else {
+    return Http2::max_active_streams_in;
+  }
+}
+
+uint32_t
+Http2ConnectionState::_get_configured_initial_window_size() const
+{
+  ink_assert(this->session != nullptr);
+  if (this->session->is_outbound()) {
+    return Http2::initial_window_size_out;
+  } else {
+    return Http2::initial_window_size_in;
+  }
+}
+
+Http2FlowControlPolicy
+Http2ConnectionState::_get_configured_flow_control_policy() const
+{
+  ink_assert(this->session != nullptr);
+  if (this->session->is_outbound()) {
+    return Http2::flow_control_policy_out;
+  } else {
+    return Http2::flow_control_policy_in;
+  }
+}
+
 ////////
 // Http2ConnectionSettings
 //
@@ -1050,13 +1110,18 @@ Http2ConnectionSettings::Http2ConnectionSettings()
 }
 
 void
-Http2ConnectionSettings::settings_from_configs()
+Http2ConnectionSettings::settings_from_configs(bool is_outbound)
 {
-  settings[indexof(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS)] = Http2::max_concurrent_streams_in;
-  settings[indexof(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE)]    = Http2::initial_window_size_in;
-  settings[indexof(HTTP2_SETTINGS_MAX_FRAME_SIZE)]         = Http2::max_frame_size;
-  settings[indexof(HTTP2_SETTINGS_HEADER_TABLE_SIZE)]      = Http2::header_table_size;
-  settings[indexof(HTTP2_SETTINGS_MAX_HEADER_LIST_SIZE)]   = Http2::max_header_list_size;
+  if (is_outbound) {
+    settings[indexof(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS)] = Http2::max_concurrent_streams_out;
+    settings[indexof(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE)]    = Http2::initial_window_size_out;
+  } else {
+    settings[indexof(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS)] = Http2::max_concurrent_streams_in;
+    settings[indexof(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE)]    = Http2::initial_window_size_in;
+  }
+  settings[indexof(HTTP2_SETTINGS_MAX_FRAME_SIZE)]       = Http2::max_frame_size;
+  settings[indexof(HTTP2_SETTINGS_HEADER_TABLE_SIZE)]    = Http2::header_table_size;
+  settings[indexof(HTTP2_SETTINGS_MAX_HEADER_LIST_SIZE)] = Http2::max_header_list_size;
 }
 
 unsigned
@@ -1103,23 +1168,23 @@ void
 Http2ConnectionState::init(Http2CommonSession *ssn)
 {
   session                                  = ssn;
-  uint32_t const configured_session_window = this->_get_configured_receive_session_window_size_in();
+  uint32_t const configured_session_window = this->_get_configured_receive_session_window_size();
 
   if (configured_session_window < HTTP2_INITIAL_WINDOW_SIZE) {
     // There is no HTTP/2 specified way to shrink the connection window size
     // other than to receive data and not send WINDOW_UPDATE frames for a
     // while.
-    this->_local_rwnd_in              = HTTP2_INITIAL_WINDOW_SIZE;
-    this->_local_rwnd_is_shrinking_in = true;
+    this->_local_rwnd              = HTTP2_INITIAL_WINDOW_SIZE;
+    this->_local_rwnd_is_shrinking = true;
   } else {
-    this->_local_rwnd_in              = configured_session_window;
-    this->_local_rwnd_is_shrinking_in = false;
+    this->_local_rwnd              = configured_session_window;
+    this->_local_rwnd_is_shrinking = false;
   }
 
   local_hpack_handle = new HpackHandle(HTTP2_HEADER_TABLE_SIZE);
   peer_hpack_handle  = new HpackHandle(HTTP2_HEADER_TABLE_SIZE);
   if (Http2::stream_priority_enabled) {
-    dependency_tree = new DependencyTree(Http2::max_concurrent_streams_in);
+    dependency_tree = new DependencyTree(this->_get_configured_max_concurrent_streams());
   }
 
   _cop = ActivityCop<Http2Stream>(this->mutex, &stream_list, 1);
@@ -1142,19 +1207,22 @@ Http2ConnectionState::send_connection_preface()
   REMEMBER(NO_EVENT, this->recursion)
 
   Http2ConnectionSettings configured_settings;
-  configured_settings.settings_from_configs();
+  configured_settings.settings_from_configs(session->is_outbound());
 
-  // Communicate to the peer that we do not support PUSH_PROMISE
+  // We do not have PUSH_PROMISE implemented, so we communicate to the peer
+  // that they should not send such frames to us. RFC 9113 6.5.2 says that
+  // servers can send this too, but they  must always set a value of 0. Thus we
+  // send a value of 0 for both inbound and outbound connections.
   configured_settings.set(HTTP2_SETTINGS_ENABLE_PUSH, 0);
 
   configured_settings.set(HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, _adjust_concurrent_stream());
 
+  uint32_t const configured_initial_window_size = this->_get_configured_receive_session_window_size();
   if (this->_has_dynamic_stream_window()) {
     // Since this is the beginning of the connection and there are no streams
     // yet, we can just set the stream window size to fill the entire session
     // window size.
-    uint32_t const stream_window = this->_get_configured_receive_session_window_size_in();
-    configured_settings.set(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE, stream_window);
+    configured_settings.set(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE, configured_initial_window_size);
   }
 
   send_settings_frame(configured_settings);
@@ -1162,8 +1230,8 @@ Http2ConnectionState::send_connection_preface()
   // If the session window size is non-default, send a WINDOW_UPDATE right
   // away. Note that there is no session window size setting in HTTP/2. The
   // session window size is controlled entirely by WINDOW_UPDATE frames.
-  if (this->_get_configured_receive_session_window_size_in() > HTTP2_INITIAL_WINDOW_SIZE) {
-    auto const diff = this->_get_configured_receive_session_window_size_in() - HTTP2_INITIAL_WINDOW_SIZE;
+  if (configured_initial_window_size > HTTP2_INITIAL_WINDOW_SIZE) {
+    auto const diff = configured_initial_window_size - HTTP2_INITIAL_WINDOW_SIZE;
     Http2ConDebug(session, "Updating the session window with a WINDOW_UPDATE frame: %u", diff);
     send_window_update_frame(HTTP2_CONNECTION_CONTROL_STREAM, diff);
   }
@@ -1457,6 +1525,17 @@ Http2ConnectionState::create_initiating_stream(Http2Error &error)
   // Clear the session timeout.  Let the transaction timeouts reign
   session->get_proxy_session()->cancel_inactivity_timeout();
 
+  if (session->is_outbound() && this->_has_dynamic_stream_window()) {
+    // See the comment in create_stream() concerning the difference between the
+    // initial window size and the target window size for dynamic stream window
+    // sizes.
+    Http2ConnectionSettings new_settings = local_settings;
+    uint32_t const initial_stream_window_target =
+      this->_get_configured_receive_session_window_size() / (peer_streams_count_in.load());
+    new_settings.set(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE, initial_stream_window_target);
+    send_settings_frame(new_settings);
+  }
+
   return new_stream;
 }
 
@@ -1532,7 +1611,7 @@ Http2ConnectionState::create_stream(Http2StreamId new_id, Http2Error &error)
     return nullptr;
   }
 
-  ink_assert(dynamic_cast<Http2CommonSession *>(this->session->get_proxy_session())->is_outbound() == false);
+  ink_release_assert(dynamic_cast<Http2CommonSession *>(this->session->get_proxy_session())->is_outbound() == false);
   uint32_t initial_stream_window        = this->acknowledged_local_settings.get(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE);
   uint32_t initial_stream_window_target = initial_stream_window;
   if (is_client_streamid && this->_has_dynamic_stream_window()) {
@@ -1547,7 +1626,7 @@ Http2ConnectionState::create_stream(Http2StreamId new_id, Http2Error &error)
     //
     // The situation of dynamic stream window sizes is described in [RFC 9113]
     // 6.9.3.
-    initial_stream_window_target = this->_get_configured_receive_session_window_size_in() / (peer_streams_count_in.load() + 1);
+    initial_stream_window_target = this->_get_configured_receive_session_window_size() / (peer_streams_count_in.load() + 1);
   }
   Http2Stream *new_stream =
     THREAD_ALLOC_INIT(http2StreamAllocator, this_ethread(), session->get_proxy_session(), new_id,
@@ -1631,14 +1710,14 @@ Http2ConnectionState::restart_streams()
     // Call send_response_body() for each streams
     while (s != end) {
       Http2Stream *next = static_cast<Http2Stream *>(s->link.next ? s->link.next : stream_list.head);
-      if (std::min(this->get_peer_rwnd_in(), s->get_peer_rwnd()) > 0) {
+      if (std::min(this->get_peer_rwnd(), s->get_peer_rwnd()) > 0) {
         SCOPED_MUTEX_LOCK(lock, s->mutex, this_ethread());
         s->restart_sending();
       }
       ink_assert(s != next);
       s = next;
     }
-    if (std::min(this->get_peer_rwnd_in(), s->get_peer_rwnd()) > 0) {
+    if (std::min(this->get_peer_rwnd(), s->get_peer_rwnd()) > 0) {
       SCOPED_MUTEX_LOCK(lock, s->mutex, this_ethread());
       s->restart_sending();
     }
@@ -1651,14 +1730,14 @@ void
 Http2ConnectionState::restart_receiving(Http2Stream *stream)
 {
   // Connection level WINDOW UPDATE
-  uint32_t const configured_session_window = this->_get_configured_receive_session_window_size_in();
+  uint32_t const configured_session_window = this->_get_configured_receive_session_window_size();
   uint32_t const min_session_window =
     std::min(configured_session_window, this->acknowledged_local_settings.get(HTTP2_SETTINGS_MAX_FRAME_SIZE));
-  if (this->get_local_rwnd_in() < min_session_window) {
-    Http2WindowSize diff_size = configured_session_window - this->get_local_rwnd_in();
+  if (this->get_local_rwnd() < min_session_window) {
+    Http2WindowSize diff_size = configured_session_window - this->get_local_rwnd();
     if (diff_size > 0) {
-      this->increment_local_rwnd_in(diff_size);
-      this->_local_rwnd_is_shrinking_in = false;
+      this->increment_local_rwnd(diff_size);
+      this->_local_rwnd_is_shrinking = false;
       this->send_window_update_frame(HTTP2_CONNECTION_CONTROL_STREAM, diff_size);
     }
   }
@@ -1670,12 +1749,8 @@ Http2ConnectionState::restart_receiving(Http2Stream *stream)
     return;
   }
 
-  // If read_vio is buffering data, do not fully update window
   uint32_t const initial_stream_window = this->acknowledged_local_settings.get(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE);
   int64_t data_size                    = stream->read_vio_read_avail();
-  if (data_size >= initial_stream_window) {
-    return;
-  }
 
   Http2WindowSize diff_size = 0;
   if (stream->get_local_rwnd() < 0) {
@@ -1685,7 +1760,7 @@ Http2ConnectionState::restart_receiving(Http2Stream *stream)
     // target initial_stream_window size.
     diff_size = initial_stream_window - stream->get_local_rwnd();
   } else {
-    diff_size = initial_stream_window - std::max(static_cast<int64_t>(stream->get_local_rwnd()), data_size);
+    diff_size = initial_stream_window - std::min(static_cast<int64_t>(stream->get_local_rwnd()), data_size);
   }
 
   // Dynamic stream window sizes may result in negative values. In this case,
@@ -1821,7 +1896,7 @@ Http2ConnectionState::release_stream()
 }
 
 void
-Http2ConnectionState::update_initial_peer_rwnd_in(Http2WindowSize new_size)
+Http2ConnectionState::update_initial_peer_rwnd(Http2WindowSize new_size)
 {
   // Update stream level window sizes
   for (Http2Stream *s = stream_list.head; s; s = static_cast<Http2Stream *>(s->link.next)) {
@@ -1842,7 +1917,7 @@ Http2ConnectionState::update_initial_peer_rwnd_in(Http2WindowSize new_size)
 }
 
 void
-Http2ConnectionState::update_initial_local_rwnd_in(Http2WindowSize new_size)
+Http2ConnectionState::update_initial_local_rwnd(Http2WindowSize new_size)
 {
   // Update stream level window sizes
   for (Http2Stream *s = stream_list.head; s; s = static_cast<Http2Stream *>(s->link.next)) {
@@ -1887,7 +1962,7 @@ Http2ConnectionState::send_data_frames_depends_on_priority()
   Http2DependencyTree::Node *node = dependency_tree->top();
 
   // No node to send or no connection level window left
-  if (node == nullptr || _peer_rwnd_in <= 0) {
+  if (node == nullptr || _peer_rwnd <= 0) {
     return;
   }
 
@@ -1930,7 +2005,7 @@ Http2ConnectionState::send_data_frames_depends_on_priority()
 Http2SendDataFrameResult
 Http2ConnectionState::send_a_data_frame(Http2Stream *stream, size_t &payload_length)
 {
-  const ssize_t window_size         = std::min(this->get_peer_rwnd_in(), stream->get_peer_rwnd());
+  const ssize_t window_size         = std::min(this->get_peer_rwnd(), stream->get_peer_rwnd());
   const size_t buf_len              = BUFFER_SIZE_FOR_INDEX(buffer_size_index[HTTP2_FRAME_TYPE_DATA]);
   const size_t write_available_size = std::min(buf_len, static_cast<size_t>(window_size));
   payload_length                    = 0;
@@ -1952,7 +2027,7 @@ Http2ConnectionState::send_a_data_frame(Http2Stream *stream, size_t &payload_len
       if (session->is_outbound()) {
         ip_port_text_buffer ipb;
         const char *client_ip = ats_ip_ntop(session->get_proxy_session()->get_remote_addr(), ipb, sizeof(ipb));
-        Warning("No window server_ip=%s session_wnd=%zd stream_wnd=%zd peer_initial_window=%u", client_ip, get_peer_rwnd_in(),
+        Warning("No window server_ip=%s session_wnd=%zd stream_wnd=%zd peer_initial_window=%u", client_ip, get_peer_rwnd(),
                 stream->get_peer_rwnd(), this->peer_settings.get(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE));
       }
       Http2StreamDebug(this->session, stream->get_id(), "No window");
@@ -1969,8 +2044,11 @@ Http2ConnectionState::send_a_data_frame(Http2Stream *stream, size_t &payload_len
     payload_length = 0;
   }
 
