Remove gateway methods in Tramp

* doc/misc/tramp.texi (Top, Configuration): Remove section
`Gateway methods', insert section `Firewalls' in menu.
(History): Gateways are removed now.
(Gateway methods): Remove section.
(Multi-hops, Traces and Profiles): Don't reference to gateways anymore.
(Firewalls): New section.

* etc/NEWS: Gateway methods in Tramp have been removed.

* lisp/net/tramp.el (tramp-methods): Adapt docstring.
(tramp-file-name-port, tramp-accept-process-output): Simplify.

* lisp/net/tramp-gw.el: Remove.

* lisp/net/tramp-sh.el (tramp-gw-tunnel-method)
(tramp-gw-socks-method): Remove declarations.
(tramp-methods) <scp, scpx, ssh, sshx, telnet, nc, plink, pscp>:
Remove `tramp-gw-args' and `tramp-default-port'.  (Bug#18967)
(tramp-do-copy-or-rename-file-out-of-band)
(tramp-compute-multi-hops, tramp-maybe-open-connection):
Remove gateway support.

* test/lisp/net/tramp-tests.el (tramp-test03-file-name-defaults):
Remove gateway tests.

6 files changed, 82 insertions, 540 deletions

diff --git a/doc/misc/tramp.texi b/doc/misc/tramp.texi
index 955a13e477a..1ba22e0b594 100644
--- a/doc/misc/tramp.texi
+++ b/doc/misc/tramp.texi
@@ -143,11 +143,11 @@ Configuring @value{tramp} for use
 * Inline methods::              Inline methods.
 * External methods::            External methods.
 * GVFS based methods::          GVFS based external methods.
-* Gateway methods::             Gateway methods.
 * Default Method::              Selecting a default method.
 * Default User::                Selecting a default user.
 * Default Host::                Selecting a default host.
 * Multi-hops::                  Connecting to a remote host using multiple hops.
+* Firewalls::                   Passing firewalls.
 * Customizing Methods::         Using Non-Standard Methods.
 * Customizing Completion::      Selecting config files for user/host name completion.
 * Password handling::           Reusing passwords for several connections.
@@ -406,10 +406,11 @@ April 2000 was the first time when multi-hop methods were added.  In
 July 2002, @value{tramp} unified file names with Ange-FTP@.  In July
 2004, proxy hosts replaced multi-hop methods.  Running commands on
 remote hosts was introduced in December 2005.  Support for gateways
-since April 2007.  GVFS integration started in February 2009.  Remote
-commands on Windows hosts since September 2011.  Ad-hoc multi-hop
-methods (with a changed syntax) re-enabled in November 2011.  In
-November 2012, added Juergen Hoetzel's @file{tramp-adb.el}.
+since April 2007 (and removed in December 2016).  GVFS integration
+started in February 2009.  Remote commands on Windows hosts since
+September 2011.  Ad-hoc multi-hop methods (with a changed syntax)
+re-enabled in November 2011.  In November 2012, added Juergen
+Hoetzel's @file{tramp-adb.el}.
 
 XEmacs support has been stopped in January 2016.
 
@@ -453,7 +454,6 @@ installed and loaded:
 * Inline methods::              Inline methods.
 * External methods::            External methods.
 * GVFS based methods::          GVFS based external methods.
-* Gateway methods::             Gateway methods.
 * Default Method::              Selecting a default method.
                                   Here we also try to help those who
                                   don't have the foggiest which method
@@ -461,6 +461,7 @@ installed and loaded:
 * Default User::                Selecting a default user.
 * Default Host::                Selecting a default host.
 * Multi-hops::                  Connecting to a remote host using multiple hops.
+* Firewalls::                   Passing firewalls.
 * Customizing Methods::         Using Non-Standard Methods.
 * Customizing Completion::      Selecting config files for user/host name completion.
 * Password handling::           Reusing passwords for several connections.
@@ -997,51 +998,6 @@ Other methods to include are: @option{ftp} and @option{smb}.
 @end defopt
 
 
-@node Gateway methods
-@section Gateway methods
-@cindex methods, gateway
-@cindex gateway methods
-
-Gateway methods are for proxy host declarations (@pxref{Multi-hops})
-so as to pass through firewalls and proxy servers.  They are not like
-the other methods that declare direct connections to a remote host.
-
-A gateway method always comes with a port setting.  @value{tramp}
-targets the port number with the gateway method
-@file{localhost#random_port} from where the firewall or proxy server
-is accessed.
-
-Gateway methods support user name and password declarations for
-authenticating the corresponding firewall or proxy server.  Such
-authentication can be passed through only if granted access by system
-administrators.
-
-@table @asis
-@item @option{tunnel}
-@cindex method tunnel
-@cindex tunnel method
-
-This method implements an HTTP tunnel via the @command{CONNECT}
-command (conforming to RFC 2616, 2817 specifications).  Proxy servers
-using HTTP version 1.1 or later protocol support this command.
-
-For authentication, this protocol uses only @option{Basic
-Authentication} (see RFC 2617).  When no port number is specified, this
-protocol defaults to @option{8080}.
-
-@item @option{socks}
-@cindex method socks
-@cindex socks method
-
-The @option{socks} method connects to SOCKSv5 servers (see RFC 1928)
-and supports @option{Username/Password Authentication}.
-
-The default port number for the socks server is @option{1080}, if not
-specified otherwise.
-
-@end table
-
-
 @node Default Method
 @section Selecting a default method
 @cindex default method
@@ -1244,9 +1200,8 @@ regular expression which always matches.
 @var{proxy} is a literal @value{tramp} file name whose local name part
 is ignored, and the method and user name parts are optional.
 
