From 9efcf913e7c2017f6e54f7505acb69afab39954b Mon Sep 17 00:00:00 2001
From: Jason Mehring <nrgaway@gmail.com>
Date: Sun, 9 Nov 2014 12:52:35 -0500
Subject: [PATCH 1/9] debian: Modified template install script to read better

---
 create_template_list.sh | 71 ++++++++++++++++++++++-------------------
 1 file changed, 38 insertions(+), 33 deletions(-)

diff --git a/create_template_list.sh b/create_template_list.sh
index 2ede209..7d4fb07 100755
--- a/create_template_list.sh
+++ b/create_template_list.sh
@@ -1,48 +1,53 @@
 #!/bin/bash
+# vim: set ts=4 sw=4 sts=4 et :
 
 #
 # Creates a small script to copy to dom0 to retrieve the generated template rpm's
 #
 
-TEMPLATES="./rpm/install-templates.sh"
-
-write() {
-    echo "$1" >> "$TEMPLATES"
-}
-
-if [ -x /usr/sbin/xenstore-read ]; then
-        XENSTORE_READ="/usr/sbin/xenstore-read"
-else
-        XENSTORE_READ="/usr/bin/xenstore-read"
-fi
-
-TEMPLATES="$(readlink -m $TEMPLATES)"
-VERSION="-$(cat ./version)"
+template_dir="$(readlink -m ./rpm/install-templates.sh)"
+files=( $(ls rpm/noarch) )
 name=$($XENSTORE_READ name)
-path="$(readlink -m .)"
-files=$(ls rpm/noarch)
 
-#
-# Write to install-templates
-#
+# -----------------------------------------------------------------------------
+# Write $vars
+# -----------------------------------------------------------------------------
+cat << EOF > "${template_dir}"
+#!/bin/bash
 
-echo "#!/bin/bash" > "$TEMPLATES"
-write ""
+# Use the following command in DOM0 to retreive this file:
+# qvm-run --pass-io ${name} 'cat ${template_dir}' > install-templates.sh
+
+files="
+$(printf "%s \n" ${files[@]})
+"
+
+path="$(readlink -m .)/rpm/noarch"
+version="-$(cat ./version)"
+EOF
+
+# -----------------------------------------------------------------------------
+# Write installation function
+# -----------------------------------------------------------------------------
+cat << 'EOF' >> "${template_dir}"
 
 for file in ${files[@]}; do
-    write "qvm-run --pass-io development-qubes 'cat ${path}/rpm/noarch/${file}' > ${file}"
-    write ""
-    write "sudo yum erase $(echo "$file" | sed -r "s/($VERSION).+$//")"
-    write ""
-    write "sudo yum install ${file}"
-    write ""
-    write ""
+    if [ ! -e ${file} ]; then
+        qvm-run --pass-io development-qubes "cat ${path}/${file}" > ${file}
+    fi
+
+    sudo yum erase $(echo "${file}" | sed -r "s/(${version}).+$//") && {
+        sudo yum install ${file} && {
+            rm -f ${file}
+        }
+    }
 done
-
-write "# Use the following command in DOM0 to retreive this file:"
-write "# qvm-run --pass-io $name 'cat ${TEMPLATES}' > install-templates.sh"
-
+EOF
+ 
+# -----------------------------------------------------------------------------
+# Display instructions
+# -----------------------------------------------------------------------------
 echo "Use the following command in DOM0 to retreive this file:"
-echo "qvm-run --pass-io $name 'cat ${TEMPLATES}' > install-templates.sh"
+echo "qvm-run --pass-io ${name} 'cat ${template_dir}' > install-templates.sh"
 
 

From af189150c9e0f55c054d52b1db695673d8a590d2 Mon Sep 17 00:00:00 2001
From: Jason Mehring <nrgaway@gmail.com>
Date: Sun, 9 Nov 2014 12:53:07 -0500
Subject: [PATCH 2/9] debian: Whonix systemd overrides

---
 .../wheezy+whonix-gateway/files/.facl         | 19 +++++++++++++------
 .../system/qubes-whonix-firewall.service      |  6 ++----
 .../systemd/system/qubes-whonix-init.service  | 13 +++++++++++++
 .../system/qubes-whonix-network.service       |  3 ++-
 .../lib/whonix/init/network-proxy-setup.sh    |  5 +----
 ...l-user-script => qubes-whonix-firewall.sh} |  0
 .../lib/whonix/init/qubes-whonix-tor.service  | 16 ++++++++++++++++
 .../wheezy+whonix-workstation/files/.facl     | 18 +++++++++---------
 .../system/qubes-whonix-firewall.service      |  6 ++----
 .../systemd/system/qubes-whonix-init.service  | 13 +++++++++++++
 .../system/qubes-whonix-network.service       |  3 ++-
 .../lib/whonix/init/network-proxy-setup.sh    | 11 +----------
 ...l-user-script => qubes-whonix-firewall.sh} |  0
 .../wheezy+whonix/04_install_qubes_post.sh    |  7 ++++++-
 14 files changed, 80 insertions(+), 40 deletions(-)
 create mode 100644 scripts_debian/wheezy+whonix-gateway/files/lib/systemd/system/qubes-whonix-init.service
 rename scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/{qubes-firewall-user-script => qubes-whonix-firewall.sh} (100%)
 create mode 100644 scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/qubes-whonix-tor.service
 create mode 100644 scripts_debian/wheezy+whonix-workstation/files/lib/systemd/system/qubes-whonix-init.service
 rename scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/init/{qubes-firewall-user-script => qubes-whonix-firewall.sh} (100%)

diff --git a/scripts_debian/wheezy+whonix-gateway/files/.facl b/scripts_debian/wheezy+whonix-gateway/files/.facl
index b580d19..f25a44e 100644
--- a/scripts_debian/wheezy+whonix-gateway/files/.facl
+++ b/scripts_debian/wheezy+whonix-gateway/files/.facl
@@ -40,6 +40,13 @@ user::rw-
 group::r--
 other::r--
 
+# file: lib/systemd/system/qubes-whonix-init.service
+# owner: root
+# group: root
+user::rw-
+group::r--
+other::r--
+
 # file: etc
 # owner: root
 # group: root
@@ -166,14 +173,14 @@ user::rwx
 group::r-x
 other::r-x
 
-# file: usr/lib/whonix/whonix.sh
+# file: usr/lib/whonix/init
 # owner: root
 # group: root
 user::rwx
 group::r-x
 other::r-x
 
-# file: usr/lib/whonix/init
+# file: usr/lib/whonix/init/qubes-whonix-firewall.sh
 # owner: root
 # group: root
 user::rwx
@@ -201,12 +208,12 @@ user::rwx
 group::r-x
 other::r-x
 
-# file: usr/lib/whonix/init/qubes-firewall-user-script
+# file: usr/lib/whonix/init/qubes-whonix-tor.service
 # owner: root
 # group: root
-user::rwx
-group::r-x
-other::r-x
+user::rw-
+group::r--
+other::r--
 
 # file: usr/lib/whonix/messages.yaml
 # owner: root
diff --git a/scripts_debian/wheezy+whonix-gateway/files/lib/systemd/system/qubes-whonix-firewall.service b/scripts_debian/wheezy+whonix-gateway/files/lib/systemd/system/qubes-whonix-firewall.service
index 649fe7a..89a5229 100644
--- a/scripts_debian/wheezy+whonix-gateway/files/lib/systemd/system/qubes-whonix-firewall.service
+++ b/scripts_debian/wheezy+whonix-gateway/files/lib/systemd/system/qubes-whonix-firewall.service
@@ -4,11 +4,9 @@ After=qubes-whonix-network.service
 Before=network.target
 
 [Service]
-Type=oneshot
-RemainAfterExit=yes
-ExecStartPre=/usr/lib/whonix/init/init.sh
-ExecStart=/usr/lib/whonix/init/qubes-firewall-user-script
+ExecStart=/usr/lib/whonix/init/qubes-whonix-firewall.sh
 StandardOutput=syslog
 
 [Install]
 WantedBy=multi-user.target
+Alias=qubes-firewall.service
diff --git a/scripts_debian/wheezy+whonix-gateway/files/lib/systemd/system/qubes-whonix-init.service b/scripts_debian/wheezy+whonix-gateway/files/lib/systemd/system/qubes-whonix-init.service
new file mode 100644
index 0000000..6215c2c
--- /dev/null
+++ b/scripts_debian/wheezy+whonix-gateway/files/lib/systemd/system/qubes-whonix-init.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=Qubes Whonix initialization script
+After=qubes-whonix-network.service
+Before=qubes-whonix-firewall.service
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/lib/whonix/init/init.sh
+StandardOutput=syslog
+
+[Install]
+WantedBy=multi-user.target
diff --git a/scripts_debian/wheezy+whonix-gateway/files/lib/systemd/system/qubes-whonix-network.service b/scripts_debian/wheezy+whonix-gateway/files/lib/systemd/system/qubes-whonix-network.service
index 245e031..4e71280 100644
--- a/scripts_debian/wheezy+whonix-gateway/files/lib/systemd/system/qubes-whonix-network.service
+++ b/scripts_debian/wheezy+whonix-gateway/files/lib/systemd/system/qubes-whonix-network.service
@@ -2,7 +2,7 @@
 Description=Qubes Whonix network proxy setup
 ConditionPathExists=/var/run/qubes-service/qubes-network
 Before=network.target
-After=qubes-firewall.service
+After=iptables.service
 
 [Service]
 Type=oneshot
@@ -12,3 +12,4 @@ StandardOutput=syslog
 
 [Install]
 WantedBy=multi-user.target
+Alias=qubes-network.service
diff --git a/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/network-proxy-setup.sh b/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/network-proxy-setup.sh
index 67d078e..4010441 100755
--- a/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/network-proxy-setup.sh
+++ b/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/network-proxy-setup.sh
@@ -53,9 +53,6 @@ if [ "${WHONIX}" == "gateway" ]; then
     # we can use to identify that its a tor proxy so updates are secure
     error_file="/usr/share/tinyproxy/default.html"
     grep -q "${PROXY_META}" "${error_file}" || {
-        sudo sed -i "s/<\/head>/${PROXY_META}\n<\/head>/" "${error_file}"
+        sed -i "s/<\/head>/${PROXY_META}\n<\/head>/" "${error_file}"
     }
 fi
-
-# Copy firewall script so Qubes will reload it when it reloads
-cp -pf /usr/lib/whonix/init/qubes-firewall-user-script /rw/config/qubes-firewall-user-script
diff --git a/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/qubes-firewall-user-script b/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/qubes-whonix-firewall.sh
similarity index 100%
rename from scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/qubes-firewall-user-script
rename to scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/qubes-whonix-firewall.sh
diff --git a/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/qubes-whonix-tor.service b/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/qubes-whonix-tor.service
new file mode 100644
index 0000000..0a83e1b
--- /dev/null
+++ b/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/qubes-whonix-tor.service
@@ -0,0 +1,16 @@
+[Unit]
+Description = Anonymizing overlay network for TCP
+After = syslog.target network.target nss-lookup.target
+
+[Service]
+Type = simple
+ExecStart = /usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --quiet
+ExecReload = /bin/kill -HUP ${MAINPID}
+ExecStop = /bin/kill -INT ${MAINPID}
+TimeoutSec = 60
+Restart = on-failure
+LimitNOFILE = 32768
+
+[Install]
+WantedBy = multi-user.target
+Alias=tor.service
diff --git a/scripts_debian/wheezy+whonix-workstation/files/.facl b/scripts_debian/wheezy+whonix-workstation/files/.facl
index d33107e..41e3aba 100644
--- a/scripts_debian/wheezy+whonix-workstation/files/.facl
+++ b/scripts_debian/wheezy+whonix-workstation/files/.facl
@@ -40,6 +40,13 @@ user::rw-
 group::r--
 other::r--
 
+# file: lib/systemd/system/qubes-whonix-init.service
+# owner: root
+# group: root
+user::rw-
+group::r--
+other::r--
+
 # file: etc
 # owner: root
 # group: root
@@ -145,14 +152,14 @@ user::rwx
 group::r-x
 other::r-x
 
-# file: usr/lib/whonix/whonix.sh
+# file: usr/lib/whonix/init
 # owner: root
 # group: root
 user::rwx
 group::r-x
 other::r-x
 
-# file: usr/lib/whonix/init
+# file: usr/lib/whonix/init/qubes-whonix-firewall.sh
 # owner: root
 # group: root
 user::rwx
@@ -180,13 +187,6 @@ user::rwx
 group::r-x
 other::r-x
 
-# file: usr/lib/whonix/init/qubes-firewall-user-script
-# owner: root
-# group: root
-user::rwx
-group::r-x
-other::r-x
-
 # file: usr/lib/whonix/messages.yaml
 # owner: root
 # group: root
diff --git a/scripts_debian/wheezy+whonix-workstation/files/lib/systemd/system/qubes-whonix-firewall.service b/scripts_debian/wheezy+whonix-workstation/files/lib/systemd/system/qubes-whonix-firewall.service
index 649fe7a..89a5229 100644
--- a/scripts_debian/wheezy+whonix-workstation/files/lib/systemd/system/qubes-whonix-firewall.service
+++ b/scripts_debian/wheezy+whonix-workstation/files/lib/systemd/system/qubes-whonix-firewall.service
@@ -4,11 +4,9 @@ After=qubes-whonix-network.service
 Before=network.target
 
 [Service]
-Type=oneshot
-RemainAfterExit=yes
-ExecStartPre=/usr/lib/whonix/init/init.sh
-ExecStart=/usr/lib/whonix/init/qubes-firewall-user-script
+ExecStart=/usr/lib/whonix/init/qubes-whonix-firewall.sh
 StandardOutput=syslog
 
 [Install]
 WantedBy=multi-user.target
+Alias=qubes-firewall.service
diff --git a/scripts_debian/wheezy+whonix-workstation/files/lib/systemd/system/qubes-whonix-init.service b/scripts_debian/wheezy+whonix-workstation/files/lib/systemd/system/qubes-whonix-init.service
new file mode 100644
index 0000000..6215c2c
--- /dev/null
+++ b/scripts_debian/wheezy+whonix-workstation/files/lib/systemd/system/qubes-whonix-init.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=Qubes Whonix initialization script
+After=qubes-whonix-network.service
+Before=qubes-whonix-firewall.service
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/lib/whonix/init/init.sh
+StandardOutput=syslog
+
+[Install]
+WantedBy=multi-user.target
diff --git a/scripts_debian/wheezy+whonix-workstation/files/lib/systemd/system/qubes-whonix-network.service b/scripts_debian/wheezy+whonix-workstation/files/lib/systemd/system/qubes-whonix-network.service
index 245e031..4e71280 100644
--- a/scripts_debian/wheezy+whonix-workstation/files/lib/systemd/system/qubes-whonix-network.service
+++ b/scripts_debian/wheezy+whonix-workstation/files/lib/systemd/system/qubes-whonix-network.service
@@ -2,7 +2,7 @@
 Description=Qubes Whonix network proxy setup
 ConditionPathExists=/var/run/qubes-service/qubes-network
 Before=network.target
-After=qubes-firewall.service
+After=iptables.service
 
 [Service]
 Type=oneshot
@@ -12,3 +12,4 @@ StandardOutput=syslog
 
 [Install]
 WantedBy=multi-user.target
+Alias=qubes-network.service
diff --git a/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/init/network-proxy-setup.sh b/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/init/network-proxy-setup.sh
index a08322d..4010441 100755
--- a/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/init/network-proxy-setup.sh
+++ b/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/init/network-proxy-setup.sh
@@ -2,12 +2,6 @@
 
 . /usr/lib/whonix/utility_functions
 
-# Or just enable them :)
-#ln -s '/lib/systemd/system/qubes-whonix-network.service' '/etc/systemd/system/multi-user.target.wants/qubes-whonix-network.service'
-#ln -s '/lib/systemd/system/qubes-whonix-firewall.service' '/etc/systemd/system/multi-user.target.wants/qubes-whonix-firewall.service'
-#ln -s '/lib/systemd/system/qubes-whonix-init.service' '/etc/systemd/system/multi-user.target.wants/qubes-whonix-init.service'
-
-
 INTERFACE="eth1"
 
 if [ "${WHONIX}" == "gateway" ]; then
@@ -59,9 +53,6 @@ if [ "${WHONIX}" == "gateway" ]; then
     # we can use to identify that its a tor proxy so updates are secure
     error_file="/usr/share/tinyproxy/default.html"
     grep -q "${PROXY_META}" "${error_file}" || {
-        sudo sed -i "s/<\/head>/${PROXY_META}\n<\/head>/" "${error_file}"
+        sed -i "s/<\/head>/${PROXY_META}\n<\/head>/" "${error_file}"
     }
 fi
-
-# Copy firewall script so Qubes will reload it when it reloads
-cp -pf /usr/lib/whonix/init/qubes-firewall-user-script /rw/config/qubes-firewall-user-script
diff --git a/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/init/qubes-firewall-user-script b/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/init/qubes-whonix-firewall.sh
similarity index 100%
rename from scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/init/qubes-firewall-user-script
rename to scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/init/qubes-whonix-firewall.sh
diff --git a/scripts_debian/wheezy+whonix/04_install_qubes_post.sh b/scripts_debian/wheezy+whonix/04_install_qubes_post.sh
index 7456adf..9f58254 100755
--- a/scripts_debian/wheezy+whonix/04_install_qubes_post.sh
+++ b/scripts_debian/wheezy+whonix/04_install_qubes_post.sh
@@ -22,8 +22,13 @@ fi
 # ------------------------------------------------------------------------------
 # Enable Qubes-Whonix services
 # ------------------------------------------------------------------------------
+chroot "${INSTALLDIR}" systemctl disable qubes-whonix-network.service || :
 chroot "${INSTALLDIR}" systemctl enable qubes-whonix-network.service || :
-chroot "${INSTALLDIR}" systemctl enable qubes-whonix-firewall || :
+
+chroot "${INSTALLDIR}" systemctl disable qubes-whonix-firewall.service || :
+chroot "${INSTALLDIR}" systemctl enable qubes-whonix-firewall.service || :
+
+chroot "${INSTALLDIR}" systemctl enable qubes-whonix-init.service || :
 