+  // For HTTP/2 sessions, is_write_high_water() returning true correlates to
+  // our write buffer exceeding HTTP2_SETTINGS_MAX_FRAME_SIZE. Thus we will
+  // hold off on processing the payload until the write buffer is drained.
   if (payload_length > 0 && this->session->is_write_high_water()) {
-    Http2StreamDebug(this->session, stream->get_id(), "Not write avail");
+    Http2StreamDebug(this->session, stream->get_id(), "Not write avail, payload_length=%zu", payload_length);
     this->session->flush();
     return Http2SendDataFrameResult::NOT_WRITE_AVAIL;
   }
@@ -1992,15 +2070,15 @@ Http2ConnectionState::send_a_data_frame(Http2Stream *stream, size_t &payload_len
   }
 
   // Update window size
-  this->decrement_peer_rwnd_in(payload_length);
+  this->decrement_peer_rwnd(payload_length);
   stream->decrement_peer_rwnd(payload_length);
 
   // Create frame
   Http2StreamDebug(session, stream->get_id(), "Send a DATA frame - client window con: %5zd stream: %5zd payload: %5zd flags: 0x%x",
-                   _peer_rwnd_in, stream->get_peer_rwnd(), payload_length, flags);
+                   _peer_rwnd, stream->get_peer_rwnd(), payload_length, flags);
 
   Http2DataFrame data(stream->get_id(), flags, resp_reader, payload_length);
-  this->session->xmit(data, flags & HTTP2_FLAGS_DATA_END_STREAM);
+  this->session->xmit(data);
 
   if (flags & HTTP2_FLAGS_DATA_END_STREAM) {
     Http2StreamDebug(session, stream->get_id(), "END_STREAM");
@@ -2176,6 +2254,8 @@ Http2ConnectionState::send_push_promise_frame(Http2Stream *stream, URL &url, con
   int payload_length          = 0;
   uint8_t flags               = 0x00;
 
+  // It makes no sense to send a PUSH_PROMISE toward the server.
+  ink_release_assert(!this->session->is_outbound());
   if (peer_settings.get(HTTP2_SETTINGS_ENABLE_PUSH) == 0) {
     return false;
   }
@@ -2331,7 +2411,7 @@ Http2ConnectionState::send_settings_frame(const Http2ConnectionSettings &new_set
 
   Http2SettingsFrame settings(stream_id, HTTP2_FRAME_NO_FLAG, params, params_size);
 
-  this->_outstanding_settings_frames_in.emplace(new_settings);
+  this->_outstanding_settings_frames.emplace(new_settings);
   this->session->xmit(settings, true);
 }
 
@@ -2340,12 +2420,12 @@ Http2ConnectionState::_process_incoming_settings_ack_frame()
 {
   constexpr Http2StreamId stream_id = HTTP2_CONNECTION_CONTROL_STREAM;
   Http2StreamDebug(session, stream_id, "Processing SETTINGS ACK frame with a queue size of %zu",
-                   this->_outstanding_settings_frames_in.size());
+                   this->_outstanding_settings_frames.size());
 
   // Do not update this->acknowledged_local_settings yet as
-  // update_initial_local_rwnd_in relies upon it still pointing to the old value.
+  // update_initial_local_rwnd relies upon it still pointing to the old value.
   Http2ConnectionSettings const &old_settings = this->acknowledged_local_settings;
-  Http2ConnectionSettings const &new_settings = this->_outstanding_settings_frames_in.front().get_outstanding_settings();
+  Http2ConnectionSettings const &new_settings = this->_outstanding_settings_frames.front().get_outstanding_settings();
 
   for (int i = HTTP2_SETTINGS_HEADER_TABLE_SIZE; i < HTTP2_SETTINGS_MAX; ++i) {
     Http2SettingsIdentifier id = static_cast<Http2SettingsIdentifier>(i);
@@ -2361,11 +2441,11 @@ Http2ConnectionState::_process_incoming_settings_ack_frame()
 
     if (id == HTTP2_SETTINGS_INITIAL_WINDOW_SIZE) {
       // Update all the streams for the newly acknowledged window size.
-      this->update_initial_local_rwnd_in(new_value);
+      this->update_initial_local_rwnd(new_value);
     }
   }
   this->acknowledged_local_settings = new_settings;
-  this->_outstanding_settings_frames_in.pop();
+  this->_outstanding_settings_frames.pop();
 }
 
 void
@@ -2466,9 +2546,13 @@ Http2ConnectionState::get_received_priority_frame_count()
 unsigned
 Http2ConnectionState::_adjust_concurrent_stream()
 {
-  if (Http2::max_active_streams_in == 0) {
+  uint32_t const max_concurrent_streams = this->_get_configured_max_concurrent_streams();
+  uint32_t const max_active_streams     = this->_get_configured_max_active_streams();
+  uint32_t const min_concurrent_streams = this->_get_configured_min_concurrent_streams();
+
+  if (max_active_streams == 0) {
     // Throttling down is disabled.
-    return Http2::max_concurrent_streams_in;
+    return max_concurrent_streams;
   }
 
   int64_t current_client_streams = 0;
@@ -2476,43 +2560,43 @@ Http2ConnectionState::_adjust_concurrent_stream()
 
   Http2ConDebug(session, "current client streams: %" PRId64, current_client_streams);
 
-  if (current_client_streams >= Http2::max_active_streams_in) {
+  if (current_client_streams >= max_active_streams) {
     if (!Http2::throttling) {
       Warning("too many streams: %" PRId64 ", reduce SETTINGS_MAX_CONCURRENT_STREAMS to %d", current_client_streams,
-              Http2::min_concurrent_streams_in);
+              min_concurrent_streams);
       Http2::throttling = true;
     }
 
-    return Http2::min_concurrent_streams_in;
+    return min_concurrent_streams;
   } else {
     if (Http2::throttling) {
-      Note("revert SETTINGS_MAX_CONCURRENT_STREAMS to %d", Http2::max_concurrent_streams_in);
+      Note("revert SETTINGS_MAX_CONCURRENT_STREAMS to %d", max_concurrent_streams);
       Http2::throttling = false;
     }
   }
 
-  return Http2::max_concurrent_streams_in;
+  return max_concurrent_streams;
 }
 
 uint32_t
-Http2ConnectionState::_get_configured_receive_session_window_size_in() const
+Http2ConnectionState::_get_configured_receive_session_window_size() const
 {
-  switch (Http2::flow_control_policy_in) {
+  switch (this->_get_configured_flow_control_policy()) {
   case Http2FlowControlPolicy::STATIC_SESSION_AND_STATIC_STREAM:
-    return Http2::initial_window_size_in;
+    return this->_get_configured_initial_window_size();
   case Http2FlowControlPolicy::LARGE_SESSION_AND_STATIC_STREAM:
   case Http2FlowControlPolicy::LARGE_SESSION_AND_DYNAMIC_STREAM:
-    return Http2::initial_window_size_in * Http2::max_concurrent_streams_in;
+    return this->_get_configured_initial_window_size() * this->_get_configured_max_concurrent_streams();
   }
 
   // This is unreachable, but adding a return here quiets a compiler warning.
-  return Http2::initial_window_size_in;
+  return this->_get_configured_initial_window_size();
 }
 
 bool
 Http2ConnectionState::_has_dynamic_stream_window() const
 {
-  switch (Http2::flow_control_policy_in) {
+  switch (this->_get_configured_flow_control_policy()) {
   case Http2FlowControlPolicy::STATIC_SESSION_AND_STATIC_STREAM:
   case Http2FlowControlPolicy::LARGE_SESSION_AND_STATIC_STREAM:
     return false;
@@ -2525,15 +2609,15 @@ Http2ConnectionState::_has_dynamic_stream_window() const
 }
 
 ssize_t
-Http2ConnectionState::get_peer_rwnd_in() const
+Http2ConnectionState::get_peer_rwnd() const
 {
-  return this->_peer_rwnd_in;
+  return this->_peer_rwnd;
 }
 
 Http2ErrorCode
-Http2ConnectionState::increment_peer_rwnd_in(size_t amount)
+Http2ConnectionState::increment_peer_rwnd(size_t amount)
 {
-  this->_peer_rwnd_in += amount;
+  this->_peer_rwnd += amount;
 
   this->_recent_rwnd_increment[this->_recent_rwnd_increment_index] = amount;
   ++this->_recent_rwnd_increment_index;
@@ -2549,28 +2633,28 @@ Http2ConnectionState::increment_peer_rwnd_in(size_t amount)
 }
 
 Http2ErrorCode
-Http2ConnectionState::decrement_peer_rwnd_in(size_t amount)
+Http2ConnectionState::decrement_peer_rwnd(size_t amount)
 {
-  this->_peer_rwnd_in -= amount;
+  this->_peer_rwnd -= amount;
   return Http2ErrorCode::HTTP2_ERROR_NO_ERROR;
 }
 
 ssize_t
-Http2ConnectionState::get_local_rwnd_in() const
+Http2ConnectionState::get_local_rwnd() const
 {
-  return this->_local_rwnd_in;
+  return this->_local_rwnd;
 }
 
 Http2ErrorCode
-Http2ConnectionState::increment_local_rwnd_in(size_t amount)
+Http2ConnectionState::increment_local_rwnd(size_t amount)
 {
-  this->_local_rwnd_in += amount;
+  this->_local_rwnd += amount;
   return Http2ErrorCode::HTTP2_ERROR_NO_ERROR;
 }
 
 Http2ErrorCode
-Http2ConnectionState::decrement_local_rwnd_in(size_t amount)
+Http2ConnectionState::decrement_local_rwnd(size_t amount)
 {
-  this->_local_rwnd_in -= amount;
+  this->_local_rwnd -= amount;
   return Http2ErrorCode::HTTP2_ERROR_NO_ERROR;
 }
diff --git a/proxy/http2/Http2ConnectionState.h b/proxy/http2/Http2ConnectionState.h
index 9a44aea4582..eae6110bdaf 100644
--- a/proxy/http2/Http2ConnectionState.h
+++ b/proxy/http2/Http2ConnectionState.h
@@ -53,7 +53,7 @@ class Http2ConnectionSettings
 public:
   Http2ConnectionSettings();
 
-  void settings_from_configs();
+  void settings_from_configs(bool is_outbound);
   unsigned get(Http2SettingsIdentifier id) const;
   unsigned set(Http2SettingsIdentifier id, unsigned value);
 
@@ -133,10 +133,10 @@ class Http2ConnectionState : public Continuation
   void restart_receiving(Http2Stream *stream);
 
   /** Update all streams for the peer's newly dictated stream window size. */
-  void update_initial_peer_rwnd_in(Http2WindowSize new_size);
+  void update_initial_peer_rwnd(Http2WindowSize new_size);
 
   /** Update all streams for our newly dictated stream window size. */
-  void update_initial_local_rwnd_in(Http2WindowSize new_size);
+  void update_initial_local_rwnd(Http2WindowSize new_size);
 
   Http2StreamId get_latest_stream_id_in() const;
   Http2StreamId get_latest_stream_id_out() const;
@@ -196,12 +196,12 @@ class Http2ConnectionState : public Continuation
   void increment_received_priority_frame_count();
   uint32_t get_received_priority_frame_count();
 
-  ssize_t get_peer_rwnd_in() const;
-  Http2ErrorCode increment_peer_rwnd_in(size_t amount);
-  Http2ErrorCode decrement_peer_rwnd_in(size_t amount);
-  ssize_t get_local_rwnd_in() const;
-  Http2ErrorCode increment_local_rwnd_in(size_t amount);
-  Http2ErrorCode decrement_local_rwnd_in(size_t amount);
+  ssize_t get_peer_rwnd() const;
+  Http2ErrorCode increment_peer_rwnd(size_t amount);
+  Http2ErrorCode decrement_peer_rwnd(size_t amount);
+  ssize_t get_local_rwnd() const;
+  Http2ErrorCode increment_local_rwnd(size_t amount);
+  Http2ErrorCode decrement_local_rwnd(size_t amount);
 
   bool no_streams() const;
   bool single_stream() const;
@@ -241,13 +241,22 @@ class Http2ConnectionState : public Continuation
    */
   void _process_incoming_settings_ack_frame();
 
-  /** Calculate the initial session window size that we communicate to peers.
+  // Getters for stream control configurations that retrieve the inbound or
+  // outbound values per the configured session.
+  uint32_t _get_configured_max_concurrent_streams() const;
+  uint32_t _get_configured_min_concurrent_streams() const;
+  uint32_t _get_configured_max_active_streams() const;
+  uint32_t _get_configured_initial_window_size() const;
+  Http2FlowControlPolicy _get_configured_flow_control_policy() const;
+
+  /** Calculate the initial session window size that we communicate to inbound
+   * peers.
    *
    * @return The initial receive window size.
    */
-  uint32_t _get_configured_receive_session_window_size_in() const;
+  uint32_t _get_configured_receive_session_window_size() const;
 
-  /** Whether our stream window can change over the lifetime of a session.
+  /** Whether the stream window can change over the lifetime of a session.
    *
    * @return @c true if the stream window can change, @c false otherwise.
    */
@@ -279,8 +288,8 @@ class Http2ConnectionState : public Continuation
 
