Hi, json-c has some... peculiarities, such as how it seeds the random number generator for its hashing function.
https://github.com/json-c/json-c/blob/master/random_seed.c I'm not sure how responsive the project is, hence posting here, but the existing code causes /dev/urandom to be touched, which makes the library not fit well within pledge; and if in a chroot and failing that instead of getting killed, has a horrible fall-back. Enclosed is a patch that uses arc4random as the only choice. I guess it should be in a fancy autoconf thing, but this is a bit more direct. The patch is off 0.12, which is in ports, and not the GH version. Best, Kristaps
--- ../json-c-0.12/random_seed.c Fri Apr 11 02:41:08 2014 +++ random_seed.c Tue May 3 21:34:38 2016 @@ -224,6 +224,7 @@ int json_c_get_random_seed() { + return(arc4random()); #if HAVE_RDRAND if (has_rdrand()) return get_rdrand_seed(); #endif