-The method must be an inline or gateway method (@pxref{Inline
-methods}, @pxref{Gateway methods}).
-If @var{proxy} is @code{nil}, no additional hop is required reaching
+The method must be an inline method (@pxref{Inline methods}).  If
+@var{proxy} is @code{nil}, no additional hop is required reaching
 @var{user}@@@var{host}.
 
 For example, to pass through the host @samp{bastion.your.domain} as
@@ -1313,32 +1268,6 @@ local one, first connect via @command{ssh}, and then apply
              '((regexp-quote (system-name)) nil nil))
 @end group
 @end lisp
-
-The above configuration allows @value{tramp} connection as @samp{root}
-to remote Ubuntu hosts.
-
-@option{tramp-default-proxies-alist} is also used for passing through
-firewalls or proxy servers.
-
-For example, the local host @samp{proxy.your.domain} on port 3128
-serves as HTTP proxy to the outer world.  User has access rights to
-another proxy server on @samp{host.other.domain}.@footnote{HTTP tunnels
-are intended for secure SSL/TLS communication.  Therefore, many proxy
-servers restrict the tunnels to related target ports.  You might need
-to run your ssh server on your target host @samp{host.other.domain} on
-such a port, like 443 (https).  See
-@uref{http://savannah.gnu.org/maintenance/CvsFromBehindFirewall} for
-discussion of ethical issues.}  Then the configuration is:
-
-@lisp
-@group
-(add-to-list 'tramp-default-proxies-alist
-             '("\\`host\\.other\\.domain\\'" nil
-             "@trampfn{tunnel,proxy.your.domain#3128,}"))
-@end group
-@end lisp
-
-Gateway methods in a multiple hop chain can be declared only as the first hop.
 @end defopt
 
 Passing through hops involves dealing with restricted shells, such as
@@ -1362,6 +1291,50 @@ restricted shell:
 @end defopt
 
 
+@node Firewalls
+@section Passing firewalls
+@cindex HTTP tunnel
+@cindex proxy hosts, HTTP tunnel
+
+Sometimes, it is not possible to reach a remote host directly.  A
+firewall might be in the way, which could be passed via a proxy
+server.
+
+Both ssh and PuTTY support such proxy settings, using an HTTP tunnel
+via the @command{CONNECT} command (conforming to RFC 2616, 2817
+specifications).  Proxy servers using HTTP version 1.1 or later
+protocol support this command.
+
+@subsection Tunneling with ssh
+
+With ssh, you could use the @code{ProxyCommand} entry in the
+@file{~/.ssh/config}:
+
+@example
+@group
+Host host.other.domain
+     ProxyCommand nc -X connect -x proxy.your.domain:3128 %h %p
+@end group
+@end example
+
+@code{nc} is BSD's netcat program, which establishes HTTP tunnels. Any
+other program with such a feature could be used as well.
+
+In the example, opening @file{@trampfn{ssh,host.your.domain,}} passes
+the HTTP proxy server @samp{proxy.your.domain} on port 3128.
+
+@subsection Tunneling with PuTTY
+
+PuTTY does not need an external program, HTTP tunnel support is
+built-in.  In the PuTTY config program, create a session for
+@samp{host.your.domain}.  In the @option{Connection/Data} entry,
+select the @option{HTTP} option, and add @samp{proxy.your.domain} as
+@option{Proxy hostname}, and 3128 as @option{Port}.
+
+Opening @file{@trampfn{plinkx,host.your.domain,}} passes the HTTP
+proxy server @samp{proxy.your.domain} on port 3128.
+
+
 @node Customizing Methods
 @section Using Non-Standard Methods
 @cindex customizing methods
@@ -3618,14 +3591,12 @@ have to be specifically enabled as shown in this code:
 (dolist (elt (all-completions "tramp-" obarray 'functionp))
   (trace-function-background (intern elt)))
 (untrace-function 'tramp-read-passwd)
-(untrace-function 'tramp-gw-basic-authentication)
 @end group
 @end lisp
 
 The buffer @file{*trace-output*} contains the output from the function
-call traces.  Disable @code{tramp-read-passwd} and
-@code{tramp-gw-basic-authentication} to stop password strings from
-being written to @file{*trace-output*}.
+call traces.  Disable @code{tramp-read-passwd} to stop password
+strings from being written to @file{*trace-output*}.
 
 
 @node GNU Free Documentation License
diff --git a/etc/NEWS b/etc/NEWS
index ee74236a528..7338c0c6a70 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -567,6 +567,10 @@ different group ID.
 Drive onsite repositories.
 