 # ------------------------------------------------------------------------------
 # Restore Whonix apt-get

From 55d06dc83dda1e251766aadc6d5b107a231bcf2b Mon Sep 17 00:00:00 2001
From: Jason Mehring <nrgaway@gmail.com>
Date: Sun, 9 Nov 2014 13:24:08 -0500
Subject: [PATCH 3/9] xenstore-read name was missing from
 create_template_list.sh

---
 create_template_list.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/create_template_list.sh b/create_template_list.sh
index 7d4fb07..cf8dfed 100755
--- a/create_template_list.sh
+++ b/create_template_list.sh
@@ -7,7 +7,7 @@
 
 template_dir="$(readlink -m ./rpm/install-templates.sh)"
 files=( $(ls rpm/noarch) )
-name=$($XENSTORE_READ name)
+name=$(xenstore-read name)
 
 # -----------------------------------------------------------------------------
 # Write $vars

From 2838225f441d2c6012472e7c0acdb7725b56c77b Mon Sep 17 00:00:00 2001
From: Jason Mehring <nrgaway@gmail.com>
Date: Mon, 10 Nov 2014 10:47:27 -0500
Subject: [PATCH 4/9] Made sure color chroot function returned shell exit
 status and not trigger error within that function

---
 functions.sh | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/functions.sh b/functions.sh
index ccbcb71..52ae51c 100755
--- a/functions.sh
+++ b/functions.sh
@@ -67,8 +67,7 @@ if [ "${VERBOSE}" -ge 2 -o "${DEBUG}" == "1" ]; then
     chroot() {
         local retval
         true ${blue}
-        /usr/sbin/chroot "$@"
-        retval=$?
+        /usr/sbin/chroot "$@" && { retval=$?; true; } || { retval=$?; true; }
         true ${reset}
         return $retval
     }

From 26a594a8e5fba3c3bc2c69ac5fb7cddb0f245e38 Mon Sep 17 00:00:00 2001
From: Jason Mehring <nrgaway@gmail.com>
Date: Mon, 10 Nov 2014 10:46:24 -0500
Subject: [PATCH 5/9] debian: renamed key files to match same format as those
 in qubes-builder

---
 scripts_debian/01_install_core.sh               |   2 +-
 .../keys/jessie-debian-archive-keyring.gpg      | Bin 0 -> 13568 bytes
 .../keys/wheezy-debian-archive-keyring.gpg      | Bin 0 -> 3569 bytes
 scripts_debian/vars.sh                          |   4 ++--
 4 files changed, 3 insertions(+), 3 deletions(-)
 create mode 100644 scripts_debian/keys/jessie-debian-archive-keyring.gpg
 create mode 100644 scripts_debian/keys/wheezy-debian-archive-keyring.gpg