   // Connection level window size
 
-  /** The client-side session level window that we have to respect when we send
-   * data to the peer.
+  /** The session level window that we have to respect when we send data to the
+   * peer.
    *
    * This is the session window configured by the peer via WINDOW_UPDATE
    * frames. Per specification, this defaults to HTTP2_INITIAL_WINDOW_SIZE (see
@@ -289,17 +298,16 @@ class Http2ConnectionState : public Continuation
    * specification. When we receive WINDOW_UPDATE frames, we increment this
    * value.
    */
-  ssize_t _peer_rwnd_in = HTTP2_INITIAL_WINDOW_SIZE;
+  ssize_t _peer_rwnd = HTTP2_INITIAL_WINDOW_SIZE;
 
-  /** The session window we maintain with the client-side peer via
-   * WINDOW_UPDATE frames.
+  /** The session window we maintain with the peer via WINDOW_UPDATE frames.
    *
    * We maintain the window we expect the peer to respect by sending
    * WINDOW_UPDATE frames to the peer. As we receive data, we decrement this
    * value, as we send WINDOW_UPDATE frames, we increment it. If it reaches
    * zero, we generate a connection-level error.
    */
-  ssize_t _local_rwnd_in = 0;
+  ssize_t _local_rwnd = 0;
 
   /** Whether the client-side session window is in a shrinking state before we
    * send the first WINDOW_UPDATE frame.
@@ -311,7 +319,7 @@ class Http2ConnectionState : public Continuation
    * window gets to the desired size, we start maintaining the window via
    * WINDOW_UPDATE frames.
    */
-  bool _local_rwnd_is_shrinking_in = false;
+  bool _local_rwnd_is_shrinking = false;
 
   std::array<size_t, 5> _recent_rwnd_increment = {SIZE_MAX, SIZE_MAX, SIZE_MAX, SIZE_MAX, SIZE_MAX};
   int _recent_rwnd_increment_index             = 0;
@@ -367,7 +375,7 @@ class Http2ConnectionState : public Continuation
 
   /** The queue of SETTINGS frames that we have sent but have not yet been
    * acknowledged by the peer. */
-  std::queue<OutstandingSettingsFrame> _outstanding_settings_frames_in;
+  std::queue<OutstandingSettingsFrame> _outstanding_settings_frames;
 
   // NOTE: Id of stream which MUST receive CONTINUATION frame.
   //   - [RFC 7540] 6.2 HEADERS
diff --git a/proxy/http2/Http2Stream.cc b/proxy/http2/Http2Stream.cc
index c620b70b6d2..ae3275ce96d 100644
--- a/proxy/http2/Http2Stream.cc
+++ b/proxy/http2/Http2Stream.cc
@@ -550,7 +550,7 @@ Http2Stream::initiating_close()
     SCOPED_MUTEX_LOCK(lock, this->mutex, this_ethread());
     REMEMBER(NO_EVENT, this->reentrancy_count);
     Http2StreamDebug("initiating_close client_window=%" PRId64 " session_window=%" PRId64, _peer_rwnd,
-                     this->get_connection_state().get_peer_rwnd_in());
+                     this->get_connection_state().get_peer_rwnd());
 
     // Set the state of the connection to closed
     // TODO - these states should be combined
@@ -726,12 +726,12 @@ Http2Stream::update_write_request(bool call_update)
 
   IOBufferReader *vio_reader = write_vio.get_reader();
   if (write_vio.ntodo() > 0 && (!vio_reader->is_read_avail_more_than(0) ||
-                                // If there is no window left, just give up now too
-                                std::min(_peer_rwnd, this->get_connection_state().get_peer_rwnd_in()) == 0)) {
+                                // If there is no window left, just give up now too until we receive a WINDOW_UPDATE.
+                                std::min(_peer_rwnd, this->get_connection_state().get_peer_rwnd()) == 0)) {
     Http2StreamDebug("update_write_request give up without doing anything ntodo=%" PRId64 " is_read_avail=%d client_window=%" PRId64
                      " session_window=%" PRId64,
                      write_vio.ntodo(), vio_reader->is_read_avail_more_than(0), _peer_rwnd,
-                     this->get_connection_state().get_peer_rwnd_in());
+                     this->get_connection_state().get_peer_rwnd());
     return;
   }
 
diff --git a/tests/gold_tests/h2/http2_flow_control.replay.yaml b/tests/gold_tests/h2/http2_flow_control.replay.yaml
index f8eca55d59e..4714ad26a4d 100644
--- a/tests/gold_tests/h2/http2_flow_control.replay.yaml
+++ b/tests/gold_tests/h2/http2_flow_control.replay.yaml
@@ -88,9 +88,9 @@ sessions:
       headers:
         fields:
         - [ X-Response, first-response ]
-        - [ Content-Length, 28 ]
+        - [ Content-Length, 1200 ]
       content:
-        size: 28
+        size: 1200
 
     proxy-response:
       headers:
@@ -120,9 +120,9 @@ sessions:
       headers:
         fields:
         - [ X-Response, second-response ]
-        - [ Content-Length, 28 ]
+        - [ Content-Length, 1200 ]
       content:
-        size: 28
+        size: 1200
 
     proxy-response:
       headers:
@@ -152,9 +152,9 @@ sessions:
       headers:
         fields:
         - [ X-Response, third-response ]
-        - [ Content-Length, 28 ]
+        - [ Content-Length, 1200 ]
       content:
-        size: 28
+        size: 1200
 
     proxy-response:
       headers:
@@ -190,9 +190,9 @@ sessions:
       headers:
         fields:
         - [ X-Response, fourth-response ]
-        - [ Content-Length, 28 ]
+        - [ Content-Length, 120000 ]
       content:
-        size: 28
+        size: 120000
 
     proxy-response:
       headers:
@@ -226,9 +226,9 @@ sessions:
       headers:
         fields:
         - [ X-Response, fifth-response ]
-        - [ Content-Length, 28 ]
+        - [ Content-Length, 10000 ]
       content:
-        size: 28
+        size: 10000
 
     proxy-response:
       headers:
diff --git a/tests/gold_tests/h2/http2_flow_control.test.py b/tests/gold_tests/h2/http2_flow_control.test.py
index 0094583fb34..0b656768f96 100644
--- a/tests/gold_tests/h2/http2_flow_control.test.py
+++ b/tests/gold_tests/h2/http2_flow_control.test.py
@@ -33,7 +33,7 @@ class Http2FlowControlTest:
     _flow_control_policy_is_malformed: bool = False
 
     _default_initial_window_size: int = 65535
-    _default_max_concurrent_streams_in: int = 100
+    _default_max_concurrent_streams: int = 100
     _default_flow_control_policy: int = 0
 
     _dns_counter: int = 0
@@ -41,28 +41,34 @@ class Http2FlowControlTest:
     _ts_counter: int = 0
     _client_counter: int = 0
 
+    IS_OUTBOUND = True
+    IS_INBOUND = False
+
+    IS_HTTP2_TO_ORIGIN = True
+    IS_HTTP1_TO_ORIGIN = False
+
     def __init__(
             self,
             description: str,
             initial_window_size: Optional[int] = None,
-            max_concurrent_streams_in: Optional[int] = None,
+            max_concurrent_streams: Optional[int] = None,
             flow_control_policy: Optional[int] = None):
         """Declare the various test Processes.
 
         :param description: A description of the test.
 
         :param initial_window_size: The value with which to configure the
-        proxy.config.http2.initial_window_size_in ATS parameter in the
+        proxy.config.http2.initial_window_size_(in|out) ATS parameter in the
         records.config file. If the paramenter is None, then no window size
         will be explicitly set and ATS will use the default value.
 
-        :param max_concurrent_streams_in: The value with which to configure the
-        proxy.config.http2.max_concurrent_streams_in ATS parameter in the
+        :param max_concurrent_streams: The value with which to configure the
+        proxy.config.http2.max_concurrent_streams_(in|out) ATS parameter in the
         records.config file. If the paramenter is None, then no window size
         will be explicitly set and ATS will use the default value.
 
         :param flow_control_policy: The value with which to configure the
-        proxy.config.http2.flow_control.policy_in ATS parameter the
+        proxy.config.http2.flow_control.policy_(in|out) ATS parameter the
         records.config file. If the paramenter is None, then no policy
         configuration will be explicitly set and ATS will use the default
         value.
@@ -74,10 +80,10 @@ def __init__(
             initial_window_size if initial_window_size is not None
             else self._default_initial_window_size)
 
-        self._max_concurrent_streams_in = max_concurrent_streams_in
-        self._expected_max_concurrent_streams_in = (
-            max_concurrent_streams_in if max_concurrent_streams_in is not None
-            else self._default_max_concurrent_streams_in)
+        self._max_concurrent_streams = max_concurrent_streams
+        self._expected_max_concurrent_streams = (
+            max_concurrent_streams if max_concurrent_streams is not None
+            else self._default_max_concurrent_streams)
 
         self._flow_control_policy = flow_control_policy
         self._expected_flow_control_policy = (
@@ -88,27 +94,23 @@ def __init__(
             self._flow_control_policy is not None and
             self._flow_control_policy not in self._valid_policy_values)
 
-        self._dns = self._configure_dns()
-        self._server = self._configure_server()
-        self._ts = self._configure_trafficserver()
-
-    def _configure_dns(self):
+    def _configure_dns(self, tr: 'TestRun') -> 'Process':
         """Configure the DNS."""
-        dns = Test.MakeDNServer(f'dns-{Http2FlowControlTest._dns_counter}')
+        dns = tr.MakeDNServer(f'dns-{Http2FlowControlTest._dns_counter}')
         Http2FlowControlTest._dns_counter += 1
         return dns
 
-    def _configure_server(self):
+    def _configure_server(self, tr: 'TestRun') -> 'Process':
         """Configure the test server."""
-        server = Test.MakeVerifierServerProcess(
+        server = tr.AddVerifierServerProcess(
             f'server-{Http2FlowControlTest._server_counter}',
             self._replay_file)
         Http2FlowControlTest._server_counter += 1
         return server
 
-    def _configure_trafficserver(self):
+    def _configure_trafficserver(self, tr: 'TestRun', is_outbound: bool, is_http2_to_orign: bool) -> 'Process':
         """Configure a Traffic Server process."""
-        ts = Test.MakeATSProcess(
+        ts = tr.MakeATSProcess(
             f'ts-{Http2FlowControlTest._ts_counter}',
             enable_tls=True,
             enable_cache=False)
@@ -125,19 +127,36 @@ def _configure_trafficserver(self):
             'proxy.config.diags.debug.tags': 'http',
         })
 
+        if is_http2_to_orign:
+            ts.Disk.records_config.update({
+                'proxy.config.ssl.client.alpn_protocols': 'h2,http/1.1',
+            })
+
         if self._initial_window_size is not None:
+            if is_outbound:
+                configuration = 'proxy.config.http2.initial_window_size_out'
+            else:
+                configuration = 'proxy.config.http2.initial_window_size_in'
             ts.Disk.records_config.update({
-                'proxy.config.http2.initial_window_size_in': self._initial_window_size,
+                configuration: self._initial_window_size,
             })
 
         if self._flow_control_policy is not None:
+            if is_outbound:
+                configuration = 'proxy.config.http2.flow_control.policy_out'
+            else:
+                configuration = 'proxy.config.http2.flow_control.policy_in'
             ts.Disk.records_config.update({
-                'proxy.config.http2.flow_control.policy_in': self._flow_control_policy,
+                configuration: self._flow_control_policy,
             })
 
-        if self._max_concurrent_streams_in is not None:
+        if self._max_concurrent_streams is not None:
+            if is_outbound:
+                configuration = 'proxy.config.http2.max_concurrent_streams_out'
+            else:
+                configuration = 'proxy.config.http2.max_concurrent_streams_in'
             ts.Disk.records_config.update({
-                'proxy.config.http2.max_concurrent_streams_in': self._max_concurrent_streams_in,
+                configuration: self._max_concurrent_streams,
             })
 
         ts.Disk.ssl_multicert_config.AddLine(
@@ -145,13 +164,17 @@ def _configure_trafficserver(self):
         )
 
         ts.Disk.remap_config.AddLine(
-            f'map / http://127.0.0.1:{self._server.Variables.http_port}'
+            f'map / https://127.0.0.1:{self._server.Variables.https_port}'
         )
 
         if self._flow_control_policy_is_malformed:
+            if is_outbound:
+                configuration = 'proxy.config.http2.flow_control.policy_out'
+            else:
+                configuration = 'proxy.config.http2.flow_control.policy_in'
             ts.Disk.diags_log.Content = Testers.ContainsExpression(
-                "ERROR.*proxy.config.http2.flow_control.policy_in",
-                "There should be an about an invalid flow control policy.")
+                f"ERROR.*{configuration}",
+                "There should be an error about an invalid flow control policy.")
 
         return ts
 
@@ -166,36 +189,39 @@ def _configure_client(self, tr):
             https_ports=[self._ts.Variables.ssl_port])
         Http2FlowControlTest._client_counter += 1
 
+    def _configure_log_expectations(self, host):
+        """Configure the log expectations for the client or server."""
+        hostname = "server" if host == self._server else "client"
         if self._flow_control_policy_is_malformed:
             # Since we're just testing ATS configuration errors, there's no
             # need to set up client expectations.
             return
 
         # ATS currently always sends a MAX_CONCURRENT_STREAMS setting.
-        tr.Processes.Default.Streams.stdout += Testers.ContainsExpression(
-            f'MAX_CONCURRENT_STREAMS:{self._expected_max_concurrent_streams_in}',
-            "Client should receive a MAX_CONCURRENT_STREAMS setting.")
+        host.Streams.stdout += Testers.ContainsExpression(
+            f'MAX_CONCURRENT_STREAMS:{self._expected_max_concurrent_streams}',
+            f"{hostname} should receive a MAX_CONCURRENT_STREAMS setting.")
 
