Build: libcrmcommon: configure option to specify GnuTLS cipher priorities

Default to current behavior, i.e. "NORMAL". Spec file overrides with "@SYSTEM"
on distros that have it.

Pacemaker does not use option value as-is; it adds "+ANON-DH" for CIB remote
commands and "+DHE-PSK:+PSK" for Pacemaker Remote connections. In the longer
term, we could consider moving to certificate-based connections in both cases,
but that has backward compatibility issues as well as additional administrative
burden.