netifd: add gcmp-256 as a cipher suite when SAE is enabled on HE/EHT

Fixes: WIFI-14594
Signed-off-by: John Crispin <john@phrozen.org>

patches/0090-netifd-add-gcmp-256-as-a-cipher-suite-when-SAE-is-en.patch

@@ -0,0 +1,59 @@
+From 6866492b26cf59d5557d1ea0fdae24834410afff Mon Sep 17 00:00:00 2001
+From: John Crispin <john@phrozen.org>
+Date: Wed, 11 Jun 2025 14:24:48 +0200
+Subject: [PATCH] netifd: add gcmp-256 as a cipher suite when SAE is enabled on
+ HE/EHT
+
+Fixes: WIFI-14594
+Signed-off-by: John Crispin <john@phrozen.org>
+---
+ .../config/netifd/patches/200-gcmp-256.patch  | 37 +++++++++++++++++++
+ 1 file changed, 37 insertions(+)
+ create mode 100644 package/network/config/netifd/patches/200-gcmp-256.patch
+
+diff --git a/package/network/config/netifd/patches/200-gcmp-256.patch b/package/network/config/netifd/patches/200-gcmp-256.patch
+new file mode 100644
+index 0000000000..defe66a816
+--- /dev/null
++++ b/package/network/config/netifd/patches/200-gcmp-256.patch
+@@ -0,0 +1,37 @@
++--- a/scripts/netifd-wireless.sh
+++++ b/scripts/netifd-wireless.sh
++@@ -39,11 +39,10 @@ prepare_key_wep() {
++ }
++ 
++ _wdev_prepare_channel() {
++-	json_get_vars channel band hwmode
+++	json_get_vars channel band hwmode htmode
++ 
++ 	auto_channel=0
++ 	enable_ht=0
++-	htmode=
++ 	hwmode="${hwmode##11}"
++ 
++ 	case "$channel" in
++@@ -80,6 +79,11 @@ _wdev_prepare_channel() {
++ 			esac
++ 		;;
++ 	esac
+++
+++	case "$htmode" in
+++		HE*|EHT*) wpa3_cipher="GCMP-256 ";;
+++		*) wpa3_cipher="";;
+++	esac
++ }
++ 
++ _wdev_handler() {
++@@ -216,6 +220,9 @@ wireless_vif_parse_encryption() {
++ 		wpa_cipher="GCMP"
++ 	else
++ 		wpa_cipher="CCMP"
+++		case "$encryption" in
+++			sae*|wpa3*|psk3*|owe) wpa_cipher="${wpa3_cipher}$wpa_cipher";;
+++		esac
++ 	fi
++ 
++ 	case "$encryption" in
+-- 
+2.34.1
+