



@deftypefun {int} {gnutls_priority_init} (gnutls_priority_t * @var{priority_cache}, const char * @var{priorities}, const char ** @var{err_pos})
@var{priority_cache}: is a @code{gnutls_prioritity_t}  structure.

@var{priorities}: is a string describing priorities

@var{err_pos}: In case of an error this will have the position in the string the error occured

Sets priorities for the ciphers, key exchange methods, macs and
compression methods.

The @code{priorities}  option allows you to specify a colon
separated list of the cipher priorities to enable.
Some keywords are defined to provide quick access
to common preferences.

"PERFORMANCE" means all the "secure" ciphersuites are enabled,
limited to 128 bit ciphers and sorted by terms of speed
performance.

"NORMAL" means all "secure" ciphersuites. The 256-bit ciphers are
included as a fallback only.  The ciphers are sorted by security
margin.

"SECURE128" means all "secure" ciphersuites of security level 128-bit
or more.

"SECURE192" means all "secure" ciphersuites of security level 192-bit
or more.

"SUITEB128" means all the NSA SuiteB ciphersuites with security level
of 128.

"SUITEB192" means all the NSA SuiteB ciphersuites with security level
of 192.

"EXPORT" means all ciphersuites are enabled, including the
low-security 40 bit ciphers.

"NONE" means nothing is enabled.  This disables even protocols and
compression methods.

Special keywords are "!", "-" and "+".
"!" or "-" appended with an algorithm will remove this algorithm.
"+" appended with an algorithm will add this algorithm.

Check the GnuTLS manual section "Priority strings" for detailed
information.

@strong{Examples:} 
"NONE:+VERS-TLS-ALL:+MAC-ALL:+RSA:+AES-128-CBC:+SIGN-ALL:+COMP-NULL"

"NORMAL:-ARCFOUR-128" means normal ciphers except for ARCFOUR-128.

"SECURE128:-VERS-SSL3.0:+COMP-DEFLATE" means that only secure ciphers are
enabled, SSL3.0 is disabled, and libz compression enabled.

"NONE:+VERS-TLS-ALL:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:+SIGN-RSA-SHA1", 

"NONE:+VERS-TLS-ALL:+AES-128-CBC:+ECDHE-RSA:+SHA1:+COMP-NULL:+SIGN-RSA-SHA1:+CURVE-SECP256R1", 

"SECURE256:+SECURE128",

Note that "NORMAL:@code{COMPAT} " is the most compatible mode.

@strong{Returns:} On syntax error @code{GNUTLS_E_INVALID_REQUEST}  is returned,
@code{GNUTLS_E_SUCCESS}  on success, or an error code.
@end deftypefun
