diff --git a/.gitignore b/.gitignore
index aa3500c..180a532 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,14 +1 @@
-/qca-2.1.1.tar.xz
-/0001-plugins-qca-logger-README-fix-typo.patch
-/0002-qca-ossl-Fix-build-without-SSLv3.patch
-/0003-qca-ossl-Fix-build-without-support-for-SHA-0.patch
-/0004-qca-gnupg-default-path-to-keyrings.patch
-/0005-gnupg-resolve-symbolic-links.patch
-/0006-gnupg-fixed-keys-is-not-updating.patch
-/0007-gnupg-use-utf-8-for-keys-output.patch
-/0008-Fix-empty-strings-in-pluginPaths.patch
-/0009-Delete-dead-variable.patch
-/0010-Add-missed-file.patch
-/0011-use-_DEFAULT_SOURCE-instead-of-_BSD_SOURCE.patch
-/0015-Fix-imported-target-name.patch
-/0016-fix-base64-decoding-on-ARM.patch
+/qca-2.1.3.tar.xz
diff --git a/qca-2.1.1-tlsautotest_fedora_cipers.patch b/qca-2.1.1-tlsautotest_fedora_cipers.patch
new file mode 100644
index 0000000..c460d7e
--- /dev/null
+++ b/qca-2.1.1-tlsautotest_fedora_cipers.patch
@@ -0,0 +1,21 @@
+diff -up qca-2.1.1/unittest/tls/tlsunittest.cpp.fedora qca-2.1.1/unittest/tls/tlsunittest.cpp
+--- qca-2.1.1/unittest/tls/tlsunittest.cpp.fedora	2017-02-06 12:51:32.667013814 -0600
++++ qca-2.1.1/unittest/tls/tlsunittest.cpp	2017-02-06 12:51:38.974080291 -0600
+@@ -68,7 +68,7 @@ void TLSUnitTest::testCipherList()
+ 	QVERIFY( cipherList.contains("TLS_DHE_RSA_WITH_AES_128_CBC_SHA") );
+ 	QVERIFY( cipherList.contains("TLS_DHE_DSS_WITH_AES_128_CBC_SHA") );
+ 	QVERIFY( cipherList.contains("TLS_RSA_WITH_AES_128_CBC_SHA") );
+-	QVERIFY( cipherList.contains("TLS_RSA_WITH_RC4_128_SHA") );
++	// QVERIFY( cipherList.contains("TLS_RSA_WITH_RC4_128_SHA") );
+ 
+ 	// Fedora 22 has no TLS_RSA_WITH_RC4_128_MD5
+ 	// QVERIFY( cipherList.contains("TLS_RSA_WITH_RC4_128_MD5") );
+@@ -97,7 +97,7 @@ void TLSUnitTest::testCipherList()
+ 	QVERIFY( cipherList.contains("SSL_DHE_RSA_WITH_AES_128_CBC_SHA") );
+ 	QVERIFY( cipherList.contains("SSL_DHE_DSS_WITH_AES_128_CBC_SHA") );
+ 	QVERIFY( cipherList.contains("SSL_RSA_WITH_AES_128_CBC_SHA") );
+-	QVERIFY( cipherList.contains("SSL_RSA_WITH_RC4_128_SHA") );
++	// QVERIFY( cipherList.contains("SSL_RSA_WITH_RC4_128_SHA") );
+ 
+ 	// Fedora 22 has no SSL_RSA_WITH_RC4_128_MD5
+ 	// QVERIFY( cipherList.contains("SSL_RSA_WITH_RC4_128_MD5") );
diff --git a/qca.spec b/qca.spec
index be2122f..6ee4bbf 100644
--- a/qca.spec
+++ b/qca.spec
@@ -1,34 +1,24 @@
 
 # enable qt5 support
-%define qt5 1
+%global qt5 1
 
 Name:    qca
 Summary: Qt Cryptographic Architecture
-Version: 2.1.1
-Release: 8%{?dist}
+Version: 2.1.3
+Release: 1%{?dist}
 
 License: LGPLv2+
-URL:     https://quickgit.kde.org/?p=%{name}.git
-Source0: http://download.kde.org/stable/qca/%{version}/src/qca-%{version}.tar.xz
+URL:     https://cgit.kde.org/qca.git
+#Source0: http://download.kde.org/stable/qca/%{version}/src/qca-%{version}.tar.xz
+#Source0: https://cgit.kde.org/qca.git/snapshot/qca-%{version}.tar.xz
+## git archive v2.1.3 --prefix=qca-2.1.3/ | xz -9 > ../qca-2.1.3.tar.xz
+Source0: qca-%{version}.tar.xz
 