         if self._initial_window_size is not None:
-            tr.Processes.Default.Streams.stdout += Testers.ContainsExpression(
+            host.Streams.stdout += Testers.ContainsExpression(
                 f'INITIAL_WINDOW_SIZE:{self._expected_initial_stream_window_size}',
-                "Client should receive an INITIAL_WINDOW_SIZE setting.")
+                f"{hostname} should receive an INITIAL_WINDOW_SIZE setting.")
 
         if self._expected_flow_control_policy == 0:
             update_window_size = (
                 self._expected_initial_stream_window_size -
                 self._default_initial_window_size)
             if update_window_size > 0:
-                tr.Processes.Default.Streams.stdout += Testers.ContainsExpression(
+                host.Streams.stdout += Testers.ContainsExpression(
                     f'WINDOW_UPDATE.*id 0: {update_window_size}',
-                    "Client should receive a session WINDOW_UPDATE.")
+                    f"{hostname} should receive a session WINDOW_UPDATE.")
 
         if self._expected_flow_control_policy in (1, 2):
             # Verify the larger window size.
 
             session_window_size = (
                 self._expected_initial_stream_window_size *
-                self._expected_max_concurrent_streams_in)
+                self._expected_max_concurrent_streams)
 
             # ATS will send a WINDOW_UPDATE frame to the client to increase
             # the session window size to the configured value from the default
@@ -206,9 +232,9 @@ def _configure_client(self, tr):
             # A WINDOW_UPDATE can only increase the window size. So make sure that
             # the new window size is greater than the default window size.
             if update_window_size > Http2FlowControlTest._default_initial_window_size:
-                tr.Processes.Default.Streams.stdout += Testers.ContainsExpression(
+                host.Streams.stdout += Testers.ContainsExpression(
                     f'WINDOW_UPDATE.*id 0: {update_window_size}',
-                    "Client should receive an initial session WINDOW_UPDATE.")
+                    f"{hostname} should receive an initial session WINDOW_UPDATE.")
             else:
                 # Our test traffic is large enough that eventually we should
                 # send a session WINDOW_UPDATE frame for the smaller window.
@@ -216,47 +242,83 @@ def _configure_client(self, tr):
                 # session window may not receive a 100 byte WINDOW_UPDATE frame
                 # if the client is sending DATA frames in 10 byte chunks due to
                 # a smaller stream window.
-                tr.Processes.Default.Streams.stdout += Testers.ContainsExpression(
+                host.Streams.stdout += Testers.ContainsExpression(
                     'WINDOW_UPDATE.*id 0: ',
-                    "Client should receive a session WINDOW_UPDATE.")
+                    f"{hostname} should receive a session WINDOW_UPDATE.")
 
             if self._expected_flow_control_policy == 2:
                 # Verify the streams window sizes get updated.
                 stream_window_1 = session_window_size
                 stream_window_2 = int(session_window_size / 2)
                 stream_window_3 = int(session_window_size / 3)
-                tr.Processes.Default.Streams.stdout += Testers.ContainsExpression(
+                host.Streams.stdout += Testers.ContainsExpression(
                     (f'INITIAL_WINDOW_SIZE:{stream_window_1}.*'
                      f'INITIAL_WINDOW_SIZE:{stream_window_2}.*'
                      f'INITIAL_WINDOW_SIZE:{stream_window_3}'),
-                    "Client should stream receive window updates",
+                    f"{hostname} should stream receive window updates",
                     reflags=re.DOTALL | re.MULTILINE)
 
         if self._expected_initial_stream_window_size < 1000:
+            first_id = 5 if self._server else 3
+
+            # WINDOW_UPDATE timing is different between the server and the
+            # client. Toward the origin we send SETTINGS frames to update the
+            # INITIAL_WINDOW_SIZE with the headers so they are received earlier
+            # than with the client, wherein we send the updated
+            # INITIAL_WINDOW_SIZE after receiving headers from the client.
+            if self._server and self._expected_flow_control_policy == 2:
+                window_update_size = 33
+            else:
+                window_update_size = self._expected_initial_stream_window_size
             # For the smaller session window sizes, we expect WINDOW_UPDATE frames.
-            tr.Processes.Default.Streams.stdout += Testers.ContainsExpression(
-                f'WINDOW_UPDATE.*id 3: {self._expected_initial_stream_window_size}',
-                "Client should receive a stream WINDOW_UPDATE.")
-
-            tr.Processes.Default.Streams.stdout += Testers.ContainsExpression(
-                f'WINDOW_UPDATE.*id 5: {self._expected_initial_stream_window_size}',
-                "Client should receive a stream WINDOW_UPDATE.")
-
-            tr.Processes.Default.Streams.stdout += Testers.ContainsExpression(
-                f'WINDOW_UPDATE.*id 7: {self._expected_initial_stream_window_size}',
-                "Client should receive a stream WINDOW_UPDATE.")
-
-    def run(self):
-        """Configure the TestRun."""
-        tr = Test.AddTestRun(self._description)
+            host.Streams.stdout += Testers.ContainsExpression(
+                f'WINDOW_UPDATE.*id {first_id}: {window_update_size}',
+                f"{hostname} should receive a stream WINDOW_UPDATE.")
+
+            host.Streams.stdout += Testers.ContainsExpression(
+                f'WINDOW_UPDATE.*id {first_id + 2}: {window_update_size}',
+                f"{hostname} should receive a stream WINDOW_UPDATE.")
+
+            host.Streams.stdout += Testers.ContainsExpression(
+                f'WINDOW_UPDATE.*id {first_id + 4}: {window_update_size}',
+                f"{hostname} should receive a stream WINDOW_UPDATE.")
+
+    def _configure_test_run_common(self, tr, is_outbound: bool, is_http2_to_origin: bool):
+        """Perform the common Process configuration."""
+        self._dns = self._configure_dns(tr)
+        self._server = self._configure_server(tr)
+        self._ts = self._configure_trafficserver(tr, is_outbound, is_http2_to_origin)
         if not self._flow_control_policy_is_malformed:
             self._configure_client(tr)
             tr.Processes.Default.StartBefore(self._dns)
             tr.Processes.Default.StartBefore(self._server)
-            tr.StillRunningAfter = self._ts
         else:
             tr.Processes.Default.Command = "true"
         tr.Processes.Default.StartBefore(self._ts)
+        tr.TimeOut = 20
+
+    def _configure_inbound_http1_to_origin_test_run(self):
+        """Configure the TestRun for inbound stream configuration."""
+        tr = Test.AddTestRun(f'{self._description} - inbound')
+        self._configure_test_run_common(tr, self.IS_INBOUND, self.IS_HTTP1_TO_ORIGIN)
+        self._configure_log_expectations(tr.Processes.Default)
+
+    def _configure_inbound_http2_to_origin_test_run(self):
+        """Configure the TestRun for inbound stream configuration."""
+        tr = Test.AddTestRun(f'{self._description} - inbound')
+        self._configure_test_run_common(tr, self.IS_INBOUND, self.IS_HTTP2_TO_ORIGIN)
+        self._configure_log_expectations(tr.Processes.Default)
+
+    def _configure_outbound_test_run(self):
+        """Configure the TestRun outbound stream configuration."""
+        tr = Test.AddTestRun(f'{self._description} - outbound')
+        self._configure_test_run_common(tr, self.IS_OUTBOUND, self.IS_HTTP2_TO_ORIGIN)
+        self._configure_log_expectations(self._server)
+
+    def run(self):
+        self._configure_inbound_http1_to_origin_test_run()
+        self._configure_inbound_http2_to_origin_test_run()
+        self._configure_outbound_test_run()
 
 
 #
@@ -266,18 +328,18 @@ def run(self):
 test.run()
 
 #
-# Configuring max_concurrent_streams_in.
+# Configuring max_concurrent_streams_(in|out).
 #
 test = Http2FlowControlTest(
-    description="Configure max_concurrent_streams_in",
-    max_concurrent_streams_in=53)
+    description="Configure max_concurrent_streams",
+    max_concurrent_streams=53)
 test.run()
 
 #
 # Configuring initial_window_size.
 #
 test = Http2FlowControlTest(
-    description="Configure a larger initial_window_size_in",
+    description="Configure a larger initial_window_size_(in|out)",
     initial_window_size=100123)
 test.run()
 
@@ -288,20 +350,21 @@ def run(self):
     description="Configure an unrecognized flow_control.in.policy",
     flow_control_policy=23)
 test.run()
+
 test = Http2FlowControlTest(
-    description="Flow control policy 0 (default): small initial_window_size_in",
+    description="Flow control policy 0 (default): small initial_window_size_(in|out)",
     initial_window_size=500,  # The default is 65 KB.
     flow_control_policy=0)
 test.run()
 test = Http2FlowControlTest(
     description="Flow control policy 1: 100 byte session, 10 byte stream windows",
-    max_concurrent_streams_in=10,
+    max_concurrent_streams=10,
     initial_window_size=10,
     flow_control_policy=1)
 test.run()
 test = Http2FlowControlTest(
     description="Flow control policy 2: 100 byte session, dynamic stream windows",
-    max_concurrent_streams_in=10,
+    max_concurrent_streams=10,
     initial_window_size=10,
     flow_control_policy=2)
 test.run()

From 2d2c023d91f88c627723d4bbab1e4f93e632eae1 Mon Sep 17 00:00:00 2001
From: Brian Neradt <brian.neradt@gmail.com>
Date: Sat, 19 Nov 2022 21:19:07 +0000
Subject: [PATCH 11/14] Handle set_connect_fail in ConnectingEntry correctly

When ConnectingEntry handled a connection failure, it could clear the
error value passed to set_connect_fail. This would incorrectly result in
the server not being marked down by hostdb. This patch ensures that the
error code passed to set_connect_fail is always an error value when
handling a connection failure.
---
 proxy/http/ConnectingEntry.cc | 2 +-
 proxy/http/HttpTransact.h     | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/proxy/http/ConnectingEntry.cc b/proxy/http/ConnectingEntry.cc
index 2bd0bd2ada0..255aa90f412 100644
--- a/proxy/http/ConnectingEntry.cc
+++ b/proxy/http/ConnectingEntry.cc
@@ -117,7 +117,7 @@ ConnectingEntry::state_http_server_open(int event, void *data)
     int lerrno           = EIO;
     if (_netvc != nullptr) {
       vc_provided_cert = _netvc->provided_cert();
-      lerrno           = _netvc->lerrno;
+      lerrno           = _netvc->lerrno == 0 ? lerrno : _netvc->lerrno;
       _netvc->do_io_close();
     }
     while (!_connect_sms.empty()) {
diff --git a/proxy/http/HttpTransact.h b/proxy/http/HttpTransact.h
index efeba51ba7f..427af0e800e 100644
--- a/proxy/http/HttpTransact.h
+++ b/proxy/http/HttpTransact.h
@@ -925,6 +925,7 @@ class HttpTransact
     void
     set_connect_fail(int e)
     {
+      int const original_connect_result = this->current.server->connect_result;
       if (e == EUSERS) {
         // EUSERS is used when the number of connections exceeds the configured
         // limit. Since this is not a network connectivity issue with the
@@ -937,7 +938,7 @@ class HttpTransact
       if (e != EIO) {
         this->cause_of_death_errno = e;
       }
-      Debug("http", "Setting upstream connection failure %d to %d", e, this->current.server->connect_result);
+      Debug("http", "Setting upstream connection failure %d to %d", original_connect_result, this->current.server->connect_result);
     }
 
     MgmtInt

From 1f00a9a11e8e24adaca53d30fe68de19fa0aa5a5 Mon Sep 17 00:00:00 2001
From: Brian Neradt <brian.neradt@gmail.com>
Date: Tue, 22 Nov 2022 17:01:30 +0000
Subject: [PATCH 12/14] Send WINDOW_UPDATE for session when stream ends for
 other streams

