net/dccp: make it depend on CONFIG_BROKEN (CVE-2020-16119)

There were some proposed fixes for this back in 2020, but the discussion
largely fizzled out[1] and never got picked up again.

We can see other distros are either blacklisting it from user space[2]
or explicitly calling it out as "is not set" in their base config[3] but
that really doesn't bind the workaround to the kernel source in any
robust transportable way.

So I've done the tried and true "depends on BROKEN" to ensure the
workaround goes wherever the kernel source goes.

We can revert this if a real fix eventually appears, but given that it
was marked "EXPERIMENTAL" back when we had that, I don't expect we'll
need to.  Also note that none of our base ktypes or BSPs enabled it.

[1] https://lore.kernel.org/netdev/20201013171849.236025-1-kleber.souza@canonical.com/T/
[2] https://access.redhat.com/security/cve/cve-2020-16119
[3] https://github.com/archlinux/svntogit-packages/commit/c07751100e1d64d9aa5789881ddc2ef68e43aed4



Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>