gnutls_priority_init − API function


#include <gnutls/gnutls.h>

int gnutls_priority_init(gnutls_priority_t * priority_cache, const char * priorities, const char ** err_pos);


gnutls_priority_t * priority_cache

is a gnutls_prioritity_t structure.

const char * priorities

is a string describing priorities

const char ** err_pos

In case of an error this will have the position in the string the error occured


Sets priorities for the ciphers, key exchange methods, macs and compression methods.

The priorities option allows you to specify a colon separated list of the cipher priorities to enable. Some keywords are defined to provide quick access to common preferences.

"PERFORMANCE" means all the "secure" ciphersuites are enabled, limited to 128 bit ciphers and sorted by terms of speed performance.

"NORMAL" means all "secure" ciphersuites. The 256−bit ciphers are included as a fallback only. The ciphers are sorted by security margin.

"SECURE128" means all "secure" ciphersuites of security level 128−bit or more.

"SECURE192" means all "secure" ciphersuites of security level 192−bit or more.

"SUITEB128" means all the NSA SuiteB ciphersuites with security level of 128.

"SUITEB192" means all the NSA SuiteB ciphersuites with security level of 192.

"EXPORT" means all ciphersuites are enabled, including the low−security 40 bit ciphers.

"NONE" means nothing is enabled. This disables even protocols and compression methods.

Special keywords are "!", "−" and "+". "!" or "−" appended with an algorithm will remove this algorithm. "+" appended with an algorithm will add this algorithm.

Check the GnuTLS manual section "Priority strings" for detailed information.



"NORMAL:−ARCFOUR−128" means normal ciphers except for ARCFOUR−128.

"SECURE:−VERS−SSL3.0:+COMP−DEFLATE" means that only secure ciphers are enabled, SSL3.0 is disabled, and libz compression enabled.



"NORMAL:COMPAT" is the most compatible mode.


On syntax error GNUTLS_E_INVALID_REQUEST is returned, GNUTLS_E_SUCCESS on success, or an error code.


Report bugs to <>. GnuTLS home page: General help using GNU software:


Copyright © 2008 Free Software Foundation.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.


The full documentation for gnutls is maintained as a Texinfo manual. If the info and gnutls programs are properly installed at your site, the command

info gnutls

should give you access to the complete manual.

More Linux Commands

XGrabDeviceButton(3) - grab/ungrab extension input device bu
The XGrabDeviceButton request establishes a passive grab. In the future, the device is actively grabbed (as for XGrabDevice, the last-grab time is set to the ti

Tk_GetHWND(3) - manage interactions between the Windows hand
Tk_GetHWND returns the Windows HWND identifier for X Windows window given by window. Tk_AttachHWND binds the Windows HWND identifier to the specified Tk_Window

snmptrap(1) - sends an SNMP notification to a manager.......
snmptrap is an SNMP application that uses the SNMP TRAP operation to send information to a network manager. One or more object identifiers (OIDs) can be given a

continue(n) - Skip to the next iteration of a loop (ManPage)
This command is typically invoked inside the body of a looping command such as for or foreach or while. It returns a 4 (TCL_CONTINUE) result code, which causes

getfsent(3) - handle fstab entries - Linux manual page......
These functions read from the file /etc/fstab. The struct fstab is defined by: struct fstab { char *fs_spec; /* block device name */ char *fs_file; /* mount poi

automake-1.13(1) manual page for automake 1.13.4 (Man Page)
automake-1.13.1 - Generate for configure from Operation modes: --help print this help, then exit --version print version number, then e

sasl_authorize_t(3) - The SASL authorization callback.......
sasl_authorize_t is used to check whether the authorized user auth_identity may act as the user requested_user. For example the user root may wish to authentica

tc-hfsc(8) Hierarchical Fair Service Curves control under li
HFSC qdisc has only one optional parameter default. CLASSID specifies the minor part of the default classid, where packets not classified by other will be ...

XSetCloseDownMode(3) - control clients - Linux manual page
The XSetCloseDownMode defines what will happen to the clients resources at connection close. A connection starts in DestroyAll mode. For information on what hap

readdir(3) - read a directory (Library - Linux man page)....
The readdir() function returns a pointer to a dirent structure representing the next directory entry in the directory stream pointed to by dirp. It returns NULL

auparse_feed(3) - feed data into parser - Linux manual page
auparse_feed supplies new data for the parser to consume. auparse_init() must have been called with a source type of AUSOURCE_FEED and a NULL pointer. The parse

socketpair(2) - create a pair of connected sockets (ManPage)
The socketpair() call creates an unnamed pair of connected sockets in the specified domain, of the specified type, and using the optionally specified protocol.

We can't live, work or learn in freedom unless the software we use is free.