2 files changed, 201 insertions, 21 deletions

diff --git a/lib/diameter/doc/src/diameter.xml b/lib/diameter/doc/src/diameter.xml
index 1e1206aa2d..5cb29c80e3 100644
--- a/lib/diameter/doc/src/diameter.xml
+++ b/lib/diameter/doc/src/diameter.xml
@@ -467,7 +467,7 @@ Matches only those peers whose Origin-Host has the
 specified value, or all peers if the atom <c>any</c>.</p>
 </item>
 
-<tag><c>{realm, any|&dict_DiameterIdentity;</c></tag>
+<tag><c>{realm, any|&dict_DiameterIdentity;}</c></tag>
 <item>
 <p>
 Matches only those peers whose Origin-Realm has the
@@ -500,18 +500,22 @@ Matches only those peers matched by each filter in the specified list.</p>
 <item>
 <p>
 Matches only those peers matched by at least one filter in the
-specified list.</p>
+specified list.
+The resulting list will be in match order, peers matching the
+first filter of the list sorting before those matched by the second,
+and so on.</p>
+</item>
 
+<tag><c>{first, [&peer_filter;]}</c></tag>
+<item>
 <p>
-The resulting peer list will be in match order, peers matching the
-first filter of the list sorting before those matched by the second,
-and so on.
-For example, the following filter causes peers matching both the host
-and realm filters to be presented before those matching only the realm
-filter.</p>
+Like <c>any</c>, but stops at the first filter for which there are
+matches, which can be much more efficient when there are many peers.
+For example, the following filter causes only peers best matching
+both the host and realm filters to be presented.</p>
 
 <pre>
-{any, [{all, [host, realm]}, realm]}
+{first, [{all, [host, realm]}, realm]}
 </pre>
 </item>
 
@@ -795,14 +799,6 @@ Messages larger than the specified number of bytes are discarded.</p>
 Defaults to <c>16777215</c>, the maximum value of the 24-bit Message
 Length field in a Diameter Header.</p>
 
-<warning>
-<p>
-This option should be set to as low a value as is sufficient for the
-Diameter applications and peers in question, since decoding incoming
-messages from a malicious peer can otherwise generate significant
-load.</p>
-</warning>
-
 </item>
 
 <tag><c>{restrict_connections, false
@@ -921,6 +917,49 @@ Options <c>monitor</c> and <c>link</c> are ignored.</p>
 Defaults to the empty list.</p>
 </item>
 
+<marker id="strict_mbit"/>
+<tag><c>{strict_mbit, boolean()}</c></tag>
+<item>
+<p>
+Whether or not to regard an AVP setting the M-bit as erroneous when
+the command grammar in question does not explicitly allow the AVP.
+If <c>true</c> then such AVPs are regarded as 5001 errors,
+DIAMETER_AVP_UNSUPPORTED.
+If <c>false</c> then the M-bit is ignored and policing
+it becomes the receiver's responsibility.</p>
+
+<p>
+Defaults to <c>true</c>.</p>
+
+<warning>
+<p>
+RFC 6733 is unclear about the semantics of the M-bit.
+One the one hand, the CCF specification in section 3.2 documents AVP
+in a command grammar as meaning <b>any</b> arbitrary AVP; on the
+other hand, 1.3.4 states that AVPs setting the M-bit cannot be added
+to an existing command: the modified command must instead be
+placed in a new Diameter application.</p>
+<p>
+The reason for the latter is presumably interoperability:
+allowing arbitrary AVPs setting the M-bit in a command makes its
+interpretation implementation-dependent, since there's no
+guarantee that all implementations will understand the same set of
+arbitrary AVPs in the context of a given command.
+However, interpreting <c>AVP</c> in a command grammar as <b>any</b>
+AVP, regardless of M-bit, renders 1.3.4 meaningless, since the receiver
+can simply ignore any AVP it thinks isn't relevant, regardless of the
+sender's intent.</p>
+<p>
+Beware of confusing mandatory in the sense of the M-bit with mandatory
+in the sense of the command grammar.
+The former is a semantic requirement: that the receiver understand the
+semantics of the AVP in the context in question.
+The latter is a syntactic requirement: whether or not the AVP must
+occur in the message in question.</p>
+</warning>
+
+</item>
+
 <marker id="string_decode"/>
 <tag><c>{string_decode, boolean()}</c></tag>
 <item>
@@ -1232,9 +1271,7 @@ is not the length of the message in question, as received over the
 transport interface documented in &man_transport;.</p>
 