---
 proxy/http2/Http2ConnectionState.cc           |  21 +-
 .../h2/http2_flow_control.replay.yaml         |  67 +++-
 .../gold_tests/h2/http2_flow_control.test.py  | 114 ++++---
 .../h2/http2_flow_control_chunked.replay.yaml | 304 ++++++++++++++++++
 4 files changed, 463 insertions(+), 43 deletions(-)
 create mode 100644 tests/gold_tests/h2/http2_flow_control_chunked.replay.yaml

diff --git a/proxy/http2/Http2ConnectionState.cc b/proxy/http2/Http2ConnectionState.cc
index 1309cb3087b..20202bad142 100644
--- a/proxy/http2/Http2ConnectionState.cc
+++ b/proxy/http2/Http2ConnectionState.cc
@@ -232,6 +232,12 @@ Http2ConnectionState::rcv_data_frame(const Http2Frame &frame)
 
   if (stream->read_enabled()) {
     if (frame.header().flags & HTTP2_FLAGS_DATA_END_STREAM) {
+      if (this->get_peer_stream_count() > 1 && this->get_local_rwnd() == 0) {
+        // This final DATA frame for this stream consumed all the bytes for the
+        // session window. Send a WINDOW_UPDATE frame in order to open up the
+        // session window for other streams.
+        restart_receiving(nullptr);
+      }
       stream->signal_read_event(VC_EVENT_READ_COMPLETE);
     } else {
       stream->signal_read_event(VC_EVENT_READ_READY);
@@ -1717,6 +1723,9 @@ Http2ConnectionState::restart_streams()
       ink_assert(s != next);
       s = next;
     }
+
+    // The above stopped at end, so we need to call send_response_body() one
+    // last time for the stream pointed to by end.
     if (std::min(this->get_peer_rwnd(), s->get_peer_rwnd()) > 0) {
       SCOPED_MUTEX_LOCK(lock, s->mutex, this_ethread());
       s->restart_sending();
@@ -2026,11 +2035,15 @@ Http2ConnectionState::send_a_data_frame(Http2Stream *stream, size_t &payload_len
     if (window_size <= 0) {
       if (session->is_outbound()) {
         ip_port_text_buffer ipb;
-        const char *client_ip = ats_ip_ntop(session->get_proxy_session()->get_remote_addr(), ipb, sizeof(ipb));
-        Warning("No window server_ip=%s session_wnd=%zd stream_wnd=%zd peer_initial_window=%u", client_ip, get_peer_rwnd(),
+        const char *server_ip = ats_ip_ntop(session->get_proxy_session()->get_remote_addr(), ipb, sizeof(ipb));
+        // Warn the user to give them visibility that their server-side
+        // connection is being limited by their server's flow control. Maybe
+        // they can make adjustments.
+        Warning("No window server_ip=%s session_wnd=%zd stream_wnd=%zd peer_initial_window=%u", server_ip, get_peer_rwnd(),
                 stream->get_peer_rwnd(), this->peer_settings.get(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE));
       }
-      Http2StreamDebug(this->session, stream->get_id(), "No window");
+      Http2StreamDebug(this->session, stream->get_id(), "No window session_wnd=%zd stream_wnd=%zd peer_initial_window=%u",
+                       get_peer_rwnd(), stream->get_peer_rwnd(), this->peer_settings.get(HTTP2_SETTINGS_INITIAL_WINDOW_SIZE));
       this->session->flush();
       return Http2SendDataFrameResult::NO_WINDOW;
     }
@@ -2074,7 +2087,7 @@ Http2ConnectionState::send_a_data_frame(Http2Stream *stream, size_t &payload_len
   stream->decrement_peer_rwnd(payload_length);
 
   // Create frame
-  Http2StreamDebug(session, stream->get_id(), "Send a DATA frame - client window con: %5zd stream: %5zd payload: %5zd flags: 0x%x",
+  Http2StreamDebug(session, stream->get_id(), "Send a DATA frame - peer window con: %5zd stream: %5zd payload: %5zd flags: 0x%x",
                    _peer_rwnd, stream->get_peer_rwnd(), payload_length, flags);
 
   Http2DataFrame data(stream->get_id(), flags, resp_reader, payload_length);
diff --git a/tests/gold_tests/h2/http2_flow_control.replay.yaml b/tests/gold_tests/h2/http2_flow_control.replay.yaml
index 4714ad26a4d..e99d6ed3a7c 100644
--- a/tests/gold_tests/h2/http2_flow_control.replay.yaml
+++ b/tests/gold_tests/h2/http2_flow_control.replay.yaml
@@ -64,7 +64,7 @@ sessions:
         - [ X-Response, { value: 'zero-response', as: equal } ]
 
   - client-request:
-      delay: 500ms
+      await: zero-request
 
       headers:
         fields:
@@ -235,3 +235,68 @@ sessions:
         fields:
         - [ X-Response, {value: 'fifth-response', as: equal } ]
 
+  - client-request:
+      # Populate the cache with a large response.
+
+      headers:
+        fields:
+        - [ :method, GET ]
+        - [ :scheme, https ]
+        - [ :authority, www.example.com ]
+        - [ :path, /sixth-request ]
+        - [ uuid, sixth-request ]
+        - [ X-Request, sixth-request ]
+
+    proxy-request:
+      headers:
+        fields:
+        - [ X-Request, {value: 'sixth-request', as: equal } ]
+
+    server-response:
+      status: 200
+      reason: OK
+      headers:
+        fields:
+        - [ X-Response, sixth-response ]
+        - [ Cache-Control, max-age=3600 ]
+        - [ Content-Length, 120000 ]
+      content:
+        size: 120000
+
+    proxy-response:
+      headers:
+        fields:
+        - [ X-Response, {value: 'sixth-response', as: equal } ]
+
+
+  # Retrieve an item from the cache. /sixth-request should have been cached in
+  # the previous transaction.
+  - client-request:
+
+      # Give the above transaction enough time to finish.
+      await: sixth-request
+
+      # Add some time to ensure that the sixth-request response is cached.
+      delay: 100ms
+      headers:
+        fields:
+        - [ :method, GET ]
+        - [ :scheme, https ]
+        - [ :authority, www.example.com ]
+        - [ :path, /sixth-request ]
+        - [ uuid, sixth-request-cached ]
+        - [ X-Request, sixth-request-cached ]
+      content:
+        size: 0
+
+    # Configure an error response which we don't expect to receive from the
+    # server because this should be served out of the cache.
+    server-response:
+      status: 500
+      reason: Bad Request
+
+    proxy-response:
+      status: 200
+      headers:
+        fields:
+        - [ X-Response, {value: 'sixth-response', as: equal } ]
diff --git a/tests/gold_tests/h2/http2_flow_control.test.py b/tests/gold_tests/h2/http2_flow_control.test.py
index 0b656768f96..10cd403e977 100644
--- a/tests/gold_tests/h2/http2_flow_control.test.py
+++ b/tests/gold_tests/h2/http2_flow_control.test.py
@@ -16,8 +16,8 @@
 #  See the License for the specific language governing permissions and
 #  limitations under the License.
 
-import os
 import re
+from enum import Enum
 from typing import List, Optional
 
 
@@ -28,6 +28,7 @@ class Http2FlowControlTest:
     """Define an object to test HTTP/2 flow control behavior."""
 
     _replay_file: str = 'http2_flow_control.replay.yaml'
+    _replay_chunked_file: str = 'http2_flow_control_chunked.replay.yaml'
     _valid_policy_values: List[int] = list(range(0, 3))
     _flow_control_policy: Optional[int] = None
     _flow_control_policy_is_malformed: bool = False
@@ -47,6 +48,13 @@ class Http2FlowControlTest:
     IS_HTTP2_TO_ORIGIN = True
     IS_HTTP1_TO_ORIGIN = False
 
+    class ServerType(Enum):
+        """Define the type of server to use in a TestRun."""
+
+        HTTP1_CONTENT_LENGTH = 0
+        HTTP1_CHUNKED = 1
+        HTTP2 = 2
+
     def __init__(
             self,
             description: str,
@@ -100,20 +108,26 @@ def _configure_dns(self, tr: 'TestRun') -> 'Process':
         Http2FlowControlTest._dns_counter += 1
         return dns
 
-    def _configure_server(self, tr: 'TestRun') -> 'Process':
+    def _configure_server(self, tr: 'TestRun',
+                          server_type: ServerType) -> 'Process':
         """Configure the test server."""
+        if server_type == self.ServerType.HTTP1_CHUNKED:
+            replay_file = self._replay_chunked_file
+        else:
+            replay_file = self._replay_file
+
         server = tr.AddVerifierServerProcess(
             f'server-{Http2FlowControlTest._server_counter}',
-            self._replay_file)
+            replay_file)
         Http2FlowControlTest._server_counter += 1
         return server
 
-    def _configure_trafficserver(self, tr: 'TestRun', is_outbound: bool, is_http2_to_orign: bool) -> 'Process':
+    def _configure_trafficserver(self, tr: 'TestRun', is_outbound: bool,
+                                 server_type: ServerType) -> 'Process':
         """Configure a Traffic Server process."""
         ts = tr.MakeATSProcess(
             f'ts-{Http2FlowControlTest._ts_counter}',
-            enable_tls=True,
-            enable_cache=False)
+            enable_tls=True)
         Http2FlowControlTest._ts_counter += 1
 
         ts.addDefaultSSLFiles()
@@ -122,12 +136,14 @@ def _configure_trafficserver(self, tr: 'TestRun', is_outbound: bool, is_http2_to
             'proxy.config.ssl.server.private_key.path': f'{ts.Variables.SSLDir}',
             'proxy.config.ssl.client.verify.server.policy': 'PERMISSIVE',
             'proxy.config.dns.nameservers': '127.0.0.1:{0}'.format(self._dns.Variables.Port),
+            'proxy.config.dns.resolv_conf': 'NULL',
+            'proxy.config.http.insert_age_in_response': 0,
 
             'proxy.config.diags.debug.enabled': 3,
             'proxy.config.diags.debug.tags': 'http',
         })
 
-        if is_http2_to_orign:
+        if server_type == self.ServerType.HTTP2:
             ts.Disk.records_config.update({
                 'proxy.config.ssl.client.alpn_protocols': 'h2,http/1.1',
             })
@@ -174,11 +190,11 @@ def _configure_trafficserver(self, tr: 'TestRun', is_outbound: bool, is_http2_to
                 configuration = 'proxy.config.http2.flow_control.policy_in'
             ts.Disk.diags_log.Content = Testers.ContainsExpression(
                 f"ERROR.*{configuration}",
-                "There should be an error about an invalid flow control policy.")
+                "Expected an error about an invalid flow control policy.")
 
         return ts
 
-    def _configure_client(self, tr):
+    def _configure_client(self, tr, ):
         """Configure a client process.
 
         :param tr: The TestRun to associate the client with.
@@ -251,25 +267,35 @@ def _configure_log_expectations(self, host):
                 stream_window_1 = session_window_size
                 stream_window_2 = int(session_window_size / 2)
                 stream_window_3 = int(session_window_size / 3)
-                host.Streams.stdout += Testers.ContainsExpression(
-                    (f'INITIAL_WINDOW_SIZE:{stream_window_1}.*'
-                     f'INITIAL_WINDOW_SIZE:{stream_window_2}.*'
-                     f'INITIAL_WINDOW_SIZE:{stream_window_3}'),
-                    f"{hostname} should stream receive window updates",
-                    reflags=re.DOTALL | re.MULTILINE)
+                if self._server:
+                    # Toward the server, there is a potential race condition
+                    # between sending of first-request and the sending of the
+                    # SETTINGS frame which reduces the stream window size.
+                    # Allow for either scenario.
+                    host.Streams.stdout += Testers.ContainsExpression(
+                        (f'INITIAL_WINDOW_SIZE:{stream_window_1}.*'
+                         f'INITIAL_WINDOW_SIZE:{stream_window_2}.*'),
+                        f"{hostname} should stream receive window updates",
+                        reflags=re.DOTALL | re.MULTILINE)
+                else:
+                    host.Streams.stdout += Testers.ContainsExpression(
+                        (f'INITIAL_WINDOW_SIZE:{stream_window_1}.*'
+                         f'INITIAL_WINDOW_SIZE:{stream_window_2}.*'
+                         f'INITIAL_WINDOW_SIZE:{stream_window_3}'),
+                        f"{hostname} should stream receive window updates",
+                        reflags=re.DOTALL | re.MULTILINE)
 
         if self._expected_initial_stream_window_size < 1000:
             first_id = 5 if self._server else 3
 
-            # WINDOW_UPDATE timing is different between the server and the
-            # client. Toward the origin we send SETTINGS frames to update the
-            # INITIAL_WINDOW_SIZE with the headers so they are received earlier
-            # than with the client, wherein we send the updated
-            # INITIAL_WINDOW_SIZE after receiving headers from the client.
             if self._server and self._expected_flow_control_policy == 2:
-                window_update_size = 33
+                # Toward the server, there is a potential race condition
+                # between sending of first-request and the sending of the
+                # SETTINGS frame which reduces the stream window size. Allow
+                # for either scenario.
+                window_update_size = f'33|{self._expected_initial_stream_window_size}'
             else:
-                window_update_size = self._expected_initial_stream_window_size
+                window_update_size = f'{self._expected_initial_stream_window_size}'
             # For the smaller session window sizes, we expect WINDOW_UPDATE frames.
             host.Streams.stdout += Testers.ContainsExpression(
                 f'WINDOW_UPDATE.*id {first_id}: {window_update_size}',
@@ -283,11 +309,12 @@ def _configure_log_expectations(self, host):
                 f'WINDOW_UPDATE.*id {first_id + 4}: {window_update_size}',
                 f"{hostname} should receive a stream WINDOW_UPDATE.")
 