 +++
+*** Gateway methods in Tramp have been removed.  Instead, the Tramp
+manual documents how to configure ssh and PuTTY accordingly.
+
++++
 Setting the "ENV" environment variable in 'tramp-remote-process-environment'
 enables reading of shell initialization files.
 
diff --git a/lisp/net/tramp-gw.el b/lisp/net/tramp-gw.el
deleted file mode 100644
index 8f8f107ec10..00000000000
--- a/lisp/net/tramp-gw.el
+++ /dev/null
@@ -1,339 +0,0 @@
-;;; tramp-gw.el --- Tramp utility functions for HTTP tunnels and SOCKS gateways
-
-;; Copyright (C) 2007-2016 Free Software Foundation, Inc.
-
-;; Author: Michael Albinus <michael.albinus@gmx.de>
-;; Keywords: comm, processes
-;; Package: tramp
-
-;; This file is part of GNU Emacs.
-
-;; GNU Emacs is free software: you can redistribute it and/or modify
-;; it under the terms of the GNU General Public License as published by
-;; the Free Software Foundation, either version 3 of the License, or
-;; (at your option) any later version.
-
-;; GNU Emacs is distributed in the hope that it will be useful,
-;; but WITHOUT ANY WARRANTY; without even the implied warranty of
-;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-;; GNU General Public License for more details.
-
-;; You should have received a copy of the GNU General Public License
-;; along with GNU Emacs.  If not, see <http://www.gnu.org/licenses/>.
-
-;;; Commentary:
-
-;; Access functions for HTTP tunnels and SOCKS gateways from Tramp.
-;; SOCKS functionality is implemented by socks.el from the w3 package.
-;; HTTP tunnels are partly implemented in socks.el and url-http.el;
-;; both implementations are not complete.  Therefore, it is
-;; implemented in this package.
-
-;;; Code:
-
-(require 'tramp)
-
-;; Pacify byte-compiler.
-(eval-when-compile
-  (require 'cl)
-  (require 'custom))
-(defvar socks-noproxy)
-
-;; We don't add the following methods to `tramp-methods', in order to
-;; exclude them from file name completion.
-
-;; Define HTTP tunnel method ...
-;;;###tramp-autoload
-(defconst tramp-gw-tunnel-method "tunnel"
-  "Method to connect HTTP gateways.")
-
-;; ... and port.
-(defconst tramp-gw-default-tunnel-port 8080
-  "Default port for HTTP gateways.")
-
-;; Define SOCKS method ...
-;;;###tramp-autoload
-(defconst tramp-gw-socks-method "socks"
-  "Method to connect SOCKS servers.")
-
-;; ... and port.
-(defconst tramp-gw-default-socks-port 1080
-  "Default port for SOCKS servers.")
-
-;; Autoload the socks library.  It is used only when we access a SOCKS server.
-(autoload 'socks-open-network-stream "socks")
-(defvar socks-username (user-login-name))
-(defvar socks-server
-  (list "Default server" "socks" tramp-gw-default-socks-port 5))
-
-;; Add a default for `tramp-default-user-alist'.  Default is the local user.
-;;;###tramp-autoload
-(add-to-list
- 'tramp-default-user-alist
- (list (concat "\\`"
-               (regexp-opt (list tramp-gw-tunnel-method tramp-gw-socks-method))
-               "\\'")
-       nil (user-login-name)))
-
-;; Internal file name functions and variables.
-
-(defvar tramp-gw-vector nil
-  "Keeps the remote host identification.  Needed for Tramp messages.")
-
-(defvar tramp-gw-gw-vector nil
-  "Current gateway identification vector.")
-
-(defvar tramp-gw-gw-proc nil
-  "Current gateway process.")
-
-;; This variable keeps the listening process, in order to reuse it for
-;; new processes.
-(defvar tramp-gw-aux-proc nil
-  "Process listening on local port, as mediation between SSH and the gateway.")
-
-(defun tramp-gw-gw-proc-sentinel (proc _event)
-  "Delete auxiliary process when we are deleted."
-  (unless (tramp-compat-process-live-p proc)
-    (tramp-message
-     tramp-gw-vector 4 "Deleting auxiliary process `%s'" tramp-gw-gw-proc)
-    (let* ((tramp-verbose 0)
-           (p (tramp-get-connection-property proc "process" nil)))
-      (when (processp p) (delete-process p)))))
-
-(defun tramp-gw-aux-proc-sentinel (proc _event)
-  "Activate the different filters for involved gateway and auxiliary processes."
-  (when (tramp-compat-process-live-p proc)
-    ;; A new process has been spawned from `tramp-gw-aux-proc'.
-    (tramp-message
-     tramp-gw-vector 4
-     "Opening auxiliary process `%s', speaking with process `%s'"
-     proc tramp-gw-gw-proc)
-    (set-process-query-on-exit-flag proc nil)
-    ;; We don't want debug messages, because the corresponding debug
-    ;; buffer might be undecided.
-    (let ((tramp-verbose 0))
-      (tramp-set-connection-property tramp-gw-gw-proc "process" proc)
-      (tramp-set-connection-property proc "process" tramp-gw-gw-proc))
-    ;; Set the process-filter functions for both processes.