diff --git a/scripts_debian/01_install_core.sh b/scripts_debian/01_install_core.sh
index 6ff9357..0c99295 100755
--- a/scripts_debian/01_install_core.sh
+++ b/scripts_debian/01_install_core.sh
@@ -26,7 +26,7 @@ buildStep "$0" "pre"
 if ! [ -f "${INSTALLDIR}/tmp/.prepared_debootstrap" ]; then
     debug "Installing base ${DEBIANVERSION} system"
     COMPONENTS="" debootstrap --arch=amd64 --include=ncurses-term \
-        --components=main --keyring="${SCRIPTSDIR}/keys/debian-${DEBIANVERSION}-archive-keyring.gpg" \
+        --components=main --keyring="${SCRIPTSDIR}/keys/${DEBIANVERSION}-debian-archive-keyring.gpg" \
         "${DEBIANVERSION}" "${INSTALLDIR}" "${DEBIAN_MIRROR}" || { error "Debootstrap failed!"; exit 1; }
     chroot "${INSTALLDIR}" chmod 0666 "/dev/null"
     touch "${INSTALLDIR}/tmp/.prepared_debootstrap"
diff --git a/scripts_debian/keys/jessie-debian-archive-keyring.gpg b/scripts_debian/keys/jessie-debian-archive-keyring.gpg
new file mode 100644
index 0000000000000000000000000000000000000000..46d1f0e23f17522e0d4fb358b24d78b8c53add58
GIT binary patch
literal 13568
zcmbW7V{m8f)~Elm-LdVYW81cE+qRSLxMSP4Z5!ROopg-p^mER6-+8NMYHGgj4{KNL
zy7pSvx_@^nFdV3~cF{QyB4DytVuq8PuNSrP#J^d`7Ia<=#*|OHpW`KYMaR1kfj(IK
z3Ku?hh8iHa0xgBD+ir&h#<<0oZHAT&W9yl{d_<(KL%_-F(XCg{?}M9bQ+ynEC79er
z5LRo1lGGW@0WI8`k<&_`Sx{Rd+_pID&!<Cns;f!k)A|<euJ29A?if;11#W!ecDgsr
zFqg$Z4u%y6i7FfgqITL75tq%T1vIVcP%{9f(Yox`nlEYECNycK(&h)umw5G)SuJSK
zJF1dygz)Xs0913@9iD>rdB(I}BYT?Gu?&X~=dPVv3Mcv@ClaKM#A#?-RM%QzcMnCd
zkqi}mQ@wYH4Mr*ex}xA4D$Nf*40G+2T2))d#fG(N`WU*Za`a~u($f&VmC0;Y8&}P@
zUTJ{=IxWmL*9F>6HJ$eI#PPT$UB-cjhr6?z6!eN$wTlOW!n>+RlO=4d3v!8};qbcJ
zeE**Ps<8&S`3g>OIKuDOzfCqU2GJa(xlL$`(*{Lc`$No(){u(i2hZ9G5%N&75{<*Z
z<H-0SnBZ(H+)rQRce&S5@?zL)>#BGVNqF1;{&mtjny_c7?;5+Oo7U{4DdJpp!MWd{
zQHkilN6L$&7Qy#JrZvx9eQ_}(KCY=Pj6?}CzS}Q~v<0+=4k>y$c8Ymh;D%R5d085G
z#E<75lzvn0kv|N81OxzT;8t>QF){HpAy9HQFtj!yP&BbNF>o>=kTUTg;5Iffv@o!x
zb^PZUzqN&vvlHDv59#b2&3Ge#c|lQtfB_U>z@Jb7V}pP}!BLp|gTp{ULVy5+qe22h
zLBoKe0fPVm;{gGq`vah%5RJuA<646VpQx`80Ub{Qi4kpytwXd7dmRk=7U`*67@>$M
z{3<_RcS#wdF@-DIj@1N2nKrveHj1>HzT*6Lhf-~>J=Wg7lF>(@-R`=csJ7ID(5xN|
zff>0Nb#&nU?NL(L?;;eZXl+3{RZF_)I*WpVgp_u<DFdwb^~%#?voQlpg)St~Ov5u>
zwK2-noA%I3dn7JtM97*IjREq~nHrGMSH<lVpWmHgYf9IKz#QS4SJ=-MfhRVf_jLyR
ze8uJt9Hf+g;C9%oOm*y%GOeysRVRIgHAqDy-fXl)4F`}Cxe?tJ^1*0g^#*Fx(&b}5
z{nJr&aG^lC{axD3t$-T<zS8Rj0Cg#qHrrY0y$lW&cCLF!pRf`)4kydua=LuHE-{iT
z<}+#_LBWuZvhbSOFza6vpwYjcpDhHJ)p}x-b=6N3{ZQx1Xd|b!a*<;HF3pWZBH7cI
z81{4UnB|9~L@pE(S^ok7&uBT(i=`P#3$Jk_5G;aqm)J5TX&PjgW^<Lq5n#i44@kV;
zq?S0tuBpfCBf|56*;pymhNt}3veYOyDF?5&mS_a!)yc)qi0F~+MAWyZiSdMcSk{ho
zlX&G`*(!m4abikPM8c>8-?j=ybGRsMOaDXOrMQ+ML*uG%v1d)>1yJ3smnv<@(v%w^
zE*}$QFu_K&{$h4(tX#SnBz-uKP^C4%0FVe!98g3cNC5aJL<2gXh{*RF$#7EQJWY<`
ze`qAF309?tD(;HHK8Zcsv>V^~I=M}X9(&M?M5aS8)prF|`>2>+H#hN?x6?kavXzE(
z9}VxCeO*st?9*esw_EduKg(~80e_++1%)rDcGm(=8FgSeFB|h-aAae2D~`g`Rbro`
z<*O{&6XsuG`KjmCRE#-tbE;n+*|6;XdJKYFk1o*!3vqQaq-p&-8LXTM@Jh5^?M!p-
zGNneGM?;Zydy1YocQgN-NEpmn%-4Qlnak^NAxVD-d#pm9F_=r%{<EV^n#m$7kZ$WG
zZc+g9%dZhC!$6^w;-<M7>nD#x-`d_@S)bDY`w6cSLb`VKwmXQxg7XW#NklmUCp)aG
z$C63$3q={FM=*1%7JCMAp4xnj^U(7>H)+3}(MT$=#T%U0NBecs))c?}M@=DJP{slv
z5yIX^w>`Kx9Q||K^9m^{x@xTt!71gDI4Oy-i6vtq-*P>IJ7gxQ*^++m4eu%W9g@LE
z@pcu&adWQjwOr0l74}q!@fC2=>IT$dtlE}Z&d9HH-S)Mu7;e+(GQ}@x`GMd1#$E$u
ze1d(v%IpO5E=gd%s17hP!wu2G!6buEQl7J!ikLxJz%~xujJGR2LFp0ZI;t|X$7r|v
z2XnfQSN36z^cWV$GAZm7=~)k_qi6(t6iZLMpwQ**r-Vt(eVc~Y9e8Cn@3in?Us~ub
zRHWQ_5rv2)5|pa7zxB+Al{1C5p(uh5N5_>_O#+$c)?D6S`9V0#kl=WfSP}y@hWyo~
z$n-*dG9?Js<9Abo7}hDP)hW!x`@a9ZpCmU-e~rza3l@a&hC|j`vH=Ek(WD)`UtN1Y
z=<_{q!VVw3J(d|!a<;QXma+*-4n4m}Q)ko&sX(?otik?M9Fpn8^Wm4vQ8!i{xu>9m
z^kwSg<^@b+nCwUV%wtT(wlU;RGy`RE1;}(8L9w4HY-~1Lkreo977Jm`0jR=6+5@Ut
zw9R?>sCi<)o2u>78&Y;=mokD84-<_ZDX`I&=Md1NAvc}g_7Y*{)k=33w;9PZ>6D|S
zzmqV|GBI;)`|f`WZ4hLKe?b5BGEEHea+W`Sw@aRMT8B`;opVX>jtw2jbh+Z$cF7yj
zFktg5m||e~UDQ!jkgJ%oIvso9N7%N8lR;!SPxnQ9<<20p49S*M{&$~~v|9<B9?u`T
zwJn_7zl1~`SsAW%NwHl#Ub}XE6&USI>1`(lLpz#RX4^!-b3mm=B7u0T;x0#_y5^M^
zG3rSptMbm!5e+BKiJoymuek1nX{i-~^mBnbAd#mhN_`S4+I7kgI&O^mes8?l%%2F(
zwD@e=YM`yGw`<UJU>v*9kVp3mijaY05XIchonYM!;`Q@J)Ai@<{Am$@a8Xc1q<?pa
z#Lo_Kj>W-LH$AyRq6o-2RaK@M+_p*;Hfj;C4_iff_y*ko$RZz{!@cfNX`$0oa_!5$
z&SotS#`~-l0sP<E&7kgQvB4>wzCpoBjUH-*SLlbMJ5$FOFpddo=W9*^s!cWVk}@|9
z6A)`&==qpgvY36{@2;YQO|EI%Nu%ZtN5w<W`?ebAkhQQ^T$&39=~!IMMOtm;;y^0a
z(6!hs_O(A`f5+=@`SR+j9idWkk2IgT(<V$K?#5xtiRdqf087rsQa82E59wO2=Rsy~
zzXyDXi=Smw=sR&<+=VTO31?ouFRZ8d>6fM#UGLNWHs@&pH=KT)pJ#FZQR$zG*QZWq
zH+--eZb>uU$j*&VO4+AAbZ{awnwcJJQAqd#d1UW0IVn^d4&LvWUZ<ODf2^fa%Q9#R
zbKZhzm_YNRa5453e$F9Xy(UjPLl1~g=E)XDQpj`G=HWF0ceL{eR9p1*2FOFXi((*G
z?WcQPD@!eT!fiRsl`E6WLW`p`@fbM=VaAryChV+Pb7=uk%dVL=xr3#C)!9etY7kPO
zr?Y*N%>DtS$Zt2F46}Wag<;m`m$)%*ry@5%b{KZ{rtt-6aIcMdRF*07ZvTx+c{;2%
zYGY9fFx8+Arry~3m6tgAJTVB#bwKCI6&2O>dxz26uN_hJzzrQ;D=Fl;D5W~=-@MaT
z-tj%%QL90;rdX{~B`e7=@2)9vj4Zn%u+`;PyBkaVCd&L5O=xhU=6%;c$6-S~6l{WY
z84y73z<72OHd=sy;B*7*qnUq?0f~GflKLsh?s(IGB>BMCj1fA?;rgQ?=|RMBPwHHL
z(lslsSAy2)Cd%;4FPN5GNkz;>puW=-^|0FnjRTTyxflCVwbUC6&8c)3i;bm;e^TLW
zE?UO3@$i67M<9d82250?8GAN#rfwP^3|g{N^apwH(Rco-^IlPzWdU%dRVLF^NL)T#
z%iF;(XyLTgcf;C5ft{=1ebX1n+W^L^<(vq_9v{c2=L`_{I!8IZ&BGQ}`JDMW^tJH&
zY|Tl|4M}VVXsGIld&HT*Z-joi(%g7cHW0#FIhpkc(qFYnG=@ct9lbS=W0k8CKES#X
z!{7)4Cw}ASAIUaweG5XY_gwtaZ@~h}p7`S7K#RC8;cF(k8F-D%8x_k_t|cL-XLt&I
zu@dkaPVb}{t<~?Ppa_g{kL&C3@og`{VVd4DJjMYBPmF)@t@a0bfRoyWlR(|L#^^Wy
zurnTa<oA=_$x^KLpU}(S7<p%G!raqT=UKyA>w&hgklKS6r2?9zfoQ|+-hJkRFq>1}
z;%}MTjkEY@{3ZGu6!QI^D_AR(Y!0K!e>Q{=up>r?vE_jv_^2S8dPO+GLrmByV|H=C
zdZ#~HT!`U$=|GlluES^sKA!F7VNnrT1Q8;t#ETF~WLK2K{tWnXCDI5|&4FAa{&qWH
zCU)7#CjAr39)^oWjFeFoFdHiWw6_*DQkE$2k0eV7{}o{Z0Y@Wq3s(~Y0T*XG8v|zx
zBLXE0Gg}K=v%k7b!Akd)-svBmrX=7tb+)%LaB?<r<p1A{ndh%DlmB&Pc+znHf5iBY
z`?%w8f&KMnFjUAt)(rM(&4ADLRJBlJC-zm~d6*FqP-t`5;r1BfdIHqS=?%=TNi&_#
zov!WyNjjz3%0p)PlTH(I{;Ne*)yst+3qechh!t*XMw#oCbCctbghHxzt6zQfceo<<
zsrSoPR8}I)OuC~xZ6_KJlV4}QSKeJEw%1ZzSU%>hl!+eUpS0)cbp!%lq5vT|U}8dV
zq(X#aUekAuecI0E$+lbe+h5x0UubRXm5`=4huwEhc{<l{!^dM%ct!9Z*3>hmETsJk
z<)orWG#Lpw65Dr3fznL5Z-KPf6w?w_g9g?3c`2=BLjtZIgY>twOPO4lExrni4F!0y
zUFqf;>7x9=OWI^7zH17aocy3}qZzhsmguE`u$bp}RzbN1XSg5q{F=#0q7I1;s-_mv
z!-yYkD!~a^&voE{^gXel%qew0F}4yuI9sjGw~s-#-vJEzHsASOCpg=uEpO!QN68Im
z`J<3rvhYjiRByXiP(8|m#$_@`f9n#F5js7VMUF?_D~03Yu5S8b^|)*q$dOHKsAlDD
ztAw%&i%!ncqYSLyfKS*c5rhmS9P{sj-n|O%Wwu1*U=i0I@SGx_Mq9W}*-JZ5$Vf|d
zEN+(${A<n;(CP<Svj$oCgbPG?3_H6wr$+gJ9j)Xt=8~RGr7>IgM{%!b(-QxMm=~6U
zWl@y_Y?<no9VJoG(c%kG1lt(wG~oCwb(2qF{yPnU|N62!!Iw`$9CVj*e7zz^OKbpH
zyyrwrYhwbqUt4!@pi8@H(YiD10a@JJVcfZ9;XzF99gj4Uy=dGBhKB!4!#|_-&j$DP
z6F>r52rMUO$3Hw1VwpQT+jG*>o7tPunHkvHnwXmYS^Vhj?W`?~Jm{R=oj+f@jyA1T
zOG-MRFNO%1L*keY|KWb{ItikpWv9gKFby6<$<w!|K|jBRY?9)EThZa}B`<V!+yu3h
zK(SVw2N#cNlmEJ2wb37I_nRU*M-jNY26-p6N_|vunx3*Ju7ykNjI|!CK9K_+*8kbC
zCit<RQ1uO{Gs#ME|0(=CqCEI72yii(hbm|ts(!W(hE)672jKkNfG%t{R`F|OsWw<s
zq@QdcSrUZXaUb&0xEP^@a?0GWlE#*)X+3GuJ;cN2cL5MlI7W#2*tzs)DYaL<1~hC#
zDaQiMQV)(bL&US%ED!ej7)dfXGz2*v86hVtRmX>|NkbNANp?sNM~m+SNtHs&_UH`U
zrx9}IJbH+i^@P7-r6>3orUDHU-En(f>w|u`tZGBh^9;TxZw7!H(q`hf_LwON?n0H1
zdq6TG#2d%BT@W(^U(@^+&8>Hl#W=P-s7PLy@<o0k@b$P!J224j{*uw<+3>-<%}^*G
zR*^INwlhSx5~F6i@{mmLc6h(IQsE)2qyKP5rNRqsKg}RBHWsVAa=W=;#EL<z>Dj)w
zX+n8BDY;6@xe5S)e3&2xEdYlN+|gd7dd?_E@LLb59F9S%l^))}l4z9S?|LhG8;{d9
zA2Dv+({WjFf#;?~f|7b5drauS&n+3u$ixPYXux|ak*HYTz1P4A8lYhl4SKJz<Dp~p
zeZutL!6YX7B!oGn4RYoTg4j9|kP|e!^gyUte|;-{NiVaTls}T;Ar8oy8j6$fnihWp
z$zhPLVejK7jL&2F2h9J{G<TA<&tmmR(U*}Y-!BGE5dlvK4}^)F^<r21e%>$}87yUI
z*iUkSO+hwB0dTR9%ijGemnP|eJX7=E+~Jq>D6uIxwh!NX`pYm#aq`SYRKH`DF4wv<
zv9N^Y*uq}j8|?}<uMJb__g0A1Qqsj-K&5^-jt>d_;5?I^<^<+miOwl!mG<4Rj_SEt
zPW)Dxy~sy)1~n^!Z96*F+X5Y7$EMS(KX2Gi4kG70#EU_bi~2GQNe)~%KxyP%>|5GE
z=_k>o!rMQ{(;-(ffom*T<jC1L4qx68B9meCG8cTebtl##gt)TEm=6h*dlJ_dOcoIP
zKK*_M6_{--_~Z{8ZkLoLd)=VZUM*O-JaCTz8ld9*#aP}G(5a>ZNkrO!v6a&{?}JUq
zj~?jra&hxCh^)2g;`WIC;QgfRY>D_grlY#e9f5$=PiHB#*$8)w5^?G4@${;p5Y=$+
zwF;H%hpb=o!JSS4#CpQ&SZ(}cog$26jSb@V%?ODl2sAOlq2^Q9U?V==$mT7uAGNqz
zNVHg#A1_+=#xcM1S(+tyaUaHn^s{>s)cl%A9CB%4*l}}UX1JK(g)BsSNsVWa^?ZXr
z?Z%?ryrO!EI+TjzyEd6nvt7>!HSfHoS$f3u-d+FN`A<F(AI*Eodp=It`mFHbAI!MT
z1V)R}=;*|4>mKb;?OP7W7@i9@I1w$uax?RP5dr#dh^U!=BBDF?0?4ltE||cA_;7M@
zRHa+s^gqXlfPQsMVJ_V}Tqe0aMCO*sSWEhlj1q*7VH;;e7|?Pqzf|NeORl=lsWqp3
z_5AHlF93GBoWL6&oYny>Z@%2P33hSyGIm6Xu|HM8YcKMFw$f3rT7P7+-ewW3{l)mr
z#g2-FdnV{gHw<FlFS;|{Ihyo&P^y^2JxbdeNn1!I+6Ig2X&;6XnvY=01iGzqW)n@2
zY-WSR%Yz%$gZtFy(JLfZX8Z@-ylLZ-0s{`SB=AtXK1ms@ieB)s_^}e@t;muD?02Rg
zSkiUJ*hcHd3Y|Xwc9?c<`a2QM1^Axysw9=Gl|PS9f{qe=HZ>L|@TMHky-)w=AF0Lq
z`Gp|RowoohlW3xrfGm;?HvUZ{Bk>L4^}6pezcA_RX>9>H@%9pdG~Y67Mi1x#HBig>
z61?e{|Ff2M&1bC$!p4nB)RG_^c|f)xq94tyx2)%nL29R}n)cG5o_tb3wiyJi9LS-5
z41(1*5_t{zQojlc%76Xc|C(Xi1E0nEq)hV6XrhpFj1fLuEqw)F9Bam6bDLG9Epo%a
z$ocV5Q<I)qV1#Q(ubdG3%B`c`inBQjnCKM0<vcHx-KbYrzh>q@65?Q-V6(69urj)+
z8T?R08o<E(9k85eAa0KKHta;=t?ygLmz=r%7Mx(!f8<*Uj^7=|lNuIa5$zbf$fyHP
zv@3+5d&8fMgoE9wfC_Sgfvr~x7fOvzbU&-~Hn3`O?G_%7WB;`a+!02aLfqEii}nST
z(A6`@MTqX8H1R=b(R4ZEdN|6{a*RVZQYdjmvf1L5c(>Yq%^a}(bTuab)`KYXWdr5I
zE=#U<((V8eJ!c?kZP;z(Z}00Te3Zlbi4^gNy?a9Y2+xDLpH#w(5Sdkq5g(c7T-6sU
za^y;0edHl_GjUZ%c270%?RRsX@ma`sppz#%M9dDg1;A9_rGDi4Z@hyPgA0xhWUQn|
zk`ygfdy2rrUS^p^hL%2cw6=VN8`xpj;T*x{+Z@1AuV5{7fH10hftI~_OkH+gCxA*O
zsdY~b2UCg)*=9nF6D^kxL4iYBZ?=CUQ}!#ZIiMYfMGCYQvBjlLQ{%_^+HcJUf%CeY
zv5nUj2U46+lZ+{uwSGf)PjHn!7gRY)N20j1QP0SZRilO<b+6ARN<il`;iSIzUGx~8
z>xgqZeYw|xE8Wps+EuksHn_t*y21$~ag7Xq^<TIl|7+)W-+TNd#3yDmVqp4Pe~S+w
z+b^(L4g*tHw3aJywJM6X@fuBI50LHqL~~dW-vYYkcMjg#@?`r!3-Wg`eeV3o|2krH
z-#hy(c0y@<y+lzsre}l*2(s6xnE@IM*HXD=o5fTX6FNP(mX5|98)I|We){sP#mQil
z<&d9d!2oPl-r~<{3WWV!(fD*gq{@KbscA(pyPKC4FB5Nj;%8e!6I%HLG*x2n(I&dJ
zg^t+`ZlkPkFDsA6>uH>Z64DvUCIf*xyiZC<iIFhRIoFXKLO1Mzv<CMjZ`R<rTBxWy
z5NiQ)W~X#@t4MXC8)tPCr@6XpL&hhMEoy||6jSb}Qh|~66pKnMD}AGN#<H3!^Sh`9
z?(%(q0CCe#`(_i2d28)U8EJ)J>@hIwqdAW%lR<}W^2wB$!Mk>5`(NHvaK^Huhczvi
zv2b!D%M8U>-V3w0%W7uwu={TJjMa=zIp4m#w`x4lL7dwd$FWE{sXr*FlHr-BSwq|)
zmy5x;qt#J_XVdcWI)$?x6(^*D0n%`R=1AE+6fF4lj8cLz<CHjq8k{*U?;S?7Q%Ca}
zEBiv74^}%XM{T(Y9lqkt96v(7h`Wa=A!y$&tYRiNDoY$cG2_h(L@Erb85JsI?qgr;
zqD=ur!CGQ{mV1t`{2IJ+g#D!oAO-x#)%GPWG(!_l6jLW0^uOdO1cKLX^IGihE&Cg4
zU!yeFLP|SvRm{;+zR~w%%Kcg0tm<M0(P0xj7eRX3wlWq7<J}AFfvV3$YOy3a3AQv&
zA4AKLC?|N${^Itz^UIa8HU8Q8+bAX3lsX~YFFXQ#xmtd1&-|o|WJ>FbSSqi*Mgvis
ztW$|p)?%KXmJD#b-a=ANfxmaVeBk>nrF{32$RtPbI@0`sQnk-%v@J5cg@ca4OAb#n
z^9pWVs~`H)G89#C=%Ha%Tkoq&(3%w|t}5NWmV^-~Iv>kIKooIB5dz|pQ2FhipWZd2
zzdIuBM>8I@?OK;zsk?&W`ihUbiO79^|H=U=dY)UlcV@y<7$=T>-MIjg^rV+)(CgqT
zB45;yTg4k()Vbk=pR+_^$I*qdsFOQzWn$Ncuk$g?9{e6z#~zOyHO>2_Q#^Q0TQs@^
z`l+zfyG09v?9Nw=dU{%rM>9-H%JGQJbMR~(C01HKEsce+ppb%HRpmz&8c`YB@Ea;V
zxZmwku$cE!k~VL1U<+I^tdAiey37*DMBTba8+T|adUDHVLhnH2BE46dJ)9QjG>-J%
zQu_gdCfsMDo8P6UF7%IEn&`z!lW`R8+<F;*snpX!nHIcolJ}fr=(+?we$TgKR4=uF
z3P<5XU~K<sk;>$ziwLY8Xd^s?3s=bbj%Af-g_ulK*2CX$$j<MnQ!GY{1s=@O2+ck;
z?sLea%8r`Oe0Z5pPTfW<!sY1O77`3^Xjp;%c*jLvM`%R{vtXU^>q_znZdj?!AU!kK
z5vqY9AUSAxmdNOXlk}gRpG(dBPcG*1|Cx(@ZuyV^axmaerv8(Q{b#?2hWgij|6j3~
zU0rUU$w#yCq$0vQc@VTZyJvpUSN}7yVTPkXHk7CGi(<+c5q$oMeccK4vD=31T#e#Z
zeSiAlV~h~XD_Q;QvYAc(x7MavjRAjuIHTVi{DifJ)2Tyi17GTYhFbrW3&p~+OGWhE
z6u(B`?R+o~els60HM>7|vD3iHt0`IZIyqyds~dcng5B5A{E^KOvDMhNEmH4oTy64v
zU4XWoZg1C+N4@EQnwg4ns@`YwH6)KtD19mX7=MiRK{BR8P6_n55J-0SRWp*LLy@tC
zQ{k!BvRcRWQIp?eC60m!VkI8hQLMdsa!n~)@r46AGB7O=ff*v#qPaT}H!w0JQlbjv
zy;6TaR`J{^^hNk=uEN=KDdm0!XttLa5zBcU4+<a5%ME3QDE$OeEm*)`fg@=%phlOw
zi9YABT1=XL#XXjaHOIy#mRnv^EZh*5#~~o;$T<46>!3^>beW=%Uh4R4X_339mv!wH
z6Tw3M@aNtla%lJ_l?n@?o<!`57LURe7mj&G7Jzd_v9%ehQzb6!hfP-B)#c(H*RR@s
z?N%6?clN$iaHjCC7(1aWbY8rkeLE#~2HB`ebWSmmk_zVUGFG!?1MG=y3yitzRw|c3
zE1KXI+uKMq#9H6kr94LByT*9;Fcu;mHWBo}sX@6xOANC%Q-nE;b;1pY@i6O^p#-6`
za#sVe1OCiEkblmp|0<GPC9>S-%=-5^wU7ZK;KxBL3s$$RQwL5etz{?$ViC=P0X>t)
z>I5_(1ce{=gVAF)$}lIwdoC?fPBY1>c0Tv+7fJNZpXK+hNZ^V>JR%68&Y!Bf-Twz6
zQn5IAZ{;FCpf@T%Z;s@6b8EnI5HMSNDmo^p;*w@L0lD8<!(5G^$6{GX?VU$@w*#p}
zPVJlTPT_zm7a+)uxqeqS)ZEM69UJdHMcL_R>YEH>hY1n|pG`xwATgmo+T;t&=Ob`j
z5wAiY^O|@3n}`5JrX;6^#5l^Y9Rf&#zK3N-Z9Ds04=dn>g<9Em?dauK(K>>)87*DF
z5%`l=JNq=6aI;=}qBL8OQ%N|->N(3(!%-*!CTlYBQ~Ao$XgQ|9=-QpaTB0`}Nx)T$
z9Sss3i_{fAIt1syd}d;lPlHp*muMOZk=+mn2Hlq0hOe=*4^`r|GKrYanh=?csqO%Z
z=_bG^NQG%A5u8`+;TAneqhaLbW99c&42<uv;z_c;SX%UJ&XPO^XSh?1OE-ocD7Cx-
z&|&(=XGzHbz8-?p9O`_ql~u9BIOtW0vMC_;D~XZZaEb6;xH%B_k@fu5k^B&g^&@fR
z_l*&aNzf9yak=936_{Fq=RPBsT=zClRDes@DcOv|(*v<;R=yrt&CZK#Pko4pq5`=2
zL+6c(uHv(2`^Bkh>a1(o5WPR&!+(tYZ!98L%AWa2$iHI|3K&4PzH%6fG0YpFtM74x
zg9)e)@j3k-kS+5Y1^_WIJ!XxC8N6sX%a4NZr|{Rv|E942;8w~$`C07WDePkk0iXyU
zC@WMHIt@Vuju$4peSjf?*0!Q1YYym3ueONfqkLxw(8-4*Gf0VTAiO_r^&M%P1R<TK
zw$ilufbB1=Uui&6cW4>Vl0pdbe04BABiMIBRI07HzpAx{Q@HX{C0`F}Jk>mnVCc9x
z8|q|yLzr~1PGTUHmJ;iP&>?Yhi$(dRQK=Gyv`L1K^b2CUB0|=J>9XI<11IWAc=;uP
z-zxCMWM&8RuT-MlC8g8#ie($hXXj_qGQA^J{lXf_Yl%B6ctOP(!F$QOh@oH9KWI24
zk*(v-aQOh%M^G?G9&!)x?8fx%d#icQ&{bDrT%*()XeVwpojt;p`7%_bexPfc^uOk2
z@_7ai_Mn)_XgH5IK(nBV^2Eml<J{8_GdmRVBor$2?fqbBni7m%A=DKgAp6$q+hMWu
zA_O-Aau4MKcoxWn0{VU&JpPslO2_DS{pL=sapHC8NEDB{5vVuq-q;UE5;V<ZXRddc
zMRN_^Tszt_K<C=EdJ5(Qxp3GV#yp!0TgVUsWt;9K=*qAr;F&yR-~cDuNhjvo6gIz{
zJn^$mp)O~na0O|;<Gmn+ZtNGm#4G5DCH{(+NS5am<5V<<_!XF1O{|XtzF#n8P+8Ul
zf}k)`4ihUuq0KPn!Z!hH=xW_r+_l6I+`s`ENNp}pZhSm2XjTo1<pfNF;?*|uxR!xz
zD-&WD1Ycqm3hYU%t)hJjU1yPz{c_Z%mTJG9Duk@@HPWk?tjXQ+vFw~R$1Ho|m=ruG
z?(csN1{vbA^owy?zaUaFkV$<Qym&M=Aow=XbC{!E@@)s-qVpp^c@T7z?K`&j=VGQh
z;(w(PGUx_(u)g)dh;?i!?T*52t-*hW9Q2SkOov0)pW&w<9CLBGbaqmyc-q#P5A)6V
zpsWMQ3vm$OrixB)f}4nGZbG+AK{U&h4vfb<Eh1M)BV*zI1$BJ3magaNttq?BGq1py
zT_j_ZGUzBp-T`=qk1ZB9s2~^mB4&M20D!XR`_MzOcY=~bgYwa{lsxmR5=Bvgp^)2A
zJLO~j71UB9ux=Npy^$M{eh*YnQrTr)CQ`IOqX%avAi(|WA~L#US?!e-(e!4ybG6Zy
zF-hcRvSl4vn0udeN8~MyHza!irGm0y^g_N!U9y{YZOM&mrjpcGcaD#OOb0Z-8mJ>0
zT2WpM$83`@TM$_r$@C5foUkTHS*5zJ{jgtaGw#Br|DdA&$u0_=U?}0Fo+&+N^j6y9
zN}15Htdd2q*wT`Dug*L+3hPnN)zI}W5-rEXBzCa_+{#4F7#lKL{u@Q4W5Lwc-ELXk
zbA|w&O-<5PJ*!^&u#fzgiF_Wdm2kXVcQK&MC`;<$c(z3O&ld4lk<%_d6?rCHu#)D8
zDzX~G=-G=vDTp!myVwa!*Wz0INY)L>RG5o{MdzzM+#a=hz`iSJQj>?>t6QgemA7M4
z?eVuFUukTEI8tdcYBa58hjCNFbD&~lJKDl3CkFTEUxNeJ$<fwAG6@W5h2_&~-E`kC
z)bU&fTie)R#qzXJ%A*#icUd(cxz}UvlT&NvRCQgQH}PXCfTf~$7mSM(c)}rj#E8}g
zWkBw$n);+3y^@dp5Pa3_7%mJX7PAsh&>4rM^<<&=dhyGL8XkxUD9|r-IUz{fCFdGW
z?^gz?el0TP<3%@1`1$Ww7a0s&=cKXGf8RDy*JOZK8g?ySJu#@D#KTi(w%u&9v6P?e
zLX+$~{OTu|24telv|SsA|LuqKnUIu}E$fvjYIJ0HsaW4xaVh4~+(Psu76<M`{{zj4
zqB@0oV7^0~0Ab4fWd?lnwg3)1`8un|cBquz$V2+5F}#zhw@du!)T~W5uDoW4f84E&
zFengao#Jiv4t!;e%W(jo`DPx->bwJ(@#*4EWITO~qd>Dd0}zWnU<9mJAFC}?0hk9E
zPuOk6+qXFho~_ZS1)dzELeh~cMp=g~mB%w7_^P%3{^X{jQF{$f%rT2Pa_338U)7K{
zcHq)$%>Ek$@BZB#LiUFCbb5Q8r?=gUZZkP3R!=8NDhn+tKqFB9D6;tfTP()*Cl+)2
zE7SkyRP6H}8RX|ZGPys1{q<!8s0_gW^&VN2c%`9eyo!>`A0GSqQU<8cX+-3k2#T6c
z_jlV`VEAr4Ai<FZCMAAm?34HP$8ALNy!UQgQFRZ!3CRv|U?&piao5zT{zU(VGJxj%
z-Q_EfEZceWWPL}1s5pWu(%5^G4{-9K$xKn}uK-2<DQM)y>(@Rr-D#^I(baM6>M__f
zQ~V%ai(hK=aWo?ofw)pB-wv)=q^4OuP-1tKf2+H#am{re`)0-a)EB&TV-J-*``;*=
z9W4OILS9L1Z2g$kcf(jrw<mi&6lc7DkxbIR7=d)Lnkn4d9Zrg@zo`x@<HhvAfC^^^
z4z$AnRt(My0Dr%6ss~Sbq&=K2kMTw?I~6A6dBoxx3r%hb4AuuL|N4BL$gwd)Nschp
z4(3`Mo0BCS3Z#&_XqDpN{n6u{Xa%)gZm)N`AW=88W>-*FH0Nk|lyc2?-)XEbgr2|L
z=WizUTeW)vMzy}UU@73Pu-@zv>-N|EH8wSY!e)TxffW*krGn+@W3NR9?Y(bw-?}(h
zfOp_D_2CfRg6OnAdI*NiedCK$#81H|0p_n;VqUi9GG{Zm0w<swT~!02r{8yCnPQQ*
zi_VUcUwMs{k`4?=eaJDQ2CxM|-<nN!<ylzrd35_8W5Otp>oGi*ep(K^3rjOZc1U{(
zk3UMuQSK{*ZhtR`8AsH(!c_*UqAUDHECoI(J!X(*@hQxI(gzfze*`A&=IT>m{vC^P
zeF0=Z28A<rzR?O-FX!U?)^T1t(k;^hWMX9k04wM%5k$==qh0s)@9rCMntyEw_)oDv
zK>mrv<kD`5{{LdJU{Qp3%J(X=*CU^5ZaaV4%%}XY+~rF-igx8bpx#Z(k1C@Jo^Q4g
zGGXtT(?h^wIwA|)P`Yg8X))=u?&tRE4J&mCJ=8-YCt0ptXJP&aCQllnu`L)B+uaVM
zRDuQb=H7_kg*u8fB%*iJRn|Qs^daKjWd3M;rhOCUhRRctXlKeUB;%{PN}z8jJ3hx*
zQZEF5h5p6sYNrxP%(tkQep5{mbA&*txF~tfI^1Qj6e34M0c^t`lrPz<5zh_1;=;Xm
zQfI&L>r<ARvzA!i<j@IL7?k0aF{2ZGq;gi+S04m_>5(aOxJaR7L@(nVac1OvXhb*Z
zI>cL*kvJuIC=m0b;WHrZ)Y4%^I(q>7|2B(H+NPx_+Vr`qnb0<zj1iMSv}xfNY;Al*
zLB#+QP9|!774lSM1Fo{gRJH=m$oUQ)8y>%)sze29FdB7P?_v3J+9sx=@1k35%7cB$
znS0;;P`}-fJQ48)j`MA|t>`-e74vFf_v4mY`c7%f6U{m)xPboEUf0pZp_TcU12r{o
zEZ{jWil0BMp?6c{BZo&mhGKa1J8a0FS^buiFLSLHy8Ug#&bJJ-qxxE~%Nrpj(69JK
zbH^E}xf19DXkn!zWc@G3hr(I4dr5>;1+Cj#MW4E_Y8n)kYqgfX5#%VsxEr3!fr4+b
zZjC<?^Uic!=KO`}Z%*+KndyMuPcr|VQ^Z&Q$tn1l_SZXNaEzSbW0hz}Y_HQ%HnM5`
zEL&&bA1{mE1VRwaRJdrFkd`KZ<o%qusn+>LEZJcSIiQ-E$??*<3Rn9geHN=}`S*k?
z=p`N7?#~qUm_fepfjMbI;}>T9=!y!_$H<8k*c46`sq(WLT_5|MWfxSrIyE40@#P$k
zes}5H=1inYDsG;v>k<|zLy@x%9TFI@%a^CGgR1bsIaz7$<uFz;3*7GY<vPj64_>Q%
zGUD|l@0W?DkL<No$DFNDEI}^OUA>Yi_7v3qH&@zgic`x`DX^C?cx>)@$(0QH!N^ae
z0`%VG)Z%erU&)aDhye9XIbZU>AuIHkIM4p`zkNnI|N2BAH=m!VgN;aW4Cl#M)gR#v
zHN4TXsKPrVPAyW;YZE#+i;n%=EAnYqz79kw7))Z$B9{0z8!a=Dtxlxz0}a)76NM>h
zj?P5G@k!}K3nsmF<xN84gdC}$wXy((k8ab?bBg>ulfb<fCYg>7oZXJ!fa8MIRXq3t
z$#IDinO>&_8^PlYF3NgW;SwtzS<`+*!dG?a&7nf%ogjDTL9@m;A$A8o#WWi(GvLy*
z4b6aQhj8ah3Bt0kev_7L;qq3uTeRT7r3u(h>8U9zR5Lz`<Qk8b>28gIX(7M+(ql;D
zY7c1p6C(;umlE400)$Lm{RA0g8f-7glDB4e63}7n`<8DMiyhrmnsV`1e9KpaUDz%>
zo#jeWKw=`C*Xo>@lNF2r6Kf2607ffxiO?5t-8+8<#Km<a;q2eDa^Z15v}oymzaA4)
z(n(>1y=r7N`Uvf2%O;oaoj2BY>J*9NYX*2~N#Im*`2+W{A=T6AxkcV|DaPnWd50$6
zuaQ5J>yj}V7D$2S<IN^lavl6?lL{Q)g)VbWSl&jb>&JuPaqna<;%^1osmnBLRdG+=
zKW`XT_ttC`Tq6l(!Sa}a=RmyKfdNhdVWc(x@?m)wSl9jtCgtm6@c^WCrwN3i2;;~i
z4NS(yE^EW0v^Ks0p2J)GjtlR&oV!+I1<?vx=ssIo4(EgE-Sy;j;gTyI_+N<pv+bq>
zSAQac)Uf}7TJsiI<%RHucJR>r^z$3A2bK7?x2A;v)Sp8iR^@~Tht|_7tR91;XOxo3
z^BG7+P02D_46$4hujIYTsz#ap%@raJlv@xNTf|4e^T`bJK!NE#&SJ~UQZByT2#ufj
zlR~SiMKc7GhprYSgQKq^u$rr%SgJ|6X~NNTw8@Or7SP!tbw!aV*8T@55=C1fqw3t?
znj^EK8O<U8fvb04@l2DM$6a!aB>=+KHH5ZZ!_K%bb%zWUeyVM}1uUe`>pA8=m)XZ1
zlxz~Bff*hh*dt;vcfjs-_BD@6sTyMRF%TA(DTC}PJ@Bo$e`eIs>mIBqqOz5FhpYBd
zYuh3Tc>c>C%KdxAl4!<#NET-@sF7R!o{E`p7y}rStL}rd&p!PxGWm`JKdqqi+mQ;r
z0mFuB)N#}ci(@o{DK~pcqXN1>(*pjTMe|6*<$m|zG*E6FWT8#nDvGS!27_oTE?UfA
zX-{<g5!OQZtX|}}3n89ZnHl9@v6u319f}BLN54Ec5#ODWCFi0*%!*yYPjwx~Dzc05
z6Ck@22DvM0I;4KhL(Lep0GeSzP&X(1=0!y0+&dxno}u-n3DqPX7bu<<h@N(fgP$O2
z{baMu{?aM19%FN5PX{Z`u2ZI3kCVXeAT9H5F^dRapEY75_vE?OLzC3pKW%K2+j?xT
zC(L~?S}-Q&UsL-(fv{Y9e#a*w|4tQcIT7A@(h8GeIJ{E?_w>F@Sc<_$QRfLv0!_gT
zjNr5`Q82+kZ_Hf#xJiaw=?mu2$Ogw0l7VjTiZ}>(kDls~wopJB%7O;{rlF{FE<DCh
zjT~3%6FLt8>ojdB3H_ll(yp%0h1)5nkAh)biVeP%uFU;3CjIWL(p|g1e^JGgQ~-Pq
z3nus`(x}J)YC)Z|09hiX7kK346u(n%Bq&g<MSNbSk+|I&XXflmu=I_ki#DT`*cpSr
z3<HbNEf{N)D<dWptkA%Pv4q%e4Hgk3bguv}BIxZj54HyE9l9F3r2M!P$h;)YRQ?8)
z0GGHjN63G*G|t&&He*!mMx6pcXe~hd9;eq4RCgiOLh@3SO5yKHImD1DszTVlF3=__
zQ?e<5$a>Q&)s*8^@#NlDy#+0c#_9>BAWLd5A<0SU#{h0@p0CopmdepQ$K5g*tuncx
ziia3lDw#TRE}e=*C?5mmYO<H$s)Rt*@?IINBv_N-88rCS+*yq@L2?8{&#NZ{Ygcyu
z!|<jb;a%Aw4M*#6E5`)52omGOy?dUce3n#YJyOM5Dg2FH!*Y1d=Fdg*q{l;|$^gGb
zRZ`gaBiR;@v9!|Zy3#_ukWDZqK7(@EcIDs;>`W*RjRW!cZY1?N|M6>0<(Nn(0!1d>
brdCAhOIaZ?EP#O}tQ%dkE8h6nXBYWjjwlbW