-    def _configure_test_run_common(self, tr, is_outbound: bool, is_http2_to_origin: bool):
+    def _configure_test_run_common(self, tr, is_outbound: bool,
+                                   server_type: ServerType) -> None:
         """Perform the common Process configuration."""
         self._dns = self._configure_dns(tr)
-        self._server = self._configure_server(tr)
-        self._ts = self._configure_trafficserver(tr, is_outbound, is_http2_to_origin)
+        self._server = self._configure_server(tr, server_type)
+        self._ts = self._configure_trafficserver(tr, is_outbound, server_type)
         if not self._flow_control_policy_is_malformed:
             self._configure_client(tr)
             tr.Processes.Default.StartBefore(self._dns)
@@ -297,25 +324,36 @@ def _configure_test_run_common(self, tr, is_outbound: bool, is_http2_to_origin:
         tr.Processes.Default.StartBefore(self._ts)
         tr.TimeOut = 20
 
-    def _configure_inbound_http1_to_origin_test_run(self):
+    def _configure_inbound_http1_to_origin_test_run(self) -> None:
         """Configure the TestRun for inbound stream configuration."""
-        tr = Test.AddTestRun(f'{self._description} - inbound')
-        self._configure_test_run_common(tr, self.IS_INBOUND, self.IS_HTTP1_TO_ORIGIN)
+        tr = Test.AddTestRun(f'{self._description} - inbound, '
+                             'HTTP/1 Content-Length origin')
+        self._configure_test_run_common(tr, self.IS_INBOUND,
+                                        self.ServerType.HTTP1_CONTENT_LENGTH)
+        self._configure_log_expectations(tr.Processes.Default)
+
+        tr = Test.AddTestRun(f'{self._description} - inbound, '
+                             'HTTP/1 chunked origin')
+        self._configure_test_run_common(tr, self.IS_INBOUND,
+                                        self.ServerType.HTTP1_CHUNKED)
         self._configure_log_expectations(tr.Processes.Default)
 
-    def _configure_inbound_http2_to_origin_test_run(self):
+    def _configure_inbound_http2_to_origin_test_run(self) -> None:
         """Configure the TestRun for inbound stream configuration."""
-        tr = Test.AddTestRun(f'{self._description} - inbound')
-        self._configure_test_run_common(tr, self.IS_INBOUND, self.IS_HTTP2_TO_ORIGIN)
+        tr = Test.AddTestRun(f'{self._description} - inbound, HTTP/2 origin')
+        self._configure_test_run_common(tr, self.IS_INBOUND,
+                                        self.ServerType.HTTP2)
         self._configure_log_expectations(tr.Processes.Default)
 
-    def _configure_outbound_test_run(self):
+    def _configure_outbound_test_run(self) -> None:
         """Configure the TestRun outbound stream configuration."""
-        tr = Test.AddTestRun(f'{self._description} - outbound')
-        self._configure_test_run_common(tr, self.IS_OUTBOUND, self.IS_HTTP2_TO_ORIGIN)
+        tr = Test.AddTestRun(f'{self._description} - outbound, HTTP/2 origin')
+        self._configure_test_run_common(tr, self.IS_OUTBOUND,
+                                        self.ServerType.HTTP2)
         self._configure_log_expectations(self._server)
 
-    def run(self):
+    def run(self) -> None:
+        """Configure the test run for various origin side configurations."""
         self._configure_inbound_http1_to_origin_test_run()
         self._configure_inbound_http2_to_origin_test_run()
         self._configure_outbound_test_run()
@@ -352,18 +390,18 @@ def run(self):
 test.run()
 
 test = Http2FlowControlTest(
-    description="Flow control policy 0 (default): small initial_window_size_(in|out)",
+    description="Flow control policy 0 (default): small initial_window_size",
     initial_window_size=500,  # The default is 65 KB.
     flow_control_policy=0)
 test.run()
 test = Http2FlowControlTest(
-    description="Flow control policy 1: 100 byte session, 10 byte stream windows",
+    description="Flow control policy 1: 100 byte session, 10 byte streams",
     max_concurrent_streams=10,
     initial_window_size=10,
     flow_control_policy=1)
 test.run()
 test = Http2FlowControlTest(
-    description="Flow control policy 2: 100 byte session, dynamic stream windows",
+    description="Flow control policy 2: 100 byte session, dynamic streams",
     max_concurrent_streams=10,
     initial_window_size=10,
     flow_control_policy=2)
diff --git a/tests/gold_tests/h2/http2_flow_control_chunked.replay.yaml b/tests/gold_tests/h2/http2_flow_control_chunked.replay.yaml
new file mode 100644
index 00000000000..b30ff37c696
--- /dev/null
+++ b/tests/gold_tests/h2/http2_flow_control_chunked.replay.yaml
@@ -0,0 +1,304 @@
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+meta:
+  version: "1.0"
+
+# This replay file generates an HTTP/2 session with three streams in order to
+# verify that ATS generates the expected SETTINGS and WINDOW_UPDATE frames.
+
+sessions:
+
+- protocol:
+  - name: http
+    version: 2
+  - name: tls
+    sni: www.example.com
+  - name: tcp
+  - name: ip
+
+  transactions:
+
+  - client-request:
+      headers:
+        fields:
+        - [ :method, GET ]
+        - [ :scheme, https ]
+        - [ :authority, www.example.com ]
+        - [ :path, /zero-request ]
+        - [ uuid, zero-request ]
+        - [ X-Request, zero-request ]
+        - [ Content-Length, 0 ]
+
+    proxy-request:
+      headers:
+        fields:
+        - [ X-Request, { value: 'zero-request', as: equal } ]
+
+    server-response:
+      status: 200
+      reason: OK
+      headers:
+        fields:
+        - [ X-Response, zero-response ]
+        - [ Transfer-Encoding, chunked ]
+      content:
+        size: 28
+
+    proxy-response:
+      headers:
+        fields:
+        - [ X-Response, { value: 'zero-response', as: equal } ]
+
+  - client-request:
+      await: zero-request
+
+      headers:
+        fields:
+        - [ :method, POST ]
+        - [ :scheme, https ]
+        - [ :authority, www.example.com ]
+        - [ :path, /first-request ]
+        - [ uuid, first-request ]
+        - [ X-Request, first-request ]
+      content:
+        size: 1200
+
+    proxy-request:
+      headers:
+        fields:
+        - [ X-Request, { value: 'first-request', as: equal } ]
+
+    server-response:
+      status: 200
+      reason: OK
+      headers:
+        fields:
+        - [ X-Response, first-response ]
+        - [ Transfer-Encoding, chunked ]
+      content:
+        size: 1200
+
+    proxy-response:
+      headers:
+        fields:
+        - [ X-Response, { value: 'first-response', as: equal } ]
+
+  - client-request:
+      headers:
+        fields:
+        - [ :method, POST ]
+        - [ :scheme, https ]
+        - [ :authority, www.example.com ]
+        - [ :path, /second-request ]
+        - [ uuid, second-request ]
+        - [ X-Request, second-request ]
+      content:
+        size: 1200
+
+    proxy-request:
+      headers:
+        fields:
+        - [ X-Request, {value: 'second-request', as: equal } ]
+
+    # Intermix a Content-Length encoding just to make sure they interact well
+    # with each other.
+    server-response:
+      status: 200
+      reason: OK
+      headers:
+        fields:
+        - [ X-Response, second-response ]
+        - [ Content-Length, 1200 ]
+      content:
+        size: 1200
+
+    proxy-response:
+      headers:
+        fields:
+        - [ X-Response, {value: 'second-response', as: equal } ]
+
+  - client-request:
+      headers:
+        fields:
+        - [ :method, POST ]
+        - [ :scheme, https ]
+        - [ :authority, www.example.com ]
+        - [ :path, /third-request ]
+        - [ uuid, third-request ]
+        - [ X-Request, third-request ]
+      content:
+        size: 1200
+
+    proxy-request:
+      headers:
+        fields:
+        - [ X-Request, {value: 'third-request', as: equal } ]
+
+    server-response:
+      status: 200
+      reason: OK
+      headers:
+        fields:
+        - [ X-Response, third-response ]
+        - [ Transfer-Encoding, chunked ]
+      content:
+        size: 1200
+
+    proxy-response:
+      headers:
+        fields:
+        - [ X-Response, {value: 'third-response', as: equal } ]
+
+  - client-request:
+      # Intentionally test a stream after the three other parallel POST
+      # requests.
+      delay: 500ms
+
+      headers:
+        fields:
+        - [ :method, POST ]
+        - [ :scheme, https ]
+        - [ :authority, www.example.com ]
+        - [ :path, /fourth-request ]
+        - [ uuid, fourth-request ]
+        - [ X-Request, fourth-request ]
+      content:
+        # Send a very large DATA frame so that we exceed the 65,535 window
+        # size of most of the test runs.
+        size: 120000
+
+    proxy-request:
+      headers:
+        fields:
+        - [ X-Request, {value: 'fourth-request', as: equal } ]
+
+    server-response:
+      status: 200
+      reason: OK
+      headers:
+        fields:
+        - [ X-Response, fourth-response ]
+        - [ Transfer-Encoding, chunked ]
+      content:
+        size: 120000
+
+    proxy-response:
+      headers:
+        fields:
+        - [ X-Response, {value: 'fourth-response', as: equal } ]
+
+  - client-request:
+      # Give the above request time to process and give us an opportunity to
+      # receive any other WINDOW_UPDATE frames.
+      delay: 500ms
+
+      headers:
+        fields:
+        - [ :method, POST ]
+        - [ :scheme, https ]
+        - [ :authority, www.example.com ]
+        - [ :path, /fifth-request ]
+        - [ uuid, fifth-request ]
+        - [ X-Request, fifth-request ]
+      content:
+        size: 10000
+
+    proxy-request:
+      headers:
+        fields:
+        - [ X-Request, {value: 'fifth-request', as: equal } ]
+
+    server-response:
+      status: 200
+      reason: OK
+      headers:
+        fields:
+        - [ X-Response, fifth-response ]
+        - [ Transfer-Encoding, chunked ]
+      content:
+        size: 10000
+
+    proxy-response:
+      headers:
+        fields:
+        - [ X-Response, {value: 'fifth-response', as: equal } ]
+
+  - client-request:
+      # Populate the cache with a large response.
+
+      headers:
+        fields:
+        - [ :method, GET ]
+        - [ :scheme, https ]
+        - [ :authority, www.example.com ]
+        - [ :path, /sixth-request ]
+        - [ uuid, sixth-request ]
+        - [ X-Request, sixth-request ]
+
+    proxy-request:
+      headers:
+        fields:
+        - [ X-Request, {value: 'sixth-request', as: equal } ]
+
+    server-response:
+      status: 200
+      reason: OK
+      headers:
+        fields:
+        - [ X-Response, sixth-response ]
+        - [ Cache-Control, max-age=3600 ]
+        - [ Transfer-Encoding, chunked ]
+      content:
+        size: 120000
+
+    proxy-response:
+      headers:
+        fields:
+        - [ X-Response, {value: 'sixth-response', as: equal } ]
+
+
+  # Retrieve an item from the cache. /sixth-request should have been cached in
+  # the previous transaction.
+  - client-request:
+
+      # Give the above transaction enough time to finish.
+      await: sixth-request
+
+      # Add some time to ensure that the sixth-request response is cached.
+      delay: 100ms
+      headers:
+        fields:
+        - [ :method, GET ]
+        - [ :scheme, https ]
+        - [ :authority, www.example.com ]
+        - [ :path, /sixth-request ]
+        - [ uuid, sixth-request-cached ]
+        - [ X-Request, sixth-request-cached ]
+      content:
+        size: 0
+
+    # Configure an error response which we don't expect to receive from the
+    # server because this should be served out of the cache.
+    server-response:
+      status: 500
+      reason: Bad Request
+
+    proxy-response:
+      status: 200
+      headers:
+        fields:
+        - [ X-Response, {value: 'sixth-response', as: equal } ]

From d2b6647ad8afb1f6c5f1c86e49f7d73aa7125c67 Mon Sep 17 00:00:00 2001
From: Brian Neradt <brian.neradt@gmail.com>
Date: Wed, 1 Feb 2023 22:14:57 +0000
Subject: [PATCH 13/14] set_cause_of death_errno call

---
 proxy/http/HttpSM.cc                          |  5 ++
 .../gold_tests/slow_post/server_abort.test.py | 51 +++++++++++++++++++
 .../slow_post/test_secrets/aaa-signed.key     | 27 ++++++++++
 .../slow_post/test_secrets/aaa-signed.pem     | 16 ++++++
 4 files changed, 99 insertions(+)
 create mode 100644 tests/gold_tests/slow_post/server_abort.test.py
 create mode 100644 tests/gold_tests/slow_post/test_secrets/aaa-signed.key
 create mode 100644 tests/gold_tests/slow_post/test_secrets/aaa-signed.pem

diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index 767af98f8f8..04fcbfc71e0 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -1963,6 +1963,11 @@ HttpSM::state_http_server_open(int event, void *data)
       _netvc->do_io_write(nullptr, 0, nullptr);
       _netvc->do_io_close();
       _netvc = nullptr;
+    } else {
+      // We set this to 0 because otherwise
+      // HttpTransact::retry_server_connection_not_open will raise an assertion
+      // if the value is the default UNKNOWN_INTERNAL_ERROR.
+      t_state.cause_of_death_errno = 0;
     }
 
