]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
use gnutls_set_default_priority() in examples.
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Sun, 11 May 2014 07:52:17 +0000 (09:52 +0200)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Sun, 11 May 2014 07:52:17 +0000 (09:52 +0200)
doc/examples/ex-client-x509.c
lib/gnutls_priority.c

index ff90ad0beccb031412aef8a6a362cb75dca7a19a..01762e82eaffa34a6e860fd4f4f608af9fd2a8e8 100644 (file)
@@ -65,7 +65,10 @@ int main(void)
         gnutls_server_name_set(session, GNUTLS_NAME_DNS, "my_host_name",
                                strlen("my_host_name"));
 
-        /* Use default priorities */
+        /* use default priorities */
+        gnutls_set_default_priority(session);
+#if 0
+       /* if more fine-graned control is required */
         ret = gnutls_priority_set_direct(session, 
                                          "NORMAL", &err);
         if (ret < 0) {
@@ -74,6 +77,7 @@ int main(void)
                 }
                 exit(1);
         }
+#endif
 
         /* put the x509 credentials to the current session
          */
index 769eed1fe8ce19784cdb4c53b352c53355426512..efe1bae1b9fd9af027492af259f0d50bb305d78e 100644 (file)
@@ -1362,6 +1362,8 @@ void gnutls_priority_deinit(gnutls_priority_t priority_cache)
  * priority cache and is used to directly set string priorities to a
  * TLS session.  For documentation check the gnutls_priority_init().
  *
+ * To simply use a reasonable default, consider using gnutls_set_default_priority().
+ *
  * Returns: On syntax error %GNUTLS_E_INVALID_REQUEST is returned,
  * %GNUTLS_E_SUCCESS on success, or an error code.
  **/
@@ -1428,9 +1430,8 @@ break_comma_list(char *etag,
  * Sets some default priority on the ciphers, key exchange methods,
  * macs and compression methods.
  *
- * This is the same as calling:
- *
- * gnutls_priority_set_direct (session, "NORMAL", NULL);
+ * This typically sets a default priority that is considered
+ * sufficiently secure to establish encrypted sessions.
  *
  * This function is kept around for backwards compatibility, but
  * because of its wide use it is still fully supported.  If you wish