Fix build with opaque RSA{,_METHOD} in LibreSSL 3.5. The relevant OpenSSL API
has been available since LibreSSL 2.9. ECDSA support is thus also available.
Instead of using ENGINE, use RSA_METHOD and ECDSA_METHOD.

Index: deps/neverbleed/neverbleed.c
--- deps/neverbleed/neverbleed.c.orig
+++ deps/neverbleed/neverbleed.c
@@ -45,7 +45,7 @@
 #endif
 #include "neverbleed.h"
 
-#if (!defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x1010000fL)
+#if ((!defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x2090000fL) && OPENSSL_VERSION_NUMBER >= 0x1010000fL)
 #define OPENSSL_1_1_API 1
 #else
 #define OPENSSL_1_1_API 0
@@ -683,7 +683,16 @@ static EVP_PKEY *create_pkey(neverbleed_t *nb, size_t 
     exdata->nb = nb;
     exdata->key_index = key_index;
 
+#ifdef OPENSSL_NO_ENGINE
+    rsa = RSA_new();
+    if (!rsa) {
+        fprintf(stderr, "no memory\n");
+        abort();
+    }
+    RSA_set_method(rsa, nb->rsa_method);
+#else
     rsa = RSA_new_method(nb->engine);
+#endif
     RSA_set_ex_data(rsa, 0, exdata);
     if (BN_hex2bn(&e, ebuf) == 0) {
         fprintf(stderr, "failed to parse e:%s\n", ebuf);
@@ -838,7 +847,16 @@ static EVP_PKEY *ecdsa_create_pkey(neverbleed_t *nb, s
     exdata->nb = nb;
     exdata->key_index = key_index;
 
+#ifdef OPENSSL_NO_ENGINE
+    ec_key = EC_KEY_new();
+    if (!ec_key) {
+        fprintf(stderr, "no memory\n");
+        abort();
+    }
+    EC_KEY_set_method(ec_key, nb->ecdsa_method);
+#else
     ec_key = EC_KEY_new_method(nb->engine);
+#endif
     EC_KEY_set_ex_data(ec_key, 0, exdata);
 
     ec_group = EC_GROUP_new_by_curve_name(curve_name);
@@ -1486,6 +1504,13 @@ int neverbleed_init(neverbleed_t *nb, char *errbuf)
     pipe_fds[0] = -1;
 
     /* setup engine */
+#ifdef OPENSSL_NO_ENGINE
+    nb->rsa_method = rsa_method;
+    nb->ecdsa_method = NULL;
+#if OPENSSL_1_1_API
+    nb->ecdsa_method = ecdsa_method;
+#endif
+#else
     if ((nb->engine = ENGINE_new()) == NULL || !ENGINE_set_id(nb->engine, "neverbleed") ||
         !ENGINE_set_name(nb->engine, "privilege separation software engine") || !ENGINE_set_RSA(nb->engine, rsa_method)
 #if OPENSSL_1_1_API
@@ -1496,6 +1521,7 @@ int neverbleed_init(neverbleed_t *nb, char *errbuf)
         goto Fail;
     }
     ENGINE_add(nb->engine);
+#endif
 
     /* setup thread key */
     pthread_key_create(&nb->thread_key, dispose_thread_data);
@@ -1513,9 +1539,11 @@ Fail:
     }
     if (listen_fd != -1)
         close(listen_fd);
+#ifndef OPENSSL_NO_ENGINE
     if (nb->engine != NULL) {
         ENGINE_free(nb->engine);
         nb->engine = NULL;
     }
+#endif
     return -1;
 }