literal 0
HcmV?d00001

diff --git a/scripts_debian/keys/wheezy-debian-archive-keyring.gpg b/scripts_debian/keys/wheezy-debian-archive-keyring.gpg
new file mode 100644
index 0000000000000000000000000000000000000000..6db1f3a93c12bc0225f7156a59cc5833753d5328
GIT binary patch
literal 3569
zcmYk8XFMAW*M}n_R*TlANVWFXQnU6dTD3PpBr#&eh)tCsW>H(zYVB34Hl>PEHEPvt
zZK7^!d-Q(a_xC=Z&X;rk=gajw*U13h1U<{#eNRLK7{w}A2(I(TR596~20#p6i03D0
zY)Z6G%p`xx{eAySl(z@6?cDw5s(@+OPajZf1IF##w+&Gl=-E)S5nmjv!wOB}(%}|h
zuxRucbiBJmRN~+!R8;9D=7(GO*t?&Gb5YTKCB{%xHe%8toUm)k?)|a3<<Sj|Hx{&I
zu@fUJl4fLbvvEgh8P#LP);{QYj<|B5Hg09yq4>ExmaJ2QbLOKi@lj<%xAt*B+C~U<
zu!)=4E>vqGH)WGiyidpGDY-%yM_FI}A5I7_<F2&~Dc6T5WA$4{-#_v%Ogt!H$2Dq&
zg#N55hW5MQGard0EWu38#i$JWeM+V`q2+w+?4}P<^9`;}dc*AuPukW*LzFX#V1^Ht
zYLYnOU!%8Gw6#%^1V?&Y4ECKy_jbuU=E<>f+%StY+fdIR!B6_8yr$s=9!W}f)4%Oy
zQ#CFr-J#-{mBcJXYTJDJlQrN#<>eUYojma6t7{&co_T9%(t)cgh={pX|DbA_s-oI^
zBTNA?|Au(_n+J)**2It7?6%1DaCj}07`Y0hW;qXXUZhu|{6pz~V@dzuVoXbZaUgbF
z9&ca7^{G<)smG$x@wN(8<xEdcT0`-GyO}@pXJjo8didEw6`89WSZC&8=p5uSw4+tU
z-OgRuX0>hWpku;!6i@4XvT0y6-eg4di5zf?2tZV?sS2}0LQxPUPkRK?2L@5{M!UH}
z(MWrU0TPZvqTmp17zV=oNLW<F7XgF$WB4F)j%asRs23XMsp#<Uu&|pa{Bbn!F^HCk
z48ThQ{0kV6m6(K_nmii-rX(jLB?f}&$$;b(lpqEmF%giR2*?-;pdhD-)vT~nPc|~}
zzUHyJJH1z6M^H_#0aDzs^>d}AiBjP=h75dLX;|w=_D`Pfo}{@L`OB_30)I!}h04=D
zY1Wi`Z{(_Ljeju4)All;6TC&`pFY}Y9Ik79rLIYBeCzXNLl7`+4K`Zbybz|Z_=V#3
z#Qu3V+<L_MHLfa2$~2Bu@QWgGzyw{j?H%)IeInTmzKdT33GESyE84_m!$VWw8QHP6
zjo{qmpt{1d4%WWX)6n0B@bz(EA{jwzZt?Y3TVJM$EO+knHBIrOvnQ#xyPwFsokxpS
zSNc<9>V8*6l|E+1Fp*=WfZ=XTK>dg}Vc^T(UUlH~W1+Q?vbaFT(k<1y^2aQ)pCi+n
z!Xs=+%0y51Q>5oc`FN<md?4{DNyO*sL=rvEm~c+_2)ybHOmQZkDs#8l8rQ1rn{g{F
zEgti<TTkCtIBIjSRbecc>JEi#9~yTIQ5x5k6i$ZyQ&b1vV>wtj+GiDjJf9CU|K)s(
z*Xg;_)^QgyTj(el*FCFA5*8RfBCyscJgz<x%J`DW_2~VXSM(3%6Qzfuiy8qagzokz
zo6;s|uD!B1aw}mu@j>G4rQ+@NwDZRf2C2WGTtPfcvAwLypo>P>ik^f-fxLD1aa<JN
zMjaDo@`qFJrK*ltOsh_S>fo{VGrphCBbO2i;|6KW2yBK#mBK~w_q4&oI-jAL$Z8;f
z7^@DVy#)k-|1$KO@Rtw|>q&fYK+J$F9Uz<R1y;Q6LP)i0D*w)*6?$gfy3_)Y!;%94
zd}nNm=4{*?Xg{jE^qWgEzs>?g1FyrbffW54cECx>;)V9S=J_rQ0*!W;5fOpA!-e5c
z6bk0(DC__ead&e;+GB*#e(1kzXBkE;YPh(1Bh;xc`7SHD&)0*h<lI7qa!v}O@~8Hm
z@qRGuChD4Zx~jC_m5)b}>PB7WjPwCDtklNk$gLlhWyWQF_1kebt^Z#8s#Bm(Z8O)W
zeLE`j7wp6=GO>w?cd5f;fM2=r8zPV<L8Z0WObfScYBY<9wk1uv(49~O<hVC5&l#Ph
zs<)-Dkcpq08ifZ(N^wYUr*@GlmfP;0Pq!J+#>K~;^*EZVA*jQ(lVbH`YT2ep(m6ft
zlvwRv^PS~QN1xVrX{vVpqrJVrQI|g1m^&$P@r)7jUCfZmkQtW}q>cYBHT_3<!G_yV
z+FP488#l$iE|ZPFGQ%}kdn7xT-uHTid45lkfkW)pa*Z%c3>pIrJ%lHxE(!4#&j%5z
zhb--e<21BrT$>b?o8KSP(le2$rg1i(tN80b0#>4!4V^*R_ylkwHhJ9GfFA@Mh~2Bh
zIGt^^Xc*agTbDS>v+l{{A9ehxTdGeRil)0MbFtD=oB-i}I33<`yl9fO{I2OlaFz?K
zWJ_3WU*BDGM$r8-F$rV=js@`kc<n;5lCBri|LLkPPTscFmHSjOWGZbh-+8<v6cx3z
z2(^suZelHaPo~94P*l$!6c><vB@!ldLnr!a=<Z-2R?@QTzKXH3%ZFz5lMX_4y}n_M
z#bi7LuTSY`xAP1HUX)xMJh}IHv~>^v7pCU__hy;H4@>ZYyq}qN#IfM3^Do)8Uh9Oz
zAQ9!4mAp3=l8t+ol0&}nbT`+~xjH(6N$1U<1R@PL2B}EfF0)nkoM!JO?F(JBcWozW
z#+-601#h4*Ryh_<-XGl<N%_QmEQ)shRZPH_+`iEleZb4-6E_Pq8(Q+s3Q8%gY;%I?
z@Ty6CX}M_?(opIJ`(m%cEcTpJ!NnUA;8PE-5s#V*h6cO0Xca*y^=EG;exXueB>co}
zARup^rrEvBBaZG({5|=r6yMPHheQzUVTsSdV+RiNUvO!DVd+elV?UhgNayYjmOK9A
z)Y#`_^vw)hM2vL*#2uO*{2g*z4J)?c3|g&%C$yr<!!NULBu~<Q-7F1ZY^?1x8cynP
zW_;l0U(zOs{<<`se$e4@8MSL#O#t*e@XRWfsx&&>A49Pe=6?_qxj%A5AGvzpbk<Z5
zb;|5H$1O8f)*_jL8ZNy|Xw&IbUqZ>X?;e*NDt1Jy4c<Xr{s~|Hq&74wIfe9hJvM9g
z#u?sntk+t7&RQa23G^-}omYK9AWK&)wEV{10%aD9t3r;agE$+L;t?$9FZ>Z8J{85+
zvR&n#k(*JL^a1CEuJKx3N8G1D4>zU?xQW7DatQp@gY-4JiR%;ld8^;4qT+_7Fu@d`
zJUQ07ve!<^V0&g_(hO`BbPmL*e>VR0W;D<T#Cv^QY)OCyJmFJjY{Z5Lq!+~b+LhPE
z+Y9CZadh*9c>S+K-B2zVVTd6D27#gMJu&WRq#Fw2<!$%3-xulyLBV`ro)9Do4MRCx
zkD}cmcCdd_g#X);mSHr2eA}{4lg-W#?;b-XFU__|IW19~0^nQg=?>X<LWZesn#_yM
zzopmh^#M7Z4y1(v?`Vh`wg%LX>&vE;(oTOHr*HP)i*`1Zr{dWHh|^Qe1(T?lAyU#h
z4jWdaSyQ9a^dL`l#@1VQC*jfP15C^G-3{&6JXqB;7t8JU2Ysh1Wl{LNg+;F;24h)K
z*Ra(6yF&vRF`{=jt%kqRoYDyL=muXk3YYJ?v)g^3EYSFXptaU|lYUMGr-6;;ok$B&
zX_9hJYh>;y;zM`@5NzhI848B4nS;tM?bFn$R{e_-ycI-6>@SuMv6Y^`NV9zRWOO8X
zbB4-=v29<MblSgLm}B>tbKnSWw<@DksVz+(zbxricG)AFS0*<ex-`S>_8%Fix*IgV
zT?^D>_q1TwU<;n({&ldNI#@8`F?M#k{uYN^%Wg;R^gU&@qPWsJFQ>5OXn6UUuac{k
z#$<#k-q1wrDG?B`kCc=8o_aYAu`82yWZXS=WWg&G2zWFv3$W_l-YV}R4A|tp9|@Hb
z&YNNz$2l}rOgxq&**?{sCsS*XNwoq^1pZW8O>D|!a{ibO2j*_%c`fZdN{yIMOSU><
zk=&kR@^i`D!wW2#l3pZ+@jRhF{b!stD9J6*HS5snj!8C7Fo+d?rtEC0ruy0P?fw3m
zL~YLpi7%}UQGYEN4denbUBgHHf3Mb!|9Q3kn-yzv>MM1Q@{89!c@nkg8?5<}bF~BD
z(Hac}ehQsdnIt&~Pl*P6CP@v~0@?m%zxY1boIYeVl=P*1r{_@DLwnR#fz#rilYUBt
zDF3i;bX-F0dFap_F?jR^duK^)%Exoh{Ssk;cB*^?;UA-b5Lv=`jcTMp;*nmSzeY0g
zkPmseHITCu+j=(xKNe|f0N~i?Y1fdN$9{h*VF2#Qc~L~G??=td-*>VY6fK`Po2ZTL
zD@{u%bE~i#T6n|3d#3#OnTIkfjYNB7!%V*x?&iwc6=8@@buo?|OBq3eeqZ>f{~~e{
z9bd!>RJ5w#Zl0Z>j8y27!}K2cINjRs)HyP(#y;EEepMZDv4x@QF29xcObdf{u7WCg
z4`v6u{!I6VEyL!fRN5w6O4|+qHOtn7A_*JBTcj&A7O9@$Bmm*&#}|EBJ<QD9wP3J2
z;?>fy@QTecSNy{{?;plB$t}R60IFBM&(qUfz1ZAVT{w{C-4RT)P(iO`>FA#8rv!iK
zE+Y3cEL~tBfyHKpPCbK^*}Na5(SZK(Va0|J$5|&HXTPUQ4Gy88)NI~-%V60^Dv5{2
z%*g$?EIKbDsz7p(M_4vDh8c~TgWNOZ<P?m4PfFcO+CkI`FI$QC7Gk-}$`<r|Z}K35
f>$BhK{5G<iK@Fbx+u{dWL!HM(SAKbf{AJ}oGmftB