-    (set-process-filter proc 'tramp-gw-process-filter)
-    (set-process-filter tramp-gw-gw-proc 'tramp-gw-process-filter)
-    ;; There might be already some output from the gateway process.
-    (with-current-buffer (process-buffer tramp-gw-gw-proc)
-      (unless (= (point-min) (point-max))
-        (let ((s (buffer-string)))
-          (delete-region (point) (point-max))
-          (tramp-gw-process-filter tramp-gw-gw-proc s))))))
-
-(defun tramp-gw-process-filter (proc string)
-  "Resend the string to the other process."
-  (let ((tramp-verbose 0))
-    ;; The other process might have been stopped already.  We don't
-    ;; want to be interrupted then.
-    (ignore-errors
-      (process-send-string
-       (tramp-get-connection-property proc "process" nil) string))))
-
-;;;###tramp-autoload
-(defun tramp-gw-open-connection (vec gw-vec target-vec)
-  "Open a remote connection to VEC (see `tramp-file-name' structure).
-Take GW-VEC as SOCKS or HTTP gateway, i.e. its method must be a
-gateway method.  TARGET-VEC identifies where to connect to via
-the gateway, it can be different from VEC when there are more
-hops to be applied.
-
-It returns a string like \"localhost#port\", which must be used
-instead of the host name declared in TARGET-VEC."
-
-  ;; Remember vectors for property retrieval.
-  (setq tramp-gw-vector vec
-        tramp-gw-gw-vector gw-vec)
-
-  ;; Start listening auxiliary process.
-  (unless (tramp-compat-process-live-p tramp-gw-aux-proc)
-    (let ((aux-vec
-           (vector "aux" (tramp-file-name-user gw-vec)
-                   (tramp-file-name-host gw-vec) nil nil)))
-      (setq tramp-gw-aux-proc
-            (make-network-process
-             :name (tramp-buffer-name aux-vec) :buffer nil :host 'local
-             :server t :noquery t :service t :coding 'binary))
-      (set-process-sentinel tramp-gw-aux-proc 'tramp-gw-aux-proc-sentinel)
-      (set-process-query-on-exit-flag tramp-gw-aux-proc nil)
-      (tramp-message
-       vec 4 "Opening auxiliary process `%s', listening on port %d"
-       tramp-gw-aux-proc (process-contact tramp-gw-aux-proc :service))))
-
-  (let* ((gw-method
-          (intern
-           (tramp-find-method
-            (tramp-file-name-method gw-vec)
-            (tramp-file-name-user gw-vec)
-            (tramp-file-name-host gw-vec))))
-         (socks-username
-          (tramp-find-user
-           (tramp-file-name-method gw-vec)
-           (tramp-file-name-user gw-vec)
-           (tramp-file-name-host gw-vec)))
-         ;; Declare the SOCKS server to be used.
-         (socks-server
-          (list "Tramp temporary socks server list"
-                ;; Host name.
-                (tramp-file-name-real-host gw-vec)
-                ;; Port number.
-                (or (tramp-file-name-port gw-vec)
-                    (case gw-method
-                      (tunnel tramp-gw-default-tunnel-port)
-                      (socks tramp-gw-default-socks-port)))
-                ;; Type.  We support only http and socks5, NO socks4.
-                ;; 'http could be used when HTTP tunnel works in socks.el.
-                5))
-         ;; The function to be called.
-         (socks-function
-          (case gw-method
-            (tunnel 'tramp-gw-open-network-stream)
-            (socks 'socks-open-network-stream)))
-         socks-noproxy)
-
-    ;; Open SOCKS process.
-    (setq tramp-gw-gw-proc
-          (funcall
-           socks-function
-           (let ((tramp-verbose 0)) (tramp-get-connection-name gw-vec))
-           (let ((tramp-verbose 0)) (tramp-get-connection-buffer gw-vec))
-           (tramp-file-name-real-host target-vec)
-           (tramp-file-name-port target-vec)))
-    (set-process-sentinel tramp-gw-gw-proc 'tramp-gw-gw-proc-sentinel)
-    (set-process-coding-system tramp-gw-gw-proc 'binary 'binary)
-    (set-process-query-on-exit-flag tramp-gw-gw-proc nil)
-    (tramp-message
-     vec 4 "Opened %s process `%s'"
-     (case gw-method ('tunnel "HTTP tunnel") ('socks "SOCKS"))
-     tramp-gw-gw-proc)
-
-    ;; Return the new host for gateway access.
-    (format "localhost#%d" (process-contact tramp-gw-aux-proc :service))))
-
-(defun tramp-gw-open-network-stream (name buffer host service)
-  "Open stream to proxy server HOST:SERVICE.
-Resulting process has name NAME and buffer BUFFER.  If
-authentication is requested from proxy server, provide it."
-  (let ((command (format (concat
-                          "CONNECT %s:%d HTTP/1.1\r\n"
-                          "Host: %s:%d\r\n"
-                          "Connection: keep-alive\r\n"
-                          "User-Agent: Tramp/%s\r\n")