 <p>
-If <c>exit</c> then a warning report is emitted and the parent of the
-transport process in question exits, which causes the transport
-process itself to exit as described in &man_transport;.
+If <c>exit</c> then the transport process in question exits.
 If <c>handle</c> then the message is processed as usual, a resulting
 &app_handle_request; or &app_handle_answer; callback (if one takes
 place) indicating the <c>5015</c> error (DIAMETER_INVALID_MESSAGE_LENGTH).
diff --git a/lib/diameter/doc/src/notes.xml b/lib/diameter/doc/src/notes.xml
index 299d4093da..5052515d6a 100644
--- a/lib/diameter/doc/src/notes.xml
+++ b/lib/diameter/doc/src/notes.xml
@@ -43,6 +43,149 @@ first.</p>
 
 <!-- ===================================================================== -->
 
+<section><title>diameter 1.11.2</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    Make peer handling more efficient.</p>
+          <p>
+	    Inefficient lookup and manipulation of peer lists could
+	    result in poor performance when many outgoing requests
+	    were sent simultaneously, or when many peers connected
+	    simultaneously. Filtering peer lists on realm/host is now
+	    also more efficient in many cases.</p>
+          <p>
+	    Own Id: OTP-13164</p>
+        </item>
+        <item>
+          <p>
+	    Fix handling of shared peer connections in watchdog state
+	    SUSPECT.</p>
+          <p>
+	    A peer connection shared from a remote node was regarded
+	    as being up for the lifetime of the connection, ignoring
+	    watchdog transitions into state SUSPECT.</p>
+          <p>
+	    Own Id: OTP-13342</p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
+<section><title>diameter 1.11.1</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    Fix request table leaks</p>
+          <p>
+	    The End-to-End and Hop-by-Hop identifiers of outgoing
+	    Diameter requests are stored in a table in order for the
+	    caller to be located when the corresponding answer
+	    message is received. Entries were orphaned if the handler
+	    was terminated by an exit signal as a consequence of
+	    actions taken by callback functions, or if callbacks
+	    modified identifiers in retransmission cases.</p>
+          <p>
+	    Own Id: OTP-13137</p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
+<section><title>diameter 1.11</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    Fix relay encode of nested, Grouped AVPs.</p>
+          <p>
+	    A fault in OTP-12475 caused encode to fail if the first
+	    AVP in a Grouped AVP was itself Grouped.</p>
+          <p>
+	    Own Id: OTP-12879 Aux Id: OTP-12475 </p>
+        </item>
+        <item>
+          <p>
+	    Match acceptable peer addresses case insensitively.</p>
+          <p>
+	    Regular expressions passed in an 'accept' tuple to
+	    diameter_tcp or diameter_sctp inappropriately matched
+	    case.</p>
+          <p>
+	    Own Id: OTP-12902</p>
+        </item>
+        <item>
+          <p>
+	    Fix diameter_watchdog function clause.</p>
+          <p>
+	    OTP-12912 introduced an error with accepting transports
+	    setting <c>{restrict_connections, false}</c>, causing
+	    processes to fail when peer connections were terminated.</p>
+          <p>
+	    Own Id: OTP-12969</p>
+        </item>
+      </list>
+    </section>
+
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    Don't report 5005 (DIAMETER_AVP_MISSING) errors
+	    unnecessarily.</p>
+          <p>
+	    An AVP whose decode failed was reported as missing,
+	    despite having been reported with another error as a
+	    consequence of the failure.</p>
+          <p>
+	    Own Id: OTP-12871</p>
+        </item>
+        <item>
+          <p>
+	    Improve decode performance.</p>
+          <p>
+	    The time required to decode a message increased
+	    quadratically with the number of AVPs in the worst case,
+	    leading to extremely long execution times.</p>
+          <p>
+	    Own Id: OTP-12891</p>
+        </item>
+        <item>
+          <p>
+	    Improve watchdog and statistics performance.</p>
+          <p>
+	    Inefficient use of timers contributed to poor performance
+	    at high load, as did ordering of the table statistics are
+	    written to.</p>
+          <p>
+	    Own Id: OTP-12912</p>
+        </item>
+        <item>
+          <p>
+	    Add service_opt() strict_mbit.</p>
+          <p>
+	    There are differing opinions on whether or not reception
+	    of an arbitrary AVP setting the M-bit is an error. The
+	    default interpretation is strict: if a command grammar
+	    doesn't explicitly allow an AVP setting the M-bit then
+	    reception of such an AVP is regarded as an error. Setting
+	    <c>{strict_mbit, false}</c> disables this check.</p>
+          <p>
+	    Own Id: OTP-12947</p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>diameter 1.10</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>
@@ -134,7 +277,7 @@ first.</p>
         <item>
           <p>
 	    Change license text from Erlang Public License to Apache
-	    Public License v2</p>
+	    Public License v2.</p>
           <p>
 	    Own Id: OTP-12845</p>
         </item>