     /* If we get this error in transparent mode, then we simply can't bind to the 4-tuple to make the connection.  There's no hope
diff --git a/tests/gold_tests/slow_post/server_abort.test.py b/tests/gold_tests/slow_post/server_abort.test.py
new file mode 100644
index 00000000000..1b80ac031a3
--- /dev/null
+++ b/tests/gold_tests/slow_post/server_abort.test.py
@@ -0,0 +1,51 @@
+'''
+'''
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+import re
+
+Test.Summary = '''
+AuTest with bad configuration of microserver to simulate server aborting the connection unexpectedly
+'''
+ts = Test.MakeATSProcess("ts", enable_tls=True)
+# note the microserver by default is not configured to use ssl
+server = Test.MakeOriginServer("server")
+ts.Disk.remap_config.AddLine(
+    # The following config tells ATS to do tls with the origin server on a
+    # non-tls port. This is misconfigured intentionally to trigger an exception
+    # on the origin server so that it aborts the connection upon receiving a
+    # request
+    'map / https://127.0.0.1:{0}'.format(server.Variables.Port))
+ts.Disk.ssl_multicert_config.AddLine(
+    'dest_ip=* ssl_cert_name=aaa-signed.pem ssl_key_name=aaa-signed.key'
+)
+ts.Disk.records_config.update({
+    'proxy.config.diags.debug.tags': 'http|dns',
+    'proxy.config.diags.debug.enabled': 1,
+    'proxy.config.ssl.server.cert.path': f'{Test.TestDirectory}/test_secrets',
+    'proxy.config.ssl.server.private_key.path': f'{Test.TestDirectory}/test_secrets',
+})
+
+tr = Test.AddTestRun()
+tr.Processes.Default.StartBefore(server)
+tr.Processes.Default.StartBefore(ts)
+tr.Processes.Default.Command = "curl -v -k -H \"host: foo.com\" https://127.0.0.1:{0}".format(ts.Variables.ssl_port)
+tr.ReturnCode = 0
+tr.StillRunningAfter = server
+tr.StillRunningAfter = ts
+server.Streams.stderr += Testers.ContainsExpression(
+    "UnicodeDecodeError",
+    "Verify that the server raises an exception when processing the request.")
diff --git a/tests/gold_tests/slow_post/test_secrets/aaa-signed.key b/tests/gold_tests/slow_post/test_secrets/aaa-signed.key
new file mode 100644
index 00000000000..64090deaafb
--- /dev/null
+++ b/tests/gold_tests/slow_post/test_secrets/aaa-signed.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA4Uim3ZOB1IfLWxpSjQ60dq2j7oVi5fW8idDg3zZOxBv2NlTm
+Ca4uFtwW+Jhv4CSed/7ggoPvtuxHvTy4w2rwxFpM29sInRjQdJJ/gftIIkaEqZ5c
+qleGBsaG5CLDFSPejJ2+rSY0FWg2/F9GxljV6BNgO0ukv3AjeIGpRdZF3mJIozb3
+fU3/XOrgDfCt6IH9ZBPHhRA1DzkuBtBkStDgXVYr3bzfhmVb9tMKZRJjLUPjKfa2
+4ninFKXl/2S6/RHSRcLWde3U4IizmfepXiIFi2j49UGiDzCq3sKCvMsAahwwx8fR
+FEMMwV6oWJM0rgzoz8YEPBC2oRO1FCIkHOYHEQIDAQABAoIBAAqIUwTY+KDvGFrS
+CDoADf/ebmOgaNdHfeETmu/UoioZBJHVtkuNkSoQcCJ/PfvEuoPxrp1rfbGXqmL2
+i8zXGxqS/jTpMKXnmxdYIg35qY2wrlMfzEVKgkGe1n+kAGrkmmsIlPmTZ6v4i1mR
+OsXbMWUAQueCydkJbR8dMMTLF8klyLge9G8M3Bm2lqtQnridsRULMbNs22JOQnah
+C/4oOrD7tZLLhMnSzvWP92POZ6a/2vO6ou6rvg6zu9mMw6yNRYSqwyLzztbyhG6Y
+M9ER7v8YJBPfSy+nAQ8VCA9cZb96Ybxwc7BecJAWgg1+tSlak0BNj1qUg4oroSpK
+bRAciIECgYEA99as1TNaPsveRv9nTpIVl4gXpfixQMx0gpnivYNZW2XpCx5COuML
+t98Lu7Hg6bknukGwWzNGRGFX+3Bx+zsK6+VuFlBxANH9kUzkY9KFonvb3xWbDivG
+2bf+9a3oORNsl2GVkCwhoD/1y0aPR2xZvpEZDAf0apQ1cQ+rikNc31UCgYEA6LPV
+86rDXRfXwwHlcUgEpyJ6kJ6J1OpmsbN8eLm+99TNf8lp974ewXjJkTm6NYOGS11y
+lboAh0IxoUKy0Fuuf0eTmOa+2dee52Np9pElZ6daCX8eTSAOL46GzDCaKfBopYdv
+EWGaU+W/k+Eod5ygEJrZHPRJ5+YrhbHy+o6KcM0CgYEA0zG9sCSFh7Oko62rM/oq
+qilPtaBaM9TGiDBoVoRilg8e6tmLKLEn4DUSw4xOE/0zDHZDuUPVYhntppdomeTz
+ZpfpGtzLnx5SzQnQKfxQ4mhXsh+wNQA7AHbZrjPXCyQxSkLe96+TrAI1C1cCa6O6
+SjlNNcJllpjbfZAT5suGjc0CgYBVr4KkyshNSy5DvDsET4SHFocTIY2XPQi7fl/j
+BGJxV4aj+0Jt2y/wBc4TD7KladzVe39p6qevJoyn2KuHVXsXmv+aWb0E8gStJ0op
+ZKDlXhYlUQ2TUK5ojI7OOUdLEh82dHxNZicxpXO5vDrucFnwQ1SW+M0N+w8jl7bk
+0//eMQKBgQD14laufpbwz6KEj/nihyGHfMCNIV4IgBtSkQIJ4+xM8fjTd4YoLLWn
+wwkFDOvMC5TE8WMVf17Eyo9N6D9OfOwHqoRkC93bcRA/5GCvhO4cnOmzLITAr4m5
+wESxUCaACyXrBZVzRKupZEzsRrVskUC1WbQA2SHAJ7Kx5iAW3d7KuA==
+-----END RSA PRIVATE KEY-----
diff --git a/tests/gold_tests/slow_post/test_secrets/aaa-signed.pem b/tests/gold_tests/slow_post/test_secrets/aaa-signed.pem
new file mode 100644
index 00000000000..2202efae57d
--- /dev/null
+++ b/tests/gold_tests/slow_post/test_secrets/aaa-signed.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICnDCCAYQCAQEwDQYJKoZIhvcNAQELBQAwETEPMA0GA1UEAwwGYWFhLWNhMCAX
+DTIwMDgyNTAxNDAzNloYDzIxMjAwODAxMDE0MDM2WjAVMRMwEQYDVQQDDAphYWEt
+c2lnbmVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Uim3ZOB1IfL
+WxpSjQ60dq2j7oVi5fW8idDg3zZOxBv2NlTmCa4uFtwW+Jhv4CSed/7ggoPvtuxH
+vTy4w2rwxFpM29sInRjQdJJ/gftIIkaEqZ5cqleGBsaG5CLDFSPejJ2+rSY0FWg2
+/F9GxljV6BNgO0ukv3AjeIGpRdZF3mJIozb3fU3/XOrgDfCt6IH9ZBPHhRA1Dzku
+BtBkStDgXVYr3bzfhmVb9tMKZRJjLUPjKfa24ninFKXl/2S6/RHSRcLWde3U4Iiz
+mfepXiIFi2j49UGiDzCq3sKCvMsAahwwx8fRFEMMwV6oWJM0rgzoz8YEPBC2oRO1
+FCIkHOYHEQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAYTvaL8Ii4UW5Z6mQEFxlf
+4yEJlsXlVsjNDcMCU57gN1Hgkswsg5ePvNUkqcj7DyqoSwq9uhKP5ApzVdzhJlVH
+WXsMIp95Tl0pC7L2JisMivOMn2y20wVGge1jXGexq4GOl08Ow/7rCM3xVok/TrIX
+L2f6u+wjJG0YanlDO6l4+aU9+kqpVI7awnOWEshLOHUO4cQdnlF7jkYaEdCp2Ke7
+peycIow1oSTOcIKsqzcHRT/gYOqk3IkCTw0fIpCb5FhcCz7ZYppl5eeJSw0JHNyA
+AOqNfFWJypTWhX8cGI6BKmWQMdR0z6j2pegG/2JOSl4ozFsU2JchzTizI2WxRSzm
+-----END CERTIFICATE-----

From 821ec038e74b27e8ae499fcddd38403781690aad Mon Sep 17 00:00:00 2001
From: Fei Deng <feid@oath.com>
Date: Wed, 1 Feb 2023 17:25:43 -0600
Subject: [PATCH 14/14] pass through RST_STREAM frame

---
 proxy/http2/Http2ConnectionState.cc           |   4 +-
 proxy/http2/Http2Stream.cc                    |  10 +-
 .../h2/gold/server_after_headers.gold         |   5 +
 tests/gold_tests/h2/h2origin.test.py          |   2 +-
 .../h2/h2origin_single_thread.test.py         |   2 +-
 tests/gold_tests/h2/http2_rst_stream.test.py  | 199 ++++++++++++++++++
 .../h1-client-h2-origin.yaml                  |   0
 .../h2-origin.yaml                            |   0
 .../http2_rst_stream_client_after_data.yaml   |  54 +++++
 ...http2_rst_stream_client_after_headers.yaml |  54 +++++
 ...http2_rst_stream_server_after_headers.yaml |  48 +++++
 11 files changed, 372 insertions(+), 6 deletions(-)
 create mode 100644 tests/gold_tests/h2/gold/server_after_headers.gold
 create mode 100644 tests/gold_tests/h2/http2_rst_stream.test.py
 rename tests/gold_tests/h2/{replay => replay_h2origin}/h1-client-h2-origin.yaml (100%)
 rename tests/gold_tests/h2/{replay => replay_h2origin}/h2-origin.yaml (100%)
 create mode 100644 tests/gold_tests/h2/replay_rst_stream/http2_rst_stream_client_after_data.yaml
 create mode 100644 tests/gold_tests/h2/replay_rst_stream/http2_rst_stream_client_after_headers.yaml
 create mode 100644 tests/gold_tests/h2/replay_rst_stream/http2_rst_stream_server_after_headers.yaml

diff --git a/proxy/http2/Http2ConnectionState.cc b/proxy/http2/Http2ConnectionState.cc
index 20202bad142..7afdf93a620 100644
--- a/proxy/http2/Http2ConnectionState.cc
+++ b/proxy/http2/Http2ConnectionState.cc
@@ -621,9 +621,10 @@ Http2ConnectionState::rcv_rst_stream_frame(const Http2Frame &frame)
   }
 
   if (stream != nullptr) {
-    Http2StreamDebug(this->session, stream_id, "RST_STREAM: Error Code: %u", rst_stream.error_code);
+    Http2StreamDebug(this->session, stream_id, "Parsed RST_STREAM: Error Code: %u", rst_stream.error_code);
 
     stream->set_rx_error_code({ProxyErrorClass::TXN, static_cast<uint32_t>(rst_stream.error_code)});
+    stream->signal_read_event(VC_EVENT_EOS);
     stream->initiating_close();
   }
 
@@ -2392,6 +2393,7 @@ Http2ConnectionState::send_rst_stream_frame(Http2StreamId id, Http2ErrorCode ec)
     }
   }
 
+  Http2StreamDebug(session, id, "Sending RST_STREAM: Error Code: %u", static_cast<uint32_t>(ec));
   Http2RstStreamFrame rst_stream(id, static_cast<uint32_t>(ec));
   this->session->xmit(rst_stream);
 }
diff --git a/proxy/http2/Http2Stream.cc b/proxy/http2/Http2Stream.cc
index ae3275ce96d..23fbe3bd635 100644
--- a/proxy/http2/Http2Stream.cc
+++ b/proxy/http2/Http2Stream.cc
@@ -486,9 +486,9 @@ Http2Stream::do_io_close(int /* flags */)
     REMEMBER(NO_EVENT, this->reentrancy_count);
     Http2StreamDebug("do_io_close");
 
-    // if (this->is_state_writeable()) { // Let the other end know we are going away
-    //  this->get_connection_state().send_rst_stream_frame(_id, Http2ErrorCode::HTTP2_ERROR_NO_ERROR);
-    //}
+    if (this->is_state_writeable()) { // Let the other end know we are going away
+      this->get_connection_state().send_rst_stream_frame(_id, Http2ErrorCode::HTTP2_ERROR_NO_ERROR);
+    }
 
     // When we get here, the SM has initiated the shutdown.  Either it received a WRITE_COMPLETE, or it is shutting down.  Any
     // remaining IO operations back to client should be abandoned.  The SM-side buffers backing these operations will be deleted
@@ -552,6 +552,10 @@ Http2Stream::initiating_close()
     Http2StreamDebug("initiating_close client_window=%" PRId64 " session_window=%" PRId64, _peer_rwnd,
                      this->get_connection_state().get_peer_rwnd());
 
+    if (this->is_state_writeable()) { // Let the other end know we are going away
+      this->get_connection_state().send_rst_stream_frame(_id, Http2ErrorCode::HTTP2_ERROR_NO_ERROR);
+    }
+
     // Set the state of the connection to closed
     // TODO - these states should be combined
     closed = true;
diff --git a/tests/gold_tests/h2/gold/server_after_headers.gold b/tests/gold_tests/h2/gold/server_after_headers.gold
new file mode 100644
index 00000000000..44b65295b7c
--- /dev/null
+++ b/tests/gold_tests/h2/gold/server_after_headers.gold
@@ -0,0 +1,5 @@
+``
+``Sent frame for key 1: HEADERS
+``Submitting RST_STREAM frame for key 1 after HEADERS frame with error code ENHANCE_YOUR_CALM.
+``Sent frame for key 1: RST_STREAM
+``
diff --git a/tests/gold_tests/h2/h2origin.test.py b/tests/gold_tests/h2/h2origin.test.py
index e4d3de67d85..23ebbac887f 100644
--- a/tests/gold_tests/h2/h2origin.test.py
+++ b/tests/gold_tests/h2/h2origin.test.py
@@ -30,7 +30,7 @@
 
 # add ssl materials like key, certificates for the server
 ts.addDefaultSSLFiles()
-replay_file = "replay/"
+replay_file = "replay_h2origin/"
 server = Test.MakeVerifierServerProcess("h2-origin", replay_file)
 ts.Disk.records_config.update({
     'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
diff --git a/tests/gold_tests/h2/h2origin_single_thread.test.py b/tests/gold_tests/h2/h2origin_single_thread.test.py
index a1f80cb74ce..7e10ba06cbe 100644
--- a/tests/gold_tests/h2/h2origin_single_thread.test.py
+++ b/tests/gold_tests/h2/h2origin_single_thread.test.py
@@ -30,7 +30,7 @@
 