-                         host service host service tramp-version))
-        (authentication "")
-        (first t)
-        found proc)
-
-    (while (not found)
-      ;; Clean up.
-      (when (processp proc) (delete-process proc))
-      (with-current-buffer buffer (erase-buffer))
-      ;; Open network stream.
-      (setq proc (open-network-stream
-                  name buffer (nth 1 socks-server) (nth 2 socks-server)))
-      (set-process-coding-system proc 'binary 'binary)
-      (set-process-query-on-exit-flag proc nil)
-      ;; Send CONNECT command.
-      (process-send-string proc (format "%s%s\r\n" command authentication))
-      (tramp-message
-       tramp-gw-vector 6 "\n%s"
-       (format
-        "%s%s\r\n" command
-        (replace-regexp-in-string ;; no password in trace!
-         "Basic [^\r\n]+" "Basic xxxxx" authentication t)))
-      (with-current-buffer buffer
-        ;; Trap errors to be traced in the right trace buffer.  Often,
-        ;; proxies have a timeout of 60".  We wait 65" in order to
-        ;; receive an answer this case.
-        (ignore-errors
-          (let ((tramp-verbose 0))
-            (tramp-wait-for-regexp proc 65 "\r?\n\r?\n")))
-        ;; Check return code.
-        (goto-char (point-min))
-        (narrow-to-region
-         (point-min)
-         (or (search-forward-regexp "\r?\n\r?\n" nil t) (point-max)))
-        (tramp-message tramp-gw-vector 6 "\n%s" (buffer-string))
-        (goto-char (point-min))
-        (search-forward-regexp "^HTTP/[1-9]\\.[0-9]" nil t)
-        (case (condition-case nil (read (current-buffer)) (error))
-          ;; Connected.
-          (200 (setq found t))
-          ;; We need basic authentication.
-          (401 (setq authentication (tramp-gw-basic-authentication nil first)))
-          ;; Access forbidden.
-          (403 (tramp-error-with-buffer
-                (current-buffer) tramp-gw-vector 'file-error
-                "Connection to %s:%d forbidden." host service))
-          ;; Target host not found.
-          (404 (tramp-error-with-buffer
-                (current-buffer) tramp-gw-vector 'file-error
-                "Host %s not found." host))
-          ;; We need basic proxy authentication.
-          (407 (setq authentication (tramp-gw-basic-authentication t first)))
-          ;; Connection failed.
-          (503 (tramp-error-with-buffer
-                (current-buffer) tramp-gw-vector 'file-error
-                "Connection to %s:%d failed." host service))
-          ;; That doesn't work at all.
-          (t (tramp-error-with-buffer
-              (current-buffer) tramp-gw-vector 'file-error
-              "Access to HTTP server %s:%d failed."
-              (nth 1 socks-server) (nth 2 socks-server))))
-        ;; Remove HTTP headers.
-        (delete-region (point-min) (point-max))
-        (widen)
-        (setq first nil)))
-    ;; Return the process.
-    proc))
-
-(defun tramp-gw-basic-authentication (proxy pw-cache)
-  "Return authentication header for CONNECT, based on server request.
-PROXY is an indication whether we need a Proxy-Authorization header
-or an Authorization header.  If PW-CACHE is non-nil, check for
-password in password cache.  This is done for the first try only."
-
-  ;; `tramp-current-*' must be set for `tramp-read-passwd'.
-  (let ((tramp-current-method (tramp-file-name-method tramp-gw-gw-vector))
-        (tramp-current-user (tramp-file-name-user tramp-gw-gw-vector))
-        (tramp-current-host (tramp-file-name-host tramp-gw-gw-vector)))
-    (unless pw-cache (tramp-clear-passwd tramp-gw-gw-vector))
-    ;; We are already in the right buffer.
-    (tramp-message
-     tramp-gw-vector 5 "%s required"
-     (if proxy "Proxy authentication" "Authentication"))
-    ;; Search for request header.  We accept only basic authentication.
-    (goto-char (point-min))
-    (search-forward-regexp
-     "^\\(Proxy\\|WWW\\)-Authenticate:\\s-*Basic\\s-+realm=")
-    ;; Return authentication string.
-    (format
-     "%s: Basic %s\r\n"
-     (if proxy "Proxy-Authorization" "Authorization")
-     (base64-encode-string
-      (format
-       "%s:%s"
-       socks-username
-       (tramp-read-passwd
-        nil
-        (format
-         "Password for %s@[%s]: " socks-username (read (current-buffer)))))))))
-
-(add-hook 'tramp-unload-hook
-          (lambda ()
-            (unload-feature 'tramp-gw 'force)))
-
-(provide 'tramp-gw)
-
-;;; TODO:
-
-;; * Provide descriptive Commentary.
-;;
-;; * Enable it for several gateway processes in parallel.
-;;
-;; * Use `url-https-proxy-connect' as of Emacs 26.
-
-;;; tramp-gw.el ends here
