diff --git a/attest-tools.spec b/attest-tools.spec
index 74f3f47df687386acb3fbfe83bc0858ff82fb6bc..9d5b6e1d973d23d54098339f2cb1e7069a425c64 100644
--- a/attest-tools.spec
+++ b/attest-tools.spec
@@ -1,10 +1,13 @@
 name:           attest-tools
 Version:        0.2.92
-Release:        7
+Release:        8
 Summary:        Attestation tools
 
 Source0:        https://gitee.com/openeuler/%{name}/repository/archive/v%{version}.tar.gz
 Patch0:		attest-tools-support-openssl-3.0.patch
+%if "%toolchain" == "clang"
+Patch1:		fix-clang.patch
+%endif
 
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 License:        GPLv2+
@@ -97,6 +100,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_prefix}/include/attest-tools
 
 %changelog
+* Mon Oct 30 2023 yoo <sunyuechi@iscas.ac.cn> - 0.2.92-8
+- fix clang build error
+
 * Thu Mar 16 2023 luhuaxin <luhuaxin1@huawei.com> - 0.2.92-7
 - Support openssl 3.0
 
diff --git a/fix-clang.patch b/fix-clang.patch
new file mode 100644
index 0000000000000000000000000000000000000000..36d5e36aadd001a669e841cdab759ff284655c2e
--- /dev/null
+++ b/fix-clang.patch
@@ -0,0 +1,105 @@
+diff -u -r attest-tools-v0.2.92/configure.ac attest-tools-v0.2.92/configure.ac
+--- attest-tools-v0.2.92/configure.ac	2023-10-30 15:27:14.000000000 +0800
++++ attest-tools-v0.2.92/configure.ac	2023-10-30 15:28:40.000000000 +0800
+@@ -58,7 +58,7 @@
+ AM_CONDITIONAL([DIGESTLISTS], [test x$digestlists = xtrue])
+ AM_CONDITIONAL([DIGESTLISTS_PGP], [test x$digestlists_pgp = xtrue])
+ 
+-CFLAGS="$CFLAGS -Wall -Werror -DTPM_POSIX -Wno-deprecated-declarations -Wno-discarded-qualifiers"
++CFLAGS="$CFLAGS -Wall -Werror -DTPM_POSIX -Wno-deprecated-declarations"
+ 
+ AC_SUBST(CFLAGS)
+ 
+diff -u -r attest-tools-v0.2.92/libs/enroll_client.c attest-tools-v0.2.92/libs/enroll_client.c
+--- attest-tools-v0.2.92/libs/enroll_client.c	2021-03-05 21:06:01.000000000 +0800
++++ attest-tools-v0.2.92/libs/enroll_client.c	2023-10-30 15:52:45.000000000 +0800
+@@ -205,7 +205,7 @@
+ 			  BYTE *policy_bin)
+ {
+ 	UINT16 private_len, public_len;
+-	BYTE *private, *public;
++	BYTE *private = NULL, *public;
+ 	TPMT_HA calculated_digest = { 0 };
+ 	BYTE *policy_digest = NULL;
+ 	TPM_HANDLE primaryHandle;
+diff -u -r attest-tools-v0.2.92/libs/enroll_server.c attest-tools-v0.2.92/libs/enroll_server.c
+--- attest-tools-v0.2.92/libs/enroll_server.c	2021-03-05 21:06:01.000000000 +0800
++++ attest-tools-v0.2.92/libs/enroll_server.c	2023-10-30 15:46:04.000000000 +0800
+@@ -484,7 +484,7 @@
+ 	X509 *issuer_cert = NULL;
+ 	X509_NAME *issuer_name = NULL, *req_name = NULL;
+ 	FILE *fp = NULL;
+-	int rc, i, lastpos = -1;
++	int rc = 0, i, lastpos = -1;
+ 
+ 	fp = fopen(reqPath, "r");
+ 	if (!fp)
+diff -u -r attest-tools-v0.2.92/libs/tss.c attest-tools-v0.2.92/libs/tss.c
+--- attest-tools-v0.2.92/libs/tss.c	2021-03-05 21:06:01.000000000 +0800
++++ attest-tools-v0.2.92/libs/tss.c	2023-10-30 15:54:24.000000000 +0800
+@@ -826,12 +826,12 @@
+ 	case EVP_PKEY_RSA:
+ 		rc = convertRsaKeyToPublic(&in.inPublic, TYPE_ST, TPM_ALG_NULL,
+ 					   TPM_ALG_SHA256, TPM_ALG_SHA256,
+-					   EVP_PKEY_get0_RSA(ek_pub));
++					   (RSA *)EVP_PKEY_get0_RSA(ek_pub));
+ 		break;
+ 	case EVP_PKEY_EC:
+ 		rc = convertEcKeyToPublic(&in.inPublic, TYPE_ST, TPM_ALG_NULL,
+ 					  TPM_ALG_SHA256, TPM_ALG_SHA256,
+-					  EVP_PKEY_get0_EC_KEY(ek_pub));
++					  (EC_KEY *)EVP_PKEY_get0_EC_KEY(ek_pub));
+ 		break;
+ 	default:
+ 		rc = -ENOENT;
+diff -u -r attest-tools-v0.2.92/libs/util.c attest-tools-v0.2.92/libs/util.c
+--- attest-tools-v0.2.92/libs/util.c	2021-03-05 21:06:01.000000000 +0800
++++ attest-tools-v0.2.92/libs/util.c	2023-10-30 15:50:06.000000000 +0800
+@@ -132,7 +132,7 @@
+ 			   int append)
+ {
+ 	int open_flags = O_WRONLY | O_CREAT;
+-	int rc, fd;
++	int rc = 0, fd;
+ 
+ 	open_flags |= (append) ? O_APPEND : O_TRUNC;
+ 
+@@ -149,7 +149,7 @@
+ {
+ 	unsigned char *data;
+ 	size_t len;
+-	int rc;
++	int rc = 0;
+ 
+ 	rc = attest_util_read_file(path_source, &len, &data);
+ 	if (rc)
+@@ -324,7 +324,7 @@
+ {
+ 	CURL *curl;
+ 	FILE *f;
+-	int rc;
++	int rc = 0;
+ 
+ 	f = fdopen(fd, "wb");
+ 	if (!f)
+@@ -404,7 +404,7 @@
+ 		errno = 0;
+ 
+ 		pcr = strtol(pcr_str, NULL, 10);
+-		if ((errno == ERANGE && (pcr == LONG_MAX || pcr == LONG_MIN)) ||
++		if ((errno == ERANGE && (pcr == INT_MAX || pcr == INT_MIN)) ||
+ 		    (errno != 0 && pcr == 0)) {
+ 			rc = -EINVAL;
+ 			goto out;
+diff -u -r attest-tools-v0.2.92/src/attest_tls_client.c attest-tools-v0.2.92/src/attest_tls_client.c
+--- attest-tools-v0.2.92/src/attest_tls_client.c	2021-03-05 21:06:01.000000000 +0800
++++ attest-tools-v0.2.92/src/attest_tls_client.c	2023-10-30 15:55:53.000000000 +0800
+@@ -306,7 +306,7 @@
+ 		goto error_ssl;
+ 	}
+ 
+-	if (!SSL_get_verify_result(ssl) == X509_V_OK) {
++	if (!(SSL_get_verify_result(ssl) == X509_V_OK)) {
+ 		ERR_print_errors_fp(stderr);
+ 		printf("bad server cert\n");
+ 		goto error_ssl;