 # add ssl materials like key, certificates for the server
 ts.addDefaultSSLFiles()
-replay_file = "replay"
+replay_file = "replay_h2origin"
 server = Test.MakeVerifierServerProcess("h2-origin", replay_file)
 ts.Disk.records_config.update({
     'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
diff --git a/tests/gold_tests/h2/http2_rst_stream.test.py b/tests/gold_tests/h2/http2_rst_stream.test.py
new file mode 100644
index 00000000000..e168705b3d9
--- /dev/null
+++ b/tests/gold_tests/h2/http2_rst_stream.test.py
@@ -0,0 +1,199 @@
+'''
+Abort HTTP/2 connection using RST_STREAM frame.
+'''
+
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+Test.Summary = '''
+Abort HTTP/2 connection using RST_STREAM frame.
+'''
+
+Test.SkipUnless(
+    Condition.HasOpenSSLVersion('1.1.1'),
+    Condition.HasProxyVerifierVersion('2.5.2')
+)
+
+#
+# Client sends RST_STREAM after DATA frame
+#
+ts = Test.MakeATSProcess("ts0", enable_tls=True)
+replay_file = "replay_rst_stream/http2_rst_stream_client_after_data.yaml"
+server = Test.MakeVerifierServerProcess("server0", replay_file)
+ts.addDefaultSSLFiles()
+ts.Disk.records_config.update({
+    'proxy.config.ssl.server.cert.path': f'{ts.Variables.SSLDir}',
+    'proxy.config.ssl.server.private_key.path': f'{ts.Variables.SSLDir}',
+    'proxy.config.ssl.client.verify.server.policy': 'PERMISSIVE',
+    'proxy.config.diags.debug.enabled': 3,
+    'proxy.config.diags.debug.tags': 'http',
+    'proxy.config.exec_thread.autoconfig': 0,
+    'proxy.config.exec_thread.limit': 4,
+    'proxy.config.ssl.client.alpn_protocols': 'h2,http/1.1',
+    'proxy.config.http.server_session_sharing.pool': 'thread',
+    'proxy.config.http.server_session_sharing.match': 'ip,sni,cert',
+})
+ts.Disk.remap_config.AddLine(
+    f'map / https://127.0.0.1:{server.Variables.https_port}'
+)
+ts.Disk.ssl_multicert_config.AddLine(
+    'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
+)
+
+tr = Test.AddTestRun('Client sends RST_STREAM after DATA frame')
+tr.Processes.Default.StartBefore(server)
+tr.Processes.Default.StartBefore(ts)
+tr.AddVerifierClientProcess("client0", replay_file, http_ports=[ts.Variables.port], https_ports=[ts.Variables.ssl_port])
+
+tr.Processes.Default.Streams.All += Testers.ContainsExpression(
+    'Submitting RST_STREAM frame for key 1 after DATA frame with error code INTERNAL_ERROR.',
+    'Detect client abort flag.')
+
+tr.Processes.Default.Streams.All += Testers.ContainsExpression(
+    'Sent frame for key 1: RST_STREAM',
+    'Send RST_STREAM frame.')
+
+server.Streams.All += Testers.ExcludesExpression(
+    'RST_STREAM',
+    'Server is not affected.')
+
+ts.Streams.All += Testers.ContainsExpression(
+    'Received HEADERS frame',
+    'Received HEADERS frame.')
+
+ts.Streams.All += Testers.ContainsExpression(
+    'Received DATA frame',
+    'Received DATA frame.')
+
+ts.Streams.All += Testers.ContainsExpression(
+    'Received RST_STREAM frame',
+    'Received RST_STREAM frame.')
+
+ts.Streams.All += Testers.ContainsExpression(
+    'RST_STREAM: Error Code: 2',
+    'Error Code: ')
+
+#
+# Client sends RST_STREAM after HEADERS frame
+#
+ts = Test.MakeATSProcess("ts1", enable_tls=True)
+replay_file = "replay_rst_stream/http2_rst_stream_client_after_headers.yaml"
+server = Test.MakeVerifierServerProcess("server1", replay_file)
+ts.addDefaultSSLFiles()
+ts.Disk.records_config.update({
+    'proxy.config.ssl.server.cert.path': f'{ts.Variables.SSLDir}',
+    'proxy.config.ssl.server.private_key.path': f'{ts.Variables.SSLDir}',
+    'proxy.config.ssl.client.verify.server.policy': 'PERMISSIVE',
+    'proxy.config.diags.debug.enabled': 3,
+    'proxy.config.diags.debug.tags': 'http',
+    'proxy.config.exec_thread.autoconfig': 0,
+    'proxy.config.exec_thread.limit': 4,
+    'proxy.config.ssl.client.alpn_protocols': 'h2,http/1.1',
+    'proxy.config.http.server_session_sharing.pool': 'thread',
+    'proxy.config.http.server_session_sharing.match': 'ip,sni,cert',
+})
+ts.Disk.remap_config.AddLine(
+    f'map / https://127.0.0.1:{server.Variables.https_port}'
+)
+ts.Disk.ssl_multicert_config.AddLine(
+    'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
+)
+
+tr = Test.AddTestRun('Client sends RST_STREAM after HEADERS frame')
+tr.Processes.Default.StartBefore(server)
+tr.Processes.Default.StartBefore(ts)
+tr.AddVerifierClientProcess("client1", replay_file, http_ports=[ts.Variables.port], https_ports=[ts.Variables.ssl_port])
+
+tr.Processes.Default.Streams.All += Testers.ContainsExpression(
+    'Submitting RST_STREAM frame for key 1 after HEADERS frame with error code STREAM_CLOSED.',
+    'Detect client abort flag.')
+
+tr.Processes.Default.Streams.All += Testers.ContainsExpression(
+    'Sent frame for key 1: RST_STREAM',
+    'Send RST_STREAM frame.')
+
+server.Streams.All += Testers.ExcludesExpression(
+    'RST_STREAM',
+    'Server is not affected.')
+
+ts.Streams.All += Testers.ContainsExpression(
+    'Received HEADERS frame',
+    'Received HEADERS frame.')
+
+ts.Streams.All += Testers.ExcludesExpression(
+    'Received DATA frame',
+    'Received DATA frame.')
+
+ts.Streams.All += Testers.ContainsExpression(
+    'Received RST_STREAM frame',
+    'Received RST_STREAM frame.')
+
+ts.Streams.All += Testers.ContainsExpression(
+    'RST_STREAM: Error Code: 5',
+    'Error Code: ')
+
+#
+# Server sends RST_STREAM after HEADERS frame
+#
+ts = Test.MakeATSProcess("ts2", enable_tls=True)
+replay_file = "replay_rst_stream/http2_rst_stream_server_after_headers.yaml"
+server = Test.MakeVerifierServerProcess("server2", replay_file)
+ts.addDefaultSSLFiles()
+ts.Disk.records_config.update({
+    'proxy.config.ssl.server.cert.path': f'{ts.Variables.SSLDir}',
+    'proxy.config.ssl.server.private_key.path': f'{ts.Variables.SSLDir}',
+    'proxy.config.ssl.client.verify.server.policy': 'PERMISSIVE',
+    'proxy.config.diags.debug.enabled': 3,
+    'proxy.config.diags.debug.tags': 'http',
+    'proxy.config.exec_thread.autoconfig': 0,
+    'proxy.config.exec_thread.limit': 1,
+    'proxy.config.ssl.client.alpn_protocols': 'h2,http/1.1',
+    'proxy.config.http.server_session_sharing.pool': 'thread',
+    'proxy.config.http.server_session_sharing.match': 'ip,sni,cert',
+})
+ts.Disk.remap_config.AddLine(
+    f'map / https://127.0.0.1:{server.Variables.https_port}'
+)
+ts.Disk.ssl_multicert_config.AddLine(
+    'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
+)
+
+tr = Test.AddTestRun('Server sends RST_STREAM after HEADERS frame')
+tr.Processes.Default.StartBefore(server)
+tr.Processes.Default.StartBefore(ts)
+tr.AddVerifierClientProcess("client2", replay_file, http_ports=[ts.Variables.port], https_ports=[ts.Variables.ssl_port])
+
+tr.Processes.Default.Streams.All += Testers.ContainsExpression(
+    'HTTP/2 stream is closed with id: 1',
+    'Client is not affected.')
+
+server.Streams.All += "gold/server_after_headers.gold"
+
+ts.Streams.All += Testers.ContainsExpression(
+    'Received RST_STREAM frame',
+    'Received RST_STREAM frame.')
+
+ts.Streams.All += Testers.ContainsExpression(
+    'Send RST_STREAM frame',
+    'Send RST_STREAM frame.')
+
+ts.Streams.All += Testers.ContainsExpression(
+    'Parsed RST_STREAM: Error Code: 11',
+    'Error Code: ')
+
+ts.Streams.All += Testers.ContainsExpression(
+    'Sending RST_STREAM: Error Code: 0',
+    'Error Code: ')
diff --git a/tests/gold_tests/h2/replay/h1-client-h2-origin.yaml b/tests/gold_tests/h2/replay_h2origin/h1-client-h2-origin.yaml
similarity index 100%
rename from tests/gold_tests/h2/replay/h1-client-h2-origin.yaml
rename to tests/gold_tests/h2/replay_h2origin/h1-client-h2-origin.yaml
diff --git a/tests/gold_tests/h2/replay/h2-origin.yaml b/tests/gold_tests/h2/replay_h2origin/h2-origin.yaml
similarity index 100%
rename from tests/gold_tests/h2/replay/h2-origin.yaml
rename to tests/gold_tests/h2/replay_h2origin/h2-origin.yaml
diff --git a/tests/gold_tests/h2/replay_rst_stream/http2_rst_stream_client_after_data.yaml b/tests/gold_tests/h2/replay_rst_stream/http2_rst_stream_client_after_data.yaml
new file mode 100644
index 00000000000..d505778f5ea
--- /dev/null
+++ b/tests/gold_tests/h2/replay_rst_stream/http2_rst_stream_client_after_data.yaml
@@ -0,0 +1,54 @@
+meta:
+  version: '1.0'
+sessions:
+- protocol:
+  - name: http
+    version: 2
+  - name: tls
+    sni: test_sni
+  - name: tcp
+  - name: ip
+    version: 4
+  transactions:
+  - client-request:
+      frames:
+      - HEADERS:
+          headers:
+            fields:
+            - [:method, POST]
+            - [:scheme, https]
+            - [:authority, example.data.com]
+            - [:path, /a/path]
+            - [Content-Type, text/html]
+            - [Content-Length, '11']
+            - [uuid, 1]
+      - DATA:
+          content:
+            encoding: plain
+            data: client_test
+            size: 11
+      - RST_STREAM:
+          error-code: INTERNAL_ERROR
+
+    proxy-request:
+      content:
+        encoding: plain
+        data: client_test
+        verify: {as: equal}
+
+    server-response:
+      headers:
+        fields:
+        - [:status, 200]
+        - [Content-Type, text/html]
+        - [Content-Length, '11']
+      content:
+        encoding: plain
+        data: server_test
+        size: 11
+
+    proxy-response:
+      content:
+        encoding: plain
+        data: server_test
+        verify: {as: equal}
diff --git a/tests/gold_tests/h2/replay_rst_stream/http2_rst_stream_client_after_headers.yaml b/tests/gold_tests/h2/replay_rst_stream/http2_rst_stream_client_after_headers.yaml
new file mode 100644
index 00000000000..58415705a00
--- /dev/null
+++ b/tests/gold_tests/h2/replay_rst_stream/http2_rst_stream_client_after_headers.yaml
@@ -0,0 +1,54 @@
+meta:
+  version: '1.0'
+sessions:
+- protocol:
+  - name: http
+    version: 2
+  - name: tls
+    sni: test_sni
+  - name: tcp
+  - name: ip
+    version: 4
+  transactions:
+  - client-request:
+      frames:
+      - HEADERS:
+          headers:
+            fields:
+            - [:method, POST]
+            - [:scheme, https]
+            - [:authority, example.data.com]
+            - [:path, /a/path]
+            - [Content-Type, text/html]
+            - [Content-Length, '11']
+            - [uuid, 1]
+      - RST_STREAM:
+          error-code: STREAM_CLOSED
+      - DATA:
+          content:
+            encoding: plain
+            data: client_test
+            size: 11
+
+    proxy-request:
+      content:
+        encoding: plain
+        data: client_test
+        verify: {as: equal}
+
+    server-response:
+      headers:
+        fields:
+        - [:status, 200]
+        - [Content-Type, text/html]
+        - [Content-Length, '11']
+      content:
+        encoding: plain
+        data: server_test
+        size: 11
+
+    proxy-response:
+      content:
+        encoding: plain
+        data: server_test
+        verify: {as: equal}
diff --git a/tests/gold_tests/h2/replay_rst_stream/http2_rst_stream_server_after_headers.yaml b/tests/gold_tests/h2/replay_rst_stream/http2_rst_stream_server_after_headers.yaml
new file mode 100644
index 00000000000..1ce5c320382
--- /dev/null
+++ b/tests/gold_tests/h2/replay_rst_stream/http2_rst_stream_server_after_headers.yaml
@@ -0,0 +1,48 @@
+meta:
+  version: '1.0'
+sessions:
+- protocol:
+  - name: http
+    version: 2
+  - name: tls
+    sni: test_sni
+  - name: tcp
+  - name: ip
+    version: 4
+  transactions:
+  - client-request:
+      headers:
+        fields:
+        - [:method, POST]
+        - [:scheme, https]
+        - [:authority, example.data.com]
+        - [:path, /a/path]
+        - [Content-Type, text/html]
+        - [Content-Length, '11']
+        - [uuid, 1]
+      content:
+        encoding: plain
+        data: client_test
+        size: 11
+
+    proxy-request:
+      content:
+        encoding: plain
+        data: client_test
+        verify: {as: equal}
+
+    server-response:
+      frames:
+      - HEADERS:
+          headers:
+            fields:
+            - [:status, 200]
+            - [Content-Type, text/html]
+            - [Content-Length, '11']
+      - RST_STREAM:
+          error-code: ENHANCE_YOUR_CALM
+      - DATA:
+          content:
+            encoding: plain
+            data: server_test
+            size: 11