diff --git a/lisp/net/tramp-sh.el b/lisp/net/tramp-sh.el
index fbf44b77a12..57cb6e11d21 100644
--- a/lisp/net/tramp-sh.el
+++ b/lisp/net/tramp-sh.el
@@ -32,8 +32,6 @@
 (eval-when-compile
   (require 'cl)
   (require 'dired))
-(defvar tramp-gw-tunnel-method)
-(defvar tramp-gw-socks-method)
 (defvar vc-handled-backends)
 (defvar vc-bzr-program)
 (defvar vc-git-program)
@@ -172,11 +170,7 @@ The string is used in `tramp-methods'.")
     (tramp-copy-program         "scp")
     (tramp-copy-args            (("-P" "%p") ("-p" "%k") ("-q") ("-r") ("%c")))
     (tramp-copy-keep-date       t)
-    (tramp-copy-recursive       t)
-    (tramp-gw-args              (("-o" "GlobalKnownHostsFile=/dev/null")
-                                 ("-o" "UserKnownHostsFile=/dev/null")
-                                 ("-o" "StrictHostKeyChecking=no")))
-    (tramp-default-port         22)))
+    (tramp-copy-recursive       t)))
 ;;;###tramp-autoload
 (add-to-list 'tramp-methods
   '("scpx"
@@ -191,11 +185,7 @@ The string is used in `tramp-methods'.")
     (tramp-copy-args            (("-P" "%p") ("-p" "%k")
                                  ("-q") ("-r") ("%c")))
     (tramp-copy-keep-date       t)
-    (tramp-copy-recursive       t)
-    (tramp-gw-args              (("-o" "GlobalKnownHostsFile=/dev/null")
-                                 ("-o" "UserKnownHostsFile=/dev/null")
-                                 ("-o" "StrictHostKeyChecking=no")))
-    (tramp-default-port         22)))
+    (tramp-copy-recursive       t)))
 ;;;###tramp-autoload
 (add-to-list 'tramp-methods
   '("rsync"
@@ -237,11 +227,7 @@ The string is used in `tramp-methods'.")
     (tramp-async-args           (("-q")))
     (tramp-remote-shell         "/bin/sh")
     (tramp-remote-shell-login   ("-l"))
-    (tramp-remote-shell-args    ("-c"))
-    (tramp-gw-args              (("-o" "GlobalKnownHostsFile=/dev/null")
-                                 ("-o" "UserKnownHostsFile=/dev/null")
-                                 ("-o" "StrictHostKeyChecking=no")))
-    (tramp-default-port         22)))
+    (tramp-remote-shell-args    ("-c"))))
 ;;;###tramp-autoload
 (add-to-list 'tramp-methods
   '("sshx"
@@ -251,11 +237,7 @@ The string is used in `tramp-methods'.")
     (tramp-async-args           (("-q")))
     (tramp-remote-shell         "/bin/sh")
     (tramp-remote-shell-login   ("-l"))
-    (tramp-remote-shell-args    ("-c"))
-    (tramp-gw-args              (("-o" "GlobalKnownHostsFile=/dev/null")
-                                 ("-o" "UserKnownHostsFile=/dev/null")
-                                 ("-o" "StrictHostKeyChecking=no")))
-    (tramp-default-port         22)))
+    (tramp-remote-shell-args    ("-c"))))
 ;;;###tramp-autoload
 (add-to-list 'tramp-methods
   '("telnet"
@@ -263,8 +245,7 @@ The string is used in `tramp-methods'.")
     (tramp-login-args           (("%h") ("%p") ("2>/dev/null")))
     (tramp-remote-shell         "/bin/sh")
     (tramp-remote-shell-login   ("-l"))
-    (tramp-remote-shell-args    ("-c"))
-    (tramp-default-port         23)))
+    (tramp-remote-shell-args    ("-c"))))
 ;;;###tramp-autoload
 (add-to-list 'tramp-methods
   '("nc"
@@ -280,8 +261,7 @@ The string is used in `tramp-methods'.")
     ;; We use "-p" as required for newer busyboxes.  For older
     ;; busybox/nc versions, the value must be (("-l") ("%r")).  This
     ;; can be achieved by tweaking `tramp-connection-properties'.
-    (tramp-remote-copy-args     (("-l") ("-p" "%r") ("2>/dev/null")))
-    (tramp-default-port         23)))
+    (tramp-remote-copy-args     (("-l") ("-p" "%r") ("2>/dev/null")))))
 ;;;###tramp-autoload
 (add-to-list 'tramp-methods
   '("su"
@@ -353,8 +333,7 @@ The string is used in `tramp-methods'.")
                                  ("/bin/sh") ("\"")))
     (tramp-remote-shell         "/bin/sh")
     (tramp-remote-shell-login   ("-l"))
-    (tramp-remote-shell-args    ("-c"))
-    (tramp-default-port         22)))
+    (tramp-remote-shell-args    ("-c"))))
 ;;;###tramp-autoload
 (add-to-list 'tramp-methods
   `("plinkx"
@@ -386,8 +365,7 @@ The string is used in `tramp-methods'.")
     (tramp-copy-args            (("-l" "%u") ("-P" "%p") ("-scp") ("-p" "%k")
                                  ("-q") ("-r")))
     (tramp-copy-keep-date       t)
-    (tramp-copy-recursive       t)
-    (tramp-default-port         22)))
+    (tramp-copy-recursive       t)))
 ;;;###tramp-autoload
 (add-to-list 'tramp-methods
   `("psftp"
@@ -2395,10 +2373,6 @@ The method used must be an out-of-band method."
                                       v "login-as" nil))
               tramp-current-host (tramp-file-name-real-host v))
 
