Simplify profile reloading

Also, increase prompt decision timeout.

firewall/api.go

@@ -97,7 +97,7 @@ func apiAuthenticator(r *http.Request, s *http.Server) (token *api.AuthToken, er
 
 	log.Tracer(r.Context()).Tracef("filter: authenticating API request from %s", r.RemoteAddr)
 
-	// It is very important that this works, retry extensively (every 250ms for 5s)
+	// It is important that this works, retry 5 times: every 500ms for 2.5s.
 	var retry bool
 	for tries := 0; tries < 5; tries++ {
 		retry, err = authenticateAPIRequest(

firewall/config.go

@@ -6,7 +6,7 @@ import (
 	"github.com/safing/portmaster/core"
 )
 
-// Configuration Keys
+// Configuration Keys.
 var (
 	CfgOptionEnableFilterKey = "filter/enable"
 

firewall/prompt.go

@@ -32,6 +32,8 @@ const (
 
 var (
 	promptNotificationCreation sync.Mutex
+
+	decisionTimeout int64 = 10 // in seconds
 )
 
 type promptData struct {
@@ -45,10 +47,16 @@ type promptProfile struct {
 	LinkedPath string
 }
 
-func prompt(ctx context.Context, conn *network.Connection, pkt packet.Packet) { //nolint:gocognit // TODO
+func prompt(ctx context.Context, conn *network.Connection, pkt packet.Packet) {
 	// Create notification.
 	n := createPrompt(ctx, conn, pkt)
 
+	// Get decision timeout and make sure it does not exceed the ask timeout.
+	timeout := decisionTimeout
+	if timeout > askTimeout() {
+		timeout = askTimeout()
+	}
+
 	// wait for response/timeout
 	select {
 	case promptResponse := <-n.Response():
@@ -59,7 +67,7 @@ func prompt(ctx context.Context, conn *network.Connection, pkt packet.Packet) {
 			conn.Deny("blocked via prompt", profile.CfgOptionEndpointsKey)
 		}
 
-	case <-time.After(1 * time.Second):
+	case <-time.After(time.Duration(timeout) * time.Second):
 		log.Tracer(ctx).Debugf("filter: continuing prompting async")
 		conn.Deny("prompting in progress, please respond to prompt", profile.CfgOptionDefaultActionKey)