diff --git a/SOURCES/m2crypto-0.21.1-SAN-ip.patch b/SOURCES/m2crypto-0.21.1-SAN-ip.patch
new file mode 100644
index 0000000..ab593a8
--- /dev/null
+++ b/SOURCES/m2crypto-0.21.1-SAN-ip.patch
@@ -0,0 +1,57 @@
+diff -ur M2Crypto/M2Crypto/SSL/Checker.py M2Crypto-0.21.1/M2Crypto/SSL/Checker.py
+--- M2Crypto/M2Crypto/SSL/Checker.py	2011-01-15 20:10:05.000000000 +0100
++++ M2Crypto-0.21.1/M2Crypto/SSL/Checker.py	2015-07-07 16:41:53.887094222 +0200
+@@ -11,6 +11,7 @@
+            'WrongHost', 'Checker']
+ 
+ from M2Crypto import util, EVP, m2
++import socket
+ import re
+ 
+ class SSLVerificationError(Exception):
+@@ -161,6 +162,10 @@
+                 self.useSubjectAltNameOnly = True
+                 if self._match(host, certHost[4:]):
+                     return True
++            elif certHost[:11] == 'ip address:':
++                self.useSubjectAltNameOnly = True
++                if self._matchIPAddress(host, certHost[11:]):
++                    return True
+         return False
+         
+ 
+@@ -218,6 +223,34 @@
+ 
+         return False
+ 
++    def _matchIPAddress(self, host, certHost):
++        """
++        >>> check = Checker()
++        >>> check._matchIPAddress(host='my.example.com', certHost='my.example.com')
++        False
++        >>> check._matchIPAddress(host='1.2.3.4', certHost='1.2.3.4')
++        True
++        >>> check._matchIPAddress(host='1.2.3.4', certHost='*.2.3.4')
++        False
++        >>> check._matchIPAddress(host='1.2.3.4', certHost='1.2.3.40')
++        False
++        >>> check._matchIPAddress(host='::1', certHost='::1')
++        True
++        >>> check._matchIPAddress(host='::1', certHost='0:0:0:0:0:0:0:1')
++        True
++        >>> check._matchIPAddress(host='::1', certHost='::2')
++        False
++        """
++        try:
++            canonical = socket.getaddrinfo(host, 0, 0, socket.SOCK_STREAM, 0,
++                                           socket.AI_NUMERICHOST)
++            certCanonical = socket.getaddrinfo(certHost, 0, 0,
++                                               socket.SOCK_STREAM, 0,
++                                               socket.AI_NUMERICHOST)
++        except:
++            return False
++        return canonical == certCanonical
++
+ 
+ if __name__ == '__main__':
+     import doctest
diff --git a/SOURCES/m2crypto-0.21.1-test_cookie_str_changed.patch b/SOURCES/m2crypto-0.21.1-test_cookie_str_changed.patch
new file mode 100644
index 0000000..3b08256
--- /dev/null
+++ b/SOURCES/m2crypto-0.21.1-test_cookie_str_changed.patch
@@ -0,0 +1,30 @@
+diff -ur M2Crypto/tests/test_authcookie.py M2Crypto-0.21.1/tests/test_authcookie.py
+--- M2Crypto/tests/test_authcookie.py	2011-01-15 20:10:05.000000000 +0100
++++ M2Crypto-0.21.1/tests/test_authcookie.py	2015-07-07 14:42:20.713482088 +0200
+@@ -114,7 +114,7 @@
+     def test_cookie_str_changed_exp(self):
+         c = self.jar.makeCookie(self.exp, self.data)
+         cout = c.output()
+-        str = cout[:26] + '2' + cout[27:]
++        str = cout[:26] + chr(ord(cout[26])^1) + cout[27:]
+         s = Cookie.SmartCookie()
+         s.load(str)
+         self.failIf(self.jar.isGoodCookieString(s.output()))
+@@ -122,7 +122,7 @@
+     def test_cookie_str_changed_data(self):
+         c = self.jar.makeCookie(self.exp, self.data)
+         cout = c.output()
+-        str = cout[:36] + 'X' + cout[37:]
++        str = cout[:36] + chr(ord(cout[36])^1) + cout[37:]
+         s = Cookie.SmartCookie()
+         s.load(str)
+         self.failIf(self.jar.isGoodCookieString(s.output()))
+@@ -130,7 +130,7 @@
+     def test_cookie_str_changed_mac(self):
+         c = self.jar.makeCookie(self.exp, self.data)
+         cout = c.output()
+-        str = cout[:76] + 'X' + cout[77:]
++        str = cout[:76] + chr(ord(cout[76])^1) + cout[77:]
+         s = Cookie.SmartCookie()
+         s.load(str)
+         self.failIf(self.jar.isGoodCookieString(s.output()))
diff --git a/SPECS/m2crypto.spec b/SPECS/m2crypto.spec
index 41fd17c..98f9088 100644
--- a/SPECS/m2crypto.spec
+++ b/SPECS/m2crypto.spec
@@ -1,12 +1,12 @@
 %{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
 