literal 0
HcmV?d00001

diff --git a/scripts_debian/vars.sh b/scripts_debian/vars.sh
index 7c34bde..ef66a30 100755
--- a/scripts_debian/vars.sh
+++ b/scripts_debian/vars.sh
@@ -11,8 +11,8 @@
 DEBIANVERSION=${DIST}
 
 # Location to grab debian packages
-DEBIAN_MIRROR=http://ftp.us.debian.org/debian/
+DEBIAN_MIRROR=http://ftp.us.debian.org/debian
 #DEBIAN_MIRROR=http://http.debian.net/debian
-#DEBIAN_MIRROR=http://ftp.ca.debian.org/debian/
+#DEBIAN_MIRROR=http://ftp.ca.debian.org/debian
 
 APT_GET_OPTIONS="-o Dpkg::Options::="--force-confnew" --force-yes -y"

From 9a9508437033ac19144553c51e882b6b5a09fa16 Mon Sep 17 00:00:00 2001
From: Jason Mehring <nrgaway@gmail.com>
Date: Tue, 11 Nov 2014 09:00:54 -0500
Subject: [PATCH 6/9] Added verbose indication telmplate files was downloading
 from AppVM

---
 create_template_list.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/create_template_list.sh b/create_template_list.sh
index cf8dfed..1e9c00f 100755
--- a/create_template_list.sh
+++ b/create_template_list.sh
@@ -24,6 +24,7 @@ $(printf "%s \n" ${files[@]})
 
 path="$(readlink -m .)/rpm/noarch"
 version="-$(cat ./version)"
+name="${name}"
 EOF
 
 # -----------------------------------------------------------------------------
@@ -33,6 +34,7 @@ cat << 'EOF' >> "${template_dir}"
 
 for file in ${files[@]}; do
     if [ ! -e ${file} ]; then
+        echo "Copying ${file} from ${name} to ${PWD}/${file}..."
         qvm-run --pass-io development-qubes "cat ${path}/${file}" > ${file}
     fi
 

From 6bed22eec54b291c4539bc23533fa5e66c736163 Mon Sep 17 00:00:00 2001
From: Jason Mehring <nrgaway@gmail.com>
Date: Tue, 11 Nov 2014 09:01:34 -0500
Subject: [PATCH 7/9] debian: Removed keyfiles using old name

---
 .../keys/debian-jessie-archive-keyring.gpg      | Bin 13568 -> 0 bytes
 .../keys/debian-wheezy-archive-keyring.gpg      | Bin 3569 -> 0 bytes
 2 files changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 scripts_debian/keys/debian-jessie-archive-keyring.gpg
 delete mode 100644 scripts_debian/keys/debian-wheezy-archive-keyring.gpg