 ## upstream patches
-# treat these pristine upstream commits as sources, put in lookaside cache
-# extracted via: git format-patch v2.1.1
-Patch1: 0001-plugins-qca-logger-README-fix-typo.patch
-Patch2: 0002-qca-ossl-Fix-build-without-SSLv3.patch
-Patch3: 0003-qca-ossl-Fix-build-without-support-for-SHA-0.patch
-Patch4: 0004-qca-gnupg-default-path-to-keyrings.patch
-Patch5: 0005-gnupg-resolve-symbolic-links.patch
-Patch6: 0006-gnupg-fixed-keys-is-not-updating.patch
-Patch7: 0007-gnupg-use-utf-8-for-keys-output.patch
-Patch8: 0008-Fix-empty-strings-in-pluginPaths.patch
-Patch9: 0009-Delete-dead-variable.patch
-Patch10: 0010-Add-missed-file.patch
-Patch11: 0011-use-_DEFAULT_SOURCE-instead-of-_BSD_SOURCE.patch
-Patch15: 0015-Fix-imported-target-name.patch
-Patch16: 0016-fix-base64-decoding-on-ARM.patch
 
 ## upstreamable patches
+# skip *_RSA_WITH_RC4_128_SHA cipher tests (not available in fedora's openssl)
+Patch100: qca-2.1.1-tlsautotest_fedora_cipers.patch
 
 BuildRequires: cmake >= 2.8.12
 BuildRequires: libgcrypt-devel
@@ -263,12 +253,9 @@ cp -a %{_target_platform}/apidocs/html/ \
 export PKG_CONFIG_PATH=%{buildroot}%{_libdir}/pkgconfig
 test "$(pkg-config --modversion qca2)" = "%{version}"
 export CTEST_OUTPUT_ON_FAILURE=1
-make test ARGS="--timeout 300 --output-on-failure" -C %{_target_platform}
+make test ARGS="--timeout 60 --output-on-failure" -C %{_target_platform}
 %if 0%{?qt5}
-## new to gcc6 or qt-5.6 ? -- rex
-# The following tests FAILED:
-#  2 - BigInteger (Failed)
-make test ARGS="--timeout 300 --output-on-failure" -C %{_target_platform}-qt5 ||:
+make test ARGS="--timeout 60 --output-on-failure" -C %{_target_platform}-qt5
 %endif
 
 %post -p /sbin/ldconfig
@@ -388,6 +375,12 @@ make test ARGS="--timeout 300 --output-on-failure" -C %{_target_platform}-qt5 ||
 
 
 %changelog
+* Mon Feb 06 2017 Rex Dieter <rdieter@fedoraproject.org> - 2.1.3-1
+- qca-2.1.3 (#1419662)
+
+* Mon Feb 06 2017 Rex Dieter <rdieter@fedoraproject.org> - 2.1.1-9
+- pull in upstream fixes (#1419662), update URL
+
 * Thu Jul 07 2016 Rex Dieter <rdieter@fedoraproject.org> - 2.1.1-8
 - pull in some upstream fixes
 
diff --git a/sources b/sources
index 3117770..83bcc19 100644
--- a/sources
+++ b/sources
@@ -1,14 +1 @@
-657cc701316600199199a6b6cb2c73c9  qca-2.1.1.tar.xz
-87b166fd6e80980578d6d3597177081f  0001-plugins-qca-logger-README-fix-typo.patch
-2c366211607312a41a3c6f3751e09f28  0002-qca-ossl-Fix-build-without-SSLv3.patch
-82d2cbd3809f5a4ad76740a146f2ca53  0003-qca-ossl-Fix-build-without-support-for-SHA-0.patch
-25f5395401075e3fdd43f64b2742fd06  0004-qca-gnupg-default-path-to-keyrings.patch
-1b917e3d8670c1ed13c889a5f7fed55d  0005-gnupg-resolve-symbolic-links.patch
-1db3bc8b79e405750682c62b10c4a372  0006-gnupg-fixed-keys-is-not-updating.patch
-80a3e654ad93b34679bed6117e16152e  0007-gnupg-use-utf-8-for-keys-output.patch
-4f64613869ef97c46fc3abd75c03c9c2  0008-Fix-empty-strings-in-pluginPaths.patch
-471015cc46c998de8393dbce7b8d7b7d  0009-Delete-dead-variable.patch
-538e11433f79cb8414a93124f810eaeb  0010-Add-missed-file.patch
-5899911615485fe85e43dbe3820cf8f7  0011-use-_DEFAULT_SOURCE-instead-of-_BSD_SOURCE.patch
-19e707d5e0d236c90ef7840a8ff61db8  0015-Fix-imported-target-name.patch
-3a5dd11ecfb6bec3a3952ea970098805  0016-fix-base64-decoding-on-ARM.patch
+SHA512 (qca-2.1.3.tar.xz) = 24ca1212336fb78e1502bb4a7536e967e53581c8a9bcfcde9f5cc9bd70067a1241df7f089978ccea906ed6a456c928d96ae2ac93432f4e839677c1cba880554f