DoH resolver in C

resolver.c

#include <stdio.h>
#include <errno.h>
#include <unistd.h>
#include <malloc.h>
#include <string.h>
#include <sys/socket.h>
#include <resolv.h>
#include <netdb.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <jansson.h>

char* json[2048] = {0};

char* getjson(char* proxy_host,int proxy_port,char* dnshost,int dnsport,char* dest){
    SSL_CTX *ctx;
    int sock;
    SSL *ssl;
    char buf[2048];
    uint8_t* recv_buf,*tmp;
    int ret_size = 0;

    //init
    // printf("init\n");
    SSL_library_init();
    OpenSSL_add_all_algorithms();
    SSL_load_error_strings();
    ctx = SSL_CTX_new(TLSv1_2_client_method());
    if(ctx == NULL)
       goto error;

    //connect to proxy
    // printf("connect to proxy\n");
    struct hostent *host;
    struct sockaddr_in addr;
    if ( (host = gethostbyname(proxy_host)) == NULL )
    {
        goto error;
    }
    sock = socket(PF_INET, SOCK_STREAM, 0);
    bzero(&addr, sizeof(addr));
    addr.sin_family = AF_INET;
    addr.sin_port = htons(proxy_port);
    addr.sin_addr.s_addr = *(long*)(host->h_addr);
    if ( connect(sock, (struct sockaddr*)&addr, sizeof(addr)) != 0 )
        goto error;
    snprintf(buf, sizeof(buf), "CONNECT %s:%d HTTP/1.0\r\n\r\n",dnshost,dnsport);
    int n = write(sock, buf, (int)strlen(buf));
    if (n < 0)
	    goto error;
    memset(buf, 0, sizeof(buf));
	if(read(sock, buf, sizeof(buf)) < 0)
        goto error;
    // printf("proxyans:%s\n",buf);
    
    //start ssl session
    // printf("start ssl\n");
    ssl = SSL_new(ctx); 
    SSL_set_fd(ssl, sock); 
    SSL_set_tlsext_host_name(ssl, dnshost);
    if ( SSL_connect(ssl) == -1 )
        ERR_print_errors_fp(stderr);
    else
    {
        sprintf(buf,"POST /dns-query?name=%s&type=A HTTP/1.1\r\nHost: %s\r\nContent-Type: application/dns-json\r\n\r\n",dest,dnshost);
        // printf("req:%s\n",buf);
        SSL_write(ssl,buf, strlen(buf));
        memset(buf,0,sizeof(buf));
        SSL_read(ssl, buf, sizeof(buf));
        // printf("%s\n", buf);
        if(tmp = strtok(buf,"\n") != NULL)
            while(tmp != NULL){
                tmp = strtok(NULL,"\n");
                if(tmp != NULL)
                recv_buf = tmp;
            }
        else
                recv_buf = tmp;
            
        // printf("actual message: %s\n",recv_buf);
        goto success;
    }
    
error:
    close(sock);
    SSL_free(ssl);
    SSL_CTX_free(ctx);
    return NULL;  

success:
    close(sock);
    SSL_free(ssl);
    SSL_CTX_free(ctx);
    memcpy(json,recv_buf,strlen(recv_buf));
    return json;
}

char* get_ip(char* json){
    json_error_t error;
    json_t *result = json_loads(json, 0, &error);
    if(result == NULL)
        return NULL;
    json_t *answers = json_object_get(result, "Answer");
    int i;
    json_t *answer;
    json_array_foreach(answers, i, answer) {
        // printf("type:%d,data:%s\n",(int)json_integer_value(json_object_get(answer, "type")),json_string_value(json_object_get(answer, "data")));
        if(json_integer_value(json_object_get(answer, "type")) == 1)
            return json_string_value(json_object_get(answer, "data"));
  }
  return NULL;
}

int main(int argc,char* argv[]){
    if(argc != 6) // $0,proxy_host,proxy_port,dest_host,dest_port
        exit(1);
    char* js = getjson(argv[1],atoi(argv[2]),argv[3],atoi(argv[4]),argv[5]);
    printf("ip:%s\n",get_ip(js));
    return 0;
}

There are many dangerous memory operation which must be fixed.