diff --git a/scripts_debian/keys/debian-jessie-archive-keyring.gpg b/scripts_debian/keys/debian-jessie-archive-keyring.gpg
deleted file mode 100644
index 46d1f0e23f17522e0d4fb358b24d78b8c53add58..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 13568
zcmbW7V{m8f)~Elm-LdVYW81cE+qRSLxMSP4Z5!ROopg-p^mER6-+8NMYHGgj4{KNL
zy7pSvx_@^nFdV3~cF{QyB4DytVuq8PuNSrP#J^d`7Ia<=#*|OHpW`KYMaR1kfj(IK
z3Ku?hh8iHa0xgBD+ir&h#<<0oZHAT&W9yl{d_<(KL%_-F(XCg{?}M9bQ+ynEC79er
z5LRo1lGGW@0WI8`k<&_`Sx{Rd+_pID&!<Cns;f!k)A|<euJ29A?if;11#W!ecDgsr
zFqg$Z4u%y6i7FfgqITL75tq%T1vIVcP%{9f(Yox`nlEYECNycK(&h)umw5G)SuJSK
zJF1dygz)Xs0913@9iD>rdB(I}BYT?Gu?&X~=dPVv3Mcv@ClaKM#A#?-RM%QzcMnCd
zkqi}mQ@wYH4Mr*ex}xA4D$Nf*40G+2T2))d#fG(N`WU*Za`a~u($f&VmC0;Y8&}P@
zUTJ{=IxWmL*9F>6HJ$eI#PPT$UB-cjhr6?z6!eN$wTlOW!n>+RlO=4d3v!8};qbcJ
zeE**Ps<8&S`3g>OIKuDOzfCqU2GJa(xlL$`(*{Lc`$No(){u(i2hZ9G5%N&75{<*Z
z<H-0SnBZ(H+)rQRce&S5@?zL)>#BGVNqF1;{&mtjny_c7?;5+Oo7U{4DdJpp!MWd{
zQHkilN6L$&7Qy#JrZvx9eQ_}(KCY=Pj6?}CzS}Q~v<0+=4k>y$c8Ymh;D%R5d085G
z#E<75lzvn0kv|N81OxzT;8t>QF){HpAy9HQFtj!yP&BbNF>o>=kTUTg;5Iffv@o!x
zb^PZUzqN&vvlHDv59#b2&3Ge#c|lQtfB_U>z@Jb7V}pP}!BLp|gTp{ULVy5+qe22h
zLBoKe0fPVm;{gGq`vah%5RJuA<646VpQx`80Ub{Qi4kpytwXd7dmRk=7U`*67@>$M
z{3<_RcS#wdF@-DIj@1N2nKrveHj1>HzT*6Lhf-~>J=Wg7lF>(@-R`=csJ7ID(5xN|
zff>0Nb#&nU?NL(L?;;eZXl+3{RZF_)I*WpVgp_u<DFdwb^~%#?voQlpg)St~Ov5u>
zwK2-noA%I3dn7JtM97*IjREq~nHrGMSH<lVpWmHgYf9IKz#QS4SJ=-MfhRVf_jLyR
ze8uJt9Hf+g;C9%oOm*y%GOeysRVRIgHAqDy-fXl)4F`}Cxe?tJ^1*0g^#*Fx(&b}5
z{nJr&aG^lC{axD3t$-T<zS8Rj0Cg#qHrrY0y$lW&cCLF!pRf`)4kydua=LuHE-{iT
z<}+#_LBWuZvhbSOFza6vpwYjcpDhHJ)p}x-b=6N3{ZQx1Xd|b!a*<;HF3pWZBH7cI
z81{4UnB|9~L@pE(S^ok7&uBT(i=`P#3$Jk_5G;aqm)J5TX&PjgW^<Lq5n#i44@kV;
zq?S0tuBpfCBf|56*;pymhNt}3veYOyDF?5&mS_a!)yc)qi0F~+MAWyZiSdMcSk{ho
zlX&G`*(!m4abikPM8c>8-?j=ybGRsMOaDXOrMQ+ML*uG%v1d)>1yJ3smnv<@(v%w^
zE*}$QFu_K&{$h4(tX#SnBz-uKP^C4%0FVe!98g3cNC5aJL<2gXh{*RF$#7EQJWY<`
ze`qAF309?tD(;HHK8Zcsv>V^~I=M}X9(&M?M5aS8)prF|`>2>+H#hN?x6?kavXzE(
z9}VxCeO*st?9*esw_EduKg(~80e_++1%)rDcGm(=8FgSeFB|h-aAae2D~`g`Rbro`
z<*O{&6XsuG`KjmCRE#-tbE;n+*|6;XdJKYFk1o*!3vqQaq-p&-8LXTM@Jh5^?M!p-
zGNneGM?;Zydy1YocQgN-NEpmn%-4Qlnak^NAxVD-d#pm9F_=r%{<EV^n#m$7kZ$WG
zZc+g9%dZhC!$6^w;-<M7>nD#x-`d_@S)bDY`w6cSLb`VKwmXQxg7XW#NklmUCp)aG
z$C63$3q={FM=*1%7JCMAp4xnj^U(7>H)+3}(MT$=#T%U0NBecs))c?}M@=DJP{slv
z5yIX^w>`Kx9Q||K^9m^{x@xTt!71gDI4Oy-i6vtq-*P>IJ7gxQ*^++m4eu%W9g@LE
z@pcu&adWQjwOr0l74}q!@fC2=>IT$dtlE}Z&d9HH-S)Mu7;e+(GQ}@x`GMd1#$E$u
ze1d(v%IpO5E=gd%s17hP!wu2G!6buEQl7J!ikLxJz%~xujJGR2LFp0ZI;t|X$7r|v
z2XnfQSN36z^cWV$GAZm7=~)k_qi6(t6iZLMpwQ**r-Vt(eVc~Y9e8Cn@3in?Us~ub
zRHWQ_5rv2)5|pa7zxB+Al{1C5p(uh5N5_>_O#+$c)?D6S`9V0#kl=WfSP}y@hWyo~
z$n-*dG9?Js<9Abo7}hDP)hW!x`@a9ZpCmU-e~rza3l@a&hC|j`vH=Ek(WD)`UtN1Y
z=<_{q!VVw3J(d|!a<;QXma+*-4n4m}Q)ko&sX(?otik?M9Fpn8^Wm4vQ8!i{xu>9m
z^kwSg<^@b+nCwUV%wtT(wlU;RGy`RE1;}(8L9w4HY-~1Lkreo977Jm`0jR=6+5@Ut
zw9R?>sCi<)o2u>78&Y;=mokD84-<_ZDX`I&=Md1NAvc}g_7Y*{)k=33w;9PZ>6D|S
zzmqV|GBI;)`|f`WZ4hLKe?b5BGEEHea+W`Sw@aRMT8B`;opVX>jtw2jbh+Z$cF7yj
zFktg5m||e~UDQ!jkgJ%oIvso9N7%N8lR;!SPxnQ9<<20p49S*M{&$~~v|9<B9?u`T
zwJn_7zl1~`SsAW%NwHl#Ub}XE6&USI>1`(lLpz#RX4^!-b3mm=B7u0T;x0#_y5^M^
zG3rSptMbm!5e+BKiJoymuek1nX{i-~^mBnbAd#mhN_`S4+I7kgI&O^mes8?l%%2F(
zwD@e=YM`yGw`<UJU>v*9kVp3mijaY05XIchonYM!;`Q@J)Ai@<{Am$@a8Xc1q<?pa
z#Lo_Kj>W-LH$AyRq6o-2RaK@M+_p*;Hfj;C4_iff_y*ko$RZz{!@cfNX`$0oa_!5$
z&SotS#`~-l0sP<E&7kgQvB4>wzCpoBjUH-*SLlbMJ5$FOFpddo=W9*^s!cWVk}@|9
z6A)`&==qpgvY36{@2;YQO|EI%Nu%ZtN5w<W`?ebAkhQQ^T$&39=~!IMMOtm;;y^0a
z(6!hs_O(A`f5+=@`SR+j9idWkk2IgT(<V$K?#5xtiRdqf087rsQa82E59wO2=Rsy~
zzXyDXi=Smw=sR&<+=VTO31?ouFRZ8d>6fM#UGLNWHs@&pH=KT)pJ#FZQR$zG*QZWq
zH+--eZb>uU$j*&VO4+AAbZ{awnwcJJQAqd#d1UW0IVn^d4&LvWUZ<ODf2^fa%Q9#R
zbKZhzm_YNRa5453e$F9Xy(UjPLl1~g=E)XDQpj`G=HWF0ceL{eR9p1*2FOFXi((*G
z?WcQPD@!eT!fiRsl`E6WLW`p`@fbM=VaAryChV+Pb7=uk%dVL=xr3#C)!9etY7kPO
zr?Y*N%>DtS$Zt2F46}Wag<;m`m$)%*ry@5%b{KZ{rtt-6aIcMdRF*07ZvTx+c{;2%
zYGY9fFx8+Arry~3m6tgAJTVB#bwKCI6&2O>dxz26uN_hJzzrQ;D=Fl;D5W~=-@MaT
z-tj%%QL90;rdX{~B`e7=@2)9vj4Zn%u+`;PyBkaVCd&L5O=xhU=6%;c$6-S~6l{WY
z84y73z<72OHd=sy;B*7*qnUq?0f~GflKLsh?s(IGB>BMCj1fA?;rgQ?=|RMBPwHHL
z(lslsSAy2)Cd%;4FPN5GNkz;>puW=-^|0FnjRTTyxflCVwbUC6&8c)3i;bm;e^TLW
zE?UO3@$i67M<9d82250?8GAN#rfwP^3|g{N^apwH(Rco-^IlPzWdU%dRVLF^NL)T#
z%iF;(XyLTgcf;C5ft{=1ebX1n+W^L^<(vq_9v{c2=L`_{I!8IZ&BGQ}`JDMW^tJH&
zY|Tl|4M}VVXsGIld&HT*Z-joi(%g7cHW0#FIhpkc(qFYnG=@ct9lbS=W0k8CKES#X
z!{7)4Cw}ASAIUaweG5XY_gwtaZ@~h}p7`S7K#RC8;cF(k8F-D%8x_k_t|cL-XLt&I
zu@dkaPVb}{t<~?Ppa_g{kL&C3@og`{VVd4DJjMYBPmF)@t@a0bfRoyWlR(|L#^^Wy
zurnTa<oA=_$x^KLpU}(S7<p%G!raqT=UKyA>w&hgklKS6r2?9zfoQ|+-hJkRFq>1}
z;%}MTjkEY@{3ZGu6!QI^D_AR(Y!0K!e>Q{=up>r?vE_jv_^2S8dPO+GLrmByV|H=C
zdZ#~HT!`U$=|GlluES^sKA!F7VNnrT1Q8;t#ETF~WLK2K{tWnXCDI5|&4FAa{&qWH
zCU)7#CjAr39)^oWjFeFoFdHiWw6_*DQkE$2k0eV7{}o{Z0Y@Wq3s(~Y0T*XG8v|zx
zBLXE0Gg}K=v%k7b!Akd)-svBmrX=7tb+)%LaB?<r<p1A{ndh%DlmB&Pc+znHf5iBY
z`?%w8f&KMnFjUAt)(rM(&4ADLRJBlJC-zm~d6*FqP-t`5;r1BfdIHqS=?%=TNi&_#
zov!WyNjjz3%0p)PlTH(I{;Ne*)yst+3qechh!t*XMw#oCbCctbghHxzt6zQfceo<<
zsrSoPR8}I)OuC~xZ6_KJlV4}QSKeJEw%1ZzSU%>hl!+eUpS0)cbp!%lq5vT|U}8dV
zq(X#aUekAuecI0E$+lbe+h5x0UubRXm5`=4huwEhc{<l{!^dM%ct!9Z*3>hmETsJk
z<)orWG#Lpw65Dr3fznL5Z-KPf6w?w_g9g?3c`2=BLjtZIgY>twOPO4lExrni4F!0y
zUFqf;>7x9=OWI^7zH17aocy3}qZzhsmguE`u$bp}RzbN1XSg5q{F=#0q7I1;s-_mv
z!-yYkD!~a^&voE{^gXel%qew0F}4yuI9sjGw~s-#-vJEzHsASOCpg=uEpO!QN68Im
z`J<3rvhYjiRByXiP(8|m#$_@`f9n#F5js7VMUF?_D~03Yu5S8b^|)*q$dOHKsAlDD
ztAw%&i%!ncqYSLyfKS*c5rhmS9P{sj-n|O%Wwu1*U=i0I@SGx_Mq9W}*-JZ5$Vf|d
zEN+(${A<n;(CP<Svj$oCgbPG?3_H6wr$+gJ9j)Xt=8~RGr7>IgM{%!b(-QxMm=~6U
zWl@y_Y?<no9VJoG(c%kG1lt(wG~oCwb(2qF{yPnU|N62!!Iw`$9CVj*e7zz^OKbpH
zyyrwrYhwbqUt4!@pi8@H(YiD10a@JJVcfZ9;XzF99gj4Uy=dGBhKB!4!#|_-&j$DP
z6F>r52rMUO$3Hw1VwpQT+jG*>o7tPunHkvHnwXmYS^Vhj?W`?~Jm{R=oj+f@jyA1T
zOG-MRFNO%1L*keY|KWb{ItikpWv9gKFby6<$<w!|K|jBRY?9)EThZa}B`<V!+yu3h
zK(SVw2N#cNlmEJ2wb37I_nRU*M-jNY26-p6N_|vunx3*Ju7ykNjI|!CK9K_+*8kbC
zCit<RQ1uO{Gs#ME|0(=CqCEI72yii(hbm|ts(!W(hE)672jKkNfG%t{R`F|OsWw<s
zq@QdcSrUZXaUb&0xEP^@a?0GWlE#*)X+3GuJ;cN2cL5MlI7W#2*tzs)DYaL<1~hC#
zDaQiMQV)(bL&US%ED!ej7)dfXGz2*v86hVtRmX>|NkbNANp?sNM~m+SNtHs&_UH`U
zrx9}IJbH+i^@P7-r6>3orUDHU-En(f>w|u`tZGBh^9;TxZw7!H(q`hf_LwON?n0H1
zdq6TG#2d%BT@W(^U(@^+&8>Hl#W=P-s7PLy@<o0k@b$P!J224j{*uw<+3>-<%}^*G
zR*^INwlhSx5~F6i@{mmLc6h(IQsE)2qyKP5rNRqsKg}RBHWsVAa=W=;#EL<z>Dj)w
zX+n8BDY;6@xe5S)e3&2xEdYlN+|gd7dd?_E@LLb59F9S%l^))}l4z9S?|LhG8;{d9
zA2Dv+({WjFf#;?~f|7b5drauS&n+3u$ixPYXux|ak*HYTz1P4A8lYhl4SKJz<Dp~p
zeZutL!6YX7B!oGn4RYoTg4j9|kP|e!^gyUte|;-{NiVaTls}T;Ar8oy8j6$fnihWp
z$zhPLVejK7jL&2F2h9J{G<TA<&tmmR(U*}Y-!BGE5dlvK4}^)F^<r21e%>$}87yUI
z*iUkSO+hwB0dTR9%ijGemnP|eJX7=E+~Jq>D6uIxwh!NX`pYm#aq`SYRKH`DF4wv<
zv9N^Y*uq}j8|?}<uMJb__g0A1Qqsj-K&5^-jt>d_;5?I^<^<+miOwl!mG<4Rj_SEt
zPW)Dxy~sy)1~n^!Z96*F+X5Y7$EMS(KX2Gi4kG70#EU_bi~2GQNe)~%KxyP%>|5GE
z=_k>o!rMQ{(;-(ffom*T<jC1L4qx68B9meCG8cTebtl##gt)TEm=6h*dlJ_dOcoIP
zKK*_M6_{--_~Z{8ZkLoLd)=VZUM*O-JaCTz8ld9*#aP}G(5a>ZNkrO!v6a&{?}JUq
zj~?jra&hxCh^)2g;`WIC;QgfRY>D_grlY#e9f5$=PiHB#*$8)w5^?G4@${;p5Y=$+
zwF;H%hpb=o!JSS4#CpQ&SZ(}cog$26jSb@V%?ODl2sAOlq2^Q9U?V==$mT7uAGNqz
zNVHg#A1_+=#xcM1S(+tyaUaHn^s{>s)cl%A9CB%4*l}}UX1JK(g)BsSNsVWa^?ZXr
z?Z%?ryrO!EI+TjzyEd6nvt7>!HSfHoS$f3u-d+FN`A<F(AI*Eodp=It`mFHbAI!MT
z1V)R}=;*|4>mKb;?OP7W7@i9@I1w$uax?RP5dr#dh^U!=BBDF?0?4ltE||cA_;7M@
zRHa+s^gqXlfPQsMVJ_V}Tqe0aMCO*sSWEhlj1q*7VH;;e7|?Pqzf|NeORl=lsWqp3
z_5AHlF93GBoWL6&oYny>Z@%2P33hSyGIm6Xu|HM8YcKMFw$f3rT7P7+-ewW3{l)mr
z#g2-FdnV{gHw<FlFS;|{Ihyo&P^y^2JxbdeNn1!I+6Ig2X&;6XnvY=01iGzqW)n@2
zY-WSR%Yz%$gZtFy(JLfZX8Z@-ylLZ-0s{`SB=AtXK1ms@ieB)s_^}e@t;muD?02Rg
zSkiUJ*hcHd3Y|Xwc9?c<`a2QM1^Axysw9=Gl|PS9f{qe=HZ>L|@TMHky-)w=AF0Lq
z`Gp|RowoohlW3xrfGm;?HvUZ{Bk>L4^}6pezcA_RX>9>H@%9pdG~Y67Mi1x#HBig>
z61?e{|Ff2M&1bC$!p4nB)RG_^c|f)xq94tyx2)%nL29R}n)cG5o_tb3wiyJi9LS-5
z41(1*5_t{zQojlc%76Xc|C(Xi1E0nEq)hV6XrhpFj1fLuEqw)F9Bam6bDLG9Epo%a
z$ocV5Q<I)qV1#Q(ubdG3%B`c`inBQjnCKM0<vcHx-KbYrzh>q@65?Q-V6(69urj)+
z8T?R08o<E(9k85eAa0KKHta;=t?ygLmz=r%7Mx(!f8<*Uj^7=|lNuIa5$zbf$fyHP
zv@3+5d&8fMgoE9wfC_Sgfvr~x7fOvzbU&-~Hn3`O?G_%7WB;`a+!02aLfqEii}nST
z(A6`@MTqX8H1R=b(R4ZEdN|6{a*RVZQYdjmvf1L5c(>Yq%^a}(bTuab)`KYXWdr5I
zE=#U<((V8eJ!c?kZP;z(Z}00Te3Zlbi4^gNy?a9Y2+xDLpH#w(5Sdkq5g(c7T-6sU
za^y;0edHl_GjUZ%c270%?RRsX@ma`sppz#%M9dDg1;A9_rGDi4Z@hyPgA0xhWUQn|
zk`ygfdy2rrUS^p^hL%2cw6=VN8`xpj;T*x{+Z@1AuV5{7fH10hftI~_OkH+gCxA*O
zsdY~b2UCg)*=9nF6D^kxL4iYBZ?=CUQ}!#ZIiMYfMGCYQvBjlLQ{%_^+HcJUf%CeY
zv5nUj2U46+lZ+{uwSGf)PjHn!7gRY)N20j1QP0SZRilO<b+6ARN<il`;iSIzUGx~8
z>xgqZeYw|xE8Wps+EuksHn_t*y21$~ag7Xq^<TIl|7+)W-+TNd#3yDmVqp4Pe~S+w
z+b^(L4g*tHw3aJywJM6X@fuBI50LHqL~~dW-vYYkcMjg#@?`r!3-Wg`eeV3o|2krH
z-#hy(c0y@<y+lzsre}l*2(s6xnE@IM*HXD=o5fTX6FNP(mX5|98)I|We){sP#mQil
z<&d9d!2oPl-r~<{3WWV!(fD*gq{@KbscA(pyPKC4FB5Nj;%8e!6I%HLG*x2n(I&dJ
zg^t+`ZlkPkFDsA6>uH>Z64DvUCIf*xyiZC<iIFhRIoFXKLO1Mzv<CMjZ`R<rTBxWy
z5NiQ)W~X#@t4MXC8)tPCr@6XpL&hhMEoy||6jSb}Qh|~66pKnMD}AGN#<H3!^Sh`9
z?(%(q0CCe#`(_i2d28)U8EJ)J>@hIwqdAW%lR<}W^2wB$!Mk>5`(NHvaK^Huhczvi
zv2b!D%M8U>-V3w0%W7uwu={TJjMa=zIp4m#w`x4lL7dwd$FWE{sXr*FlHr-BSwq|)
zmy5x;qt#J_XVdcWI)$?x6(^*D0n%`R=1AE+6fF4lj8cLz<CHjq8k{*U?;S?7Q%Ca}
zEBiv74^}%XM{T(Y9lqkt96v(7h`Wa=A!y$&tYRiNDoY$cG2_h(L@Erb85JsI?qgr;
zqD=ur!CGQ{mV1t`{2IJ+g#D!oAO-x#)%GPWG(!_l6jLW0^uOdO1cKLX^IGihE&Cg4
zU!yeFLP|SvRm{;+zR~w%%Kcg0tm<M0(P0xj7eRX3wlWq7<J}AFfvV3$YOy3a3AQv&
zA4AKLC?|N${^Itz^UIa8HU8Q8+bAX3lsX~YFFXQ#xmtd1&-|o|WJ>FbSSqi*Mgvis
ztW$|p)?%KXmJD#b-a=ANfxmaVeBk>nrF{32$RtPbI@0`sQnk-%v@J5cg@ca4OAb#n
z^9pWVs~`H)G89#C=%Ha%Tkoq&(3%w|t}5NWmV^-~Iv>kIKooIB5dz|pQ2FhipWZd2
zzdIuBM>8I@?OK;zsk?&W`ihUbiO79^|H=U=dY)UlcV@y<7$=T>-MIjg^rV+)(CgqT
zB45;yTg4k()Vbk=pR+_^$I*qdsFOQzWn$Ncuk$g?9{e6z#~zOyHO>2_Q#^Q0TQs@^
z`l+zfyG09v?9Nw=dU{%rM>9-H%JGQJbMR~(C01HKEsce+ppb%HRpmz&8c`YB@Ea;V
zxZmwku$cE!k~VL1U<+I^tdAiey37*DMBTba8+T|adUDHVLhnH2BE46dJ)9QjG>-J%
zQu_gdCfsMDo8P6UF7%IEn&`z!lW`R8+<F;*snpX!nHIcolJ}fr=(+?we$TgKR4=uF
z3P<5XU~K<sk;>$ziwLY8Xd^s?3s=bbj%Af-g_ulK*2CX$$j<MnQ!GY{1s=@O2+ck;
z?sLea%8r`Oe0Z5pPTfW<!sY1O77`3^Xjp;%c*jLvM`%R{vtXU^>q_znZdj?!AU!kK
z5vqY9AUSAxmdNOXlk}gRpG(dBPcG*1|Cx(@ZuyV^axmaerv8(Q{b#?2hWgij|6j3~
zU0rUU$w#yCq$0vQc@VTZyJvpUSN}7yVTPkXHk7CGi(<+c5q$oMeccK4vD=31T#e#Z
zeSiAlV~h~XD_Q;QvYAc(x7MavjRAjuIHTVi{DifJ)2Tyi17GTYhFbrW3&p~+OGWhE
z6u(B`?R+o~els60HM>7|vD3iHt0`IZIyqyds~dcng5B5A{E^KOvDMhNEmH4oTy64v
zU4XWoZg1C+N4@EQnwg4ns@`YwH6)KtD19mX7=MiRK{BR8P6_n55J-0SRWp*LLy@tC
zQ{k!BvRcRWQIp?eC60m!VkI8hQLMdsa!n~)@r46AGB7O=ff*v#qPaT}H!w0JQlbjv
zy;6TaR`J{^^hNk=uEN=KDdm0!XttLa5zBcU4+<a5%ME3QDE$OeEm*)`fg@=%phlOw
zi9YABT1=XL#XXjaHOIy#mRnv^EZh*5#~~o;$T<46>!3^>beW=%Uh4R4X_339mv!wH
z6Tw3M@aNtla%lJ_l?n@?o<!`57LURe7mj&G7Jzd_v9%ehQzb6!hfP-B)#c(H*RR@s
z?N%6?clN$iaHjCC7(1aWbY8rkeLE#~2HB`ebWSmmk_zVUGFG!?1MG=y3yitzRw|c3
zE1KXI+uKMq#9H6kr94LByT*9;Fcu;mHWBo}sX@6xOANC%Q-nE;b;1pY@i6O^p#-6`
za#sVe1OCiEkblmp|0<GPC9>S-%=-5^wU7ZK;KxBL3s$$RQwL5etz{?$ViC=P0X>t)
z>I5_(1ce{=gVAF)$}lIwdoC?fPBY1>c0Tv+7fJNZpXK+hNZ^V>JR%68&Y!Bf-Twz6
zQn5IAZ{;FCpf@T%Z;s@6b8EnI5HMSNDmo^p;*w@L0lD8<!(5G^$6{GX?VU$@w*#p}
zPVJlTPT_zm7a+)uxqeqS)ZEM69UJdHMcL_R>YEH>hY1n|pG`xwATgmo+T;t&=Ob`j
z5wAiY^O|@3n}`5JrX;6^#5l^Y9Rf&#zK3N-Z9Ds04=dn>g<9Em?dauK(K>>)87*DF
z5%`l=JNq=6aI;=}qBL8OQ%N|->N(3(!%-*!CTlYBQ~Ao$XgQ|9=-QpaTB0`}Nx)T$
z9Sss3i_{fAIt1syd}d;lPlHp*muMOZk=+mn2Hlq0hOe=*4^`r|GKrYanh=?csqO%Z
z=_bG^NQG%A5u8`+;TAneqhaLbW99c&42<uv;z_c;SX%UJ&XPO^XSh?1OE-ocD7Cx-
z&|&(=XGzHbz8-?p9O`_ql~u9BIOtW0vMC_;D~XZZaEb6;xH%B_k@fu5k^B&g^&@fR
z_l*&aNzf9yak=936_{Fq=RPBsT=zClRDes@DcOv|(*v<;R=yrt&CZK#Pko4pq5`=2
zL+6c(uHv(2`^Bkh>a1(o5WPR&!+(tYZ!98L%AWa2$iHI|3K&4PzH%6fG0YpFtM74x
zg9)e)@j3k-kS+5Y1^_WIJ!XxC8N6sX%a4NZr|{Rv|E942;8w~$`C07WDePkk0iXyU
zC@WMHIt@Vuju$4peSjf?*0!Q1YYym3ueONfqkLxw(8-4*Gf0VTAiO_r^&M%P1R<TK
zw$ilufbB1=Uui&6cW4>Vl0pdbe04BABiMIBRI07HzpAx{Q@HX{C0`F}Jk>mnVCc9x
z8|q|yLzr~1PGTUHmJ;iP&>?Yhi$(dRQK=Gyv`L1K^b2CUB0|=J>9XI<11IWAc=;uP
z-zxCMWM&8RuT-MlC8g8#ie($hXXj_qGQA^J{lXf_Yl%B6ctOP(!F$QOh@oH9KWI24
zk*(v-aQOh%M^G?G9&!)x?8fx%d#icQ&{bDrT%*()XeVwpojt;p`7%_bexPfc^uOk2
z@_7ai_Mn)_XgH5IK(nBV^2Eml<J{8_GdmRVBor$2?fqbBni7m%A=DKgAp6$q+hMWu
zA_O-Aau4MKcoxWn0{VU&JpPslO2_DS{pL=sapHC8NEDB{5vVuq-q;UE5;V<ZXRddc
zMRN_^Tszt_K<C=EdJ5(Qxp3GV#yp!0TgVUsWt;9K=*qAr;F&yR-~cDuNhjvo6gIz{
zJn^$mp)O~na0O|;<Gmn+ZtNGm#4G5DCH{(+NS5am<5V<<_!XF1O{|XtzF#n8P+8Ul
zf}k)`4ihUuq0KPn!Z!hH=xW_r+_l6I+`s`ENNp}pZhSm2XjTo1<pfNF;?*|uxR!xz
zD-&WD1Ycqm3hYU%t)hJjU1yPz{c_Z%mTJG9Duk@@HPWk?tjXQ+vFw~R$1Ho|m=ruG
z?(csN1{vbA^owy?zaUaFkV$<Qym&M=Aow=XbC{!E@@)s-qVpp^c@T7z?K`&j=VGQh
z;(w(PGUx_(u)g)dh;?i!?T*52t-*hW9Q2SkOov0)pW&w<9CLBGbaqmyc-q#P5A)6V
zpsWMQ3vm$OrixB)f}4nGZbG+AK{U&h4vfb<Eh1M)BV*zI1$BJ3magaNttq?BGq1py
zT_j_ZGUzBp-T`=qk1ZB9s2~^mB4&M20D!XR`_MzOcY=~bgYwa{lsxmR5=Bvgp^)2A
zJLO~j71UB9ux=Npy^$M{eh*YnQrTr)CQ`IOqX%avAi(|WA~L#US?!e-(e!4ybG6Zy
zF-hcRvSl4vn0udeN8~MyHza!irGm0y^g_N!U9y{YZOM&mrjpcGcaD#OOb0Z-8mJ>0
zT2WpM$83`@TM$_r$@C5foUkTHS*5zJ{jgtaGw#Br|DdA&$u0_=U?}0Fo+&+N^j6y9
zN}15Htdd2q*wT`Dug*L+3hPnN)zI}W5-rEXBzCa_+{#4F7#lKL{u@Q4W5Lwc-ELXk
zbA|w&O-<5PJ*!^&u#fzgiF_Wdm2kXVcQK&MC`;<$c(z3O&ld4lk<%_d6?rCHu#)D8
zDzX~G=-G=vDTp!myVwa!*Wz0INY)L>RG5o{MdzzM+#a=hz`iSJQj>?>t6QgemA7M4
z?eVuFUukTEI8tdcYBa58hjCNFbD&~lJKDl3CkFTEUxNeJ$<fwAG6@W5h2_&~-E`kC
z)bU&fTie)R#qzXJ%A*#icUd(cxz}UvlT&NvRCQgQH}PXCfTf~$7mSM(c)}rj#E8}g
zWkBw$n);+3y^@dp5Pa3_7%mJX7PAsh&>4rM^<<&=dhyGL8XkxUD9|r-IUz{fCFdGW
z?^gz?el0TP<3%@1`1$Ww7a0s&=cKXGf8RDy*JOZK8g?ySJu#@D#KTi(w%u&9v6P?e
zLX+$~{OTu|24telv|SsA|LuqKnUIu}E$fvjYIJ0HsaW4xaVh4~+(Psu76<M`{{zj4
zqB@0oV7^0~0Ab4fWd?lnwg3)1`8un|cBquz$V2+5F}#zhw@du!)T~W5uDoW4f84E&
zFengao#Jiv4t!;e%W(jo`DPx->bwJ(@#*4EWITO~qd>Dd0}zWnU<9mJAFC}?0hk9E
zPuOk6+qXFho~_ZS1)dzELeh~cMp=g~mB%w7_^P%3{^X{jQF{$f%rT2Pa_338U)7K{
zcHq)$%>Ek$@BZB#LiUFCbb5Q8r?=gUZZkP3R!=8NDhn+tKqFB9D6;tfTP()*Cl+)2
zE7SkyRP6H}8RX|ZGPys1{q<!8s0_gW^&VN2c%`9eyo!>`A0GSqQU<8cX+-3k2#T6c
z_jlV`VEAr4Ai<FZCMAAm?34HP$8ALNy!UQgQFRZ!3CRv|U?&piao5zT{zU(VGJxj%
z-Q_EfEZceWWPL}1s5pWu(%5^G4{-9K$xKn}uK-2<DQM)y>(@Rr-D#^I(baM6>M__f
zQ~V%ai(hK=aWo?ofw)pB-wv)=q^4OuP-1tKf2+H#am{re`)0-a)EB&TV-J-*``;*=
z9W4OILS9L1Z2g$kcf(jrw<mi&6lc7DkxbIR7=d)Lnkn4d9Zrg@zo`x@<HhvAfC^^^
z4z$AnRt(My0Dr%6ss~Sbq&=K2kMTw?I~6A6dBoxx3r%hb4AuuL|N4BL$gwd)Nschp
z4(3`Mo0BCS3Z#&_XqDpN{n6u{Xa%)gZm)N`AW=88W>-*FH0Nk|lyc2?-)XEbgr2|L
z=WizUTeW)vMzy}UU@73Pu-@zv>-N|EH8wSY!e)TxffW*krGn+@W3NR9?Y(bw-?}(h
zfOp_D_2CfRg6OnAdI*NiedCK$#81H|0p_n;VqUi9GG{Zm0w<swT~!02r{8yCnPQQ*
zi_VUcUwMs{k`4?=eaJDQ2CxM|-<nN!<ylzrd35_8W5Otp>oGi*ep(K^3rjOZc1U{(
zk3UMuQSK{*ZhtR`8AsH(!c_*UqAUDHECoI(J!X(*@hQxI(gzfze*`A&=IT>m{vC^P
zeF0=Z28A<rzR?O-FX!U?)^T1t(k;^hWMX9k04wM%5k$==qh0s)@9rCMntyEw_)oDv
zK>mrv<kD`5{{LdJU{Qp3%J(X=*CU^5ZaaV4%%}XY+~rF-igx8bpx#Z(k1C@Jo^Q4g
zGGXtT(?h^wIwA|)P`Yg8X))=u?&tRE4J&mCJ=8-YCt0ptXJP&aCQllnu`L)B+uaVM
zRDuQb=H7_kg*u8fB%*iJRn|Qs^daKjWd3M;rhOCUhRRctXlKeUB;%{PN}z8jJ3hx*
zQZEF5h5p6sYNrxP%(tkQep5{mbA&*txF~tfI^1Qj6e34M0c^t`lrPz<5zh_1;=;Xm
zQfI&L>r<ARvzA!i<j@IL7?k0aF{2ZGq;gi+S04m_>5(aOxJaR7L@(nVac1OvXhb*Z
zI>cL*kvJuIC=m0b;WHrZ)Y4%^I(q>7|2B(H+NPx_+Vr`qnb0<zj1iMSv}xfNY;Al*
zLB#+QP9|!774lSM1Fo{gRJH=m$oUQ)8y>%)sze29FdB7P?_v3J+9sx=@1k35%7cB$
znS0;;P`}-fJQ48)j`MA|t>`-e74vFf_v4mY`c7%f6U{m)xPboEUf0pZp_TcU12r{o
zEZ{jWil0BMp?6c{BZo&mhGKa1J8a0FS^buiFLSLHy8Ug#&bJJ-qxxE~%Nrpj(69JK
zbH^E}xf19DXkn!zWc@G3hr(I4dr5>;1+Cj#MW4E_Y8n)kYqgfX5#%VsxEr3!fr4+b
zZjC<?^Uic!=KO`}Z%*+KndyMuPcr|VQ^Z&Q$tn1l_SZXNaEzSbW0hz}Y_HQ%HnM5`
zEL&&bA1{mE1VRwaRJdrFkd`KZ<o%qusn+>LEZJcSIiQ-E$??*<3Rn9geHN=}`S*k?
z=p`N7?#~qUm_fepfjMbI;}>T9=!y!_$H<8k*c46`sq(WLT_5|MWfxSrIyE40@#P$k
zes}5H=1inYDsG;v>k<|zLy@x%9TFI@%a^CGgR1bsIaz7$<uFz;3*7GY<vPj64_>Q%
zGUD|l@0W?DkL<No$DFNDEI}^OUA>Yi_7v3qH&@zgic`x`DX^C?cx>)@$(0QH!N^ae
z0`%VG)Z%erU&)aDhye9XIbZU>AuIHkIM4p`zkNnI|N2BAH=m!VgN;aW4Cl#M)gR#v
zHN4TXsKPrVPAyW;YZE#+i;n%=EAnYqz79kw7))Z$B9{0z8!a=Dtxlxz0}a)76NM>h
zj?P5G@k!}K3nsmF<xN84gdC}$wXy((k8ab?bBg>ulfb<fCYg>7oZXJ!fa8MIRXq3t
z$#IDinO>&_8^PlYF3NgW;SwtzS<`+*!dG?a&7nf%ogjDTL9@m;A$A8o#WWi(GvLy*
z4b6aQhj8ah3Bt0kev_7L;qq3uTeRT7r3u(h>8U9zR5Lz`<Qk8b>28gIX(7M+(ql;D
zY7c1p6C(;umlE400)$Lm{RA0g8f-7glDB4e63}7n`<8DMiyhrmnsV`1e9KpaUDz%>
zo#jeWKw=`C*Xo>@lNF2r6Kf2607ffxiO?5t-8+8<#Km<a;q2eDa^Z15v}oymzaA4)
z(n(>1y=r7N`Uvf2%O;oaoj2BY>J*9NYX*2~N#Im*`2+W{A=T6AxkcV|DaPnWd50$6
zuaQ5J>yj}V7D$2S<IN^lavl6?lL{Q)g)VbWSl&jb>&JuPaqna<;%^1osmnBLRdG+=
zKW`XT_ttC`Tq6l(!Sa}a=RmyKfdNhdVWc(x@?m)wSl9jtCgtm6@c^WCrwN3i2;;~i
z4NS(yE^EW0v^Ks0p2J)GjtlR&oV!+I1<?vx=ssIo4(EgE-Sy;j;gTyI_+N<pv+bq>
zSAQac)Uf}7TJsiI<%RHucJR>r^z$3A2bK7?x2A;v)Sp8iR^@~Tht|_7tR91;XOxo3
z^BG7+P02D_46$4hujIYTsz#ap%@raJlv@xNTf|4e^T`bJK!NE#&SJ~UQZByT2#ufj
zlR~SiMKc7GhprYSgQKq^u$rr%SgJ|6X~NNTw8@Or7SP!tbw!aV*8T@55=C1fqw3t?
znj^EK8O<U8fvb04@l2DM$6a!aB>=+KHH5ZZ!_K%bb%zWUeyVM}1uUe`>pA8=m)XZ1
zlxz~Bff*hh*dt;vcfjs-_BD@6sTyMRF%TA(DTC}PJ@Bo$e`eIs>mIBqqOz5FhpYBd
zYuh3Tc>c>C%KdxAl4!<#NET-@sF7R!o{E`p7y}rStL}rd&p!PxGWm`JKdqqi+mQ;r
z0mFuB)N#}ci(@o{DK~pcqXN1>(*pjTMe|6*<$m|zG*E6FWT8#nDvGS!27_oTE?UfA
zX-{<g5!OQZtX|}}3n89ZnHl9@v6u319f}BLN54Ec5#ODWCFi0*%!*yYPjwx~Dzc05
z6Ck@22DvM0I;4KhL(Lep0GeSzP&X(1=0!y0+&dxno}u-n3DqPX7bu<<h@N(fgP$O2
z{baMu{?aM19%FN5PX{Z`u2ZI3kCVXeAT9H5F^dRapEY75_vE?OLzC3pKW%K2+j?xT
zC(L~?S}-Q&UsL-(fv{Y9e#a*w|4tQcIT7A@(h8GeIJ{E?_w>F@Sc<_$QRfLv0!_gT
zjNr5`Q82+kZ_Hf#xJiaw=?mu2$Ogw0l7VjTiZ}>(kDls~wopJB%7O;{rlF{FE<DCh
zjT~3%6FLt8>ojdB3H_ll(yp%0h1)5nkAh)biVeP%uFU;3CjIWL(p|g1e^JGgQ~-Pq
z3nus`(x}J)YC)Z|09hiX7kK346u(n%Bq&g<MSNbSk+|I&XXflmu=I_ki#DT`*cpSr
z3<HbNEf{N)D<dWptkA%Pv4q%e4Hgk3bguv}BIxZj54HyE9l9F3r2M!P$h;)YRQ?8)
z0GGHjN63G*G|t&&He*!mMx6pcXe~hd9;eq4RCgiOLh@3SO5yKHImD1DszTVlF3=__
zQ?e<5$a>Q&)s*8^@#NlDy#+0c#_9>BAWLd5A<0SU#{h0@p0CopmdepQ$K5g*tuncx
ziia3lDw#TRE}e=*C?5mmYO<H$s)Rt*@?IINBv_N-88rCS+*yq@L2?8{&#NZ{Ygcyu
z!|<jb;a%Aw4M*#6E5`)52omGOy?dUce3n#YJyOM5Dg2FH!*Y1d=Fdg*q{l;|$^gGb
zRZ`gaBiR;@v9!|Zy3#_ukWDZqK7(@EcIDs;>`W*RjRW!cZY1?N|M6>0<(Nn(0!1d>
brdCAhOIaZ?EP#O}tQ%dkE8h6nXBYWjjwlbW

