Fix false positives due to missing start/boot time

SMB field ServerStartTime ['start_time'] of zero should be interpreted
as "no time provided", not as the start of the epoch.
The field is zeroed out in SMB dialect 3.1.1.

CHANGELOG

@@ -32,6 +32,9 @@ o [NSE][GH#2174] Script hostmap-crtsh got improved in several ways. The most
   identities that are syntactically incorrect to be hostnames are now ignored.
   [Michel Le Bihan, nnposter]
 
+o [NSE] Script smb2-vuln-uptime no longer reports false positives when
+  the target does not provide its boot time. [nnposter]
+
 o [NSE][GH#2197] Client packets composed by the DHCP library will now contain
   option 51 (IP address lease time) only when requested. [nnposter]
 

scripts/smb2-vuln-uptime.nse

@@ -115,11 +115,19 @@ local function check_vulns(host, port)
   status, smbstate = smb.start(host)
   status = smb2.negotiate_v2(smbstate, overrides)
 
-  if status then
+  if not status then
+    stdnse.debug2("Negotiation failed")
+    return nil, "Protocol negotiation failed (SMB2)"
+  end
+
   datetime.record_skew(host, smbstate.time, os.time())
   stdnse.debug2("SMB2: Date: %s (%s) Start date:%s (%s)",
                       smbstate['date'], smbstate['time'],
           smbstate['start_date'], smbstate['start_time'])
+  if smbstate['start_time'] == 0 then
+    stdnse.debug2("Boot time not provided")
+    return nil, "Boot time not provided"
+  end
 
   for _, vuln in pairs(ms_vulns) do
     if smbstate['start_time'] < vuln['disclosure_time'] then
@@ -129,10 +137,6 @@ local function check_vulns(host, port)
     end
   end
 
-  else
-    stdnse.debug2("Negotiation failed")
-    return nil, "Protocol negotiation failed (SMB2)"
-  end
   return true, vulns_detected
 end