use gnutls_set_default_priority() in examples.

2 files changed, 9 insertions, 4 deletions

diff --git a/doc/examples/ex-client-x509.c b/doc/examples/ex-client-x509.c
index ff90ad0bec..01762e82ea 100644
--- a/doc/examples/ex-client-x509.c
+++ b/doc/examples/ex-client-x509.c
@@ -65,7 +65,10 @@ int main(void)
         gnutls_server_name_set(session, GNUTLS_NAME_DNS, "my_host_name",
                                strlen("my_host_name"));
 
-        /* Use default priorities */
+        /* use default priorities */
+        gnutls_set_default_priority(session);
+#if 0
+	/* if more fine-graned control is required */
         ret = gnutls_priority_set_direct(session, 
                                          "NORMAL", &err);
         if (ret < 0) {
@@ -74,6 +77,7 @@ int main(void)
                 }
                 exit(1);
         }
+#endif
 
         /* put the x509 credentials to the current session
          */
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c
index 769eed1fe8..efe1bae1b9 100644
--- a/lib/gnutls_priority.c
+++ b/lib/gnutls_priority.c
@@ -1362,6 +1362,8 @@ void gnutls_priority_deinit(gnutls_priority_t priority_cache)
  * priority cache and is used to directly set string priorities to a
  * TLS session.  For documentation check the gnutls_priority_init().
  *
+ * To simply use a reasonable default, consider using gnutls_set_default_priority().
+ *
  * Returns: On syntax error %GNUTLS_E_INVALID_REQUEST is returned,
  * %GNUTLS_E_SUCCESS on success, or an error code.
  **/
@@ -1428,9 +1430,8 @@ break_comma_list(char *etag,
  * Sets some default priority on the ciphers, key exchange methods,
  * macs and compression methods.
  *
- * This is the same as calling:
- *
- * gnutls_priority_set_direct (session, "NORMAL", NULL);
+ * This typically sets a default priority that is considered
+ * sufficiently secure to establish encrypted sessions.
  *
  * This function is kept around for backwards compatibility, but
  * because of its wide use it is still fully supported.  If you wish