 # Keep this value in sync with the definition in openssl.spec.
-%global multilib_arches %{ix86} ia64 ppc ppc64 s390 s390x x86_64 sparc sparcv9 sparc64
+%global multilib_arches %{ix86} ia64 ppc %{power64} s390 s390x sparcv9 sparc64 x86_64
 
 Summary: Support for using OpenSSL in python scripts
 Name: m2crypto
 Version: 0.21.1
-Release: 15%{?dist}
+Release: 17%{?dist}
 Source0: http://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-%{version}.tar.gz
 # https://bugzilla.osafoundation.org/show_bug.cgi?id=2341
 Patch0: m2crypto-0.21.1-timeouts.patch
@@ -42,6 +42,10 @@ Patch14: m2crypto-0.21.1-tests-no-SIGHUP.patch
 Patch15: m2crypto-0.21.1-tests-no-export-ciphers.patch
 # https://bugzilla.osafoundation.org/show_bug.cgi?id=13104
 Patch16: m2crypto-0.21.1-tests-random-ports.patch
+# https://github.com/martinpaljak/M2Crypto/issues/70
+Patch17: m2crypto-0.21.1-test_cookie_str_changed.patch
+# https://github.com/martinpaljak/M2Crypto/issues/19
+Patch18: m2crypto-0.21.1-SAN-ip.patch
 License: MIT
 Group: System Environment/Libraries
 URL: http://wiki.osafoundation.org/bin/view/Projects/MeTooCrypto
@@ -74,6 +78,8 @@ openssl x509 -in tests/x509.pem -out tests/x509.der -outform DER
 %patch14 -p1 -b .tests-no-SIGHUP
 %patch15 -p1 -b .tests-no-export-ciphers
 %patch16 -p1 -b .tests-random-ports
+%patch17 -p1 -b .test_cookie_str_changed
+%patch18 -p1 -b .SAN-ip
 
 # Red Hat opensslconf.h #includes an architecture-specific file, but SWIG
 # doesn't follow the #include.
@@ -138,6 +144,16 @@ rm tests/*.{pem,py}.* # Patch backup files
 %{python_sitearch}/M2Crypto-*.egg-info
 
 %changelog
+* Tue Jul 7 2015 Miloslav Trmač <mitr@redhat.com> - 0.21.1-17
+- Fix spurious failures of test_cookie_str_changed_mac
+  Resolves: #1073950
+- Add support for IP addresses in subjectAltName
+  Resolves: #1080142
+
+* Wed Aug 20 2014 Miloslav Trmač <mitr@redhat.com> - 0.21.1-16
+- Sync %%multilib_arches with openssl.
+  Resolves: #1125603
+
 * Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 0.21.1-15
 - Mass rebuild 2014-01-24