Well, answering my own question... Got some help from Ben Noordhuison on node.js IRC. Thanks a lot Ben!
Apparently, there is a limited number of OpenSSL routines exposed by the node executable, basically, only the ones node uses itself, and in my case that did not include the higher level SHA1 function, but it does include the lower level ones: SHA1_Init, SHA1_Update, and SHA1_Final. Changed my code to look like
SHA_CTX ctx;
SHA1_Init(&ctx);
SHA1_Update(&ctx, msg, msglen);
SHA1_Final(dgst, &ctx);
instead of just SHA1(msg, msglen, dgst);
and it works fine without external dependencies.
According to Ben, there could also be some issues with linking to static OpenSSL on Windows: cannot comment on this, using Linux only.