diff --git a/scripts_debian/keys/debian-wheezy-archive-keyring.gpg b/scripts_debian/keys/debian-wheezy-archive-keyring.gpg
deleted file mode 100644
index 6db1f3a93c12bc0225f7156a59cc5833753d5328..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 3569
zcmYk8XFMAW*M}n_R*TlANVWFXQnU6dTD3PpBr#&eh)tCsW>H(zYVB34Hl>PEHEPvt
zZK7^!d-Q(a_xC=Z&X;rk=gajw*U13h1U<{#eNRLK7{w}A2(I(TR596~20#p6i03D0
zY)Z6G%p`xx{eAySl(z@6?cDw5s(@+OPajZf1IF##w+&Gl=-E)S5nmjv!wOB}(%}|h
zuxRucbiBJmRN~+!R8;9D=7(GO*t?&Gb5YTKCB{%xHe%8toUm)k?)|a3<<Sj|Hx{&I
zu@fUJl4fLbvvEgh8P#LP);{QYj<|B5Hg09yq4>ExmaJ2QbLOKi@lj<%xAt*B+C~U<
zu!)=4E>vqGH)WGiyidpGDY-%yM_FI}A5I7_<F2&~Dc6T5WA$4{-#_v%Ogt!H$2Dq&
zg#N55hW5MQGard0EWu38#i$JWeM+V`q2+w+?4}P<^9`;}dc*AuPukW*LzFX#V1^Ht
zYLYnOU!%8Gw6#%^1V?&Y4ECKy_jbuU=E<>f+%StY+fdIR!B6_8yr$s=9!W}f)4%Oy
zQ#CFr-J#-{mBcJXYTJDJlQrN#<>eUYojma6t7{&co_T9%(t)cgh={pX|DbA_s-oI^
zBTNA?|Au(_n+J)**2It7?6%1DaCj}07`Y0hW;qXXUZhu|{6pz~V@dzuVoXbZaUgbF
z9&ca7^{G<)smG$x@wN(8<xEdcT0`-GyO}@pXJjo8didEw6`89WSZC&8=p5uSw4+tU
z-OgRuX0>hWpku;!6i@4XvT0y6-eg4di5zf?2tZV?sS2}0LQxPUPkRK?2L@5{M!UH}
z(MWrU0TPZvqTmp17zV=oNLW<F7XgF$WB4F)j%asRs23XMsp#<Uu&|pa{Bbn!F^HCk
z48ThQ{0kV6m6(K_nmii-rX(jLB?f}&$$;b(lpqEmF%giR2*?-;pdhD-)vT~nPc|~}
zzUHyJJH1z6M^H_#0aDzs^>d}AiBjP=h75dLX;|w=_D`Pfo}{@L`OB_30)I!}h04=D
zY1Wi`Z{(_Ljeju4)All;6TC&`pFY}Y9Ik79rLIYBeCzXNLl7`+4K`Zbybz|Z_=V#3
z#Qu3V+<L_MHLfa2$~2Bu@QWgGzyw{j?H%)IeInTmzKdT33GESyE84_m!$VWw8QHP6
zjo{qmpt{1d4%WWX)6n0B@bz(EA{jwzZt?Y3TVJM$EO+knHBIrOvnQ#xyPwFsokxpS
zSNc<9>V8*6l|E+1Fp*=WfZ=XTK>dg}Vc^T(UUlH~W1+Q?vbaFT(k<1y^2aQ)pCi+n
z!Xs=+%0y51Q>5oc`FN<md?4{DNyO*sL=rvEm~c+_2)ybHOmQZkDs#8l8rQ1rn{g{F
zEgti<TTkCtIBIjSRbecc>JEi#9~yTIQ5x5k6i$ZyQ&b1vV>wtj+GiDjJf9CU|K)s(
z*Xg;_)^QgyTj(el*FCFA5*8RfBCyscJgz<x%J`DW_2~VXSM(3%6Qzfuiy8qagzokz
zo6;s|uD!B1aw}mu@j>G4rQ+@NwDZRf2C2WGTtPfcvAwLypo>P>ik^f-fxLD1aa<JN
zMjaDo@`qFJrK*ltOsh_S>fo{VGrphCBbO2i;|6KW2yBK#mBK~w_q4&oI-jAL$Z8;f
z7^@DVy#)k-|1$KO@Rtw|>q&fYK+J$F9Uz<R1y;Q6LP)i0D*w)*6?$gfy3_)Y!;%94
zd}nNm=4{*?Xg{jE^qWgEzs>?g1FyrbffW54cECx>;)V9S=J_rQ0*!W;5fOpA!-e5c
z6bk0(DC__ead&e;+GB*#e(1kzXBkE;YPh(1Bh;xc`7SHD&)0*h<lI7qa!v}O@~8Hm
z@qRGuChD4Zx~jC_m5)b}>PB7WjPwCDtklNk$gLlhWyWQF_1kebt^Z#8s#Bm(Z8O)W
zeLE`j7wp6=GO>w?cd5f;fM2=r8zPV<L8Z0WObfScYBY<9wk1uv(49~O<hVC5&l#Ph
zs<)-Dkcpq08ifZ(N^wYUr*@GlmfP;0Pq!J+#>K~;^*EZVA*jQ(lVbH`YT2ep(m6ft
zlvwRv^PS~QN1xVrX{vVpqrJVrQI|g1m^&$P@r)7jUCfZmkQtW}q>cYBHT_3<!G_yV
z+FP488#l$iE|ZPFGQ%}kdn7xT-uHTid45lkfkW)pa*Z%c3>pIrJ%lHxE(!4#&j%5z
zhb--e<21BrT$>b?o8KSP(le2$rg1i(tN80b0#>4!4V^*R_ylkwHhJ9GfFA@Mh~2Bh
zIGt^^Xc*agTbDS>v+l{{A9ehxTdGeRil)0MbFtD=oB-i}I33<`yl9fO{I2OlaFz?K
zWJ_3WU*BDGM$r8-F$rV=js@`kc<n;5lCBri|LLkPPTscFmHSjOWGZbh-+8<v6cx3z
z2(^suZelHaPo~94P*l$!6c><vB@!ldLnr!a=<Z-2R?@QTzKXH3%ZFz5lMX_4y}n_M
z#bi7LuTSY`xAP1HUX)xMJh}IHv~>^v7pCU__hy;H4@>ZYyq}qN#IfM3^Do)8Uh9Oz
zAQ9!4mAp3=l8t+ol0&}nbT`+~xjH(6N$1U<1R@PL2B}EfF0)nkoM!JO?F(JBcWozW
z#+-601#h4*Ryh_<-XGl<N%_QmEQ)shRZPH_+`iEleZb4-6E_Pq8(Q+s3Q8%gY;%I?
z@Ty6CX}M_?(opIJ`(m%cEcTpJ!NnUA;8PE-5s#V*h6cO0Xca*y^=EG;exXueB>co}
zARup^rrEvBBaZG({5|=r6yMPHheQzUVTsSdV+RiNUvO!DVd+elV?UhgNayYjmOK9A
z)Y#`_^vw)hM2vL*#2uO*{2g*z4J)?c3|g&%C$yr<!!NULBu~<Q-7F1ZY^?1x8cynP
zW_;l0U(zOs{<<`se$e4@8MSL#O#t*e@XRWfsx&&>A49Pe=6?_qxj%A5AGvzpbk<Z5
zb;|5H$1O8f)*_jL8ZNy|Xw&IbUqZ>X?;e*NDt1Jy4c<Xr{s~|Hq&74wIfe9hJvM9g
z#u?sntk+t7&RQa23G^-}omYK9AWK&)wEV{10%aD9t3r;agE$+L;t?$9FZ>Z8J{85+
zvR&n#k(*JL^a1CEuJKx3N8G1D4>zU?xQW7DatQp@gY-4JiR%;ld8^;4qT+_7Fu@d`
zJUQ07ve!<^V0&g_(hO`BbPmL*e>VR0W;D<T#Cv^QY)OCyJmFJjY{Z5Lq!+~b+LhPE
z+Y9CZadh*9c>S+K-B2zVVTd6D27#gMJu&WRq#Fw2<!$%3-xulyLBV`ro)9Do4MRCx
zkD}cmcCdd_g#X);mSHr2eA}{4lg-W#?;b-XFU__|IW19~0^nQg=?>X<LWZesn#_yM
zzopmh^#M7Z4y1(v?`Vh`wg%LX>&vE;(oTOHr*HP)i*`1Zr{dWHh|^Qe1(T?lAyU#h
z4jWdaSyQ9a^dL`l#@1VQC*jfP15C^G-3{&6JXqB;7t8JU2Ysh1Wl{LNg+;F;24h)K
z*Ra(6yF&vRF`{=jt%kqRoYDyL=muXk3YYJ?v)g^3EYSFXptaU|lYUMGr-6;;ok$B&
zX_9hJYh>;y;zM`@5NzhI848B4nS;tM?bFn$R{e_-ycI-6>@SuMv6Y^`NV9zRWOO8X
zbB4-=v29<MblSgLm}B>tbKnSWw<@DksVz+(zbxricG)AFS0*<ex-`S>_8%Fix*IgV
zT?^D>_q1TwU<;n({&ldNI#@8`F?M#k{uYN^%Wg;R^gU&@qPWsJFQ>5OXn6UUuac{k
z#$<#k-q1wrDG?B`kCc=8o_aYAu`82yWZXS=WWg&G2zWFv3$W_l-YV}R4A|tp9|@Hb
z&YNNz$2l}rOgxq&**?{sCsS*XNwoq^1pZW8O>D|!a{ibO2j*_%c`fZdN{yIMOSU><
zk=&kR@^i`D!wW2#l3pZ+@jRhF{b!stD9J6*HS5snj!8C7Fo+d?rtEC0ruy0P?fw3m
zL~YLpi7%}UQGYEN4denbUBgHHf3Mb!|9Q3kn-yzv>MM1Q@{89!c@nkg8?5<}bF~BD
z(Hac}ehQsdnIt&~Pl*P6CP@v~0@?m%zxY1boIYeVl=P*1r{_@DLwnR#fz#rilYUBt
zDF3i;bX-F0dFap_F?jR^duK^)%Exoh{Ssk;cB*^?;UA-b5Lv=`jcTMp;*nmSzeY0g
zkPmseHITCu+j=(xKNe|f0N~i?Y1fdN$9{h*VF2#Qc~L~G??=td-*>VY6fK`Po2ZTL
zD@{u%bE~i#T6n|3d#3#OnTIkfjYNB7!%V*x?&iwc6=8@@buo?|OBq3eeqZ>f{~~e{
z9bd!>RJ5w#Zl0Z>j8y27!}K2cINjRs)HyP(#y;EEepMZDv4x@QF29xcObdf{u7WCg
z4`v6u{!I6VEyL!fRN5w6O4|+qHOtn7A_*JBTcj&A7O9@$Bmm*&#}|EBJ<QD9wP3J2
z;?>fy@QTecSNy{{?;plB$t}R60IFBM&(qUfz1ZAVT{w{C-4RT)P(iO`>FA#8rv!iK
zE+Y3cEL~tBfyHKpPCbK^*}Na5(SZK(Va0|J$5|&HXTPUQ4Gy88)NI~-%V60^Dv5{2
z%*g$?EIKbDsz7p(M_4vDh8c~TgWNOZ<P?m4PfFcO+CkI`FI$QC7Gk-}$`<r|Z}K35
f>$BhK{5G<iK@Fbx+u{dWL!HM(SAKbf{AJ}oGmftB


