Re: [Libguestfs] [Hivex][PATCH v2] Report last-modified time of hive root and nodes

>> On Wed, Aug 10, 2011 at 01:24:05PM -0700, Alex‎ Nelson wrote: >>> These changes are bringing the hivexml program into a file system >>> analysis suite that deals with many different file system types, >>> each with their own timestamp recording quirks, and even some file >>> formats which have yet more quirks.  We think that ISO 8601 is the >>> best umbrella output format, with an additional XML attribute noting >>> the time granularity (like FAT's 2-second and 1-day granularities). >>> That's why we're outputting strings in C, which, yes, feels wrong, >>> but simplifies parsing outside of the scope of hivexml.  We're >>> dealing with the time presentation proactively. >> >> Reading this over again, I think you may be confusing how the hivex >> API/library returns the data and how hivexml displays the data.  The >> two are completely different things.  You can have hivexml displaying >> the data as an ISO 8601 string (in fact, I would say that is a very >> good choice).  But that does not in any way require that the C API >> returns a string. > > Ah, understood.  Ok, in that case I'm fine with changing things as you suggested.  Next patch coming soon. Please, please, please don't return the Windows time. Python does not have a library or function for dealing with the Windows time, but it does handle ISO 8601. And UNIX epoch. And a quick search for Perl doesn't show anything for Windows timestamp in the top 5, but also has a module for ISO8601.