Remove ssl-google-cert-catalog. Fixes #533

CHANGELOG

@@ -1,5 +1,8 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o [NSE][GH#533] Removed ssl-google-cert-catalog, since Google shut off that
+  service at some point. Reported by Brian Morin.
+
 o [NSE][GH#540] Add tls.servername script-arg for forcing a name to be used for
   TLS Server Name Indication extension. The argument overrides the default use
   of the host's targetname. [Bertrand Bonnefoy-Claudet]

scripts/script.db

@@ -488,7 +488,6 @@ Entry { filename = "ssl-cert.nse", categories = { "default", "discovery", "safe"
 Entry { filename = "ssl-date.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "ssl-dh-params.nse", categories = { "safe", "vuln", } }
 Entry { filename = "ssl-enum-ciphers.nse", categories = { "discovery", "intrusive", } }
-Entry { filename = "ssl-google-cert-catalog.nse", categories = { "discovery", "external", "safe", } }
 Entry { filename = "ssl-heartbleed.nse", categories = { "safe", "vuln", } }
 Entry { filename = "ssl-known-key.nse", categories = { "default", "discovery", "safe", "vuln", } }
 Entry { filename = "ssl-poodle.nse", categories = { "safe", "vuln", } }

scripts/ssl-google-cert-catalog.nse

@@ -1,73 +0,0 @@
-local dns = require "dns"
-local math = require "math"
-local os = require "os"
-local shortport = require "shortport"
-local sslcert = require "sslcert"
-local stdnse = require "stdnse"
-local string = require "string"
-local table = require "table"
-local tls = require "tls"
-
-description = [[
-Queries Google's Certificate Catalog for the SSL certificates retrieved from
-target hosts.
-
-The Certificate Catalog provides information about how recently and for how long
-Google has seen the given certificate.  If a certificate doesn't appear in the
-database, despite being correctly signed by a well-known CA and having a
-matching domain name, it may be suspicious.
-]]
-
----
--- @usage
--- nmap -p 443 --script ssl-cert,ssl-google-cert-catalog <host>
---
--- @output
--- PORT     STATE SERVICE
----443/tcp open  https
----| ssl-google-cert-catalog:
----|   First/last date seen: 19 Aug 2011 / 10 Sep 2011
----|_  Days in between: 20
-
-author = "Vasiliy Kulikov"
-license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
-categories = { "safe", "discovery", "external" }
---dependencies = { "ssl-cert" }
-
-
-local format_date = function(day_num)
-    return os.date("%d %b %Y", 60 * 60 * 24 * math.tointeger(day_num))
-end
-
-portrule = shortport.ssl
-
-action = function(host, port)
-    host.targetname = tls.servername(host)
-    local lines, sha1, query
-    local status, cert = sslcert.getCertificate(host, port)
-
-    if not status then
-        return nil
-    end
-
-    sha1 = stdnse.tohex(cert.digest(cert, "sha1"))
-    query = sha1 .. ".certs.googlednstest.com"
-    stdnse.debug1("%s", query)
-
-    local status, decoded_response = dns.query(query, { dtype = "TXT" })
-
-    lines = {}
-
-    if status then
-        local raw_start, raw_stop, delta = string.match(decoded_response, "(%d+) (%d+) (%d+)")
-        local date_start, date_stop = format_date(raw_start), format_date(raw_stop)
-
-        table.insert(lines, "First/last date seen: " .. date_start .. " / " .. date_stop)
-        table.insert(lines, "Days in between: " .. tonumber(delta))
-    else
-        table.insert(lines, "No DB entry")
-    end
-
-    return stdnse.format_output(true, lines)
-end
-