-        ;; Expand hops.  Might be necessary for gateway methods.
-        (setq v (car (tramp-compute-multi-hops v)))
-        (aset v 3 localname)
-
         ;; Check which ones of source and target are Tramp files.
         (setq source (funcall
                       (if (and (file-directory-p filename)
@@ -2412,15 +2386,9 @@ The method used must be an out-of-band method."
                          (tramp-make-copy-program-file-name v)
                        (tramp-unquote-shell-quote-argument newname)))
 
-        ;; Check for host and port number.  We cannot use
-        ;; `tramp-file-name-port', because this returns also
-        ;; `tramp-default-port', which might clash with settings in
-        ;; "~/.ssh/config".
-        (setq host (tramp-file-name-host v)
-              port "")
-        (when (string-match tramp-host-with-port-regexp host)
-          (setq port (string-to-number (match-string 2 host))
-                host (string-to-number (match-string 1 host))))
+        ;; Check for host and port number.
+        (setq host (tramp-file-name-real-host v)
+              port (tramp-file-name-port v))
 
         ;; Check for user.  There might be an interactive setting.
         (setq user (or (tramp-file-name-user v)
@@ -4504,8 +4472,7 @@ Goes through the list `tramp-inline-compress-commands'."
          vec 2 "Couldn't find an inline transfer compress command")))))
 
 (defun tramp-compute-multi-hops (vec)
-  "Expands VEC according to `tramp-default-proxies-alist'.
-Gateway hops are already opened."
+  "Expands VEC according to `tramp-default-proxies-alist'."
   (let ((target-alist `(,vec))
         (hops (or (tramp-file-name-hop vec) ""))
         (item vec)
@@ -4562,32 +4529,6 @@ Gateway hops are already opened."
             ;; Start next search.
             (setq choices tramp-default-proxies-alist)))))
 
-    ;; Handle gateways.
-    (when (and (boundp 'tramp-gw-tunnel-method) (boundp 'tramp-gw-socks-method)
-               (string-match
-                (format
-                 "^\\(%s\\|%s\\)$" tramp-gw-tunnel-method tramp-gw-socks-method)
-                (tramp-file-name-method (car target-alist))))
-      (let ((gw (pop target-alist))
-            (hop (pop target-alist)))
-        ;; Is the method prepared for gateways?
-        (unless (tramp-file-name-port hop)
-          (tramp-error
-           vec 'file-error
-           "Connection `%s' is not supported for gateway access." hop))
-        ;; Open the gateway connection.
-        (push
-         (vector
-          (tramp-file-name-method hop) (tramp-file-name-user hop)
-          (tramp-gw-open-connection vec gw hop) nil nil)
-         target-alist)
-        ;; For the password prompt, we need the correct values.
-        ;; Therefore, we must remember the gateway vector.  But we
-        ;; cannot do it as connection property, because it shouldn't
-        ;; be persistent.  And we have no started process yet either.
-        (let ((tramp-verbose 0))
-          (tramp-set-file-property (car target-alist) "" "gateway" hop))))
-
     ;; Foreign and out-of-band methods are not supported for multi-hops.
     (when (cdr target-alist)
       (setq choices target-alist)
@@ -4802,13 +4743,6 @@ connection if a previous connection has died for some reason."
                          (connection-timeout
                           (tramp-get-method-parameter
                            hop 'tramp-connection-timeout))
-                         (gw-args
-                          (tramp-get-method-parameter hop 'tramp-gw-args))
-                         (gw (let ((tramp-verbose 0))
-                               (tramp-get-file-property hop "" "gateway" nil)))
-                         (g-method (and gw (tramp-file-name-method gw)))
-                         (g-user (and gw (tramp-file-name-user gw)))
-                         (g-host (and gw (tramp-file-name-real-host gw)))
                          (command login-program)
                          ;; We don't create the temporary file.  In
                          ;; fact, it is just a prefix for the
@@ -4832,12 +4766,6 @@ connection if a previous connection has died for some reason."
                     (when (and process-name async-args)
                       (setq login-args (append async-args login-args)))
 
-                    ;; Add gateway arguments if necessary.
-                    (when gw
-                      (tramp-set-connection-property p "gateway" t)
-                      (when gw-args
-                        (setq login-args (append gw-args login-args))))
-
                     ;; Check for port number.  Until now, there's no
                     ;; need for handling like method, user, host.
                     (when (string-match tramp-host-with-port-regexp l-host)
@@ -4850,11 +4778,10 @@ connection if a previous connection has died for some reason."
                         (setq r-shell t)))
 