From 356f49d779453a89ee50049a4931b5e1fa844a91 Mon Sep 17 00:00:00 2001
From: Jason Mehring <nrgaway@gmail.com>
Date: Tue, 11 Nov 2014 13:39:27 -0500
Subject: [PATCH 8/9] whonix: Changes to allow secure update

---
 .../lib/whonix/init/qubes-whonix-firewall.sh  | 22 ++++++++++---------
 .../lib/whonix/init/qubes-whonix-firewall.sh  | 22 ++++++++++---------
 .../wheezy+whonix/04_install_qubes_post.sh    |  5 +++++
 3 files changed, 29 insertions(+), 20 deletions(-)

diff --git a/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/qubes-whonix-firewall.sh b/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/qubes-whonix-firewall.sh
index 6863a9e..50c5cbc 100755
--- a/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/qubes-whonix-firewall.sh
+++ b/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/init/qubes-whonix-firewall.sh
@@ -2,16 +2,16 @@
 
 . /usr/lib/whonix/utility_functions
 
+if [ -x /usr/sbin/xenstore-read ]; then
+    XENSTORE_READ="/usr/sbin/xenstore-read"
+else
+    XENSTORE_READ="/usr/bin/xenstore-read"
+fi
+
+# Make sure IP forwarding is disabled
+echo "0" > /proc/sys/net/ipv4/ip_forward
+
 if [ "${WHONIX}" != "template" ]; then
-    # Make sure IP forwarding is disabled
-    echo "0" > /proc/sys/net/ipv4/ip_forward
-
-    if [ -x /usr/sbin/xenstore-read ]; then
-        XENSTORE_READ="/usr/sbin/xenstore-read"
-    else
-        XENSTORE_READ="/usr/bin/xenstore-read"
-    fi
-
     ip=$(${XENSTORE_READ} qubes-netvm-gateway 2> /dev/null)
 
     # Start Whonix Firewall
@@ -31,10 +31,12 @@ iptables -A INPUT -i vif+ -p tcp -m tcp --dport 8082 -j ACCEPT \\
 iptables -A OUTPUT -o vif+ -p tcp -m tcp --sport 8082 -j ACCEPT \\
 iptables -t nat -A PREROUTING -j PR-QBS-SERVICES \\
 iptables -t nat -A PR-QBS-SERVICES -d 10.137.255.254/32 -i vif+ -p tcp -m tcp --dport 8082 -j REDIRECT \\
+iptables -t nat -A OUTPUT -p udp -m owner --uid-owner tinyproxy -m conntrack --ctstate NEW -j DNAT --to ${ip}:53 \\
+iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner tinyproxy -m conntrack --ctstate NEW -j DNAT --to ${ip}:9040 \\
 \\
 # Route any traffic FROM netvm TO netvm BACK-TO localhost \\
 # Allows localhost access to tor network \\
-iptables -t nat -A OUTPUT -s ${ip} -d ${ip} -j DNAT --to-destination 127.0.0.1 \\
+#iptables -t nat -A OUTPUT -s ${ip} -d ${ip} -j DNAT --to-destination 127.0.0.1 \\
 ######################################
 EOF
     fi
diff --git a/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/init/qubes-whonix-firewall.sh b/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/init/qubes-whonix-firewall.sh
index 6863a9e..50c5cbc 100755
--- a/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/init/qubes-whonix-firewall.sh
+++ b/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/init/qubes-whonix-firewall.sh
@@ -2,16 +2,16 @@
 
 . /usr/lib/whonix/utility_functions
 
+if [ -x /usr/sbin/xenstore-read ]; then
+    XENSTORE_READ="/usr/sbin/xenstore-read"
+else
+    XENSTORE_READ="/usr/bin/xenstore-read"
+fi
+
+# Make sure IP forwarding is disabled
+echo "0" > /proc/sys/net/ipv4/ip_forward
+
 if [ "${WHONIX}" != "template" ]; then
-    # Make sure IP forwarding is disabled
-    echo "0" > /proc/sys/net/ipv4/ip_forward
-
-    if [ -x /usr/sbin/xenstore-read ]; then
-        XENSTORE_READ="/usr/sbin/xenstore-read"
-    else
-        XENSTORE_READ="/usr/bin/xenstore-read"
-    fi
-
     ip=$(${XENSTORE_READ} qubes-netvm-gateway 2> /dev/null)
 
     # Start Whonix Firewall
@@ -31,10 +31,12 @@ iptables -A INPUT -i vif+ -p tcp -m tcp --dport 8082 -j ACCEPT \\
 iptables -A OUTPUT -o vif+ -p tcp -m tcp --sport 8082 -j ACCEPT \\
 iptables -t nat -A PREROUTING -j PR-QBS-SERVICES \\
 iptables -t nat -A PR-QBS-SERVICES -d 10.137.255.254/32 -i vif+ -p tcp -m tcp --dport 8082 -j REDIRECT \\
+iptables -t nat -A OUTPUT -p udp -m owner --uid-owner tinyproxy -m conntrack --ctstate NEW -j DNAT --to ${ip}:53 \\
+iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner tinyproxy -m conntrack --ctstate NEW -j DNAT --to ${ip}:9040 \\
 \\
 # Route any traffic FROM netvm TO netvm BACK-TO localhost \\
 # Allows localhost access to tor network \\
-iptables -t nat -A OUTPUT -s ${ip} -d ${ip} -j DNAT --to-destination 127.0.0.1 \\
+#iptables -t nat -A OUTPUT -s ${ip} -d ${ip} -j DNAT --to-destination 127.0.0.1 \\
 ######################################
 EOF
     fi
diff --git a/scripts_debian/wheezy+whonix/04_install_qubes_post.sh b/scripts_debian/wheezy+whonix/04_install_qubes_post.sh
index 9f58254..c6ab0e3 100755
--- a/scripts_debian/wheezy+whonix/04_install_qubes_post.sh
+++ b/scripts_debian/wheezy+whonix/04_install_qubes_post.sh
@@ -19,6 +19,11 @@ else
     set -e
 fi
 
+# ------------------------------------------------------------------------------
+# Make sure IP forwarding is disabled (Qubes enables it by default)
+# ------------------------------------------------------------------------------
+echo "0" > /proc/sys/net/ipv4/ip_forward
+
 # ------------------------------------------------------------------------------
 # Enable Qubes-Whonix services
 # ------------------------------------------------------------------------------

From d92d6d1577f012454d7b235cc73e4ce8e3f9b844 Mon Sep 17 00:00:00 2001
From: Jason Mehring <nrgaway@gmail.com>
Date: Tue, 11 Nov 2014 13:41:42 -0500
Subject: [PATCH 9/9] whonix: Lockdown network if not connected to a tor-newvm

---
 .../files/usr/lib/whonix/messages.yaml            |  3 ---
 .../files/usr/lib/whonix/qubes-whonixsetup        | 15 ++++++++++++++-
 .../files/usr/lib/whonix/messages.yaml            |  3 ---
 .../files/usr/lib/whonix/qubes-whonixsetup        | 15 ++++++++++++++-
 4 files changed, 28 insertions(+), 8 deletions(-)

diff --git a/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/messages.yaml b/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/messages.yaml
index d3be464..075ab09 100644
--- a/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/messages.yaml
+++ b/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/messages.yaml
@@ -7,6 +7,3 @@ update:
       <p><B>Tor netvm required for updates!</B></p>
       <p>Please ensure your template vm has a Whonix gateway as it's VM.</p>
       <p>No updates are possible without an active (running) Whonix gateway VM.</p>
-      <p/>
-      <p><b>Template will now power off</b></p>
-
diff --git a/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/qubes-whonixsetup b/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/qubes-whonixsetup
index 814af62..edb6240 100755
--- a/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/qubes-whonixsetup
+++ b/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/qubes-whonixsetup
@@ -41,6 +41,19 @@ elif [ "${WHONIX}" == "workstation" ]; then
     fi
 
 elif [ "${WHONIX}" == "template" -a "${PROXY_SECURE}" == "0" ]; then
+    # Set secure defaults.
+    iptables -P INPUT DROP
+    iptables -P FORWARD DROP
+    iptables -P OUTPUT DROP
+
+    # Flush old rules.
+    iptables -F
+    iptables -X
+    iptables -t nat -F
+    iptables -t nat -X
+    iptables -t mangle -F
+    iptables -t mangle -X
+
+    # Display warning that netvm is not connected to a torvm
     /usr/lib/whonix/alert update /usr/lib/whonix/messages.yaml
-    #sudo /sbin/poweroff 
 fi
diff --git a/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/messages.yaml b/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/messages.yaml
index d3be464..075ab09 100644
--- a/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/messages.yaml
+++ b/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/messages.yaml
@@ -7,6 +7,3 @@ update:
       <p><B>Tor netvm required for updates!</B></p>
       <p>Please ensure your template vm has a Whonix gateway as it's VM.</p>
       <p>No updates are possible without an active (running) Whonix gateway VM.</p>
-      <p/>
-      <p><b>Template will now power off</b></p>
-
diff --git a/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/qubes-whonixsetup b/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/qubes-whonixsetup
index 814af62..edb6240 100755
--- a/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/qubes-whonixsetup
+++ b/scripts_debian/wheezy+whonix-workstation/files/usr/lib/whonix/qubes-whonixsetup
@@ -41,6 +41,19 @@ elif [ "${WHONIX}" == "workstation" ]; then
     fi
 
 elif [ "${WHONIX}" == "template" -a "${PROXY_SECURE}" == "0" ]; then
+    # Set secure defaults.
+    iptables -P INPUT DROP
+    iptables -P FORWARD DROP
+    iptables -P OUTPUT DROP
+
+    # Flush old rules.
+    iptables -F
+    iptables -X
+    iptables -t nat -F
+    iptables -t nat -X
+    iptables -t mangle -F
+    iptables -t mangle -X
+
+    # Display warning that netvm is not connected to a torvm
     /usr/lib/whonix/alert update /usr/lib/whonix/messages.yaml
-    #sudo /sbin/poweroff 
 fi