                     ;; Set variables for computing the prompt for
-                    ;; reading password.  They can also be derived
-                    ;; from a gateway.
-                    (setq tramp-current-method (or g-method l-method)
-                          tramp-current-user   (or g-user   l-user)
-                          tramp-current-host   (or g-host   l-host))
+                    ;; reading password.
+                    (setq tramp-current-method l-method
+                          tramp-current-user   l-user
+                          tramp-current-host   l-host)
 
                     ;; Add login environment.
                     (when login-env
diff --git a/lisp/net/tramp.el b/lisp/net/tramp.el
index da745524a14..4103a6e76a8 100644
--- a/lisp/net/tramp.el
+++ b/lisp/net/tramp.el
@@ -241,12 +241,7 @@ pair of the form (KEY VALUE).  The following KEYs are defined:
   * `tramp-copy-recursive'
     Whether the operation copies directories recursively.
   * `tramp-default-port'
-    The default port of a method is needed in case of gateway connections.
-    Additionally, it is used as indication which method is prepared for
-    passing gateways.
-  * `tramp-gw-args'
-    As the attribute name says, additional arguments are specified here
-    when a method is applied via a gateway.
+    The default port of a method.
   * `tramp-tmpdir'
     A directory on the remote host for temporary files.  If not
     specified, \"/tmp\" is taken as default.
@@ -277,8 +272,7 @@ See the variables `tramp-local-coding-commands' and
 
 So, to summarize: if the method is an out-of-band method, then you
 must specify `tramp-copy-program' and `tramp-copy-args'.  If it is an
-inline method, then these two parameters should be nil.  Methods which
-are fit for gateways must have `tramp-default-port' at least.
+inline method, then these two parameters should be nil.
 
 Notes:
 
@@ -1139,8 +1133,7 @@ entry does not exist, return nil."
 (defun tramp-file-name-port (vec)
   "Return the port number of VEC."
   (save-match-data
-    (let ((method (tramp-file-name-method vec))
-          (host (tramp-file-name-host vec)))
+    (let ((host (tramp-file-name-host vec)))
       (or (and (stringp host)
                (string-match tramp-host-with-port-regexp host)
                (string-to-number (match-string 2 host)))
@@ -1267,9 +1260,6 @@ values."
 
 (defun tramp-buffer-name (vec)
   "A name for the connection buffer VEC."
-  ;; We must use `tramp-file-name-real-host', because for gateway
-  ;; methods the default port will be expanded later on, which would
-  ;; tamper the name.
   (let ((method (tramp-file-name-method vec))
         (user   (tramp-file-name-user vec))
         (host   (tramp-file-name-real-host vec)))
@@ -1359,9 +1349,6 @@ version, the function does nothing."
 
 (defun tramp-debug-buffer-name (vec)
   "A name for the debug buffer for VEC."
-  ;; We must use `tramp-file-name-real-host', because for gateway
-  ;; methods the default port will be expanded later on, which would
-  ;; tamper the name.
   (let ((method (tramp-file-name-method vec))
         (user   (tramp-file-name-user vec))
         (host   (tramp-file-name-real-host vec)))
@@ -3632,17 +3619,13 @@ connection buffer."
 This is needed in order to hide `last-coding-system-used', which is set
 for process communication also."
   (with-current-buffer (process-buffer proc)
-    ;; FIXME: If there is a gateway process, we need communication
-    ;; between several processes.  Too complicate to implement, so we
-    ;; read output from all processes.
-    (let ((p (if (tramp-get-connection-property proc "gateway" nil) nil proc))
-          buffer-read-only last-coding-system-used)
+    (let (buffer-read-only last-coding-system-used)
       ;; Under Windows XP, accept-process-output doesn't return
       ;; sometimes.  So we add an additional timeout.
       (with-timeout ((or timeout 1))
-        (accept-process-output p timeout timeout-msecs (and proc t)))
-      (tramp-message proc 10 "%s %s %s\n%s"
-                     proc (process-status proc) p (buffer-string)))))
+        (accept-process-output proc timeout timeout-msecs (and proc t)))
+      (tramp-message proc 10 "%s %s\n%s"
+                     proc (process-status proc) (buffer-string)))))
 
 (defun tramp-check-for-regexp (proc regexp)
   "Check, whether REGEXP is contained in process buffer of PROC.
diff --git a/test/lisp/net/tramp-tests.el b/test/lisp/net/tramp-tests.el
index ee8a95e7bd5..2884187fa0a 100644
--- a/test/lisp/net/tramp-tests.el
+++ b/test/lisp/net/tramp-tests.el
@@ -583,10 +583,6 @@ handled properly.  BODY shall not contain a timeout."
   (when (and (load "tramp-gvfs" 'noerror 'nomessage)
              (symbol-value 'tramp-gvfs-enabled))
     (should (string-equal (file-remote-p "/synce::" 'user) nil)))
-  ;; Default values in tramp-gw.el.
-  (dolist (m '("tunnel" "socks"))
-    (should
-     (string-equal (file-remote-p (format "/%s::" m) 'user) (user-login-name))))
   ;; Default values in tramp-sh.el.
   (dolist (h `("127.0.0.1" "[::1]" "localhost" "localhost6" ,(system-name)))
     (should (string-equal (file-remote-p (format "/root@%s:" h) 'method) "su")))